[Zope-Checkins] CVS: Zope3/lib/python/Zope/Security/tests - testSecurityManagement.py:1.1.2.1 testSecurityManager.py:1.1.2.1 testChecker.py:1.1.2.8
Jim Fulton
jim@zope.com
Sat, 27 Apr 2002 12:58:56 -0400
Update of /cvs-repository/Zope3/lib/python/Zope/Security/tests
In directory cvs.zope.org:/tmp/cvs-serv26931/lib/python/Zope/Security/tests
Modified Files:
Tag: SecurityProxy-branch
testChecker.py
Added Files:
Tag: SecurityProxy-branch
testSecurityManagement.py testSecurityManager.py
Log Message:
Moved security management modules to Zope.Security.
Added like_unto attribute to protect class so you can say that a class
has the same protections as another class::
<security:protectClass name=".RootFolder." like_unto=".Folder." />
Added some additional calls to removeAllProxies in some component
lookup code while debugging integration of new security model.
Added protections for BTree types.
=== Added File Zope3/lib/python/Zope/Security/tests/testSecurityManagement.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" Unit tests for SecurityManagement
$Id: testSecurityManagement.py,v 1.1.2.1 2002/04/27 16:58:55 jim Exp $
"""
import unittest
from Interface.Verify import verifyObject
from Zope.Testing.CleanUp import CleanUp
import Zope.Security.SecurityManagement
from Zope.Security.SecurityManagement import \
noSecurityManager, setSecurityPolicy, newSecurityManager
class Test(CleanUp, unittest.TestCase):
def test_import( self ):
from Zope.Security import SecurityManagement
from Zope.Security.ISecurityManagement import ISecurityManagement
from Zope.Security.ISecurityManagement \
import ISecurityManagementSetup
verifyObject( ISecurityManagementSetup, SecurityManagement )
verifyObject( ISecurityManagement, SecurityManagement )
def test_ISecurityManagementSetup( self ):
from Zope.Security.SecurityManagement import noSecurityManager
from Zope.Security.SecurityManagement import newSecurityManager
from Zope.Security.SecurityManagement import replaceSecurityManager
some_user = []
other_user = []
old = newSecurityManager( some_user )
self.assertEqual( old, None )
old = newSecurityManager( other_user )
self.failUnless( old is not None )
self.failUnless( old.getPrincipal() is some_user )
old2 = replaceSecurityManager( old )
self.failUnless( old2 is not None )
self.failUnless( old2.getPrincipal() is other_user )
noSecurityManager()
def test_getSecurityManager( self ):
# This is a test for the case when there is no principal
from Zope.Security.SecurityManagement import noSecurityManager
from Zope.Security.SecurityManagement import replaceSecurityManager
from Zope.Security.SecurityManagement import getSecurityManager
noSecurityManager()
self.failUnless( replaceSecurityManager( None ) is None )
mgr = getSecurityManager()
self.assertEqual( mgr.getPrincipal(), None)
# XXX maybe add test for default principal case
self.failIf( mgr.calledByExecutable() )
self.assertEqual( replaceSecurityManager( None ), mgr )
noSecurityManager()
def _setPermissive( self ):
from Zope.Security.SecurityManagement import setSecurityPolicy
from Zope.Security.SimpleSecurityPolicies \
import PermissiveSecurityPolicy
setSecurityPolicy( PermissiveSecurityPolicy() )
def _setParanoid( self ):
from Zope.Security.SecurityManagement import setSecurityPolicy
from Zope.Security.SimpleSecurityPolicies \
import ParanoidSecurityPolicy
setSecurityPolicy( ParanoidSecurityPolicy() )
def test_setSecurityPolicy( self ):
from Zope.Security.SecurityManagement import noSecurityManager
from Zope.Security.SecurityManagement import getSecurityManager
from Zope.Exceptions import Unauthorized
# test against default policy (paranoid)
self._setParanoid()
newSecurityManager('some user')
mgr = getSecurityManager()
self.failIf( mgr.checkPermission( None, None ) )
# test against explicit permissive policy
self._setPermissive()
newSecurityManager('some user')
mgr = getSecurityManager()
self.failUnless( mgr.checkPermission( None, None ) )
# test against explicit paranoid policy
self._setParanoid()
newSecurityManager('some user')
mgr = getSecurityManager()
self.failIf( mgr.checkPermission( None, None ) )
def test_suite():
loader=unittest.TestLoader()
return loader.loadTestsFromTestCase(Test)
if __name__=='__main__':
unittest.TextTestRunner().run(test_suite())
=== Added File Zope3/lib/python/Zope/Security/tests/testSecurityManager.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" Unit tests for SecurityManager """
import unittest
from Interface.Verify import verifyClass
from Zope.Security import SecurityManager
from Zope.Security.SimpleSecurityPolicies import \
ParanoidSecurityPolicy, PermissiveSecurityPolicy
from Zope.Security.SecurityContext import SecurityContext
from Zope.Exceptions import Unauthorized
class DummyExecutable:
"""__implements__ = (pseudo) IExecutableObject"""
class DummyExecutableWithCustomPolicy:
"""__implements__ = (pseudo) IExecutableObjectWithCustomSecurityPolicy"""
def _customSecurityPolicy( self ):
return PermissiveSecurityPolicy()
class Test( unittest.TestCase ):
def setUp( self ):
self._oldPolicy = SecurityManager._defaultPolicy
SecurityManager.setSecurityPolicy( ParanoidSecurityPolicy() )
self._context = SecurityContext( 'xyzzy' )
def tearDown( self ):
from Zope.Security.SecurityManager import setSecurityPolicy
setSecurityPolicy( self._oldPolicy )
def _makeMgr( self ):
from Zope.Security.SecurityManager import SecurityManager
return SecurityManager( self._context )
def _setPermissive( self ):
from Zope.Security.SecurityManager import setSecurityPolicy
setSecurityPolicy( PermissiveSecurityPolicy() )
def test_import( self ):
from Zope.Security.SecurityManager import SecurityManager
from Zope.Security.ISecurityManager import ISecurityManager
verifyClass( ISecurityManager, SecurityManager )
def test_empty( self ):
mgr = self._makeMgr()
self.assertEqual( mgr.getPrincipal(), self._context.user )
self.failIf( mgr.calledByExecutable() )
def test_w_default_policy( self ):
mgr = self._makeMgr()
self.failIf( mgr.checkPermission( None, None ) )
def test_w_permissive_policy( self ):
mgr = self._makeMgr()
self._setPermissive()
self.failUnless( mgr.checkPermission( None, None ) )
def test_exec_stack_overflow( self ):
from Zope.Security.SecurityManager import MAX_STACK_SIZE
mgr = self._makeMgr()
for i in range( MAX_STACK_SIZE ):
mgr.pushExecutable( None )
self.assertRaises( SystemError, mgr.pushExecutable, None )
def test_pushExecutable_simple( self ):
mgr = self._makeMgr()
self.failIf( mgr.calledByExecutable() )
mgr.pushExecutable( DummyExecutable() )
self.failUnless( mgr.calledByExecutable() )
def test_popExecutable_simple( self ):
mgr = self._makeMgr()
exe = DummyExecutable()
exe2 = DummyExecutable()
mgr.pushExecutable( exe )
mgr.pushExecutable( exe2 )
mgr.popExecutable( exe2 )
self.failUnless( mgr.calledByExecutable() )
mgr.popExecutable( exe )
self.failIf( mgr.calledByExecutable() )
def test_popExecutable_nomatch( self ):
mgr = self._makeMgr()
exe = DummyExecutable()
exe2 = DummyExecutable()
other = DummyExecutable()
mgr.pushExecutable( exe )
mgr.pushExecutable( exe2 )
mgr.popExecutable( other ) # not on stack => no change
self.failUnless( mgr.calledByExecutable() )
mgr.popExecutable( exe ) # bottom of stack => empty it
self.failIf( mgr.calledByExecutable() )
def test_pushExecutable_customPolicy( self ):
mgr = self._makeMgr()
exe = DummyExecutableWithCustomPolicy()
self.failIf( mgr.checkPermission( None, None ) )
mgr.pushExecutable( exe )
self.failUnless( mgr.checkPermission( None, None ) )
mgr.popExecutable( exe )
self.failIf( mgr.checkPermission( None, None ) )
def test_pushPop_complexPolicies( self ):
mgr = self._makeMgr()
exe1 = DummyExecutableWithCustomPolicy()
exe2 = DummyExecutable()
exe3 = DummyExecutableWithCustomPolicy()
mgr.pushExecutable( exe1 ) # now has custom permissive policy
self.failUnless( mgr.checkPermission( None, None ) )
mgr.pushExecutable( exe2 ) # now has default policy
self.failIf( mgr.checkPermission( None, None ) )
mgr.pushExecutable( exe3 ) # now has custom permissive policy
self.failUnless( mgr.checkPermission( None, None ) )
mgr.popExecutable( exe3 ) # back to default policy
self.failIf( mgr.checkPermission( None, None ) )
mgr.popExecutable( exe2 ) # back to has custom permissive policy
self.failUnless( mgr.checkPermission( None, None ) )
mgr.popExecutable( exe1 ) # back to default policy
self.failIf( mgr.checkPermission( None, None ) )
def test_suite():
loader=unittest.TestLoader()
return loader.loadTestsFromTestCase(Test)
if __name__=='__main__':
unittest.TextTestRunner().run(test_suite())
=== Zope3/lib/python/Zope/Security/tests/testChecker.py 1.1.2.7 => 1.1.2.8 ===
from Zope.Security.Checker import NamesChecker, CheckerPublic
from Zope.Testing.CleanUp import cleanUp
-from Zope.App.Security.ISecurityPolicy import ISecurityPolicy
+from Zope.Security.ISecurityPolicy import ISecurityPolicy
from Zope.Exceptions import Forbidden, Unauthorized
-from Zope.App.Security.SecurityManagement import setSecurityPolicy
+from Zope.Security.SecurityManagement import setSecurityPolicy
from Zope.Security.Proxy import getChecker, getObject
from Zope.Security.Checker import defineChecker
@@ -32,10 +32,10 @@
############################################################
# Implementation methods for interface
- # Zope.App.Security.ISecurityPolicy.
+ # Zope.Security.ISecurityPolicy.
def checkPermission(self, permission, object, context):
- 'See Zope.App.Security.ISecurityPolicy.ISecurityPolicy'
+ 'See Zope.Security.ISecurityPolicy.ISecurityPolicy'
return permission == 'test_allowed'