[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/ZopePublication/tests - testZopePublication.py:1.1.2.22.4.1
Jim Fulton
jim@zope.com
Fri, 26 Apr 2002 14:23:22 -0400
Update of /cvs-repository/Zope3/lib/python/Zope/App/ZopePublication/tests
In directory cvs.zope.org:/tmp/cvs-serv26237/lib/python/Zope/App/ZopePublication/tests
Modified Files:
Tag: SecurityProxy-branch
testZopePublication.py
Log Message:
Changed security code to use security proxies and name-based
security. This has pretty far-reaching implications:
- You now protect names/operations, *not* values. This means it's as
easy yo protect data attributes that have simple values as it is to
protect methods.
- There is no longer a __permissions__ attribute. :)
- There is no longer a validate method in either security managers or
policies.
- No more need to have a special compiler for restricted code.
In exchange, lots of objects are proxies and code sometimes needs to
be prepared to remove proxies.
In addition:
- Basic objects (None, strings, numbers, etc.) are not wrapped in
context wrappers.
- There is a test that fails unless Python 2.3 is used.
=== Zope3/lib/python/Zope/App/ZopePublication/tests/testZopePublication.py 1.1.2.22 => 1.1.2.22.4.1 ===
from Zope.Publisher.DefaultPublication import TestPublication
from Zope.Publisher.IPublication import IPublication
-from Zope.ContextWrapper import Wrapper, getobject, getcontext
+from Zope.Proxy.ContextWrapper import getWrapperContext
+from Zope.ContextWrapper import Wrapper
import ZODB
from ZODB.MappingStorage import MappingStorage
from Zope.Publisher.Exceptions import Retry
@@ -40,6 +41,8 @@
from Zope.App.Security.PrincipalRoleManager import principalRoleManager
from Zope.ComponentArchitecture import provideView
+from Zope.Proxy.ProxyIntrospection import removeAllProxies
+from Zope.Security.Checker import defineChecker, NamesChecker
from StringIO import StringIO
@@ -94,10 +97,6 @@
connection.close()
- def tearDown(self):
- setSecurityPolicy(self.policy)
- CleanUp.tearDown(self)
-
def testInterfacesVerify(self):
for interface in instancesOfObjectImplements(self.klass):
verifyClass(interface, TestPublication)
@@ -121,7 +120,6 @@
klass = BrowserPublication
def testBaseTagNoBase(self):
- # XXX WRONG!
self._testBaseTags('/somepath/view;view/', '')
def testBaseTag1(self):
@@ -151,16 +149,14 @@
pub = BrowserPublication(self.db)
provideView(I1, 'view', IBrowserPublisher, DummyView)
- #provideView(I1, '', IBrowserPublisher, DummyView)
setDefaultViewName(I1, IBrowserPublisher, 'view')
provideView(None, '_traverse', IBrowserPublisher, DefaultTraverser)
ob = O1()
## the following is for running the tests standalone
- principalRegistry.defineDefaultPrincipal('tim',
- 'timbot',
- 'ai at its best')
+ principalRegistry.defineDefaultPrincipal(
+ 'tim', 'timbot', 'ai at its best')
principalRoleManager.assignRoleToPrincipal('Manager', 'tim')
@@ -174,10 +170,12 @@
get_transaction().commit()
connection.close()
+ defineChecker(app.__class__, NamesChecker(somepath='xxx'))
+
req = self._createRequest(url, pub)
response = req.getResponse()
- publish(req)
+ publish(req, handle_errors=0)
self.assertEqual(response.getBase(), expected)
@@ -187,6 +185,19 @@
request.setPublication(publication)
return request
+
+
+class SimpleObject:
+ def __init__(self, v):
+ self.v = v
+
+class I1(Interface):
+ pass
+
+class mydict(dict):
+ __implements__ = I1
+
+
class BrowserPublicationTests(BasePublicationTests):
klass = BrowserPublication
@@ -199,13 +210,6 @@
self.failUnless(isinstance(ob2, Wrapper))
def testAdaptedTraverseNameWrapping(self):
- from Interface import Interface
- class I1(Interface):
- pass
-
- class mydict(dict):
- " "
- __implements__ = I1
class Adapter:
" "
@@ -221,21 +225,17 @@
from Zope.ComponentArchitecture import provideView
provideView(I1, '_traverse', IBrowserPublisher, Adapter)
ob = mydict()
- ob['bruce'] = 'bruce'
- ob['bruce2'] = 'bruce2'
+ ob['bruce'] = SimpleObject('bruce')
+ ob['bruce2'] = SimpleObject('bruce2')
pub = self.klass(self.db)
ob2 = pub.traverseName(self._createRequest('/bruce',pub), ob, 'bruce')
self.failUnless(isinstance(ob2, Wrapper))
- unw = getobject(ob2)
- self.assertEqual(unw, 'bruce')
+ unw = removeAllProxies(ob2)
+ self.assertEqual(unw.v, 'bruce')
def testAdaptedTraverseDefaultWrapping(self):
- from Interface import Interface
- class I1(Interface):
- pass
-
- class mydict(dict):
- __implements__ = I1
+ """Test default content and make sure that it's wrapped.
+ """
class Adapter:
__implements__ = IBrowserPublisher
@@ -247,14 +247,14 @@
provideView(I1, '_traverse', IBrowserPublisher, Adapter)
ob = mydict()
- ob['bruce'] = 'bruce'
- ob['bruce2'] = 'bruce2'
+ ob['bruce'] = SimpleObject('bruce')
+ ob['bruce2'] = SimpleObject('bruce2')
pub = self.klass(self.db)
- ob2,x = pub.getDefaultTraversal(self._createRequest('/bruce',pub), ob)
+ ob2, x = pub.getDefaultTraversal(self._createRequest('/bruce',pub), ob)
self.assertEqual(x, 'dummy')
self.failUnless(isinstance(ob2, Wrapper))
- unw = getobject(ob2)
- self.assertEqual(unw, 'bruce')
+ unw = removeAllProxies(ob2)
+ self.assertEqual(unw.v, 'bruce')
def testTraverseSkinExtraction(self):
@@ -279,13 +279,13 @@
def testTraverseName(self):
pub = self.klass(self.db)
class C:
- x=1
+ x = SimpleObject(1)
ob = C()
r = self._createRequest('/x',pub)
provideView(None, '_traverse', IBrowserPublisher, DefaultTraverser)
ob2 = pub.traverseName(r, ob, 'x')
- self.assertEqual(getobject(ob2), 1)
- self.assertEqual(getcontext(ob2), ob)
+ self.assertEqual(removeAllProxies(ob2).v, 1)
+ self.assertEqual(getWrapperContext(ob2), ob)
def testTraverseNameView(self):
pub = self.klass(self.db)
@@ -299,19 +299,19 @@
r = self._createRequest('/spam;view',pub)
provideView(I, 'spam', IBrowserPublisher, V)
ob2 = pub.traverseName(r, ob, 'spam;view')
- self.assertEqual(getobject(ob2).__class__, V)
- self.assertEqual(getcontext(ob2), ob)
+ self.assertEqual(removeAllProxies(ob2).__class__, V)
+ self.assertEqual(getWrapperContext(ob2), ob)
def testTraverseNameServices(self):
pub = self.klass(self.db)
class C:
def getServiceManager(self):
- return 1
+ return SimpleObject(1)
ob = C()
r = self._createRequest('/Services;etc',pub)
ob2 = pub.traverseName(r, ob, 'Services;etc')
- self.assertEqual(getobject(ob2), 1)
- self.assertEqual(getcontext(ob2), ob)
+ self.assertEqual(removeAllProxies(ob2).v, 1)
+ self.assertEqual(getWrapperContext(ob2), ob)
def testTraverseNameApplicationControl(self):
from Zope.App.OFS.ApplicationControl.ApplicationControl \