feat(plating-team): Owner-only Team kanban + Designated Official fields

Phase F of permissions overhaul. Adds res.users.x_fc_plating_role Selection field (8 options matching the role hierarchy). Compute reads highest plating group from groups_id (precedence: owner > QM > manager > sales_manager > shop_manager > sales_rep > technician). Inverse uses sudo().write() to clear all plating-role groups (additive-by-default m2m (3, id)) then adds the chosen one, and posts a Markup-wrapped chatter audit naming the actor. New Owner-only menu: Plating > Configuration > Team. Standard res.users kanban grouped by x_fc_plating_role with records_draggable for drag-and-drop role changes. Domain hides shared/portal users and archived users. res.company gains two Designated Official fields: - x_fc_cgp_designated_official_id (CGP DO per Defence Production Act §22) - x_fc_nadcap_authority_user_id (Nadcap signer) Both tracking=True for audit. View-level domain restricts picker to Owner or Quality Manager users via [(ref('...'), ref('...'))] xmlid domains. New 'Plating Designated Officials' page on res.company form, Owner-only visibility. Tests in test_team_page.py cover compute/inverse/chatter/menu. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-24 02:03:44 -04:00
parent 830b29ce49
commit 89a937fb32
8 changed files with 336 additions and 1 deletions
--- a/fusion_plating/fusion_plating/tests/init.py
+++ b/fusion_plating/fusion_plating/tests/init.py
@@ -8,3 +8,4 @@ from . import test_acl_migration
 from . import test_quality_split
 from . import test_menu_visibility
 from . import test_landing_resolver
+from . import test_team_page
--- a/fusion_plating/fusion_plating/tests/test_team_page.py
+++ b/fusion_plating/fusion_plating/tests/test_team_page.py
@@ -0,0 +1,104 @@
+from odoo.tests.common import TransactionCase, tagged
+
+
+@tagged('-at_install', 'post_install', 'fp_perms')
+class TestTeamPage(TransactionCase):
+    """Phase F — Owner-only Team management page.
+    Covers x_fc_plating_role compute/inverse + audit chatter + menu visibility."""
+
+    def setUp(self):
+        super().setUp()
+        Users = self.env['res.users'].with_context(no_reset_password=True)
+        self.owner = Users.create({
+            'login': 'team_owner', 'name': 'Team Owner',
+            'email': 'team_owner@example.com',
+            'groups_id': [(6, 0, [self.env.ref('fusion_plating.group_fp_owner').id])],
+        })
+        self.target = Users.create({
+            'login': 'team_target', 'name': 'Team Target',
+            'email': 'team_target@example.com',
+            'groups_id': [(6, 0, [self.env.ref('fusion_plating.group_fp_technician').id])],
+        })
+
+    def test_compute_returns_technician(self):
+        self.assertEqual(self.target.x_fc_plating_role, 'technician')
+
+    def test_compute_picks_highest_role(self):
+        # Add Manager group on top of Technician
+        self.target.write({'groups_id': [(4, self.env.ref('fusion_plating.group_fp_manager').id)]})
+        self.target.invalidate_recordset(['x_fc_plating_role'])
+        self.assertEqual(self.target.x_fc_plating_role, 'manager')
+
+    def test_inverse_sets_only_chosen_role(self):
+        self.target.with_user(self.owner).x_fc_plating_role = 'shop_manager'
+        # Shop Manager group should be present, Technician should be ABSENT
+        sm = self.env.ref('fusion_plating.group_fp_shop_manager_v2')
+        tech = self.env.ref('fusion_plating.group_fp_technician')
+        self.assertIn(sm, self.target.groups_id)
+        # Technician is implied via shop_manager_v2.implied_ids → so it IS in user's
+        # transitive group set. But the inverse should NOT have ADDED it directly.
+        # Verify by checking groups_id (which Odoo stores as the union of explicit
+        # + implied groups) — Technician will be present via implication. That's
+        # correct. What we want to verify is no OTHER plating role is set explicitly.
+        # Easier assertion: after setting to shop_manager, compute should return
+        # shop_manager (highest plating role held).
+        self.target.invalidate_recordset(['x_fc_plating_role'])
+        self.assertEqual(self.target.x_fc_plating_role, 'shop_manager')
+
+    def test_inverse_to_no_clears_all_plating_roles(self):
+        # Start as Manager
+        self.target.with_user(self.owner).x_fc_plating_role = 'manager'
+        self.target.invalidate_recordset(['x_fc_plating_role'])
+        self.assertEqual(self.target.x_fc_plating_role, 'manager')
+        # Set to 'no'
+        self.target.with_user(self.owner).x_fc_plating_role = 'no'
+        self.target.invalidate_recordset(['x_fc_plating_role'])
+        # Verify no plating group remains
+        plating_groups = [
+            self.env.ref(f'fusion_plating.group_fp_{x}', raise_if_not_found=False)
+            for x in ('technician', 'sales_rep', 'shop_manager_v2',
+                      'sales_manager', 'manager', 'quality_manager', 'owner')
+        ]
+        for g in plating_groups:
+            if g:
+                self.assertNotIn(g, self.target.groups_id,
+                                 f'{g.name} should be removed when role=no')
+        self.assertEqual(self.target.x_fc_plating_role, 'no')
+
+    def test_inverse_posts_chatter_audit(self):
+        before = self.target.message_ids
+        self.target.with_user(self.owner).x_fc_plating_role = 'manager'
+        after = self.target.message_ids - before
+        self.assertTrue(after, 'Role change must post a chatter message')
+        # Verify the message body mentions the role change
+        bodies = ' '.join(after.mapped('body'))
+        self.assertIn('manager', bodies.lower())
+
+    def test_team_menu_visible_to_owner(self):
+        menu = self.env.ref('fusion_plating.menu_fp_team', raise_if_not_found=False)
+        if not menu:
+            self.skipTest('menu_fp_team not found')
+        visible = self.env['ir.ui.menu'].with_user(self.owner).search_count([('id', '=', menu.id)])
+        self.assertTrue(visible)
+
+    def test_team_menu_hidden_from_manager(self):
+        menu = self.env.ref('fusion_plating.menu_fp_team', raise_if_not_found=False)
+        if not menu:
+            self.skipTest('menu_fp_team not found')
+        mgr = self.env['res.users'].with_context(no_reset_password=True).create({
+            'login': 'team_mgr', 'name': 'Team Mgr',
+            'email': 'team_mgr@example.com',
+            'groups_id': [(6, 0, [self.env.ref('fusion_plating.group_fp_manager').id])],
+        })
+        visible = self.env['ir.ui.menu'].with_user(mgr).search_count([('id', '=', menu.id)])
+        self.assertFalse(visible, 'Manager must not see Team menu (Owner-only)')
+
+    def test_cgp_do_field_on_company(self):
+        co = self.env.company
+        self.assertTrue(hasattr(co, 'x_fc_cgp_designated_official_id'),
+                        'res.company must have x_fc_cgp_designated_official_id field')
+
+    def test_nadcap_authority_field_on_company(self):
+        co = self.env.company
+        self.assertTrue(hasattr(co, 'x_fc_nadcap_authority_user_id'),
+                        'res.company must have x_fc_nadcap_authority_user_id field')