[Zope-Checkins] CVS: Zope3/lib/python/Zope/Security/tests - testRestrictedBuiltins.py:1.1.2.1 testRestrictedInterpreter.py:1.1.4.2

Jim Fulton jim@zope.com
Thu, 23 May 2002 14:01:23 -0400


Update of /cvs-repository/Zope3/lib/python/Zope/Security/tests
In directory cvs.zope.org:/tmp/cvs-serv26429/lib/python/Zope/Security/tests

Modified Files:
      Tag: Zope-3x-branch
	testRestrictedInterpreter.py 
Added Files:
      Tag: Zope-3x-branch
	testRestrictedBuiltins.py 
Log Message:
This all started with wanting to be able to use url;view in a ZPT path. :)

That lead me to:

- Massive traversal refactoring.

  Namespace handling is now centralized in Zope.App.Traversing. 

- ZPT refactoring, including some renaming that touches pretty much everything. :)

  - The application specific ZPT support was moved into
    Zope.App.PageTemplate. 

  - To get page template files (for use in views):

    from Zope.App.PageTemplate import ViewPageTemplateFile

  - Fixed up security so that ZPT expressions only have access to 
    safe builtins and so that modules namespace does imports safely.

  - Got ZPTPage working!

- renaming url to absolute_url and got absolute_url to work in paths.

- Cleaned up the (as yet unused) RestrictedInterpreter module in
  Zope.Security. In particular, changed to use a separate
  RestrictedBuiltins module.



=== Added File Zope3/lib/python/Zope/Security/tests/testRestrictedBuiltins.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
# 
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE
# 
##############################################################################
"""

Revision information:
$Id: testRestrictedBuiltins.py,v 1.1.2.1 2002/05/23 18:01:22 jim Exp $
"""

from unittest import TestCase, TestSuite, main, makeSuite
from Zope.Testing.CleanUp import CleanUp # Base class w registry cleanup

class Test(CleanUp, TestCase):

    def test(self):
        from Zope.Security.RestrictedBuiltins import RestrictedBuiltins
        from Zope.Security.Proxy import Proxy
        from Zope.Exceptions import Forbidden

        def e(expr):
            return eval(expr, {'__builtins__': RestrictedBuiltins})

        self.assertEqual(e('__import__("sys").__name__'), "sys")
        self.assertEqual(e('__import__("Zope.Security").__name__'), "Zope")
        self.assertEqual(e(
            '__import__("Zope.Security",{},None,("__doc__",)).__name__'),
                         "Zope.Security")
        self.assertRaises(Forbidden, e, '__import__("sys").exit')
        
    

def test_suite():
    return TestSuite((
        makeSuite(Test),
        ))

if __name__=='__main__':
    main(defaultTest='test_suite')


=== Zope3/lib/python/Zope/Security/tests/testRestrictedInterpreter.py 1.1.4.1 => 1.1.4.2 ===
 from Zope.Testing.CleanUp import cleanUp
 
-class TestChecker:
-    def check_getattr(self, object, name):
-        pass
-    def check(self, object, opname):
-        pass
-    def proxy(self, value):
-        return ProxyFactory(value)
-
 class RITests(unittest.TestCase):
 
     def setUp(self):
-        self.checker = TestChecker()
-        self.rinterp = RestrictedInterpreter(self.checker)
+        self.rinterp = RestrictedInterpreter()
 
     def tearDown(self):
         cleanUp()