[Testbot] Plone 4.3 - Python 2.6 - Build # 2738 - Regression! - 1 failure(s)

jenkins at plone.org jenkins at plone.org
Mon Feb 23 10:04:36 UTC 2015 

-------------------------------------------------------------------------------
Plone 4.3 - Python 2.6 - Build # 2738 - Failure!
-------------------------------------------------------------------------------

http://jenkins.plone.org/job/plone-4.3-python-2.6/2738/


-------------------------------------------------------------------------------
CHANGES
-------------------------------------------------------------------------------

Repository: Products.CMFPlone
Branch: refs/heads/4.3.x
Date: 2015-02-23T10:27:05+01:00
Author: Godefroid Chapelle (gotcha) <gotcha at bubblenet.be>
Commit: https://github.com/plone/Products.CMFPlone/commit/371cee9e15a996660924045fb061a185af837e42

fix for https://dev.plone.org/ticket/13603

second part: delete through menu actions delete

Files changed:
M Products/CMFPlone/skins/plone_scripts/object_delete.cpy

diff --git a/Products/CMFPlone/skins/plone_scripts/object_delete.cpy b/Products/CMFPlone/skins/plone_scripts/object_delete.cpy
index b5e4673..0399472 100644
--- a/Products/CMFPlone/skins/plone_scripts/object_delete.cpy
+++ b/Products/CMFPlone/skins/plone_scripts/object_delete.cpy
@@ -18,7 +18,9 @@ REQUEST = context.REQUEST
 if REQUEST.get('REQUEST_METHOD', 'GET').upper() == 'GET':
     raise Unauthorized('This method can not be accessed using a GET request')
 
-parent = context.aq_inner.aq_parent
+parent_path = '/'.join(REQUEST.physicalPathFromURL(REQUEST.URL2))
+parent = context.restrictedTraverse(parent_path)
+
 title = safe_unicode(context.title_or_id())
 
 try:
@@ -35,6 +37,15 @@ else:
     authenticator = context.restrictedTraverse('@@authenticator', None)
     if not authenticator.verify():
         raise Forbidden
+
+    id = context.getId()
+    item = parent.get(id, parent)
+    if item == parent:
+        message = _(u'${title} does not exist and cannot be deleted.',
+                    mapping={u'title': title})
+        context.plone_utils.addPortalMessage(message, type='error')
+        return state.set(status='failure')
+
     parent.manage_delObjects(context.getId())
     message = _(u'${title} has been deleted.',
                 mapping={u'title': title})


Repository: Products.CMFPlone
Branch: refs/heads/4.3.x
Date: 2015-02-23T10:27:54+01:00
Author: Godefroid Chapelle (gotcha) <gotcha at bubblenet.be>
Commit: https://github.com/plone/Products.CMFPlone/commit/80b687fa2b99da528f77688c0e7fb45a88f3701c

add tests for https://dev.plone.org/ticket/13603

through menu Actions delete

Files changed:
M Products/CMFPlone/tests/test_ploneutils.py
M docs/CHANGES.rst

diff --git a/Products/CMFPlone/tests/test_ploneutils.py b/Products/CMFPlone/tests/test_ploneutils.py
index 461c71b..a4cb95f 100644
--- a/Products/CMFPlone/tests/test_ploneutils.py
+++ b/Products/CMFPlone/tests/test_ploneutils.py
@@ -1,6 +1,9 @@
 import unittest
+import re
 
 from Products.CMFPlone.testing import PRODUCTS_CMFPLONE_INTEGRATION_TESTING
+from plone.app.testing import setRoles
+from plone.app.testing import TEST_USER_ID
 
 
 class TestPloneTool(unittest.TestCase):
@@ -26,19 +29,83 @@ def test_deleteObjectsByPaths_relative_path_raises(self):
             handle_errors=False
         )
 
-    def test_deleteObjectsByPaths_wrongly_acquired_object(self):
+    def test_delete_wrongly_acquired_object_through_deleteObjectsByPaths(self):
         '''
-        Do not delete wrongly acquired object.
+        Do not delete wrongly acquired object through folder_contents
         See https://dev.plone.org/ticket/13603
+
         '''
-        self.portal.invokeFactory('Folder', 'a_page')
+        # prepare content
+        self.portal.invokeFactory('Document', 'a_page')
         self.assertTrue('a_page' in self.portal.objectIds())
-        a_page_folder = self.portal['a_page']
-        a_page_folder.invokeFactory('Document', 'a_page')
-        self.assertTrue('a_page' in a_page_folder.objectIds())
-        a_page = a_page_folder['a_page']
-        path = a_page.absolute_url_path()
+        self.portal.invokeFactory('Folder', 'a_folder')
+        a_folder = self.portal['a_folder']
+        a_folder.invokeFactory('Document', 'a_page')
+        self.assertTrue('a_page' in a_folder.objectIds())
+        a_page_in_folder = a_folder['a_page']
+        path = a_page_in_folder.absolute_url_path()
+
+        # first request to delete
         self.plone_utils.deleteObjectsByPaths([path])
-        self.assertFalse('a_page' in a_page_folder.objectIds())
+        self.assertFalse('a_page' in a_folder.objectIds())
+        self.assertTrue('a_page' in self.portal.objectIds())
+
+        # second request to delete
         self.plone_utils.deleteObjectsByPaths([path])
+        self.assertTrue(
+            'a_page' in self.portal.objectIds(),
+            'acquired content should not be deleted.'
+        )
+
+    def _get_authenticator(self):
+        url = '/plone/login_password'
+        login = self.portal.restrictedTraverse(url)
+        res = login()
+        m = re.search('name="_authenticator" value="([^"]*)"', res)
+        if m:
+            return m.group(1)
+        return ''
+
+    def test_delete_wrongly_acquired_object_through_object_delete(self):
+        '''
+        Do not delete wrongly acquired object through Actions Delete.
+        See https://dev.plone.org/ticket/13603
+        '''
+        setRoles(self.portal, TEST_USER_ID, ['Member', 'Manager'])
+
+        # prepare content
+        self.portal.invokeFactory('Document', 'a_page')
         self.assertTrue('a_page' in self.portal.objectIds())
+        self.portal.invokeFactory('Folder', 'a_folder')
+        a_folder = self.portal['a_folder']
+        a_folder.invokeFactory('Document', 'a_page')
+        self.assertTrue('a_page' in a_folder.objectIds())
+        a_page_in_folder = a_folder['a_page']
+
+        # prepare fake request
+        physical_path = list(a_page_in_folder.getPhysicalPath())
+        physical_path.append('object_delete')
+        url = '/'.join(physical_path)
+        request = self.layer['request']
+        request.set('URL', url)
+        url2 = '/'.join(physical_path[:-2])
+        request.set('URL2', url2)
+        request.environ['REQUEST_METHOD'] = 'POST'
+        csrf_token = self._get_authenticator()
+        request.form.update({
+            '_authenticator': csrf_token,
+        })
+
+        # simulate call to object_delete
+        object_delete = self.portal.restrictedTraverse(url)
+        object_delete()
+        self.assertFalse('a_page' in a_folder.objectIds())
+        self.assertTrue('a_page' in self.portal.objectIds())
+
+        # simulate second call to object_delete
+        object_delete = self.portal.restrictedTraverse(url)
+        object_delete()
+        self.assertTrue(
+            'a_page' in self.portal.objectIds(),
+            'acquired content should not be deleted.'
+        )
diff --git a/docs/CHANGES.rst b/docs/CHANGES.rst
index 7cdc1fc..8ff990e 100644
--- a/docs/CHANGES.rst
+++ b/docs/CHANGES.rst
@@ -8,6 +8,11 @@ Changelog
 4.3.5 (unreleased)
 ------------------
 
+- Fix: If a user "deletes" the same item twice (ex.: having two different tabs 
+  open and not realising it's already been deleted) any higher level item with 
+  the same short name will be deleted without trace. 
+  [gotcha]
+
 - Extended ulocalized_time for target_language
   [agitator]
 




-------------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CHANGES.log
Type: application/octet-stream
Size: 6875 bytes
Desc: not available
URL: <http://lists.plone.org/pipermail/plone-testbot/attachments/20150223/1eea94eb/attachment-0002.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: build.log
Type: application/octet-stream
Size: 95204 bytes
Desc: not available
URL: <http://lists.plone.org/pipermail/plone-testbot/attachments/20150223/1eea94eb/attachment-0003.obj>

More information about the Testbot mailing list