1 files changed, 63 insertions, 7 deletions

diff --git a/archaeological_operations/tests.py b/archaeological_operations/tests.py
index b0b9c9dae..2c5946e87 100644
--- a/archaeological_operations/tests.py
+++ b/archaeological_operations/tests.py
@@ -3480,18 +3480,26 @@ class OperationPermissionTest(TestCase, OperationInitTest):
     def setUp(self):
         IshtarSiteProfile.objects.get_or_create(slug="default", active=True)
         self.username, self.password, self.user = create_superuser()
+
         self.alt_username, self.alt_password, self.alt_user = create_user()
-        self.alt_user.user_permissions.add(
-            Permission.objects.get(codename="view_own_operation")
+        profile_type = ProfileType.objects.create(
+            label="xxCollaborateur",
+            txt_idx="xxcollaborator",
         )
-        self.alt_user.user_permissions.add(
-            Permission.objects.get(codename="change_own_operation")
+        UserProfile.objects.create(
+            profile_type=profile_type,
+            person=self.alt_user.ishtaruser.person,
+            current=True,
         )
+        gp = Group.objects.create(name="xxOpérations rattachées : voir et modification")
+        gp.permissions.add(Permission.objects.get(codename="view_own_operation"))
+        gp.permissions.add(Permission.objects.get(codename="change_own_operation"))
+        profile_type.groups.add(gp)
+
         # nosec: hard coded password for test purposes
         self.alt_username2, self.alt_password2, self.alt_user2 = create_user(  # nosec
             username="luke", password="iamyourfather"
         )
-        profile_type = ProfileType.objects.get(txt_idx="collaborator")
         profile = UserProfile.objects.create(
             profile_type=profile_type,
             person=self.alt_user2.ishtaruser.person,
@@ -3503,11 +3511,51 @@ class OperationPermissionTest(TestCase, OperationInitTest):
         profile.areas.add(area)
 
         self.orgas = self.create_orgas(self.user)
-        self.operations = self.create_operation(self.user, self.orgas[0])
-        self.operations += self.create_operation(self.alt_user, self.orgas[0])
+        self.create_operation(self.user, self.orgas[0])
+        self.operations = self.create_operation(self.alt_user, self.orgas[0])
         self.operations[1].towns.add(town)
         self.item = self.operations[0]
 
+    def test_permission_generation(self):
+        alt_user = IshtarUser.objects.get(pk=self.alt_user.pk)
+        self.assertFalse(
+            alt_user.user_ptr.has_perm(
+                "archaeological_operations.change_own_operation",
+                self.operations[1]
+            )
+        )
+        self.assertFalse(
+            alt_user.user_ptr.has_perm(
+                "archaeological_operations.view_own_operation",
+                self.operations[1]
+            )
+        )
+        alt_user.generate_permission()
+        self.assertTrue(
+            alt_user.user_ptr.has_perm(
+                "archaeological_operations.view_own_operation",
+                self.operations[1]
+            )
+        )
+        self.assertTrue(
+            alt_user.user_ptr.has_perm(
+                "archaeological_operations.change_own_operation",
+                self.operations[1]
+            )
+        )
+        # general permission is assigned
+        self.assertTrue(
+            alt_user.user_ptr.has_perm(
+                "archaeological_operations.change_own_operation",
+            )
+        )
+        self.assertFalse(
+            alt_user.user_ptr.has_perm(
+                "archaeological_operations.change_own_operation",
+                self.operations[0]
+            )
+        )
+
     def test_own_search(self):
         # no result when no authentification
         c = Client()
@@ -3515,6 +3563,8 @@ class OperationPermissionTest(TestCase, OperationInitTest):
         self.assertTrue(not json.loads(response.content.decode()))
 
         # possession
+        alt_user = IshtarUser.objects.get(pk=self.alt_user.pk)
+        alt_user.generate_permission()
         c = Client()
         c.login(username=self.alt_username, password=self.alt_password)
         response = c.get(reverse("get-operation"), {"year": "2010"})
@@ -3531,6 +3581,8 @@ class OperationPermissionTest(TestCase, OperationInitTest):
         self.assertEqual(json.loads(response.content.decode())["recordsTotal"], 1)
 
         # area filter
+        alt_user2 = IshtarUser.objects.get(pk=self.alt_user2.pk)
+        alt_user2.generate_permission()
         c = Client()
         c.login(username=self.alt_username2, password=self.alt_password2)
         response = c.get(reverse("get-operation"), {"year": "2010"})
@@ -3557,6 +3609,8 @@ class OperationPermissionTest(TestCase, OperationInitTest):
         self.assertRedirects(response, "/")
 
         # possession
+        alt_user = IshtarUser.objects.get(pk=self.alt_user.pk)
+        alt_user.generate_permission()
         c = Client()
         c.login(username=self.alt_username, password=self.alt_password)
         response = c.get(reverse("operation_modify", args=[operation_pk2]), follow=True)
@@ -3574,6 +3628,8 @@ class OperationPermissionTest(TestCase, OperationInitTest):
         )
 
         # area filter
+        alt_user2 = IshtarUser.objects.get(pk=self.alt_user2.pk)
+        alt_user2.generate_permission()
         c = Client()
         c.login(username=self.alt_username2, password=self.alt_password2)
         response = c.get(reverse("operation_modify", args=[operation_pk2]), follow=True)