[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security/tests - testAttributeRolePermissionManager.py:1.1.2.1

Jim Fulton jim@zope.com
Fri, 28 Dec 2001 08:45:17 -0500


Update of /cvs-repository/Zope3/lib/python/Zope/App/Security/tests
In directory cvs.zope.org:/tmp/cvs-serv16867/tests

Added Files:
      Tag: Zope-3x-branch
	testAttributeRolePermissionManager.py 
Log Message:
Added framework for managing role permissions in an attribute of
objects. This is needed to implement a Zope2-style security page (sans
role and local-role definitions).

We decided to punt, for now, on "acquiring permission settings".
That feature, specifically the abiliy to disable acquisition of
permission settings,  was very tied to the Zope 2 implementation.
This needs more thought.
 


=== Added File Zope3/lib/python/Zope/App/Security/tests/testAttributeRolePermissionManager.py ===
##############################################################################
#
# Copyright (c) 2001 Zope Corporation and Contributors. All Rights Reserved.
# 
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE
# 
##############################################################################

from Zope.App.Security.AttributeRolePermissionManager \
     import AttributeRolePermissionManager
from Zope.App.Security.IAttributeRolePermissionManageable \
     import IAttributeRolePermissionManageable
from Zope.ComponentArchitecture import defineService, provideService, _clear
from Zope.App.Security.IRoleService import IRoleService
from Zope.App.Security.IPermissionService import IPermissionService
from Zope.App.Security.RoleRegistry import roleRegistry
from Zope.App.Security.PermissionRegistry import permissionRegistry

import unittest, sys

class Manageable:
    __implements__ = IAttributeRolePermissionManageable

class Test(unittest.TestCase):

    def setUp(self):
        roleRegistry._clear()
        permissionRegistry._clear()
        _clear()
        defineService('RoleService', IRoleService)
        defineService('PermissionService', IPermissionService)
        provideService('RoleService', roleRegistry)
        provideService('PermissionService', permissionRegistry)

        permissionRegistry.definePermission('read', 'Read Something')
        permissionRegistry.definePermission('write', 'Write Something')

        roleRegistry.defineRole('peon', 'Poor Slob')
        roleRegistry.defineRole('manager', 'Supreme Being')
        
    def testNormal(self):
        obj = Manageable()
        mgr = AttributeRolePermissionManager(obj)

        mgr.grantPermissionToRole('read','manager')
        mgr.grantPermissionToRole('write','manager')

        mgr.grantPermissionToRole('read','peon')

        l = list(mgr.getPermissionsForRole('manager'))
        l.sort()
        self.assertEqual(l, [ 'read', 'write' ] )

        l = list(mgr.getPermissionsForRole('peon'))
        self.assertEqual(l, [ 'read' ] )

        l = list(mgr.getRolesForPermission('read'))
        l.sort()
        self.assertEqual(l, [ 'manager', 'peon' ] )

        l = list(mgr.getRolesForPermission('write'))
        self.assertEqual(l, [ 'manager' ] )

    def testInvalid(self):
        obj = Manageable()
        mgr = AttributeRolePermissionManager(obj)

        self.assertRaises(ValueError,
                          mgr.grantPermissionToRole,
                          'readx','manager')

        self.assertRaises(ValueError,
                          mgr.grantPermissionToRole,
                          'read','managerx')

def test_suite():
    loader=unittest.TestLoader()
    return loader.loadTestsFromTestCase(Test)

if __name__=='__main__':
    unittest.TextTestRunner().run(test_suite())