Allow a Blog Post to be created inside a subfolder of a Blog (#55)

news/54.feature

@@ -0,0 +1 @@
+Allow a Blog Post to be created inside a subfolder of a Blog

src/collective/blog/profiles/default/metadata.xml

@@ -1,6 +1,6 @@
 <?xml version="1.0" encoding="utf-8"?>
 <metadata>
-  <version>1003</version>
+  <version>1004</version>
   <dependencies>
     <!-- <dependency>profile-plone.volto:default</dependency> -->
   </dependencies>

src/collective/blog/profiles/default/rolemap.xml

@@ -15,12 +15,6 @@
     </permission>
     <permission acquire="False"
                 name="collective.blog: Add Post"
-    >
-      <role name="Manager" />
-      <role name="Site Administrator" />
-      <role name="Owner" />
-      <role name="Editor" />
-      <role name="Contributor" />
-    </permission>
+    />
   </permissions>
 </rolemap>

src/collective/blog/profiles/default/types/Post.xml

@@ -24,7 +24,7 @@
     <element value="Image" />
   </property>
   <property name="filter_content_types">True</property>
-  <property name="global_allow">False</property>
+  <property name="global_allow">True</property>
 
   <!-- Schema, class and security -->
   <property name="add_permission">collective.blog.post.add</property>

src/collective/blog/subscribers/blog.py

@@ -17,6 +17,16 @@
 PERMISSIONS_BLOG = (
     ("collective.blog: Add Blog", []),
     ("collective.blog: Add Author", []),
+    (
+        "collective.blog: Add Post",
+        [
+            "Manager",
+            "Site Administrator",
+            "Owner",
+            "Editor",
+            "Contributor",
+        ],
+    ),
 )
 
 PERMISSIONS_AUTHORS = (
@@ -47,15 +57,16 @@ def _log_permission_change(path: str, permission_id: str, roles: list):
 
 
 def auto_add_authors_container(blog: Blog, event):
+    blog_path = "/".join(blog.getPhysicalPath())
+    for permission_id, roles in PERMISSIONS_BLOG:
+        blog.manage_permission(permission_id, roles=roles, acquire=False)
+        _log_permission_change(blog_path, permission_id, roles)
+
     key = "collective.blog.settings.enable_authors_folder"
     enabled = api.portal.get_registry_record(key, default=True)
     if not enabled:
         logger.info("Ignoring Authors folder creation")
         return
-    blog_path = "/".join(blog.getPhysicalPath())
-    for permission_id, roles in PERMISSIONS_BLOG:
-        blog.manage_permission(permission_id, roles=roles, acquire=False)
-        _log_permission_change(blog_path, permission_id, roles)
     lang = blog.language
     # Create Authors container
     authors = api.content.create(

src/collective/blog/upgrades/configure.zcml

@@ -52,4 +52,18 @@
         />
   </genericsetup:upgradeSteps>
 
+  <genericsetup:upgradeSteps
+      profile="collective.blog:default"
+      source="1003"
+      destination="1004"
+      >
+    <genericsetup:upgradeDepends
+        title="Blog type: Disallow creation outsite a Blog Folder"
+        import_steps="rolemap"
+        />
+    <genericsetup:upgradeDepends
+        title="Blog type: Set global_allow to true"
+        import_steps="types"
+        />
+  </genericsetup:upgradeSteps>
 </configure>

tests/content/test_post.py

@@ -9,6 +9,22 @@
 CONTENT_TYPE = "Post"
 
 
+@pytest.fixture
+def subfolder():
+    def func(blog, year):
+        payload = {
+            "container": blog,
+            "type": "Document",
+            "id": f"{year}",
+            "title": f"{year}",
+            "description": f"Posts from {year}",
+        }
+        subfolder = api.content.create(**payload)
+        return subfolder
+
+    return func
+
+
 class TestPost:
     @pytest.fixture(autouse=True)
     def _fti(self, get_fti, portal, blogs_payload):
@@ -46,6 +62,16 @@ def test_factory(self):
     def test_has_behavior(self, get_behaviors, behavior):
         assert behavior in get_behaviors(CONTENT_TYPE)
 
+    def test_will_not_create_root(self, portal, posts_payload):
+        """A Post will not be created at the site Root."""
+        from AccessControl import Unauthorized
+
+        payload = posts_payload[0]
+        with pytest.raises(Unauthorized) as exc:
+            with api.env.adopt_roles(["Manager"]):
+                api.content.create(container=portal, **payload)
+        assert "Cannot create Post" in str(exc)
+
     def test_create(self, portal, posts_payload):
         """A Post need to be created inside a Blog."""
         blog = self.blog
@@ -54,3 +80,13 @@ def test_create(self, portal, posts_payload):
             content = api.content.create(container=blog, **payload)
         assert content.portal_type == CONTENT_TYPE
         assert isinstance(content, Post)
+
+    def test_create_inside_document(self, portal, posts_payload, subfolder):
+        """A Post need to be created inside a subfolder of a Blog."""
+        blog = self.blog
+        payload = posts_payload[0]
+        with api.env.adopt_roles(["Manager"]):
+            container = subfolder(blog, 2024)
+            content = api.content.create(container=container, **payload)
+        assert content.portal_type == CONTENT_TYPE
+        assert isinstance(content, Post)

tests/setup/test_setup_install.py

@@ -14,4 +14,4 @@ def test_browserlayer(self, browser_layers):
 
     def test_latest_version(self, profile_last_version):
         """Test latest version of default profile."""
-        assert profile_last_version(f"{PACKAGE_NAME}:default") == "1003"
+        assert profile_last_version(f"{PACKAGE_NAME}:default") == "1004"