Hi, I'd like to build a suite of security tests for a product I'm writing using unittest.py. Is this possible? I thought about using newSecurityManager with various known users, and restrictedTraverse to get to the appropriate methods, but then how do I test if those methods are callable? cheers, Chris PS: How is all this being tackled in Zope 3?
Chris! You might want to take a look at my ZopeTestCase package. It supports Zope security testing with users, roles, permissions and all. <http://www.zope.org/Members/shh/ZopeTestCase/> Also see the tests coming with the ReplaceSupport and DocFinderEverywhere products. In essence restrictedTraverse() will work. Alternatively you could call getSecurityManager().validate() or .validateValue() directly. HTH, Stefan --On Montag, 14. Oktober 2002 15:49 +0100 Chris Withers <chrisw@nipltd.com> wrote:
Hi,
I'd like to build a suite of security tests for a product I'm writing using unittest.py.
Is this possible?
I thought about using newSecurityManager with various known users, and restrictedTraverse to get to the appropriate methods, but then how do I test if those methods are callable?
cheers,
Chris
PS: How is all this being tackled in Zope 3? -- Those who write software only for pay should go hurt some other field. /Erik Naggum/
Maybe this would be a good opportunity to evaluate Puffin (www.puffinhome.org)? Security API calls through unit tests are one thing, but testing the whole functioning system from the outside seems like the best approach. Puffin should be a Zope partner, IMHO. Regards, Eron On Monday 14 October 2002 10:49 am, Chris Withers wrote:
Hi,
I'd like to build a suite of security tests for a product I'm writing using unittest.py.
Is this possible?
I thought about using newSecurityManager with various known users, and restrictedTraverse to get to the appropriate methods, but then how do I test if those methods are callable?
cheers,
Chris
PS: How is all this being tackled in Zope 3?
_______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope ) --- [This E-mail scanned for viruses by Declude Virus]
-- Eron Lloyd Technology Coordinator Lancaster County Library elloyd@lancaster.lib.pa.us Phone: 717-239-2116 Fax: 717-394-3083 --- [This E-mail scanned for viruses by Declude Virus]
participants (3)
-
Chris Withers -
Eron Lloyd -
Stefan H. Holek