[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security/tests - testPermissionRegistry.py:1.1.2.14 testPrincipalPermissionView.py:1.1.2.10 testPrincipalRoleView.py:1.1.2.9 testProtectClass.py:1.1.2.15 testRolePermissionView.py:1.1.2.8 testSecurityDirectives.py:1.1.2.16 testPublicClass.py:NONE
Jim Fulton
jim@zope.com
Fri, 7 Jun 2002 10:41:49 -0400
Update of /cvs-repository/Zope3/lib/python/Zope/App/Security/tests
In directory cvs.zope.org:/tmp/cvs-serv12187/lib/python/Zope/App/Security/tests
Modified Files:
Tag: Zope-3x-branch
testPermissionRegistry.py testPrincipalPermissionView.py
testPrincipalRoleView.py testProtectClass.py
testRolePermissionView.py testSecurityDirectives.py
Removed Files:
Tag: Zope-3x-branch
testPublicClass.py
Log Message:
Merging in Zope3InWonderland-branch, which implemented the following
proposals (see
http://dev.zope.org/Wikis/DevSite/Projects/ComponentArchitecture/OldProposals):
- RenameAllowToRequire
- GroupClassRelatedDirectivesInClassDirective
- ViewInterfaceAndSimplification
- ConsistentUseOfSpacesAsDelimitersInZCMLAttributes
- TwoArgumentViewConstructors
- ImplementsInZCML
- SimpleViewCreationInZCML
- RemoveGetView
- ReplaceProtectWithAllow
- ViewMethodsAsViews
- MergeProtectionAndComponentDefinitions
There were also various security fixes resulting of better integration
of security with components.
=== Zope3/lib/python/Zope/App/Security/tests/testPermissionRegistry.py 1.1.2.13 => 1.1.2.14 ===
self.assertEqual(None, permissionRegistry.getPermission('Foo'))
self.failIf(permissionRegistry.definedPermission('Foo'))
+
+ def testPermissionStartsWithDot(self):
+ self.assertRaises(ValueError, permissionRegistry.definePermission,
+ '.Foo', 'dot foo title')
def testPermissionIsAnIPermission(self):
permissionRegistry.definePermission('Foo', 'foo title')
@@ -56,7 +60,7 @@
permission = permissionRegistry.getPermission('Foo')
eq(permission.getTitle(), 'Foo-able')
eq(permission.getDescription(), 'A foo-worthy permission')
-
+
def test_suite():
loader=unittest.TestLoader()
=== Zope3/lib/python/Zope/App/Security/tests/testPrincipalPermissionView.py 1.1.2.9 => 1.1.2.10 ===
from Zope.App.Security.PrincipalPermissionView \
import PrincipalPermissionView
- return PrincipalPermissionView(DummyContext())
+ return PrincipalPermissionView(DummyContext(), None)
def testGrantPermissions(self):
view = self._makeOne()
=== Zope3/lib/python/Zope/App/Security/tests/testPrincipalRoleView.py 1.1.2.8 => 1.1.2.9 ===
__implements__ = IRoleService
- def __init__( self, roles ):
+ def __init__(self, roles):
self._roles = roles
- def getRoles( self ):
+ def getRoles(self):
return self._roles
class DummyObject:
- def __init__( self, id, title ):
+ def __init__(self, id, title):
self._id = id
self._title = title
- def getId( self ):
+ def getId(self):
return self._id
- def getTitle( self ):
+ def getTitle(self):
return self._title
class DummyAuthenticationService:
__implements__ = IAuthenticationService
- def __init__( self, principals ):
+ def __init__(self, principals):
self._principals = principals
- def getPrincipals( self ):
+ def getPrincipals(self):
return self._principals
-class Test(PlacefulSetup, unittest.TestCase ):
+class Test(PlacefulSetup, unittest.TestCase):
def setUp(self):
PlacefulSetup.setUp(self)
self._roles = []
- self._roles.append( DummyObject( 'qux', 'Qux' ) )
- self._roles.append( DummyObject( 'baz', 'Baz' ) )
+ self._roles.append(DummyObject('qux', 'Qux'))
+ self._roles.append(DummyObject('baz', 'Baz'))
defineService=getServiceManager(None).defineService
provideService=getServiceManager(None).provideService
- defineService( 'RoleService', IRoleService )
- provideService( 'RoleService'
- , DummyRoleService( roles = self._roles ) )
+ defineService('RoleService', IRoleService)
+ provideService('RoleService'
+ , DummyRoleService(roles = self._roles))
- defineService( 'AuthenticationService', IAuthenticationService )
+ defineService('AuthenticationService', IAuthenticationService)
self._principals = []
- self._principals.append( DummyObject( 'foo', 'Foo' ) )
- self._principals.append( DummyObject( 'bar', 'Bar' ) )
+ self._principals.append(DummyObject('foo', 'Foo'))
+ self._principals.append(DummyObject('bar', 'Bar'))
- provideService( 'AuthenticationService',
- DummyAuthenticationService( principals = self._principals ) )
+ provideService('AuthenticationService',
+ DummyAuthenticationService(principals = self._principals))
- def _makeOne( self ):
+ def _makeOne(self):
from Zope.App.Security.PrincipalRoleView import PrincipalRoleView
- return PrincipalRoleView( DummyManager() )
+ return PrincipalRoleView(DummyManager(), None)
def testRoles(self):
view = self._makeOne()
roles = list(view.getAllRoles())
- self.assertEqual( len( roles ), 2 )
+ self.assertEqual(len(roles), 2)
- ids = map( lambda x: x.getId(), self._roles )
- titles = map( lambda x: x.getTitle(), self._roles )
+ ids = map(lambda x: x.getId(), self._roles)
+ titles = map(lambda x: x.getTitle(), self._roles)
for role in roles:
- self.failUnless( role.getId() in ids )
- self.failUnless( role.getTitle() in titles )
+ self.failUnless(role.getId() in ids)
+ self.failUnless(role.getTitle() in titles)
def testPrincipals(self):
view = self._makeOne()
principals = list(view.getAllPrincipals())
- self.assertEqual( len( principals ), 2 )
+ self.assertEqual(len(principals), 2)
- ids = map( lambda x: x.getId(), self._principals )
- titles = map( lambda x: x.getTitle(), self._principals )
+ ids = map(lambda x: x.getId(), self._principals)
+ titles = map(lambda x: x.getTitle(), self._principals)
for principal in principals:
- self.failUnless( principal.getId() in ids )
- self.failUnless( principal.getTitle() in titles )
+ self.failUnless(principal.getId() in ids)
+ self.failUnless(principal.getTitle() in titles)
def testPrincipalRoleGrid(self):
view = self._makeOne()
@@ -125,7 +125,7 @@
p_ids = [p.getId() for p in view.getAllPrincipals()]
r_ids = [r.getId() for r in view.getAllRoles()]
- self.failUnless( grid.listAvailableValues())
+ self.failUnless(grid.listAvailableValues())
for id in [p.getId() for p in grid.principals()]:
self.failUnless(id in p_ids)
=== Zope3/lib/python/Zope/App/Security/tests/testProtectClass.py 1.1.2.14 => 1.1.2.15 ===
""" Test handler for 'protectClass' directive """
-import unittest, sys
+import unittest
-from Zope.App.Security import protectClass
-
-# So we can use config parser to exercise protectClass stuff.
-from cStringIO import StringIO
-from Zope.Configuration.xmlconfig import xmlconfig, ZopeXMLConfigurationError
from TestModuleHookup import *
+from Zope.App.Security.PermissionRegistry import permissionRegistry
from Zope.Testing.CleanUp import CleanUp # Base class w registry cleanup
-from Zope.App.Security.Exceptions import UndefinedPermissionError
-
-def defineDirectives():
- xmlconfig(StringIO("""
- <zopeConfigure xmlns='http://namespaces.zope.org/zope'
- xmlns:security='http://namespaces.zope.org/security'>
- <directive namespace="http://namespaces.zope.org/security"
- name="permission"
- attributes="permission_id, title, description"
- handler="Zope.App.Security.metaConfigure.definePermission" />
- <directive namespace="http://namespaces.zope.org/security"
- name="protectClass"
- attributes="class, permission, interface, methods, like_unto"
- handler="Zope.App.Security.protectClass.">
- <subdirective namespace="http://namespaces.zope.org/security"
- name="protect"
- attributes="permission, interface, methods, like_unto"
- />
- </directive>
- <security:permission permission_id="extravagant" title="extravagant" />
- <security:permission permission_id="paltry" title="paltry" />
- </zopeConfigure>"""))
+from Zope.App.Security.protectClass import protectName, protectLikeUnto
NOTSET = []
@@ -53,7 +28,9 @@
class Test(CleanUp, unittest.TestCase):
def setUp(self):
- defineDirectives()
+ permissionRegistry.definePermission(P1, P1)
+ permissionRegistry.definePermission(P2, P2)
+
class B:
def m1(self):
return "m1"
@@ -86,155 +63,31 @@
self.assertEqual(checker.permission_id('m2'), (m2P or None))
self.assertEqual(checker.permission_id('m3'), (m3P or None))
- def assertDeclaration(self, declaration, **state):
- apply_declaration(template_bracket % declaration)
- self.assertState(**state)
-
- def testClass(self):
- declaration = ("""<security:protectClass
- class="%s" permission_id="%s" />"""
- % (PREFIX+"test_class", P1))
- self.assertDeclaration(declaration,
- instP=P1)
-
# "testSimple*" exercises tags that do NOT have children. This mode
# inherently sets the instances as well as the class attributes.
def testSimpleMethodsPlural(self):
- declaration = ("""<security:protectClass
- class="%s" permission_id="%s"
- names="m1, m3" />"""
- % (PREFIX+"test_class", P1))
- self.assertDeclaration(declaration,
- instP=P1, m1P=P1, m3P=P1)
-
- def testSimpleInterface(self):
- declaration = ("""<security:protectClass
- class="%s" permission_id="%s" interface="%s" />"""
- % (PREFIX+"test_class", P1, PREFIX+"I"))
- # m1 and m2 are in the interface, so should be set, and m3 should not:
- self.assertDeclaration(declaration,
- instP=P1, m1P=P1, m2P=P1)
-
- # "testComposite*" exercises tags that DO have children.
- # "testComposite*TopPerm" exercises tags with permission in containing tag.
- # "testComposite*ElementPerm" exercises tags w/permission in children.
-
- def testCompositeNoPerm(self):
- """Establish rejection of declarations lacking a permission spec."""
- declaration = ("""<security:protectClass class="%s">
- <security:protect names="m1"/>
- </security:protectClass>"""
- % (PREFIX+"test_class"))
- self.assertRaises(protectClass.ProtectionDeclarationException,
- self.assertDeclaration,
- declaration)
- # Permission not in top tag and in one subtag but not in the other:
- declaration = ("""<security:protectClass class="%s">
- <security:protect permission_id="%s"
- names="m1"/>
- <security:protect
- names="m2"/>
- </security:protectClass>"""
- % (PREFIX+"test_class", P1))
- self.assertRaises(protectClass.ProtectionDeclarationException,
- self.assertDeclaration, declaration, m1P=P1)
-
- def testCompositeMethodTopPerm(self):
- declaration = ("""<security:protectClass class="%s" permission_id="%s">
- <security:protect names="m1"/>
- </security:protectClass>"""
- % (PREFIX+"test_class", P1))
- self.assertDeclaration(declaration,
- m1P=P1)
-
- def testCompositeMethodElementPerm(self):
- declaration = ("""<security:protectClass class="%s">
- <security:protect permission_id="%s" names="m1"/>
- </security:protectClass>"""
- % (PREFIX+"test_class", P1))
- self.assertDeclaration(declaration,
- m1P=P1)
-
- def testCompositeMethodsPluralTopPerm(self):
- declaration = ("""<security:protectClass class="%s" permission_id="%s">
- <security:protect names="m1, m2"/>
- </security:protectClass>"""
- % (PREFIX+"test_class", P1))
- self.assertDeclaration(declaration,
- m1P=P1, m2P=P1)
-
- def testCompositeMethodsPluralElementPerm(self):
- declaration = ("""<security:protectClass class="%s">
- <security:protect permission_id="%s"
- names="m1, m3"/>
- </security:protectClass>"""
- % (PREFIX+"test_class", P1))
- self.assertDeclaration(declaration,
- m1P=P1, m3P=P1)
-
- def testCompositeInterfaceTopPerm(self):
- declaration = ("""<security:protectClass class="%s" permission_id="%s">
- <security:protect interface="%s"/>
- </security:protectClass>"""
- % (PREFIX+"test_class", P1, PREFIX+"I"))
- self.assertDeclaration(declaration,
- m1P=P1, m2P=P1)
-
- def testCompositeInterfaceElementPerm(self):
- declaration = ("""<security:protectClass class="%s">
- <security:protect permission_id="%s"
- interface="%s"/>
- </security:protectClass>"""
- % (PREFIX+"test_class", P1, PREFIX+"I"))
- self.assertDeclaration(declaration,
- m1P=P1, m2P=P1)
-
- def testCompositeInstancesTopPerm(self):
- declaration = ("""<security:protectClass class="%s" permission_id="%s">
- </security:protectClass>"""
- % (PREFIX+"test_class", P1))
- self.assertDeclaration(declaration,
- instP=P1)
-
- def testSubInterfaces(self):
- declaration = ("""<security:protectClass
- class="%s" permission_id="%s"
- interface="%s" />"""
- % (PREFIX+"test_class", P1, PREFIX+"I2"))
- # m1 and m2 are in the interface, so should be set, and m3 should not:
- self.assertDeclaration(declaration,
- instP=P1, m1P=P1, m2P=P1)
-
+ protectName(TestModule.test_class, 'm1', P1)
+ protectName(TestModule.test_class, 'm3', P1)
+ self.assertState(instP=P1, m1P=P1, m3P=P1)
def testLikeUntoOnly(self):
- declaration = ("""
- <security:protectClass class="%s" names="m1,m2" permission_id="%s" />
- <security:protectClass class="%s" like_unto="%s" />
- """ % (PREFIX+"test_base", P1,
- PREFIX+"test_class", PREFIX+"test_base"))
+ protectName(TestModule.test_base, 'm1', P1)
+ protectName(TestModule.test_base, 'm2', P1)
+ protectLikeUnto(TestModule.test_class, TestModule.test_base)
# m1 and m2 are in the interface, so should be set, and m3 should not:
- self.assertDeclaration(declaration,
- m1P=P1, m2P=P1)
+ self.assertState(m1P=P1, m2P=P1)
def testLikeUntoAsDefault(self):
- declaration = ("""
- <security:protectClass class="%s" names="m1,m2" permission_id="%s" />
- <security:protectClass class="%s" like_unto="%s"
- names="m2,m3" permission_id="%s"/>
- """ % (PREFIX+"test_base", P1,
- PREFIX+"test_class", PREFIX+"test_base", P2))
+ protectName(TestModule.test_base, 'm1', P1)
+ protectName(TestModule.test_base, 'm2', P1)
+ protectLikeUnto(TestModule.test_class, TestModule.test_base)
+ protectName(TestModule.test_class, 'm2', P2)
+ protectName(TestModule.test_class, 'm3', P2)
# m1 and m2 are in the interface, so should be set, and m3 should not:
- self.assertDeclaration(declaration,
- m1P=P1, m2P=P2, m3P=P2)
+ self.assertState(m1P=P1, m2P=P2, m3P=P2)
-
-
-def apply_declaration(declaration):
- """Apply the xmlconfig machinery."""
- return xmlconfig(StringIO(declaration))
-
def test_suite():
loader=unittest.TestLoader()
return loader.loadTestsFromTestCase(Test)
=== Zope3/lib/python/Zope/App/Security/tests/testRolePermissionView.py 1.1.2.7 => 1.1.2.8 ===
provideService('PermissionService', PermissionService(
read='Read', write='Write'))
- self.view = RolePermissionView(RolePermissionManager())
+ self.view = RolePermissionView(RolePermissionManager(), None)
def testRoles(self):
roles = list(self.view.roles())
=== Zope3/lib/python/Zope/App/Security/tests/testSecurityDirectives.py 1.1.2.15 => 1.1.2.16 ===
"""
-import unittest, sys
+import unittest, sys, os
from Zope.Configuration.xmlconfig import xmlconfig
from StringIO import StringIO
@@ -34,6 +34,12 @@
import principalRoleManager as principal_role_mgr
from Zope.App.Security.Settings import Allow, Deny, Unset, Remove, Assign
+
+import Zope.App.Security
+defs_path = os.path.join(
+ os.path.split(Zope.App.Security.__file__)[0],
+ 'security-meta.zcml')
+
def configfile(s):
return StringIO("""<zopeConfigure
xmlns='http://namespaces.zope.org/zope'
@@ -42,76 +48,16 @@
</zopeConfigure>
""" % s)
-def metaConfigure():
- xmlconfig(StringIO("""
- <zopeConfigure xmlns='http://namespaces.zope.org/zope'>
-
- <!-- Zope.App.Security -->
- <directive namespace="http://namespaces.zope.org/security"
- name="definePermission"
- attributes="permission, title, description"
- handler="Zope.App.Security.metaConfigure.definePermission" />
- <directive namespace="http://namespaces.zope.org/security"
- name="defineRole"
- attributes="role, title, description"
- handler="Zope.App.Security.metaConfigure.defineRole" />
- <directive namespace="http://namespaces.zope.org/security"
- name="protectClass"
- attributes="class, permission, interface, methods"
- handler="Zope.App.Security.protectClass.">
- <subdirective namespace="http://namespaces.zope.org/security"
- name="protect"
- attributes="permission, interface, methods" />
- <subdirective namespace="http://namespaces.zope.org/security"
- name="instances"
- attributes="permission" />
- </directive>
- <directive namespace="http://namespaces.zope.org/security"
- name="publicClass"
- attributes="class, interface, methods"
- handler="Zope.App.Security.publicClass." />
- <directive namespace="http://namespaces.zope.org/security"
- name="defaultPolicy"
- attributes="name"
- handler="Zope.App.Security.metaConfigure.defaultPolicy" />
- <directive namespace="http://namespaces.zope.org/security"
- name="principal"
- attributes="principal, title, description"
- handler="Zope.App.Security.metaConfigure.principal" />
- <directive namespace="http://namespaces.zope.org/security"
- name="defaultPrincipal"
- attributes="principal, title, description"
- handler="Zope.App.Security.metaConfigure.defaultPrincipal" />
- <directive
- namespace="http://namespaces.zope.org/security"
- name="grantPermissionToRole"
- attributes="permission, role"
- handler="Zope.App.Security.metaConfigure.grantPermissionToRole" />
- <directive
- namespace="http://namespaces.zope.org/security"
- name="grantPermissionToPrincipal"
- attributes="permission, principal"
- handler="Zope.App.Security.metaConfigure.grantPermissionToPrincipal"
- />
- <directive
- namespace="http://namespaces.zope.org/security"
- name="assignRoleToPrincipal"
- attributes="role, principal"
- handler="Zope.App.Security.metaConfigure.assignRoleToPrincipal" />
- </zopeConfigure>
- """))
-
-
class TestPrincipalDirective(CleanUp, unittest.TestCase):
def setUp(self):
- metaConfigure()
+ xmlconfig(open(defs_path))
def testRegister(self):
- f = configfile("""<security:principal principal_id="1"
+ f = configfile("""<security:principal id="1"
title="Sir Tim Peters"
description="Tim Peters"
login="tim" password="123" />
- <security:principal principal_id="2"
+ <security:principal id="2"
title="Sir Jim Fulton"
description="Jim Fulton"
login="jim" password="123" />""")
@@ -133,12 +79,12 @@
class TestPermissionDirective(CleanUp, unittest.TestCase):
def setUp(self):
- metaConfigure()
+ xmlconfig(open(defs_path))
def testRegister(self):
f = configfile("""
- <security:definePermission
- permission_id="Can Do It"
+ <security:permission
+ id="Can Do It"
title="A Permissive Permission"
description="This permission lets you do anything" />""")
@@ -152,13 +98,13 @@
def testDuplicationRegistration(self):
f = configfile("""
- <security:definePermission
- permission_id="Can Do It"
+ <security:permission
+ id="Can Do It"
title="A Permissive Permission"
description="This permission lets you do anything" />
- <security:definePermission
- permission_id="Can Do It"
+ <security:permission
+ id="Can Do It"
title="A Permissive Permission"
description="This permission lets you do anything" />
""")
@@ -168,12 +114,12 @@
class TestRoleDirective(CleanUp, unittest.TestCase):
def setUp(self):
- metaConfigure()
+ xmlconfig(open(defs_path))
def testRegister(self):
f = configfile("""
- <security:defineRole
- role_id="Everyperson"
+ <security:role
+ id="Everyperson"
title="Tout le monde"
description="The common man, woman, person, or thing" />
""")
@@ -188,13 +134,13 @@
def testDuplicationRegistration(self):
f = configfile("""
- <security:defineRole
- role_id="Everyperson"
+ <security:role
+ id="Everyperson"
title="Tout le monde"
description="The common man, woman, person, or thing" />
- <security:defineRole
- role_id="Everyperson"
+ <security:role
+ id="Everyperson"
title="Tout le monde"
description="The common man, woman, person, or thing" />
""")
@@ -205,13 +151,13 @@
class TestRolePermission(CleanUp, unittest.TestCase):
def setUp( self ):
- metaConfigure()
+ xmlconfig(open(defs_path))
def testMap( self ):
f = configfile("""
<security:grantPermissionToRole
- permission_id="Foo"
- role_id="Bar" />
+ permission="Foo"
+ role="Bar" />
""")
xmlconfig(f)
@@ -228,13 +174,13 @@
class TestPrincipalPermission(CleanUp, unittest.TestCase):
def setUp( self ):
- metaConfigure()
+ xmlconfig(open(defs_path))
def testMap( self ):
f = configfile("""
<security:grantPermissionToPrincipal
- permission_id="Foo"
- principal_id="Bar" />
+ permission="Foo"
+ principal="Bar" />
""")
xmlconfig(f)
@@ -251,13 +197,13 @@
class TestPrincipalRole(CleanUp, unittest.TestCase):
def setUp( self ):
- metaConfigure()
+ xmlconfig(open(defs_path))
def testMap( self ):
f = configfile("""
<security:assignRoleToPrincipal
- role_id="Foo"
- principal_id="Bar" />
+ role="Foo"
+ principal="Bar" />
""")
xmlconfig(f)
=== Removed File Zope3/lib/python/Zope/App/Security/tests/testPublicClass.py ===