When creating user, default roles are using `base.default_user`, which
in multi-company case, can be from different company than user is being
created for. If thats the case, user creating another user, will get
access error, when trying to read default template user.
To work around that, we use sudo, to make sure, template user data can
be read regardless of a company.
Also improved the way base_user_role tests are run. Changed base test
class from TransactionCase to SavepointCase.
From how tests are ran perspective, both classes behave the same: each
test uses set up which is roll backed after.
But the difference is that SavepointCase case is much faster, because
it calls setUpClass once and saves this case for all tests (reusing
saved state).
These 2 tests were checking the exact set of groups a user should have.
If these tests are ran in a database where a module is previously installed which adds more groups to the base role, these exact group sets would be inexact, although the behavior that is being tested was actually properly working.
With this patch, basically I'm testing if the user contains the groups from the roles, not the exact role set expected. It should work in integration scenarios.
@Tecnativa TT20468
* FIX: Update users' groups when a role is deleted
* IMP: add some test cases to check user's groups when its last role line is removed
* FIX: ensure that the user's groups are updated when its last role line is removed
