[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security/tests - testZSP.py:1.1.2.6
Jim Fulton
jim@zope.com
Fri, 28 Dec 2001 14:35:31 -0500
Update of /cvs-repository/Zope3/lib/python/Zope/App/Security/tests
In directory cvs.zope.org:/tmp/cvs-serv32763/tests
Modified Files:
Tag: Zope-3x-branch
testZSP.py
Log Message:
Added support for context-dependent role-permission assignments.
=== Zope3/lib/python/Zope/App/Security/tests/testZSP.py 1.1.2.5 => 1.1.2.6 ===
import unittest
+from Interface import Interface
+from Zope.ContextWrapper import Wrapper
+from Zope.ComponentArchitecture import provideAdapter
+from Zope.App.Security.IRolePermissionManager import IRolePermissionManager
from Zope.App.Security.PermissionRegistry import permissionRegistry
from Zope.App.Security.PrincipalRegistry import principalRegistry
from Zope.App.Security.RoleRegistry import roleRegistry
@@ -71,7 +75,7 @@
from Zope.App.Security.ZopeSecurityPolicy import ZopeSecurityPolicy
- def test_checkPermission(self):
+ def testGlobalCheckPermission(self):
self.failUnless(
self.policy.checkPermission('read', None, Context('jim')))
self.failUnless(
@@ -93,6 +97,25 @@
self.failUnless(
self.policy.checkPermission('write', None, Context('jim')))
+ def testPlayfulRolePermissions(self):
+ permissionRegistry.definePermission('test', 'Test', '')
+ provideAdapter(ITest, IRolePermissionManager, Adaptor)
+
+ ob1 = TestClass()
+ ob2 = TestClass()
+ ob3 = TestClass()
+
+ ob = Wrapper(ob3, Wrapper(ob2, ob1))
+
+ self.failIf(self.policy.checkPermission('test', ob, Context('tim')))
+ Adaptor(ob2).grantPermissionToRole('test', 'Manager')
+ self.failUnless(self.policy.checkPermission('test', ob, Context('tim')))
+
+ self.failIf(self.policy.checkPermission('test', ob, Context('jim')))
+ Adaptor(ob3).grantPermissionToRole('test', 'Peon')
+ self.failUnless(self.policy.checkPermission('test', ob, Context('jim')))
+
+
def test_validate(self):
self.policy.validate('_', Protected('read'), Context('jim'))
self.policy.validate('_', Protected('read'), Context('tim'))
@@ -116,6 +139,38 @@
self.policy.validate,
'x', Unprotected(), Context('tim'))
+class ITest(Interface):
+ pass
+
+class TestClass:
+ __implements__ = ITest
+
+ def __init__(self):
+ self._roles = { 'test' : {} }
+ self._permissions = { 'Manager' : {} , 'Peon' : {} }
+
+class Adaptor:
+ __implements__ = IRolePermissionManager
+
+ def __init__(self, context):
+ self._context = context
+
+ def getPermissionsForRole(self, role):
+ return self._context._permissions.get(role, {}).keys()
+
+ def getRolesForPermission(self, permission):
+ return self._context._roles.get(permission, {}).keys()
+
+ def getPermissionAcquired(self, permission):
+ return 1
+
+ def grantPermissionToRole(self, permission, role):
+ self._context._permissions[role][permission] = 1
+ self._context._roles[permission][role] = 1
+
+ def setPermissionAcquired(self, permission, flag):
+ raise TypeError
+
def test_suite():
loader=unittest.TestLoader()
return loader.loadTestsFromTestCase(Test)