[Zope-Checkins] SVN: Zope/trunk/src/Products/Five/ Move all tests depending on PythonScripts into its own module
Hanno Schlichting
hannosch at hannosch.eu
Sat Jul 10 09:05:36 EDT 2010
Log message for revision 114507:
Move all tests depending on PythonScripts into its own module
Changed:
U Zope/trunk/src/Products/Five/browser/tests/pages.txt
U Zope/trunk/src/Products/Five/browser/tests/resource.txt
U Zope/trunk/src/Products/Five/browser/tests/test_pages.py
U Zope/trunk/src/Products/Five/browser/tests/test_resource.py
A Zope/trunk/src/Products/Five/browser/tests/test_scriptsecurity.py
D Zope/trunk/src/Products/Five/tests/testing/restricted.py
-=-
Modified: Zope/trunk/src/Products/Five/browser/tests/pages.txt
===================================================================
--- Zope/trunk/src/Products/Five/browser/tests/pages.txt 2010-07-10 13:02:14 UTC (rev 114506)
+++ Zope/trunk/src/Products/Five/browser/tests/pages.txt 2010-07-10 13:05:35 UTC (rev 114507)
@@ -275,57 +275,7 @@
>>> aq_parent(aq_inner(context))
<Folder at /test_folder_1_>
-High-level security
--------------------
- >>> protected_view_names = [
- ... 'eagle.txt', 'falcon.html', 'owl.html', 'flamingo.html',
- ... 'condor.html', 'permission_view']
- >>>
- >>> public_view_names = [
- ... 'public_attribute_page',
- ... 'public_template_page',
- ... 'public_template_class_page',
- ... 'nodoc-method', 'nodoc-function', 'nodoc-object',
- ... 'dirpage1', 'dirpage2']
-
- >>> from Products.Five.tests.testing.restricted import checkRestricted
- >>> from Products.Five.tests.testing.restricted import checkUnauthorized
-
-As long as we're not authenticated, we should get Unauthorized for
-protected views, but we should be able to view the public ones:
-
- >>> self.logout()
- >>> for view_name in protected_view_names:
- ... checkUnauthorized(
- ... self.folder,
- ... 'context.restrictedTraverse("testoid/%s")()' % view_name)
-
- >>> for view_name in public_view_names:
- ... checkRestricted(
- ... self.folder,
- ... 'context.restrictedTraverse("testoid/%s")()' % view_name)
- >>> self.login('manager')
-
-Being logged in as a manager again, we find that the protected pages
-are accessible to us:
-
- >>> for view_name in protected_view_names:
- ... checkRestricted(
- ... self.folder,
- ... 'context.restrictedTraverse("testoid/%s")()' % view_name)
-
- >>> checkRestricted(
- ... self.folder,
- ... 'context.restrictedTraverse("testoid/eagle.method").eagle()')
-
-Even when logged in though the private methods should not be accessible:
-
- >>> checkUnauthorized( self.folder,
- ... 'context.restrictedTraverse("testoid/eagle.method").mouse()')
-
-
-
Other
-----
Modified: Zope/trunk/src/Products/Five/browser/tests/resource.txt
===================================================================
--- Zope/trunk/src/Products/Five/browser/tests/resource.txt 2010-07-10 13:02:14 UTC (rev 114506)
+++ Zope/trunk/src/Products/Five/browser/tests/resource.txt 2010-07-10 13:05:35 UTC (rev 114507)
@@ -69,53 +69,6 @@
... if not isinstance(resource, PageTemplateResource):
... self.assertEquals(resource(), base_url % r)
-Security
---------
-
- >>> from Products.Five.tests.testing.restricted import checkRestricted
- >>> from Products.Five.tests.testing.restricted import checkUnauthorized
-
- >>> resource_names = ['cockatiel.html', 'style.css', 'pattern.png']
-
-We should get Unauthorized as long as we're unauthenticated:
-
- >>> for resource in resource_names:
- ... checkUnauthorized(
- ... self.folder,
- ... 'context.restrictedTraverse("testoid/++resource++%s")()' % resource)
-
- >>> base = 'testoid/++resource++fivetest_resources/%s'
- >>> for resource in dir_resource_names:
- ... path = base % resource
- ... checkUnauthorized(self.folder, 'context.restrictedTraverse("%s")' % path)
-
-Now let's create a manager user account and log in:
-
- >>> uf = self.folder.acl_users
- >>> uf._doAddUser('manager', 'r00t', ['Manager'], [])
- >>> self.login('manager')
-
-We can now view them all:
-
- >>> for resource in resource_names:
- ... checkRestricted(
- ... self.folder,
- ... 'context.restrictedTraverse("testoid/++resource++%s")()' % resource)
-
- >>> base = 'testoid/++resource++fivetest_resources/%s'
- >>> for resource in dir_resource_names:
- ... path = base % resource
- ... checkRestricted(self.folder, 'context.restrictedTraverse("%s")' % path)
-
-Let's make sure restrictedTraverse() works directly, too. It used to get
-tripped up on subdirectories due to missing security declarations.
-
- >>> self.folder.restrictedTraverse('++resource++fivetest_resources/resource.txt') is not None
- True
-
- >>> self.folder.restrictedTraverse('++resource++fivetest_resources/resource_subdir/resource.txt') is not None
- True
-
Clean up
--------
Modified: Zope/trunk/src/Products/Five/browser/tests/test_pages.py
===================================================================
--- Zope/trunk/src/Products/Five/browser/tests/test_pages.py 2010-07-10 13:02:14 UTC (rev 114506)
+++ Zope/trunk/src/Products/Five/browser/tests/test_pages.py 2010-07-10 13:05:35 UTC (rev 114507)
@@ -12,8 +12,6 @@
#
##############################################################################
"""Test browser pages
-
-$Id$
"""
import unittest
@@ -69,8 +67,6 @@
from Testing.ZopeTestCase import FunctionalDocFileSuite
from Testing.ZopeTestCase import ZopeDocFileSuite
from Testing.ZopeTestCase import ZopeDocTestSuite
- from Testing.ZopeTestCase import installProduct
- installProduct('PythonScripts')
return unittest.TestSuite((
ZopeDocTestSuite(),
ZopeDocFileSuite('pages.txt', package='Products.Five.browser.tests'),
Modified: Zope/trunk/src/Products/Five/browser/tests/test_resource.py
===================================================================
--- Zope/trunk/src/Products/Five/browser/tests/test_resource.py 2010-07-10 13:02:14 UTC (rev 114506)
+++ Zope/trunk/src/Products/Five/browser/tests/test_resource.py 2010-07-10 13:05:35 UTC (rev 114507)
@@ -12,16 +12,12 @@
#
##############################################################################
"""Test browser resources
-
-$Id$
"""
import unittest
def test_suite():
from Testing.ZopeTestCase import FunctionalDocFileSuite
from Testing.ZopeTestCase import ZopeDocFileSuite
- from Testing.ZopeTestCase import installProduct
- installProduct('PythonScripts')
return unittest.TestSuite((
ZopeDocFileSuite('resource.txt',
package='Products.Five.browser.tests'),
Added: Zope/trunk/src/Products/Five/browser/tests/test_scriptsecurity.py
===================================================================
--- Zope/trunk/src/Products/Five/browser/tests/test_scriptsecurity.py (rev 0)
+++ Zope/trunk/src/Products/Five/browser/tests/test_scriptsecurity.py 2010-07-10 13:05:35 UTC (rev 114507)
@@ -0,0 +1,187 @@
+import unittest
+
+from AccessControl import Unauthorized
+from Products.PythonScripts.PythonScript import manage_addPythonScript
+
+
+def addPythonScript(folder, id, params='', body=''):
+ """Add a PythonScript to folder."""
+ # clean up any 'ps' that's already here..
+ if id in folder:
+ del folder[id]
+ manage_addPythonScript(folder, id)
+ folder[id].ZPythonScript_edit(params, body)
+
+
+def checkRestricted(folder, psbody):
+ """Perform a check by running restricted Python code."""
+ addPythonScript(folder, 'ps', body=psbody)
+ try:
+ folder.ps()
+ except Unauthorized, e:
+ raise AssertionError(e)
+
+
+def checkUnauthorized(folder, psbody):
+ """Perform a check by running restricted Python code. Expect to
+ encounter an Unauthorized exception."""
+ addPythonScript(folder, 'ps', body=psbody)
+ try:
+ folder.ps()
+ except Unauthorized:
+ pass
+ else:
+ raise AssertionError("Authorized but shouldn't be")
+
+
+def test_resource_restricted_code():
+ """
+ Set up the test fixtures:
+
+ >>> import Products.Five.browser.tests
+ >>> from Zope2.App import zcml
+ >>> zcml.load_config("configure.zcml", Products.Five)
+ >>> zcml.load_config('resource.zcml', package=Products.Five.browser.tests)
+
+ >>> from Products.Five.tests.testing import manage_addFiveTraversableFolder
+ >>> manage_addFiveTraversableFolder(self.folder, 'testoid', 'Testoid')
+
+ >>> import os, glob
+ >>> _prefix = os.path.dirname(Products.Five.browser.tests.__file__)
+ >>> dir_resource_names = [os.path.basename(r) for r in (
+ ... glob.glob('%s/*.png' % _prefix) +
+ ... glob.glob('%s/*.pt' % _prefix) +
+ ... glob.glob('%s/[a-z]*.py' % _prefix) +
+ ... glob.glob('%s/*.css' % _prefix))]
+
+ >>> from Products.Five.browser.tests.test_scriptsecurity import checkRestricted
+ >>> from Products.Five.browser.tests.test_scriptsecurity import checkUnauthorized
+
+ >>> resource_names = ['cockatiel.html', 'style.css', 'pattern.png']
+
+ We should get Unauthorized as long as we're unauthenticated:
+
+ >>> for resource in resource_names:
+ ... checkUnauthorized(
+ ... self.folder,
+ ... 'context.restrictedTraverse("testoid/++resource++%s")()' % resource)
+
+ >>> base = 'testoid/++resource++fivetest_resources/%s'
+ >>> for resource in dir_resource_names:
+ ... path = base % resource
+ ... checkUnauthorized(self.folder, 'context.restrictedTraverse("%s")' % path)
+
+ Now let's create a manager user account and log in:
+
+ >>> uf = self.folder.acl_users
+ >>> uf._doAddUser('manager', 'r00t', ['Manager'], [])
+ >>> self.login('manager')
+
+ We can now view them all:
+
+ >>> for resource in resource_names:
+ ... checkRestricted(
+ ... self.folder,
+ ... 'context.restrictedTraverse("testoid/++resource++%s")()' % resource)
+
+ >>> base = 'testoid/++resource++fivetest_resources/%s'
+ >>> for resource in dir_resource_names:
+ ... path = base % resource
+ ... checkRestricted(self.folder, 'context.restrictedTraverse("%s")' % path)
+
+ Let's make sure restrictedTraverse() works directly, too. It used to get
+ tripped up on subdirectories due to missing security declarations.
+
+ >>> self.folder.restrictedTraverse('++resource++fivetest_resources/resource.txt') is not None
+ True
+
+ >>> self.folder.restrictedTraverse('++resource++fivetest_resources/resource_subdir/resource.txt') is not None
+ True
+
+ Clean up
+
+ >>> from zope.component.testing import tearDown
+ >>> tearDown()
+ """
+
+def test_view_restricted_code():
+ """
+ Let's register a quite large amount of test pages:
+
+ >>> import Products.Five.browser.tests
+ >>> from Zope2.App import zcml
+ >>> zcml.load_config("configure.zcml", Products.Five)
+ >>> zcml.load_config('pages.zcml', package=Products.Five.browser.tests)
+
+ Let's add a test object that we view most of the pages off of:
+
+ >>> from Products.Five.tests.testing.simplecontent import manage_addSimpleContent
+ >>> manage_addSimpleContent(self.folder, 'testoid', 'Testoid')
+
+ We also need to create a stub user account and login; otherwise we
+ wouldn't have all the rights to do traversal etc.:
+
+ >>> uf = self.folder.acl_users
+ >>> uf._doAddUser('manager', 'r00t', ['Manager'], [])
+ >>> self.login('manager')
+
+ >>> protected_view_names = [
+ ... 'eagle.txt', 'falcon.html', 'owl.html', 'flamingo.html',
+ ... 'condor.html', 'permission_view']
+ >>>
+ >>> public_view_names = [
+ ... 'public_attribute_page',
+ ... 'public_template_page',
+ ... 'public_template_class_page',
+ ... 'nodoc-method', 'nodoc-function', 'nodoc-object',
+ ... 'dirpage1', 'dirpage2']
+
+ >>> from Products.Five.browser.tests.test_scriptsecurity import checkRestricted
+ >>> from Products.Five.browser.tests.test_scriptsecurity import checkUnauthorized
+
+ As long as we're not authenticated, we should get Unauthorized for
+ protected views, but we should be able to view the public ones:
+
+ >>> self.logout()
+ >>> for view_name in protected_view_names:
+ ... checkUnauthorized(
+ ... self.folder,
+ ... 'context.restrictedTraverse("testoid/%s")()' % view_name)
+
+ >>> for view_name in public_view_names:
+ ... checkRestricted(
+ ... self.folder,
+ ... 'context.restrictedTraverse("testoid/%s")()' % view_name)
+ >>> self.login('manager')
+
+ Being logged in as a manager again, we find that the protected pages
+ are accessible to us:
+
+ >>> for view_name in protected_view_names:
+ ... checkRestricted(
+ ... self.folder,
+ ... 'context.restrictedTraverse("testoid/%s")()' % view_name)
+
+ >>> checkRestricted(
+ ... self.folder,
+ ... 'context.restrictedTraverse("testoid/eagle.method").eagle()')
+
+ Even when logged in though the private methods should not be accessible:
+
+ >>> checkUnauthorized( self.folder,
+ ... 'context.restrictedTraverse("testoid/eagle.method").mouse()')
+
+ Cleanup:
+
+ >>> from zope.component.testing import tearDown
+ >>> tearDown()
+ """
+
+
+def test_suite():
+ from Testing.ZopeTestCase import ZopeDocTestSuite
+ from Testing.ZopeTestCase import installProduct
+ installProduct('PythonScripts')
+ return unittest.TestSuite((
+ ZopeDocTestSuite(),
+ ))
Property changes on: Zope/trunk/src/Products/Five/browser/tests/test_scriptsecurity.py
___________________________________________________________________
Added: svn:eol-style
+ native
Deleted: Zope/trunk/src/Products/Five/tests/testing/restricted.py
===================================================================
--- Zope/trunk/src/Products/Five/tests/testing/restricted.py 2010-07-10 13:02:14 UTC (rev 114506)
+++ Zope/trunk/src/Products/Five/tests/testing/restricted.py 2010-07-10 13:05:35 UTC (rev 114507)
@@ -1,51 +0,0 @@
-##############################################################################
-#
-# Copyright (c) 2004, 2005 Zope Foundation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
-#
-##############################################################################
-"""Restricted python test helpers
-
-Based on Plone's RestrictedPythonTestCase, with kind permission by the
-Plone developers.
-"""
-
-from AccessControl import Unauthorized
-from Products.PythonScripts.PythonScript import manage_addPythonScript
-
-
-def addPythonScript(folder, id, params='', body=''):
- """Add a PythonScript to folder."""
- # clean up any 'ps' that's already here..
- if id in folder:
- del folder[id]
- manage_addPythonScript(folder, id)
- folder[id].ZPythonScript_edit(params, body)
-
-
-def checkRestricted(folder, psbody):
- """Perform a check by running restricted Python code."""
- addPythonScript(folder, 'ps', body=psbody)
- try:
- folder.ps()
- except Unauthorized, e:
- raise AssertionError(e)
-
-
-def checkUnauthorized(folder, psbody):
- """Perform a check by running restricted Python code. Expect to
- encounter an Unauthorized exception."""
- addPythonScript(folder, 'ps', body=psbody)
- try:
- folder.ps()
- except Unauthorized:
- pass
- else:
- raise AssertionError("Authorized but shouldn't be")
More information about the Zope-Checkins
mailing list