Chris! You might want to take a look at my ZopeTestCase package. It supports Zope security testing with users, roles, permissions and all. <http://www.zope.org/Members/shh/ZopeTestCase/> Also see the tests coming with the ReplaceSupport and DocFinderEverywhere products. In essence restrictedTraverse() will work. Alternatively you could call getSecurityManager().validate() or .validateValue() directly. HTH, Stefan --On Montag, 14. Oktober 2002 15:49 +0100 Chris Withers <chrisw@nipltd.com> wrote:
Hi,
I'd like to build a suite of security tests for a product I'm writing using unittest.py.
Is this possible?
I thought about using newSecurityManager with various known users, and restrictedTraverse to get to the appropriate methods, but then how do I test if those methods are callable?
cheers,
Chris
PS: How is all this being tackled in Zope 3? -- Those who write software only for pay should go hurt some other field. /Erik Naggum/