[Zope-CVS] CVS: Products/VerboseSecurity - PermissionRolePatch.py:1.2 VerboseSecurityPolicy.py:1.3

Shane Hathaway shane@cvs.zope.org
Thu, 22 Aug 2002 12:50:05 -0400


Update of /cvs-repository/Products/VerboseSecurity
In directory cvs.zope.org:/tmp/cvs-serv10018

Modified Files:
	PermissionRolePatch.py VerboseSecurityPolicy.py 
Log Message:
Added unit tests and fixed corresponding failures


=== Products/VerboseSecurity/PermissionRolePatch.py 1.1.1.1 => 1.2 ===
--- Products/VerboseSecurity/PermissionRolePatch.py:1.1.1.1	Tue Aug 20 13:09:40 2002
+++ Products/VerboseSecurity/PermissionRolePatch.py	Thu Aug 22 12:50:05 2002
@@ -32,8 +32,8 @@
         def __of__(self, parent,tt=type(()),st=type(''),getattr=getattr):
             obj=parent
             n=self._p
-            # The next line is the only code being patched.
-            # It includes the permission name in the allowable roles.
+            # The next line includes the permission name
+            # in the allowable roles.
             r = [n]
             while 1:
                 if hasattr(obj,n):
@@ -69,7 +69,8 @@
                 if obj is None: break
                 obj=obj.aq_parent
 
-            if r is None: r=self._d
+            if r is None or len(r) < 2:
+                r = self._d
 
             return r
 


=== Products/VerboseSecurity/VerboseSecurityPolicy.py 1.2 => 1.3 ===
--- Products/VerboseSecurity/VerboseSecurityPolicy.py:1.2	Wed Aug 21 15:34:06 2002
+++ Products/VerboseSecurity/VerboseSecurityPolicy.py	Thu Aug 22 12:50:05 2002
@@ -202,7 +202,8 @@
                                 "have the required permission",
                                 accessed, container, name, value, context,
                                 required_roles=roles, eo_owner=owner, eo=eo,
-                                eo_owner_roles=owner.getRolesInContext(value))
+                                eo_owner_roles=getUserRolesInContext(
+                                owner, value))
                         if accessedbase is containerbase:
                             raise Unauthorized(info)
                         return 0
@@ -258,7 +259,7 @@
                     "have the required permission" % context.user,
                     accessed, container, name, value, context,
                     required_roles=roles,
-                    user_roles=context.user.getRolesInContext(value))
+                    user_roles=getUserRolesInContext(context.user, value))
             if accessedbase is containerbase:
                 raise Unauthorized(info)
 
@@ -346,13 +347,21 @@
     return _last_messages.get(get_ident())
 
 
+def getUserRolesInContext(user, context):
+    """Returns user roles for a context."""
+    if hasattr(aq_base(user), 'getRolesInContext'):
+        return user.getRolesInContext(context)
+    else:
+        return ()
+
+
 def userHasRolesButNotInContext(user, object, object_roles):
     '''Returns 1 if the user has any of the listed roles but
     is not defined in a context which is not an ancestor of object.
     '''
     if object_roles is None or 'Anonymous' in object_roles:
         return 0
-    usr_roles=user.getRolesInContext(object)
+    usr_roles = getUserRolesInContext(user, object)
     for role in object_roles:
         if role in usr_roles:
             # User has the roles.