On 6/7/13, Matevž Bradač <[email protected]> wrote: > On 6. Jun, 2013, at 14:09, Gary Martin wrote: [...] >> >> I'm happy to correct the test but I was also wondering if the logic was >> correct: given that in this case TICKET_VIEW is only given to 'x', should >> we assume PRODUCT_VEW should be provided to 'anonymous' and >> 'authenticated'? Would it be more appropriate to match the users that >> TICKET_VIEW was provided to for the initial setup? > > I think so for this test case - since the test deletes all permissions > first, and > then adds TICKET_VIEW for a specific user, the same should be done for > PRODUCT_VIEW > as well. As for the anonymous/authenticated users, I gather the PRODUCT_VIEW > should > be removed after running the upgrade. > Olemis, would this be the correct approach? >
On upgrades I'd rather say that *_VIEW permissions do matter . I mean if e.g. user 'x' is granted with only WIKI_VIEW permission before upgrade then user should still be able to read wiki pages , and thereby deserves PRODUCT_VIEW permission (at least) in default product . For that particular tests , well ... I advocate to assert system behavior . It seems to me that including PRODUCT_VIEW for x in permissions table beforehand will obscure an interesting testing scenario that should be handled by the upgrade process itself, as mentioned in preceding paragraph . -- Regards, Olemis.
