forms: allow access to global actions to anonymous users (#55199)
(accessing the formdata using its tracking code)
This commit is contained in:
parent
0c3549872f
commit
e581d08c0a
|
@ -6570,6 +6570,50 @@ def test_user_global_action_same_status_store(pub):
|
|||
assert formdef.data_class().get(formdata.id).data['bo1'] == '123'
|
||||
|
||||
|
||||
def test_anonymous_user_global_action(pub):
|
||||
workflow = Workflow.get_default_workflow()
|
||||
workflow.id = '2'
|
||||
action = workflow.add_global_action('FOOBAR')
|
||||
register_comment = action.append_item('register-comment')
|
||||
register_comment.comment = 'HELLO WORLD GLOBAL ACTION'
|
||||
jump = action.append_item('jump')
|
||||
jump.status = 'finished'
|
||||
trigger = action.triggers[0]
|
||||
trigger.roles = ['_submitter']
|
||||
|
||||
workflow.store()
|
||||
|
||||
formdef = FormDef()
|
||||
formdef.name = 'test global action'
|
||||
formdef.fields = []
|
||||
formdef.enable_tracking_codes = True
|
||||
formdef.workflow_id = workflow.id
|
||||
formdef.workflow_roles = {}
|
||||
formdef.store()
|
||||
|
||||
formdef.data_class().wipe()
|
||||
|
||||
app = get_app(pub)
|
||||
resp = app.get(formdef.get_url())
|
||||
resp = resp.form.submit('submit')
|
||||
resp = resp.form.submit('submit')
|
||||
assert formdef.data_class().count() == 1
|
||||
formdata = formdef.data_class().select()[0]
|
||||
|
||||
app.cookiejar.clear()
|
||||
|
||||
resp = app.get('/')
|
||||
resp.forms[0]['code'] = formdata.tracking_code
|
||||
resp = resp.forms[0].submit().follow().follow()
|
||||
|
||||
assert 'button-action-1' in resp.form.fields
|
||||
resp = resp.form.submit('button-action-1')
|
||||
|
||||
resp = app.get(formdata.get_url())
|
||||
assert 'HELLO WORLD GLOBAL ACTION' in resp.text
|
||||
assert formdef.data_class().get(formdata.id).status == 'wf-finished'
|
||||
|
||||
|
||||
def test_condition_on_action(pub, emails):
|
||||
create_user(pub)
|
||||
|
||||
|
|
|
@ -557,8 +557,6 @@ class Workflow(StorableObject):
|
|||
return actions
|
||||
|
||||
def get_global_actions_for_user(self, formdata, user):
|
||||
if not user:
|
||||
return []
|
||||
actions = []
|
||||
for action in self.global_actions or []:
|
||||
for trigger in action.triggers or []:
|
||||
|
@ -566,6 +564,8 @@ class Workflow(StorableObject):
|
|||
if '_submitter' in (trigger.roles or []) and formdata.is_submitter(user):
|
||||
actions.append(action)
|
||||
break
|
||||
if not user:
|
||||
continue
|
||||
roles = set()
|
||||
for role_id in trigger.roles or []:
|
||||
if role_id == '_submitter':
|
||||
|
|
Loading…
Reference in New Issue