From 54af7d3fa19e5d2459e4759b0e861646303a0688 Mon Sep 17 00:00:00 2001
From: Timo Stollenwerk <timo@zmag.de>
Date: Fri, 10 Dec 2010 08:57:35 +0000
Subject: [PATCH] Assigning the 'Reply to item' permission to the
 'Authenticated' role. The old commenting system allowed 'Authenticated' users
 to post comments. Also, OpenID users do not possess the 'Authenticated' role.
 Refs #9288

svn path=/plone.app.discussion/trunk/; revision=46230
---
 .../discussion/profiles/default/rolemap.xml   |  3 ++
 plone/app/discussion/tests/test_workflow.py   | 34 ++++++++++++++++++-
 2 files changed, 36 insertions(+), 1 deletion(-)

diff --git a/plone/app/discussion/profiles/default/rolemap.xml b/plone/app/discussion/profiles/default/rolemap.xml
index 9ccf86d..f3507ed 100644
--- a/plone/app/discussion/profiles/default/rolemap.xml
+++ b/plone/app/discussion/profiles/default/rolemap.xml
@@ -5,5 +5,8 @@
             <role name="Manager"/>
             <role name="Reviewer"/>
         </permission>
+        <permission name="Reply to item" acquire="False">
+            <role name="Authenticated"/>
+        </permission>
     </permissions>
 </rolemap>
diff --git a/plone/app/discussion/tests/test_workflow.py b/plone/app/discussion/tests/test_workflow.py
index e1fd408..f3b25f5 100644
--- a/plone/app/discussion/tests/test_workflow.py
+++ b/plone/app/discussion/tests/test_workflow.py
@@ -1,4 +1,6 @@
 # -*- coding: utf-8 -*-
+"""Test plone.app.discussion workflow and permissions.
+"""
 import unittest
 
 from zope.component import createObject
@@ -17,7 +19,7 @@ from plone.app.discussion.interfaces import IConversation, IDiscussionLayer
 
 
 class WorkflowSetupTest(PloneTestCase):
-    """Make sure workflow and permissions are set up properly.
+    """Make sure the workflows are set up properly.
     """
 
     layer = DiscussionLayer
@@ -58,6 +60,36 @@ class WorkflowSetupTest(PloneTestCase):
     def test_reply_to_item_permission(self):
         pass
 
+class PermissionsSetupTest(PloneTestCase):
+    """Make sure the permissions are set up properly.
+    """
+
+    layer = DiscussionLayer
+    
+    def afterSetUp(self):
+        portal = self.portal
+        mtool = self.portal.portal_membership
+        self.checkPermission = mtool.checkPermission
+        
+    def test_reply_to_item_permission_assigned(self):
+        """Make sure the 'Reply to item' permission is properly assigned.
+           By default this permission is assigned to 'Member' and 'Manager'.
+           plone.app.discussion assigns this permission to 'Authenticated' as
+           well to emulate the behavior of the old commenting system.
+        """
+        ReplyToItemPerm = "Reply to item"
+        # should be allowed as Member
+        self.failUnless(self.checkPermission(ReplyToItemPerm, self.portal))
+        # should be allowed as Authenticated
+        self.setRoles(['Authenticated'])
+        self.failUnless(self.checkPermission(ReplyToItemPerm, self.portal))
+        # should be allowed as Manager
+        self.setRoles(['Manager'])
+        self.failUnless(self.checkPermission(ReplyToItemPerm, self.portal))
+        # should not be allowed as anonymous
+        self.logout()
+        self.failIf(self.checkPermission(ReplyToItemPerm, self.portal))
+
 
 class CommentOneStateWorkflowTest(PloneTestCase):
     """Test the one_state_workflow that ships with plone.app.discussion.