[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Traversing/tests - testTraverser.py:1.1.2.11 testZopeWrapper.py:NONE
Jim Fulton
jim@zope.com
Sun, 28 Apr 2002 13:17:12 -0400
Update of /cvs-repository/Zope3/lib/python/Zope/App/Traversing/tests
In directory cvs.zope.org:/tmp/cvs-serv17050/lib/python/Zope/App/Traversing/tests
Modified Files:
Tag: Zope-3x-branch
testTraverser.py
Removed Files:
Tag: Zope-3x-branch
testZopeWrapper.py
Log Message:
HOTYB: Merged SecurityProxy-branch into main branch.
All tests pass and folders can be listed and added through the web.
It is likely that most other things don't work and will need to be
fixed. The reason is that many accesses that should have been checked
before are now being checked and additional checks and thinking about
permissions and security settings are needed.
I'm in the process of drafting a paper for the wiki that describes the
changes in more detail.
=== Zope3/lib/python/Zope/App/Traversing/tests/testTraverser.py 1.1.2.10 => 1.1.2.11 ===
from Zope.App.Traversing.Traverser import Traverser
from Zope.App.Traversing.DefaultTraversable import DefaultTraversable
-from Zope.ContextWrapper import wrapper, Wrapper
+from Zope.Proxy.ContextWrapper import ContextWrapper
from Zope.Exceptions import NotFoundError, Unauthorized
from Zope.ComponentArchitecture import provideAdapter
-from Zope.App.Security.SecurityManagement import setSecurityPolicy, \
+from Zope.Security.SecurityManagement import setSecurityPolicy, \
noSecurityManager
-from Zope.App.Security.SimpleSecurityPolicies import NameBasedSecurityPolicy
from Zope.Testing.CleanUp import CleanUp # Base class w registry cleanup
from Interface.Verify import verifyClass
from Interface.Implements import instancesOfObjectImplements
+from Zope.Security.Checker \
+ import ProxyFactory, defineChecker, NamesChecker, CheckerPublic, Checker
+from Zope.Security.SecurityManagement import newSecurityManager
class C:
def __init__(self, name):
@@ -39,9 +41,9 @@
class TraverserTests(CleanUp, unittest.TestCase):
def setUp(self):
# Build up a wrapper chain
- self.root = Wrapper(C('root'), None, name='')
- self.folder = Wrapper(C('folder'), self.root, name='folder')
- self.item = Wrapper(C('item'), self.folder, name='item')
+ self.root = ContextWrapper(C('root'), None, name='')
+ self.folder = ContextWrapper(C('folder'), self.root, name='folder')
+ self.item = ContextWrapper(C('item'), self.folder, name='item')
self.tr = Traverser(self.item)
def testImplementsITraverser(self):
@@ -76,7 +78,7 @@
self.tr = Traverser(root)
def testNoTraversable(self):
- self.assertRaises(NotFoundError, self.tr.unrestrictedTraverse,
+ self.assertRaises(NotFoundError, self.tr.traverse,
'folder')
class UnrestrictedTraverseTests(CleanUp, unittest.TestCase):
@@ -96,51 +98,57 @@
tr = self.tr
item = self.item
- self.assertEquals(tr.unrestrictedTraverse('/folder/item'), item)
- self.assertEquals(tr.unrestrictedTraverse('folder/item'), item)
- self.assertEquals(tr.unrestrictedTraverse('/folder/item/'), item)
+ self.assertEquals(tr.traverse('/folder/item'), item)
+ self.assertEquals(tr.traverse('folder/item'), item)
+ self.assertEquals(tr.traverse('/folder/item/'), item)
def testSimplePathUnicode(self):
tr = self.tr
item = self.item
- self.assertEquals(tr.unrestrictedTraverse(u'/folder/item'), item)
- self.assertEquals(tr.unrestrictedTraverse(u'folder/item'), item)
- self.assertEquals(tr.unrestrictedTraverse(u'/folder/item/'), item)
+ self.assertEquals(tr.traverse(u'/folder/item'), item)
+ self.assertEquals(tr.traverse(u'folder/item'), item)
+ self.assertEquals(tr.traverse(u'/folder/item/'), item)
def testSimplePathTuple(self):
tr = self.tr
item = self.item
- self.assertEquals(tr.unrestrictedTraverse(('', 'folder', 'item')),
+ self.assertEquals(tr.traverse(('', 'folder', 'item')),
item)
- self.assertEquals(tr.unrestrictedTraverse(('folder', 'item')), item)
+ self.assertEquals(tr.traverse(('folder', 'item')), item)
def testComplexPathString(self):
tr = self.tr
item = self.item
- self.assertEquals(tr.unrestrictedTraverse('/folder/../folder/./item'),
+ self.assertEquals(tr.traverse('/folder/../folder/./item'),
item)
- self.assertEquals(tr.unrestrictedTraverse(
+ self.assertEquals(tr.traverse(
'/../folder/../../folder/item'), item)
- self.assertEquals(tr.unrestrictedTraverse('../../folder/item'), item)
+ self.assertEquals(tr.traverse('../../folder/item'), item)
def testNotFoundDefault(self):
- self.assertEquals(self.tr.unrestrictedTraverse('foo', 'notFound'),
+ self.assertEquals(self.tr.traverse('foo', 'notFound'),
'notFound')
def testNotFoundNoDefault(self):
- self.assertRaises(NotFoundError, self.tr.unrestrictedTraverse, 'foo')
+ self.assertRaises(NotFoundError, self.tr.traverse, 'foo')
+
+def Denied(*names):
+
+ def check(name):
+ if name in names:
+ return 'Waaaa'
+ return CheckerPublic
+
+ return Checker(check)
class RestrictedTraverseTests(CleanUp, unittest.TestCase):
_oldPolicy = None
_deniedNames = ()
def setUp(self):
- self._oldPolicy = setSecurityPolicy(
- NameBasedSecurityPolicy(self.denyNames))
-
provideAdapter(None, ITraversable, DefaultTraversable)
self.root = root = C('root')
@@ -150,52 +158,30 @@
root.folder = folder
folder.item = item
- self.tr = Traverser(root)
-
- def tearDown(self):
- noSecurityManager()
- setSecurityPolicy(self._oldPolicy)
- CleanUp.tearDown(self)
-
- def denyNames(self, name):
- if name in self._deniedNames:
- raise Unauthorized
+ self.tr = Traverser(ProxyFactory(root))
def testAllAllowed(self):
- tr = self.tr
+ defineChecker(C, Checker(lambda name: CheckerPublic))
+ tr = Traverser(ProxyFactory(self.root))
item = self.item
- self.assertEquals(tr.restrictedTraverse(('', 'folder', 'item')), item)
- self.assertEquals(tr.restrictedTraverse(('folder', 'item')), item)
+ self.assertEquals(tr.traverse(('', 'folder', 'item')), item)
+ self.assertEquals(tr.traverse(('folder', 'item')), item)
def testItemDenied(self):
- self._deniedNames = ('item',)
-
- tr = self.tr
+ newSecurityManager('no one')
+ defineChecker(C, Denied('item'))
+ tr = Traverser(ProxyFactory(self.root))
folder = self.folder
- self.assertRaises(Unauthorized, tr.restrictedTraverse,
+ self.assertRaises(Unauthorized, tr.traverse,
('', 'folder', 'item'))
- self.assertRaises(Unauthorized, tr.restrictedTraverse,
+ self.assertRaises(Unauthorized, tr.traverse,
('folder', 'item'))
- self.assertEquals(tr.restrictedTraverse(('', 'folder')), folder)
- self.assertEquals(tr.restrictedTraverse(('folder', '..', 'folder')),
+ self.assertEquals(tr.traverse(('', 'folder')), folder)
+ self.assertEquals(tr.traverse(('folder', '..', 'folder')),
folder)
- self.assertEquals(tr.restrictedTraverse(('folder',)), folder)
-
- def testNoneDenied(self):
- # If traversing up ('..') or to the root, None is passed as a name to
- # validate.
- self._deniedNames = (None,)
-
- tr = self.tr
- item = self.item
-
- self.assertRaises(Unauthorized, tr.restrictedTraverse,
- ('', 'folder'))
- self.assertRaises(Unauthorized, tr.restrictedTraverse,
- ('folder', '..', 'folder'))
- self.assertEquals(tr.restrictedTraverse(('folder', 'item')), item)
+ self.assertEquals(tr.traverse(('folder',)), folder)
class DefaultTraversableTests(CleanUp, unittest.TestCase):
def testImplementsITraversable(self):
=== Removed File Zope3/lib/python/Zope/App/Traversing/tests/testZopeWrapper.py ===