[Zope-CVS] CVS: Products/PluggableAuthService/tests -
test_PluggableAuthService.py:1.12.2.1
Zachery Bir
zbir at urbanape.com
Fri Oct 8 10:24:16 EDT 2004
Update of /cvs-repository/Products/PluggableAuthService/tests
In directory cvs.zope.org:/tmp/cvs-serv22028
Modified Files:
Tag: pre-1_0_3-zbir-challenge-branch
test_PluggableAuthService.py
Log Message:
[on Zac's branch]
Changes to the challenge mechanism required rewriting some of the tests
=== Products/PluggableAuthService/tests/test_PluggableAuthService.py 1.12 => 1.12.2.1 ===
--- Products/PluggableAuthService/tests/test_PluggableAuthService.py:1.12 Thu Oct 7 14:37:01 2004
+++ Products/PluggableAuthService/tests/test_PluggableAuthService.py Fri Oct 8 10:24:16 2004
@@ -101,6 +101,13 @@
def challenge(self, request, response):
# Mark on the faux response that we have seen it:
response.challenger = self
+ return True
+
+class DummyBadChallenger( DummyPlugin ):
+
+ def challenge(self, request, response):
+ # We don't play here.
+ return False
class FauxRequest:
@@ -126,6 +133,9 @@
self._dict[ key ] = value
+ def _hold(self, something):
+ pass
+
class FauxNotFoundError( Exception ):
pass
@@ -139,12 +149,16 @@
raise FauxNotFoundError, message
def _unauthorized(self):
- pass
+ self.challenger = self
def unauthorized(self):
self._unauthorized()
raise Unauthorized, 'You can not do this!'
+ def exception(self):
+ self._unauthorized()
+ return "An error has occurred."
+
class FauxObject( Implicit ):
def __init__( self, id=None ):
@@ -339,7 +353,7 @@
directlyProvides( gp, (IGroupsPlugin,) )
return gp
- def _makeChallengePlugin(self, id, groups=()):
+ def _makeChallengePlugin(self, id):
from Products.PluggableAuthService.interfaces.plugins \
import IChallengePlugin
@@ -347,6 +361,14 @@
directlyProvides( cp, (IChallengePlugin,) )
return cp
+ def _makeBadChallengePlugin(self, id):
+ from Products.PluggableAuthService.interfaces.plugins \
+ import IChallengePlugin
+
+ cp = DummyBadChallenger(id)
+ directlyProvides( cp, (IChallengePlugin,) )
+ return cp
+
def test_conformance_IUserFolder( self ):
from Products.PluggableAuthService.interfaces.authservice \
@@ -1544,6 +1566,24 @@
, exact_match=True ) ) == 1 )
+ def test_no_challenger(self):
+ # make sure that the response's _unauthorized gets propogated
+ # if no challengers exist (or have fired)
+ plugins = self._makePlugins()
+ zcuf = self._makeOne(plugins)
+ response = FauxResponse()
+ request = FauxRequest(RESPONSE=response)
+ zcuf.REQUEST = request
+
+ # First call the userfolders before_traverse hook, to set things up:
+ zcuf(self, request)
+ # Call unauthorized to make sure Unauthorized is raised.
+ self.failUnlessRaises( Unauthorized, response.unauthorized)
+ # Since no challengers are in play, we end up calling
+ # response._unauthorized(), which sets '.challenger' on
+ # response
+ self.failUnless(isinstance(response.challenger, FauxResponse))
+
def test_challenge( self ):
from Products.PluggableAuthService.interfaces.plugins \
import IChallengePlugin
@@ -1551,6 +1591,9 @@
zcuf = self._makeOne( plugins )
challenger = self._makeChallengePlugin('challenger')
zcuf._setObject( 'challenger', challenger )
+ plugins = zcuf._getOb( 'plugins' )
+ plugins.activatePlugin( IChallengePlugin, 'challenger' )
+
response = FauxResponse()
request = FauxRequest(RESPONSE=response)
zcuf.REQUEST = request
@@ -1559,16 +1602,45 @@
zcuf(self, request)
# Call unauthorized to make sure Unauthorized is raised.
self.failUnlessRaises( Unauthorized, response.unauthorized)
- # Enable the plugin
- plugins = zcuf._getOb( 'plugins' )
- plugins.activatePlugin( IChallengePlugin, 'challenger' )
+ # Since we have one challenger in play, we end up calling
+ # PluggableAuthService._unauthorized(), which allows the
+ # challengers to play. DummyChallenger sets '.challenger' on
+ # response
+ self.failUnless(isinstance(response.challenger, DummyChallenger))
+
+ def test_daisy_chain_challenge(self):
+ # make sure that nested PASes each get a chance to challenge a
+ # given response
+ from Products.PluggableAuthService.interfaces.plugins \
+ import IChallengePlugin
+ rc, root, folder, object = self._makeTree()
+ plugins = self._makePlugins()
+ zcuf = self._makeOne(plugins)
+ root._setObject( 'acl_users', zcuf )
+ challenger = self._makeChallengePlugin('challenger')
+ zcuf._setObject( 'challenger', challenger )
+ zcuf.plugins.activatePlugin( IChallengePlugin, 'challenger' )
+
+ inner_plugins = self._makePlugins()
+ inner_zcuf = self._makeOne(inner_plugins)
+ folder._setObject( 'acl_users', zcuf)
+ bad_challenger = self._makeBadChallengePlugin('bad_challenger')
+ inner_zcuf._setObject( 'bad_challenger', bad_challenger )
+ inner_zcuf.plugins.activatePlugin( IChallengePlugin, 'bad_challenger' )
- # Fake Zopes exception trap.
- try:
- response.unauthorized()
- except Unauthorized:
- response.exception()
- self.failUnless(isinstance(response.challenger, DummyChallenger))
+ response = FauxResponse()
+ request = FauxRequest(RESPONSE=response)
+ inner_zcuf.REQUEST = request
+
+ # First call the userfolders before_traverse hook, to set things up:
+ inner_zcuf(self, request)
+ # Call unauthorized to make sure Unauthorized is raised.
+ self.failUnlessRaises( Unauthorized, response.unauthorized)
+ # Since we have two challengers in play, we end up calling
+ # PluggableAuthService._unauthorized(), which allows the
+ # challengers to play. DummyChallenger sets '.challenger' on
+ # response
+ self.failUnless(isinstance(response.challenger, DummyChallenger))
if __name__ == "__main__":
More information about the Zope-CVS
mailing list