[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security/tests - testAttributeRolePermissionManager.py:1.1.2.3 testRolePermissionManager.py:1.1.2.6 testSecurityDirectives.py:1.1.2.10
Anthony Baxter
anthony@interlink.com.au
Sat, 9 Feb 2002 17:10:00 -0500
Update of /cvs-repository/Zope3/lib/python/Zope/App/Security/tests
In directory cvs.zope.org:/tmp/cvs-serv5429/tests
Modified Files:
Tag: Zope-3x-branch
testAttributeRolePermissionManager.py
testRolePermissionManager.py testSecurityDirectives.py
Log Message:
Updated RolePermission interfaces, code and testsuites to new standard,
as with PrincipalPermission and PrincipalRole. All test cases pass, but
this is largely because the testZSP script isn't very thorough ;)
This code allows Permissions to be explicitly denied to a Role.
=== Zope3/lib/python/Zope/App/Security/tests/testAttributeRolePermissionManager.py 1.1.2.2 => 1.1.2.3 ===
from Zope.App.Security.RoleRegistry import roleRegistry
from Zope.App.Security.PermissionRegistry import permissionRegistry
+from Zope.App.Security.Settings import Allow, Deny
import unittest, sys
@@ -54,38 +55,28 @@
mgr.grantPermissionToRole('read','peon')
l = list(mgr.getPermissionsForRole('manager'))
- l.sort()
- self.assertEqual(l, [ 'read', 'write' ] )
+ self.failUnless( ('read', Allow) in l )
+ self.failUnless( ('write', Allow) in l )
l = list(mgr.getPermissionsForRole('peon'))
- self.assertEqual(l, [ 'read' ] )
+ self.failUnless( [('read', Allow)] == l )
l = list(mgr.getRolesForPermission('read'))
- l.sort()
- self.assertEqual(l, [ 'manager', 'peon' ] )
+ self.failUnless( ('manager', Allow) in l )
+ self.failUnless( ('peon', Allow) in l )
l = list(mgr.getRolesForPermission('write'))
- self.assertEqual(l, [ 'manager' ] )
+ self.assertEqual(l, [ ('manager', 'Allow') ] )
- mgr.retractPermissionFromRole('read', 'peon')
+ mgr.denyPermissionToRole('read', 'peon')
l = list(mgr.getPermissionsForRole('peon'))
- self.assertEqual(l, [] )
-
- l = list(mgr.getRolesForPermission('read'))
- self.assertEqual(l, [ 'manager' ] )
+ self.assertEqual(l, [('read', 'Deny')] )
+ mgr.unsetPermissionForRole('read', 'peon')
- def testInvalid(self):
- obj = Manageable()
- mgr = AttributeRolePermissionManager(obj)
+ l = list(mgr.getRolesForPermission('read'))
+ self.assertEqual(l, [ ('manager', Allow) ] )
- self.assertRaises(ValueError,
- mgr.grantPermissionToRole,
- 'readx','manager')
-
- self.assertRaises(ValueError,
- mgr.grantPermissionToRole,
- 'read','managerx')
def test_suite():
loader=unittest.TestLoader()
=== Zope3/lib/python/Zope/App/Security/tests/testRolePermissionManager.py 1.1.2.5 => 1.1.2.6 ===
import unittest
-from Zope.App.Security.PermissionRegistry import permissionRegistry as pregistry
-from Zope.App.Security.RoleRegistry import roleRegistry as rregistry
-from Zope.App.Security.RolePermissionManager import rolePermissionManager as manager
+from Zope.App.Security.PermissionRegistry \
+ import permissionRegistry as pregistry
+from Zope.App.Security.RoleRegistry \
+ import roleRegistry as rregistry
+from Zope.App.Security.RolePermissionManager \
+ import rolePermissionManager as manager
+from Zope.App.Security.Settings \
+ import Allow, Deny, Unset
class Test(unittest.TestCase):
@@ -33,26 +38,31 @@
permission = pregistry.definePermission('APerm', 'aPerm title')
role = rregistry.defineRole('ARole', 'A Role')
manager.grantPermissionToRole(permission, role)
- self.assertEqual(manager.getRolesForPermission(permission), [role])
- self.assertEqual(manager.getPermissionsForRole(role), [permission])
+ self.assertEqual(manager.getRolesForPermission(permission),
+ [(role,Allow)])
+ self.assertEqual(manager.getPermissionsForRole(role),
+ [(permission,Allow)])
def testManyPermissionsOneRole(self):
- perm1 = pregistry.definePermission('Perm One', 'title')
- perm2 = pregistry.definePermission('Perm Two', 'title')
+ perm1 = pregistry.definePermission('Perm One', 'P1')
+ perm2 = pregistry.definePermission('Perm Two', 'P2')
+ perm3 = pregistry.definePermission('Perm Three', 'P3')
role1 = rregistry.defineRole('Role One', 'Role #1')
perms = manager.getPermissionsForRole(role1)
self.assertEqual(len(perms), 0)
manager.grantPermissionToRole(perm1, role1)
manager.grantPermissionToRole(perm2, role1)
manager.grantPermissionToRole(perm2, role1)
+ manager.denyPermissionToRole(perm3, role1)
perms = manager.getPermissionsForRole(role1)
- self.assertEqual(len(perms), 2)
- self.failUnless(perm1 in perms)
- self.failUnless(perm2 in perms)
- manager.retractPermissionFromRole(perm1, role1)
+ self.assertEqual(len(perms), 3)
+ self.failUnless((perm1,Allow) in perms)
+ self.failUnless((perm2,Allow) in perms)
+ self.failUnless((perm3,Deny) in perms)
+ manager.unsetPermissionForRole(perm1, role1)
perms = manager.getPermissionsForRole(role1)
- self.assertEqual(len(perms), 1)
- self.failUnless(perm2 in perms)
+ self.assertEqual(len(perms), 2)
+ self.failUnless((perm2,Allow) in perms)
def testManyRolesOnePermission(self):
perm1 = pregistry.definePermission('Perm One', 'title')
@@ -63,22 +73,16 @@
manager.grantPermissionToRole(perm1, role1)
manager.grantPermissionToRole(perm1, role2)
manager.grantPermissionToRole(perm1, role2)
+ manager.denyPermissionToRole(perm1, role1)
roles = manager.getRolesForPermission(perm1)
self.assertEqual(len(roles), 2)
- self.failUnless(role1 in roles)
- self.failUnless(role2 in roles)
- manager.retractPermissionFromRole(perm1, role1)
+ self.failIf((role1,Allow) in roles)
+ self.failUnless((role1,Deny) in roles)
+ self.failUnless((role2,Allow) in roles)
+ manager.unsetPermissionForRole(perm1, role1)
roles = manager.getRolesForPermission(perm1)
self.assertEqual(len(roles), 1)
- self.failUnless(role2 in roles)
-
- def testPermissionsAcquired(self):
- perm = pregistry.definePermission('Perm One', 'title')
- self.failUnless(manager.getPermissionAcquired(perm))
- manager.setPermissionAcquired(perm, 0)
- self.failIf(manager.getPermissionAcquired(perm))
- manager.setPermissionAcquired(perm, 1)
- self.failUnless(manager.getPermissionAcquired(perm))
+ self.failUnless((role2,Allow) in roles)
def test_suite():
loader=unittest.TestLoader()
=== Zope3/lib/python/Zope/App/Security/tests/testSecurityDirectives.py 1.1.2.9 => 1.1.2.10 ===
self.assertEqual(len( roles ), 1)
- self.failUnless("Bar" in roles)
+ self.failUnless(("Bar",Allow) in roles)
self.assertEqual(len( perms ), 1)
- self.failUnless("Foo" in perms)
+ self.failUnless(("Foo",Allow) in perms)
class TestPrincipalPermission( unittest.TestCase ):