Testing access security

Access security can also be checked to confirm that users have the correct privileges granted.

By default, tests are executed with the Odoo internal user, __system__, which bypasses access security. So we need to change the user running the tests, to check whether the right access security has been given to them. This is done by modifying the execution environment, in self.env, by setting the user attribute to the user we want to run the tests with.

We can modify our tests to take this into account. Edit the tests/test_book.py file to add a setUp method:

def setUp(self, *args, **kwargs): 
        result = super().setUp(*args, **kwargs) 
        user_admin = self.env.ref('base.user_admin') 
        self.env= self.env(user=user_admin)
        self.Book = self.env['library.book']
        self.book_ode = self.Book.create({
            'name': 'Odoo Development Essentials',
            'isbn': '879-1-78439-279-6'})
        return result

This first instruction calls the setUp code of the parent class. The next one changes the environment used to run the tests, self.env, to a new one that uses the admin user. No further changes are needed for the tests we already wrote.