Authentication from a script
Hello, We are using ZUnit for our automated unit test suite. Some of the tests are checking permission handling and therefore need to be able to "impersonate" authenticated users. Currently our code uses REQUEST['AUTHENTICATED_USER'] everywhere and the tests (which are basically external Python scripts) do from AccessControl.User import SimpleUser REQUEST['AUTHENTICATED_USER'] = SimpleUser('user', 'passwd', ('Role1', 'Role2'),()) However we are now planning to switch to the new API (SecurityGetUser etc.), and it is unclear how we can substitute a different user object in our tests. Is it at all possible in Zope 2.5.0? Marius Gedminas -- "What's the name of the new OO COBOL -- an equivalent of C++?" "ADD 1 TO COBOL GIVING COBOL"
Marius Gedminas writes:
We are using ZUnit for our automated unit test suite.... However we are now planning to switch to the new API (SecurityGetUser etc.), and it is unclear how we can substitute a different user object in our tests. Look at "AccessControl.SecurityManagement.newSecurityManager".
Dieter
On Fri, Feb 08, 2002 at 11:10:48PM +0100, Dieter Maurer wrote:
Marius Gedminas writes:
We are using ZUnit for our automated unit test suite.... However we are now planning to switch to the new API (SecurityGetUser etc.), and it is unclear how we can substitute a different user object in our tests. Look at "AccessControl.SecurityManagement.newSecurityManager".
Thanks. I actually found this method a day after posting my question here, but I still wasn't sure if this was a "legal" way or just a hack messing with the internals that should not be touched. Marius Gedminas -- When in danger, or in doubt, run in circles, scream and shout. -- Robert A. Heinlein
Marius Gedminas writes:
On Fri, Feb 08, 2002 at 11:10:48PM +0100, Dieter Maurer wrote:
Marius Gedminas writes:
We are using ZUnit for our automated unit test suite.... However we are now planning to switch to the new API (SecurityGetUser etc.), and it is unclear how we can substitute a different user object in our tests. Look at "AccessControl.SecurityManagement.newSecurityManager".
Thanks. I actually found this method a day after posting my question here, but I still wasn't sure if this was a "legal" way or just a hack messing with the internals that should not be touched. I think, you should not expect an official method for impersonalization.
"newSecurityManager" is internal, undocumented and may disappear in future Zope versions. But, I think, it is the best thing you have currently for your purpose... Dieter
participants (2)
-
Dieter Maurer -
Marius Gedminas