[Zope-Checkins] CVS: Zope3/lib/python/Zope/Configuration/tests - Directives.py:1.1.2.6.6.1 testDirectivesXML.py:1.1.2.6.4.1 testMeta.py:1.1.2.9.6.1 testMultipleXML.py:1.1.2.4.6.1 testXML.py:1.1.2.11.4.1
Jim Fulton
jim@zope.com
Fri, 26 Apr 2002 14:23:22 -0400
Update of /cvs-repository/Zope3/lib/python/Zope/Configuration/tests
In directory cvs.zope.org:/tmp/cvs-serv26237/lib/python/Zope/Configuration/tests
Modified Files:
Tag: SecurityProxy-branch
Directives.py testDirectivesXML.py testMeta.py
testMultipleXML.py testXML.py
Log Message:
Changed security code to use security proxies and name-based
security. This has pretty far-reaching implications:
- You now protect names/operations, *not* values. This means it's as
easy yo protect data attributes that have simple values as it is to
protect methods.
- There is no longer a __permissions__ attribute. :)
- There is no longer a validate method in either security managers or
policies.
- No more need to have a special compiler for restricted code.
In exchange, lots of objects are proxies and code sometimes needs to
be prepared to remove proxies.
In addition:
- Basic objects (None, strings, numbers, etc.) are not wrapped in
context wrappers.
- There is a test that fails unless Python 2.3 is used.
=== Zope3/lib/python/Zope/Configuration/tests/Directives.py 1.1.2.6 => 1.1.2.6.6.1 ===
__implements__ = INonEmptyDirective
- def __init__(self, _context, name, permission=None, methods=None):
+ def __init__(self, _context, name, permission=None, names=None):
self._name=name
self._permission=permission
- self._methods=methods
+ self._names=names
self._children=[]
self.__context = _context
def __call__(self):
if not self._children:
- p = self._name, self._permission, self._methods
- d = self._name, self._methods
+ p = self._name, self._permission, self._names
+ d = self._name, self._names
return [(d, protections.append, (p,))]
else:
return ()
- def protect(self, _context, permission=None, methods=None):
+ def protect(self, _context, permission=None, names=None):
if permission is None: permission=self._permission
if permission is None: raise 'no perm'
- p=self._name, permission, methods
- d=self._name, methods
+ p=self._name, permission, names
+ d=self._name, names
self._children.append(p)
return [(d, protections.append, (p,))]
=== Zope3/lib/python/Zope/Configuration/tests/testDirectivesXML.py 1.1.2.6 => 1.1.2.6.4.1 ===
''' % ns,
'''<test:protectClass
- name=".Contact" permission="splat" methods="update"
+ name=".Contact" permission="splat" names="update"
/>'''
)))
@@ -69,8 +69,8 @@
</directive>
</directives>''' % ns,
'''<test:protectClass name=".Contact">
- <test:protect permission="edit" methods='update' />
- <test:protect permission="view" methods='name, email' />
+ <test:protect permission="edit" names='update' />
+ <test:protect permission="view" names='name, email' />
</test:protectClass>'''
)))
@@ -94,8 +94,8 @@
</directives>''' % ns,
'''<test:protectClass name=".Contact">
- <test:protect permission="edit" methods='update' />
- <protect permission="view" methods='name, email' />
+ <test:protect permission="edit" names='update' />
+ <protect permission="view" names='name, email' />
</test:protectClass>'''
)))
@@ -113,7 +113,7 @@
</directives>''' % ns,
'''<test:protectClass name=".Contact">
- <test2:protect permission="edit" methods='update' />
+ <test2:protect permission="edit" names='update' />
</test:protectClass>'''
)))
except InvalidDirective, v:
=== Zope3/lib/python/Zope/Configuration/tests/testMeta.py 1.1.2.9 => 1.1.2.9.6.1 ===
subs=begin(None, (ns, 'protectClass'), name,
- name=".Contact", permission="splat", methods='update')
+ name=".Contact", permission="splat", names='update')
(des, callable, args, kw), = end(subs)
self.assertEqual(des, ('.Contact', 'update'))
@@ -65,13 +65,13 @@
subs = begin(None, (ns, 'protectClass'), name, name=".Contact")
actions = end(sub(subs, (ns, 'protect'), name,
- permission='edit', methods='update'))
+ permission='edit', names='update'))
(des, callable, args, kw), = actions
self.assertEqual(des, ('.Contact', 'update'))
callable(*args)
actions = end(sub(subs, (ns, 'protect'), name,
- permission='view', methods='name, email'))
+ permission='view', names='name, email'))
(des, callable, args, kw), = actions
self.assertEqual(des, ('.Contact', 'name, email'))
callable(*args)
=== Zope3/lib/python/Zope/Configuration/tests/testMultipleXML.py 1.1.2.4 => 1.1.2.4.6.1 ===
'''
<test:protectClass
- name=".Contact" permission="splat" methods="update"
+ name=".Contact" permission="splat" names="update"
/>
<test:protectClass
- name=".Contact" permission="splat" methods="update2"
+ name=".Contact" permission="splat" names="update2"
/>
'''), 'f2')
@@ -48,7 +48,7 @@
</directive>''' % (ns, ns),
'''
<test:protectClass
- name=".Contact" permission="splat" methods="update"
+ name=".Contact" permission="splat" names="update"
/>
<include file="%s"/>
''' % f2), 'f1')
@@ -64,16 +64,16 @@
f2=tfile(template % ('',
'''
<test:protectClass
- name=".Contact" permission="splat" methods="update"
+ name=".Contact" permission="splat" names="update"
/>
<test:protectClass
- name=".Contact" permission="splat" methods="update2"
+ name=".Contact" permission="splat" names="update2"
/>
'''), 'f2')
f3=tfile(template % ('',
'''
<test:protectClass
- name=".Contact" permission="splat" methods="update2"
+ name=".Contact" permission="splat" names="update2"
/>
'''), 'f3')
@@ -84,7 +84,7 @@
</directive>''' % (ns, ns),
'''
<test:protectClass
- name=".Contact" permission="splat" methods="update"
+ name=".Contact" permission="splat" names="update"
/>
<include file="%s"/>
<include file="%s"/>
=== Zope3/lib/python/Zope/Configuration/tests/testXML.py 1.1.2.11 => 1.1.2.11.4.1 ===
''' % (ns, ns),
'''<test:protectClass
- name=".Contact" permission="splat" methods="update"
+ name=".Contact" permission="splat" names="update"
/>'''
)))
@@ -65,8 +65,8 @@
</directive>
''' % (ns, ns),
'''<test:protectClass name=".Contact">
- <test:protect permission="edit" methods='update' />
- <test:protect permission="view" methods='name, email' />
+ <test:protect permission="edit" names='update' />
+ <test:protect permission="view" names='name, email' />
</test:protectClass>'''
)))
@@ -89,8 +89,8 @@
''' % (ns, ns),
'''<test:protectClass name=".Contact">
- <test:protect permission="edit" methods='update' />
- <protect permission="view" methods='name, email' />
+ <test:protect permission="edit" names='update' />
+ <protect permission="view" names='name, email' />
</test:protectClass>'''
)))
@@ -107,7 +107,7 @@
''' % (ns, ns),
'''<test:protectClass name=".Contact">
- <test2:protect permission="edit" methods='update' />
+ <test2:protect permission="edit" names='update' />
</test:protectClass>'''
)))
except InvalidDirective, v: