[CMF-checkins] SVN: CMF/branches/tseaver-viewification/CMFCore/
Merge yuppie's copy/paste fixes from the trunk
Tres Seaver
tseaver at palladion.com
Wed Dec 7 10:37:28 EST 2005
Log message for revision 40620:
Merge yuppie's copy/paste fixes from the trunk
Changed:
U CMF/branches/tseaver-viewification/CMFCore/PortalFolder.py
U CMF/branches/tseaver-viewification/CMFCore/tests/test_OpaqueItems.py
U CMF/branches/tseaver-viewification/CMFCore/tests/test_PortalContent.py
U CMF/branches/tseaver-viewification/CMFCore/tests/test_PortalFolder.py
-=-
Modified: CMF/branches/tseaver-viewification/CMFCore/PortalFolder.py
===================================================================
--- CMF/branches/tseaver-viewification/CMFCore/PortalFolder.py 2005-12-07 15:35:38 UTC (rev 40619)
+++ CMF/branches/tseaver-viewification/CMFCore/PortalFolder.py 2005-12-07 15:37:27 UTC (rev 40620)
@@ -365,75 +365,48 @@
# This assists the version in OFS.CopySupport.
# It enables the clipboard to function correctly
# with objects created by a multi-factory.
- securityChecksDone = False
- sm = getSecurityManager()
- parent = aq_parent(aq_inner(object))
- object_id = object.getId()
mt = getattr(object, '__factory_meta_type__', None)
meta_types = getattr(self, 'all_meta_types', None)
if mt is not None and meta_types is not None:
- method_name=None
- permission_name = None
+ method_name = None
+ mt_permission = None
if callable(meta_types):
meta_types = meta_types()
for d in meta_types:
-
- if d['name']==mt:
- method_name=d['action']
- permission_name = d.get('permission', None)
+ if d['name'] == mt:
+ method_name = d['action']
+ mt_permission = d.get('permission')
break
- if permission_name is not None:
+ if mt_permission is not None:
+ sm = getSecurityManager()
- if not sm.checkPermission(permission_name,self):
- raise AccessControl_Unauthorized, method_name
+ if sm.checkPermission(mt_permission, self):
+ if validate_src:
+ # Ensure the user is allowed to access the object on
+ # the clipboard.
+ parent = aq_parent(aq_inner(object))
- if validate_src:
+ if not sm.validate(None, parent, None, object):
+ raise AccessControl_Unauthorized(object.getId())
- if not sm.validate(None, parent, None, object):
- raise AccessControl_Unauthorized, object_id
-
- if validate_src > 1:
- if not sm.checkPermission(DeleteObjects, parent):
- raise AccessControl_Unauthorized
-
- # validation succeeded
- securityChecksDone = 1
-
- #
- # Old validation for objects that may not have registered
- # themselves in the proper fashion.
- #
- elif method_name is not None:
-
- meth = self.unrestrictedTraverse(method_name)
-
- factory = getattr(meth, 'im_self', None)
-
- if factory is None:
- factory = aq_parent(aq_inner(meth))
-
- if not sm.validate(None, factory, None, meth):
- raise AccessControl_Unauthorized, method_name
-
- # Ensure the user is allowed to access the object on the
- # clipboard.
- if validate_src:
-
- if not sm.validate(None, parent, None, object):
- raise AccessControl_Unauthorized, object_id
-
- if validate_src > 1: # moving
- if not sm.checkPermission(DeleteObjects, parent):
- raise AccessControl_Unauthorized
-
- securityChecksDone = 1
-
- # Call OFS' _verifyObjectPaste if necessary
- if not securityChecksDone:
+ if validate_src == 2: # moving
+ if not sm.checkPermission(DeleteObjects, parent):
+ raise AccessControl_Unauthorized('Delete not '
+ 'allowed.')
+ else:
+ raise AccessControl_Unauthorized('You do not possess the '
+ '%r permission in the context of the container '
+ 'into which you are pasting, thus you are not '
+ 'able to perform this operation.' % mt_permission)
+ else:
+ raise AccessControl_Unauthorized('The object %r does not '
+ 'support this operation.' % object.getId())
+ else:
+ # Call OFS' _verifyObjectPaste if necessary
PortalFolderBase.inheritedAttribute(
'_verifyObjectPaste')(self, object, validate_src)
Modified: CMF/branches/tseaver-viewification/CMFCore/tests/test_OpaqueItems.py
===================================================================
--- CMF/branches/tseaver-viewification/CMFCore/tests/test_OpaqueItems.py 2005-12-07 15:35:38 UTC (rev 40619)
+++ CMF/branches/tseaver-viewification/CMFCore/tests/test_OpaqueItems.py 2005-12-07 15:37:27 UTC (rev 40620)
@@ -14,10 +14,8 @@
$Id$
"""
-from unittest import TestSuite, makeSuite, main
+import unittest
import Testing
-import Zope2
-Zope2.startup()
from zope.interface import implements
@@ -39,7 +37,8 @@
# -------------------------------------------
def extra_meta_types():
- return [{'name': 'Dummy', 'action': 'manage_addFolder'}]
+ return [{'name': 'Dummy', 'action': 'manage_addFolder',
+ 'permission': 'View'}]
def addDummyContent(container, id, opaqueItem):
container._setObject(id, DummyContent(id, opaqueItem=opaqueItem, catalog=1))
@@ -265,9 +264,9 @@
def test_suite():
- return TestSuite((
- makeSuite(ManageBeforeAfterTests),
+ return unittest.TestSuite((
+ unittest.makeSuite(ManageBeforeAfterTests),
))
if __name__ == '__main__':
- main(defaultTest='test_suite')
+ unittest.main(defaultTest='test_suite')
Modified: CMF/branches/tseaver-viewification/CMFCore/tests/test_PortalContent.py
===================================================================
--- CMF/branches/tseaver-viewification/CMFCore/tests/test_PortalContent.py 2005-12-07 15:35:38 UTC (rev 40619)
+++ CMF/branches/tseaver-viewification/CMFCore/tests/test_PortalContent.py 2005-12-07 15:37:27 UTC (rev 40620)
@@ -19,9 +19,10 @@
import Testing
from AccessControl.SecurityManagement import newSecurityManager
-from AccessControl.SecurityManagement import noSecurityManager
from Acquisition import aq_base
+from Products.CMFCore.tests.base.dummy import DummySite
+from Products.CMFCore.tests.base.dummy import DummyUserFolder
from Products.CMFCore.tests.base.testcase import SecurityRequestTest
@@ -53,22 +54,13 @@
# Tests related to http://www.zope.org/Collectors/CMF/205
# Copy/pasting a content item must set ownership to pasting user
- def _initFolders(self):
- from OFS.Folder import Folder
+ def setUp(self):
+ SecurityRequestTest.setUp(self)
- FOLDER_IDS = ( 'acl_users', 'folder1', 'folder2' )
+ self.root._setObject('site', DummySite('site'))
+ self.site = self.root.site
+ self.acl_users = self.site._setObject('acl_users', DummyUserFolder())
- for folder_id in FOLDER_IDS:
- if folder_id not in self.root.objectIds():
- self.root._setObject( folder_id, Folder( folder_id ) )
-
- # Hack, we need a _p_mtime for the file, so we make sure that it
- # has one. We use a subtransaction, which means we can rollback
- # later and pretend we didn't touch the ZODB.
- #transaction.savepoint(optimistic=True)
-
- return [ self.root._getOb( folder_id ) for folder_id in FOLDER_IDS ]
-
def _initContent(self, folder, id):
from Products.CMFCore.PortalContent import PortalContent
@@ -80,30 +72,30 @@
def test_CopyPasteSetsOwnership(self):
# Copy/pasting a File should set new ownership including local roles
+ from OFS.Folder import Folder
- acl_users, folder1, folder2 = self._initFolders()
- acl_users._doAddUser('user1', '', ('Member',), ())
- user1 = acl_users.getUserById('user1').__of__(acl_users)
- acl_users._doAddUser('user2', '', ('Member',), ())
- user2 = acl_users.getUserById('user2').__of__(acl_users)
+ acl_users = self.acl_users
+ folder1 = self.site._setObject('folder1', Folder('folder1'))
+ folder2 = self.site._setObject('folder2', Folder('folder2'))
- newSecurityManager(None, user1)
+ newSecurityManager(None, acl_users.user_foo)
content = self._initContent(folder1, 'content')
- content.manage_setLocalRoles(user1.getId(), ['Owner'])
+ content.manage_setLocalRoles(acl_users.user_foo.getId(), ['Owner'])
- newSecurityManager(None, user2)
+ newSecurityManager(None, acl_users.all_powerful_Oz)
cb = folder1.manage_copyObjects(['content'])
folder2.manage_pasteObjects(cb)
# Now test executable ownership and "owner" local role
# "member" should have both.
moved = folder2._getOb('content')
- self.assertEqual(aq_base(moved.getOwner()), aq_base(user2))
+ self.assertEqual(aq_base(moved.getOwner()),
+ aq_base(acl_users.all_powerful_Oz))
local_roles = moved.get_local_roles()
self.assertEqual(len(local_roles), 1)
userid, roles = local_roles[0]
- self.assertEqual(userid, user2.getId())
+ self.assertEqual(userid, acl_users.all_powerful_Oz.getId())
self.assertEqual(len(roles), 1)
self.assertEqual(roles[0], 'Owner')
Modified: CMF/branches/tseaver-viewification/CMFCore/tests/test_PortalFolder.py
===================================================================
--- CMF/branches/tseaver-viewification/CMFCore/tests/test_PortalFolder.py 2005-12-07 15:35:38 UTC (rev 40619)
+++ CMF/branches/tseaver-viewification/CMFCore/tests/test_PortalFolder.py 2005-12-07 15:37:27 UTC (rev 40620)
@@ -49,7 +49,8 @@
def extra_meta_types():
- return [ { 'name' : 'Dummy', 'action' : 'manage_addFolder' } ]
+ return [{'name': 'Dummy', 'action': 'manage_addFolder',
+ 'permission': 'View'}]
class PortalFolderFactoryTests( SecurityTest ):
@@ -1072,8 +1073,12 @@
def _no_manage_addFile( a, c, n, v, *args, **kw ):
return n != 'manage_addFile'
- self._initPolicyAndUser( v_lambda=_no_manage_addFile )
+ def _no_add_images_and_files(permission, object, context):
+ return permission != ADD_IMAGES_AND_FILES
+ self._initPolicyAndUser( v_lambda=_no_manage_addFile,
+ c_lambda=_no_add_images_and_files )
+
cookie = folder1.manage_cutObjects( ids=( 'file', ) )
self._assertCopyErrorUnauth( folder2.manage_pasteObjects
, cookie
More information about the CMF-checkins
mailing list