[Zope-dev] Security Testing
Stefan H. Holek
stefan@epy.co.at
Mon, 14 Oct 2002 17:50:14 +0200
Chris!
You might want to take a look at my ZopeTestCase package. It supports Zope
security testing with users, roles, permissions and all.
<http://www.zope.org/Members/shh/ZopeTestCase/>
Also see the tests coming with the ReplaceSupport and DocFinderEverywhere
products. In essence restrictedTraverse() will work. Alternatively you
could call getSecurityManager().validate() or .validateValue() directly.
HTH,
Stefan
--On Montag, 14. Oktober 2002 15:49 +0100 Chris Withers <chrisw@nipltd.com>
wrote:
> Hi,
>
> I'd like to build a suite of security tests for a product I'm writing
> using unittest.py.
>
> Is this possible?
>
> I thought about using newSecurityManager with various known users, and
> restrictedTraverse to get to the appropriate methods, but then how do I
> test if those methods are callable?
>
> cheers,
>
> Chris
>
> PS: How is all this being tackled in Zope 3?
--
Those who write software only for pay should go hurt some other field.
/Erik Naggum/