IMP add more tests for security

OCA · Mar 17, 2024 · 0282824 · 0282824
1 parent 936af73
commit 0282824
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 6 deletions.
diff --git a/automation_oca/models/automation_record.py b/automation_oca/models/automation_record.py
@@ -117,9 +117,6 @@ def _search(
                 dict(ids=list(sub_ids)),
             )
             for eid, res_id, model in self._cr.fetchall():
-                if not model:
-                    result.append(eid)
-                    continue
                 model_data[model][res_id].add(eid)
 
         for model, targets in model_data.items():
@@ -130,7 +127,7 @@ def _search(
             if missing:
                 for res_id in missing.ids:
                     _logger.warning(
-                        "Deleted record %s,%s is referenced by edi.exchange.record %s",
+                        "Deleted record %s,%s is referenced by automation.record %s",
                         model,
                         res_id,
                         list(targets[res_id]),
@@ -174,8 +171,6 @@ def check_access_rule(self, operation):
         by_model_rec_ids = defaultdict(set)
         by_model_checker = {}
         for exc_rec in self.sudo():
-            if not exc_rec.related_record_exists:
-                continue
             by_model_rec_ids[exc_rec.model].add(exc_rec.res_id)
             if exc_rec.model not in by_model_checker:
                 by_model_checker[exc_rec.model] = getattr(

diff --git a/automation_oca/tests/test_automation_security.py b/automation_oca/tests/test_automation_security.py
@@ -90,3 +90,16 @@ def test_security_02(self):
         )
         self.assertEqual(1, len(record))
         self.assertEqual(self.partner_01, record.resource_ref)
+
+    @users("user_automation_01")
+    def test_security_deleted_record(self):
+        original_record = self.env["automation.record"].search(
+            [("configuration_id", "=", self.configuration.id)]
+        )
+        self.partner_02.unlink()
+        record = self.env["automation.record"].search(
+            [("configuration_id", "=", self.configuration.id)]
+        )
+        self.assertFalse(record)
+        self.assertTrue(original_record)
+        self.assertFalse(original_record.read())