[Zope3-checkins] CVS: Zope3/src/zope/app/security/grants/tests - __init__.py:1.2 test_annotationprincipalpermissionmanager.py:1.2 test_annotationprincipalrolemanager.py:1.2 test_annotationrolepermissionmanager.py:1.2 test_localsecuritymap.py:1.2 test_persistentlocalsecuritymap.py:1.2 test_principalpermissionmanager.py:1.2 test_principalrolemanager.py:1.2 test_rolepermissionmanager.py:1.2
Jim Fulton
jim@zope.com
Wed, 25 Dec 2002 09:13:48 -0500
Update of /cvs-repository/Zope3/src/zope/app/security/grants/tests
In directory cvs.zope.org:/tmp/cvs-serv15352/src/zope/app/security/grants/tests
Added Files:
__init__.py test_annotationprincipalpermissionmanager.py
test_annotationprincipalrolemanager.py
test_annotationrolepermissionmanager.py
test_localsecuritymap.py test_persistentlocalsecuritymap.py
test_principalpermissionmanager.py
test_principalrolemanager.py test_rolepermissionmanager.py
Log Message:
Grand renaming:
- Renamed most files (especially python modules) to lower case.
- Moved views and interfaces into separate hierarchies within each
project, where each top-level directory under the zope package
is a separate project.
- Moved everything to src from lib/python.
lib/python will eventually go away. I need access to the cvs
repository to make this happen, however.
There are probably some bits that are broken. All tests pass
and zope runs, but I haven't tried everything. There are a number
of cleanups I'll work on tomorrow.
=== Zope3/src/zope/app/security/grants/tests/__init__.py 1.1 => 1.2 ===
--- /dev/null Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/grants/tests/__init__.py Wed Dec 25 09:13:17 2002
@@ -0,0 +1,2 @@
+#
+# This file is necessary to make this directory a package.
=== Zope3/src/zope/app/security/grants/tests/test_annotationprincipalpermissionmanager.py 1.1 => 1.2 ===
--- /dev/null Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/grants/tests/test_annotationprincipalpermissionmanager.py Wed Dec 25 09:13:17 2002
@@ -0,0 +1,148 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Test handler for AnnotationPrincipalPermissionManager module."""
+
+import sys
+import unittest
+
+from zope.app.interfaces.annotation import IAttributeAnnotatable
+from zope.component import getService
+from zope.app.interfaces.annotation import IAnnotations
+from zope.app.attributeannotations import AttributeAnnotations
+from zope.app.security.registries.permissionregistry \
+ import permissionRegistry as permregistry
+from zope.app.security.registries.principalregistry \
+ import principalRegistry as prinregistry
+from zope.app.security.grants.annotationprincipalpermissionmanager \
+ import AnnotationPrincipalPermissionManager
+from zope.app.security.settings import Allow, Deny, Unset
+from zope.app.tests.placelesssetup import PlacelessSetup
+
+class Manageable:
+ __implements__ = IAttributeAnnotatable
+
+class Test(PlacelessSetup, unittest.TestCase):
+
+ def setUp(self):
+ PlacelessSetup.setUp(self)
+ getService(None,"Adapters").provideAdapter(
+ IAttributeAnnotatable, IAnnotations,
+ AttributeAnnotations)
+
+ def _make_principal(self, id=None, title=None):
+ p = prinregistry.definePrincipal(
+ id or 'APrincipal',
+ title or 'A Principal',
+ login = id or 'APrincipal')
+ return p.getId()
+
+ def testUnboundPrincipalPermission(self):
+ manager = AnnotationPrincipalPermissionManager(Manageable())
+ permission = permregistry.definePermission('APerm', 'title')
+ permission = permission.getId()
+ principal = self._make_principal()
+ self.assertEqual(manager.getPrincipalsForPermission(permission), [])
+ self.assertEqual(manager.getPermissionsForPrincipal(principal), [])
+
+ def testPrincipalPermission(self):
+ manager = AnnotationPrincipalPermissionManager(Manageable())
+ permission = permregistry.definePermission('APerm', 'title')
+ permission = permission.getId()
+ principal = self._make_principal()
+
+ # check that an allow permission is saved correctly
+ manager.grantPermissionToPrincipal(permission, principal)
+ self.assertEqual(manager.getPrincipalsForPermission(permission),
+ [(principal, Allow)])
+ self.assertEqual(manager.getPermissionsForPrincipal(principal),
+ [(permission, Allow)])
+
+ # check that the allow permission is removed.
+ manager.unsetPermissionForPrincipal(permission, principal)
+ self.assertEqual(manager.getPrincipalsForPermission(permission), [])
+ self.assertEqual(manager.getPermissionsForPrincipal(principal), [])
+
+ # now put a deny in there, check it's set.
+ manager.denyPermissionToPrincipal(permission, principal)
+ self.assertEqual(manager.getPrincipalsForPermission(permission),
+ [(principal, Deny)])
+ self.assertEqual(manager.getPermissionsForPrincipal(principal),
+ [(permission, Deny)])
+
+ # test for deny followed by allow . The latter should override.
+ manager.grantPermissionToPrincipal(permission, principal)
+ self.assertEqual(manager.getPrincipalsForPermission(permission),
+ [(principal, Allow)])
+ self.assertEqual(manager.getPermissionsForPrincipal(principal),
+ [(permission, Allow)])
+
+ # check that allow followed by allow is just a single allow.
+ manager.grantPermissionToPrincipal(permission, principal)
+ self.assertEqual(manager.getPrincipalsForPermission(permission),
+ [(principal, Allow)])
+ self.assertEqual(manager.getPermissionsForPrincipal(principal),
+ [(permission, Allow)])
+
+ # check that two unsets in a row quietly ignores the second one.
+ manager.unsetPermissionForPrincipal(permission, principal)
+ manager.unsetPermissionForPrincipal(permission, principal)
+ self.assertEqual(manager.getPrincipalsForPermission(permission), [])
+ self.assertEqual(manager.getPermissionsForPrincipal(principal), [])
+
+ # check the result of getSetting() when it's empty.
+ self.assertEqual(manager.getSetting(permission, principal), Unset)
+
+ # check the result of getSetting() when it's allowed.
+ manager.grantPermissionToPrincipal(permission, principal)
+ self.assertEqual(manager.getSetting(permission, principal), Allow)
+
+ # check the result of getSetting() when it's denied.
+ manager.denyPermissionToPrincipal(permission, principal)
+ self.assertEqual(manager.getSetting(permission, principal), Deny)
+
+ def testManyPermissionsOnePrincipal(self):
+ manager = AnnotationPrincipalPermissionManager(Manageable())
+ perm1 = permregistry.definePermission('Perm One', 'title').getId()
+ perm2 = permregistry.definePermission('Perm Two', 'title').getId()
+ prin1 = self._make_principal()
+ manager.grantPermissionToPrincipal(perm1, prin1)
+ manager.grantPermissionToPrincipal(perm2, prin1)
+ perms = manager.getPermissionsForPrincipal(prin1)
+ self.assertEqual(len(perms), 2)
+ self.failUnless((perm1,Allow) in perms)
+ self.failUnless((perm2,Allow) in perms)
+ manager.denyPermissionToPrincipal(perm2, prin1)
+ perms = manager.getPermissionsForPrincipal(prin1)
+ self.assertEqual(len(perms), 2)
+ self.failUnless((perm1,Allow) in perms)
+ self.failUnless((perm2,Deny) in perms)
+
+ def testManyPrincipalsOnePermission(self):
+ manager = AnnotationPrincipalPermissionManager(Manageable())
+ perm1 = permregistry.definePermission('Perm One', 'title').getId()
+ prin1 = self._make_principal()
+ prin2 = self._make_principal('Principal 2', 'Principal Two')
+ manager.grantPermissionToPrincipal(perm1, prin1)
+ manager.denyPermissionToPrincipal(perm1, prin2)
+ principals = manager.getPrincipalsForPermission(perm1)
+ self.assertEqual(len(principals), 2)
+ self.failUnless((prin1,Allow) in principals)
+ self.failUnless((prin2,Deny) in principals)
+
+def test_suite():
+ loader=unittest.TestLoader()
+ return loader.loadTestsFromTestCase(Test)
+
+if __name__=='__main__':
+ unittest.TextTestRunner().run(test_suite())
=== Zope3/src/zope/app/security/grants/tests/test_annotationprincipalrolemanager.py 1.1 => 1.2 ===
--- /dev/null Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/grants/tests/test_annotationprincipalrolemanager.py Wed Dec 25 09:13:17 2002
@@ -0,0 +1,136 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Test handler for PrincipalRoleManager module."""
+
+import sys
+import unittest
+
+from zope.app.interfaces.annotation import IAttributeAnnotatable
+from zope.component import getService
+from zope.app.interfaces.annotation import IAnnotations
+from zope.app.attributeannotations import AttributeAnnotations
+from zope.app.security.registries.roleregistry import roleRegistry as rregistry
+from zope.app.security.registries.principalregistry \
+ import principalRegistry as pregistry
+from zope.app.security.grants.annotationprincipalrolemanager \
+ import AnnotationPrincipalRoleManager
+from zope.app.security.settings import Allow, Deny
+from zope.app.services.tests.placefulsetup \
+ import PlacefulSetup
+
+class Manageable:
+ __implements__ = IAttributeAnnotatable
+
+class Test(PlacefulSetup, unittest.TestCase):
+
+ def setUp(self):
+ PlacefulSetup.setUp(self)
+ getService(None, "Adapters").provideAdapter(
+ IAttributeAnnotatable, IAnnotations,
+ AttributeAnnotations)
+
+ def _make_principal(self, id=None, title=None):
+ p = pregistry.definePrincipal(
+ id or 'APrincipal',
+ title or 'A Principal',
+ login = id or 'APrincipal')
+ return p.getId()
+
+ def testUnboundPrincipalRole(self):
+ principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
+ role = rregistry.defineRole('ARole', 'A Role').getId()
+ principal = self._make_principal()
+ self.assertEqual(principalRoleManager.getPrincipalsForRole(role), [])
+ self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
+ [])
+
+ def testPrincipalRoleAllow(self):
+ principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
+ role = rregistry.defineRole('ARole', 'A Role').getId()
+ principal = self._make_principal()
+ principalRoleManager.assignRoleToPrincipal(role, principal)
+ self.assertEqual(principalRoleManager.getPrincipalsForRole(role),
+ [(principal, Allow)])
+ self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
+ [(role, Allow)])
+
+ def testPrincipalRoleDeny(self):
+ principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
+ role = rregistry.defineRole('ARole', 'A Role').getId()
+ principal = self._make_principal()
+ principalRoleManager.removeRoleFromPrincipal(role, principal)
+ self.assertEqual(principalRoleManager.getPrincipalsForRole(role),
+ [(principal, Deny)])
+ self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
+ [(role, Deny)])
+
+ def testPrincipalRoleUnset(self):
+ principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
+ role = rregistry.defineRole('ARole', 'A Role').getId()
+ principal = self._make_principal()
+ principalRoleManager.removeRoleFromPrincipal(role, principal)
+ principalRoleManager.unsetRoleForPrincipal(role, principal)
+ self.assertEqual(principalRoleManager.getPrincipalsForRole(role),
+ [])
+ self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
+ [])
+
+ def testManyRolesOnePrincipal(self):
+ principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
+ role1 = rregistry.defineRole('Role One', 'Role #1').getId()
+ role2 = rregistry.defineRole('Role Two', 'Role #2').getId()
+ prin1 = self._make_principal()
+ principalRoleManager.assignRoleToPrincipal(role1, prin1)
+ principalRoleManager.assignRoleToPrincipal(role2, prin1)
+ roles = principalRoleManager.getRolesForPrincipal(prin1)
+ self.assertEqual(len(roles), 2)
+ self.failUnless((role1, Allow) in roles)
+ self.failUnless((role2, Allow) in roles)
+
+ def testManyPrincipalsOneRole(self):
+ principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
+ role1 = rregistry.defineRole('Role One', 'Role #1').getId()
+ prin1 = self._make_principal()
+ prin2 = self._make_principal('Principal 2', 'Principal Two')
+ principalRoleManager.assignRoleToPrincipal(role1, prin1)
+ principalRoleManager.assignRoleToPrincipal(role1, prin2)
+ principals = principalRoleManager.getPrincipalsForRole(role1)
+ self.assertEqual(len(principals), 2)
+ self.failUnless((prin1, Allow) in principals)
+ self.failUnless((prin2, Allow) in principals)
+
+ def testPrincipalsAndRoles(self):
+ principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
+ principalsAndRoles = principalRoleManager.getPrincipalsAndRoles()
+ self.assertEqual(len(principalsAndRoles), 0)
+ role1 = rregistry.defineRole('Role One', 'Role #1').getId()
+ role2 = rregistry.defineRole('Role Two', 'Role #2').getId()
+ prin1 = self._make_principal()
+ prin2 = self._make_principal('Principal 2', 'Principal Two')
+ principalRoleManager.assignRoleToPrincipal(role1, prin1)
+ principalRoleManager.assignRoleToPrincipal(role1, prin2)
+ principalRoleManager.assignRoleToPrincipal(role2, prin1)
+ principalsAndRoles = principalRoleManager.getPrincipalsAndRoles()
+ self.assertEqual(len(principalsAndRoles), 3)
+ self.failUnless((role1, prin1, Allow) in principalsAndRoles)
+ self.failUnless((role1, prin2, Allow) in principalsAndRoles)
+ self.failUnless((role2, prin1, Allow) in principalsAndRoles)
+
+
+def test_suite():
+ loader=unittest.TestLoader()
+ return loader.loadTestsFromTestCase(Test)
+
+if __name__=='__main__':
+ unittest.TextTestRunner().run(test_suite())
=== Zope3/src/zope/app/security/grants/tests/test_annotationrolepermissionmanager.py 1.1 => 1.2 ===
--- /dev/null Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/grants/tests/test_annotationrolepermissionmanager.py Wed Dec 25 09:13:17 2002
@@ -0,0 +1,98 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+from zope.app.security.grants.annotationrolepermissionmanager \
+ import AnnotationRolePermissionManager
+from zope.app.interfaces.annotation import IAttributeAnnotatable
+from zope.app.interfaces.annotation import IAnnotations
+from zope.app.attributeannotations import AttributeAnnotations
+from zope.component \
+ import getServiceManager, getService
+from zope.app.interfaces.security import IRoleService
+from zope.app.interfaces.security import IPermissionService
+from zope.app.security.registries.roleregistry import roleRegistry
+from zope.app.security.registries.permissionregistry import permissionRegistry
+from zope.app.security.settings import Allow, Deny
+from zope.app.services.tests.placefulsetup \
+ import PlacefulSetup
+
+import unittest, sys
+
+class Manageable:
+ __implements__ = IAttributeAnnotatable
+
+class Test(PlacefulSetup, unittest.TestCase):
+
+ def setUp(self):
+ PlacefulSetup.setUp(self)
+ defineService=getServiceManager(None).defineService
+ provideService=getServiceManager(None).provideService
+ defineService('Roles', IRoleService)
+ defineService('Permissions', IPermissionService)
+ provideService('Roles', roleRegistry)
+ provideService('Permissions', permissionRegistry)
+ provideAdapter=getService(None,"Adapters").provideAdapter
+ provideAdapter(IAttributeAnnotatable, IAnnotations,
+ AttributeAnnotations)
+
+ read = permissionRegistry.definePermission('read', 'Read Something')
+ self.read = read.getId()
+
+ write = permissionRegistry.definePermission('write', 'Write Something')
+ self.write = write.getId()
+
+ peon = roleRegistry.defineRole('peon', 'Poor Slob')
+ self.peon = peon.getId()
+
+ manager = roleRegistry.defineRole('manager', 'Supreme Being')
+ self.manager = manager.getId()
+
+ def testNormal(self):
+ obj = Manageable()
+ mgr = AnnotationRolePermissionManager(obj)
+ mgr.grantPermissionToRole(self.read,self.manager)
+ mgr.grantPermissionToRole(self.write,self.manager)
+ mgr.grantPermissionToRole(self.write,self.manager)
+
+ mgr.grantPermissionToRole(self.read,self.peon)
+
+ l = list(mgr.getPermissionsForRole(self.manager))
+ self.failUnless( (self.read, Allow) in l )
+ self.failUnless( (self.write, Allow) in l )
+
+ l = list(mgr.getPermissionsForRole(self.peon))
+ self.failUnless( [(self.read, Allow)] == l )
+
+ l = list(mgr.getRolesForPermission(self.read))
+ self.failUnless( (self.manager, Allow) in l )
+ self.failUnless( (self.peon, Allow) in l )
+
+ l = list(mgr.getRolesForPermission(self.write))
+ self.assertEqual(l, [ (self.manager, Allow) ] )
+
+ mgr.denyPermissionToRole(self.read, self.peon)
+ l = list(mgr.getPermissionsForRole(self.peon))
+ self.assertEqual(l, [(self.read, Deny)] )
+
+ mgr.unsetPermissionFromRole(self.read, self.peon)
+
+ l = list(mgr.getRolesForPermission(self.read))
+ self.assertEqual(l, [ (self.manager, Allow) ] )
+
+
+def test_suite():
+ loader=unittest.TestLoader()
+ return loader.loadTestsFromTestCase(Test)
+
+if __name__=='__main__':
+ unittest.TextTestRunner().run(test_suite())
=== Zope3/src/zope/app/security/grants/tests/test_localsecuritymap.py 1.1 => 1.2 ===
--- /dev/null Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/grants/tests/test_localsecuritymap.py Wed Dec 25 09:13:17 2002
@@ -0,0 +1,30 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+#############################################################################
+import unittest
+from zope.interface.verify import verifyClass
+from zope.app.interfaces.security.grants.localsecuritymap import ILocalSecurityMap
+from zope.app.security.grants.localsecuritymap import LocalSecurityMap
+
+class TestLocalSecurityMap(unittest.TestCase):
+
+ def testInterface(self):
+ verifyClass(ILocalSecurityMap, LocalSecurityMap)
+
+
+def test_suite():
+ loader = unittest.TestLoader()
+ return loader.loadTestsFromTestCase(TestLocalSecurityMap)
+
+if __name__ == '__main__':
+ unittest.main()
=== Zope3/src/zope/app/security/grants/tests/test_persistentlocalsecuritymap.py 1.1 => 1.2 ===
--- /dev/null Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/grants/tests/test_persistentlocalsecuritymap.py Wed Dec 25 09:13:17 2002
@@ -0,0 +1,34 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+#############################################################################
+import unittest
+from zope.interface.verify import verifyClass
+from zope.app.interfaces.security.grants.localsecuritymap import ILocalSecurityMap
+from zope.app.security.grants.persistentlocalsecuritymap import PersistentLocalSecurityMap
+from zope.app.security.grants.tests.test_localsecuritymap import \
+ TestLocalSecurityMap
+
+class TestPersistentLocalSecurityMap(TestLocalSecurityMap):
+
+ def testInterface(self):
+ verifyClass(ILocalSecurityMap, PersistentLocalSecurityMap)
+
+ # XXX test persistence...
+
+
+def test_suite():
+ loader = unittest.TestLoader()
+ return loader.loadTestsFromTestCase(TestPersistentLocalSecurityMap)
+
+if __name__ == '__main__':
+ unittest.main()
=== Zope3/src/zope/app/security/grants/tests/test_principalpermissionmanager.py 1.1 => 1.2 ===
--- /dev/null Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/grants/tests/test_principalpermissionmanager.py Wed Dec 25 09:13:17 2002
@@ -0,0 +1,123 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Test handler for PrincipalPermissionManager module."""
+
+import sys
+import unittest
+
+from zope.app.security.registries.permissionregistry \
+ import permissionRegistry as permregistry
+from zope.app.security.registries.principalregistry \
+ import principalRegistry as prinregistry
+from zope.app.security.grants.principalpermissionmanager \
+ import principalPermissionManager as manager
+from zope.app.security.settings import Allow, Deny, Unset
+from zope.testing.cleanup import CleanUp # Base class w registry cleanup
+
+class Test(CleanUp, unittest.TestCase):
+
+ def _make_principal(self, id=None, title=None):
+ p = prinregistry.definePrincipal(
+ id or 'APrincipal',
+ title or 'A Principal',
+ login = id or 'APrincipal')
+ return p.getId()
+
+ def testUnboundPrincipalPermission(self):
+ permission = permregistry.definePermission('APerm', 'title').getId()
+ principal = self._make_principal()
+ self.assertEqual(manager.getPrincipalsForPermission(permission), [])
+ self.assertEqual(manager.getPermissionsForPrincipal(principal), [])
+
+ def testPrincipalPermission(self):
+ permission = permregistry.definePermission('APerm', 'title').getId()
+ principal = self._make_principal()
+ # check that an allow permission is saved correctly
+ manager.grantPermissionToPrincipal(permission, principal)
+ self.assertEqual(manager.getPrincipalsForPermission(permission),
+ [(principal, Allow)])
+ self.assertEqual(manager.getPermissionsForPrincipal(principal),
+ [(permission, Allow)])
+ # check that the allow permission is removed.
+ manager.unsetPermissionForPrincipal(permission, principal)
+ self.assertEqual(manager.getPrincipalsForPermission(permission), [])
+ self.assertEqual(manager.getPermissionsForPrincipal(principal), [])
+ # now put a deny in there, check it's set.
+ manager.denyPermissionToPrincipal(permission, principal)
+ self.assertEqual(manager.getPrincipalsForPermission(permission),
+ [(principal, Deny)])
+ self.assertEqual(manager.getPermissionsForPrincipal(principal),
+ [(permission, Deny)])
+ # test for deny followed by allow . The latter should override.
+ manager.grantPermissionToPrincipal(permission, principal)
+ self.assertEqual(manager.getPrincipalsForPermission(permission),
+ [(principal, Allow)])
+ self.assertEqual(manager.getPermissionsForPrincipal(principal),
+ [(permission, Allow)])
+ # check that allow followed by allow is just a single allow.
+ manager.grantPermissionToPrincipal(permission, principal)
+ self.assertEqual(manager.getPrincipalsForPermission(permission),
+ [(principal, Allow)])
+ self.assertEqual(manager.getPermissionsForPrincipal(principal),
+ [(permission, Allow)])
+ # check that two unsets in a row quietly ignores the second one.
+ manager.unsetPermissionForPrincipal(permission, principal)
+ manager.unsetPermissionForPrincipal(permission, principal)
+ self.assertEqual(manager.getPrincipalsForPermission(permission), [])
+ self.assertEqual(manager.getPermissionsForPrincipal(principal), [])
+ # check the result of getSetting() when it's empty.
+ self.assertEqual(manager.getSetting(permission, principal), Unset)
+ # check the result of getSetting() when it's allowed.
+ manager.grantPermissionToPrincipal(permission, principal)
+ self.assertEqual(manager.getSetting(permission, principal), Allow)
+ # check the result of getSetting() when it's denied.
+ manager.denyPermissionToPrincipal(permission, principal)
+ self.assertEqual(manager.getSetting(permission, principal), Deny)
+
+ def testManyPermissionsOnePrincipal(self):
+ perm1 = permregistry.definePermission('Perm One', 'title').getId()
+ perm2 = permregistry.definePermission('Perm Two', 'title').getId()
+ prin1 = self._make_principal()
+ manager.grantPermissionToPrincipal(perm1, prin1)
+ manager.grantPermissionToPrincipal(perm2, prin1)
+ perms = manager.getPermissionsForPrincipal(prin1)
+ self.assertEqual(len(perms), 2)
+ self.failUnless((perm1,Allow) in perms)
+ self.failUnless((perm2,Allow) in perms)
+ manager.denyPermissionToPrincipal(perm2, prin1)
+ perms = manager.getPermissionsForPrincipal(prin1)
+ self.assertEqual(len(perms), 2)
+ self.failUnless((perm1,Allow) in perms)
+ self.failUnless((perm2,Deny) in perms)
+ perms = manager.getPrincipalsAndPermissions()
+ self.failUnless((perm1,prin1,Allow) in perms)
+ self.failUnless((perm2,prin1,Deny) in perms)
+
+ def testManyPrincipalsOnePermission(self):
+ perm1 = permregistry.definePermission('Perm One', 'title').getId()
+ prin1 = self._make_principal()
+ prin2 = self._make_principal('Principal 2', 'Principal Two')
+ manager.grantPermissionToPrincipal(perm1, prin1)
+ manager.denyPermissionToPrincipal(perm1, prin2)
+ principals = manager.getPrincipalsForPermission(perm1)
+ self.assertEqual(len(principals), 2)
+ self.failUnless((prin1,Allow) in principals)
+ self.failUnless((prin2,Deny) in principals)
+
+def test_suite():
+ loader=unittest.TestLoader()
+ return loader.loadTestsFromTestCase(Test)
+
+if __name__=='__main__':
+ unittest.TextTestRunner().run(test_suite())
=== Zope3/src/zope/app/security/grants/tests/test_principalrolemanager.py 1.1 => 1.2 ===
--- /dev/null Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/grants/tests/test_principalrolemanager.py Wed Dec 25 09:13:17 2002
@@ -0,0 +1,113 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Test handler for PrincipalRoleManager module."""
+
+import sys
+import unittest
+
+from zope.app.security.registries.roleregistry \
+ import roleRegistry as rregistry
+from zope.app.security.registries.principalregistry \
+ import principalRegistry as pregistry
+from zope.app.security.grants.principalrolemanager \
+ import principalRoleManager
+from zope.app.security.settings import Allow, Deny
+from zope.testing.cleanup import CleanUp # Base class w registry cleanup
+
+class Test(CleanUp, unittest.TestCase):
+
+ def _make_principal(self, id=None, title=None):
+ p = pregistry.definePrincipal(
+ id or 'APrincipal',
+ title or 'A Principal',
+ login = id or 'APrincipal')
+ return p.getId()
+
+ def testUnboundPrincipalRole(self):
+ role = rregistry.defineRole('ARole', 'A Role').getId()
+ principal = self._make_principal()
+ self.assertEqual(principalRoleManager.getPrincipalsForRole(role), [])
+ self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
+ [])
+
+ def testPrincipalRoleAllow(self):
+ role = rregistry.defineRole('ARole', 'A Role').getId()
+ principal = self._make_principal()
+ principalRoleManager.assignRoleToPrincipal(role, principal)
+ self.assertEqual(principalRoleManager.getPrincipalsForRole(role),
+ [(principal, Allow)])
+ self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
+ [(role, Allow)])
+
+ def testPrincipalRoleDeny(self):
+ role = rregistry.defineRole('ARole', 'A Role').getId()
+ principal = self._make_principal()
+ principalRoleManager.removeRoleFromPrincipal(role, principal)
+ self.assertEqual(principalRoleManager.getPrincipalsForRole(role),
+ [(principal, Deny)])
+ self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
+ [(role, Deny)])
+
+ def testPrincipalRoleUnset(self):
+ role = rregistry.defineRole('ARole', 'A Role').getId()
+ principal = self._make_principal()
+ principalRoleManager.removeRoleFromPrincipal(role, principal)
+ principalRoleManager.unsetRoleForPrincipal(role, principal)
+ self.assertEqual(principalRoleManager.getPrincipalsForRole(role),
+ [])
+ self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
+ [])
+
+ def testManyRolesOnePrincipal(self):
+ role1 = rregistry.defineRole('Role One', 'Role #1').getId()
+ role2 = rregistry.defineRole('Role Two', 'Role #2').getId()
+ prin1 = self._make_principal()
+ principalRoleManager.assignRoleToPrincipal(role1, prin1)
+ principalRoleManager.assignRoleToPrincipal(role2, prin1)
+ roles = principalRoleManager.getRolesForPrincipal(prin1)
+ self.assertEqual(len(roles), 2)
+ self.failUnless((role1, Allow) in roles)
+ self.failUnless((role2, Allow) in roles)
+
+ def testManyPrincipalsOneRole(self):
+ role1 = rregistry.defineRole('Role One', 'Role #1').getId()
+ prin1 = self._make_principal()
+ prin2 = self._make_principal('Principal 2', 'Principal Two')
+ principalRoleManager.assignRoleToPrincipal(role1, prin1)
+ principalRoleManager.assignRoleToPrincipal(role1, prin2)
+ principals = principalRoleManager.getPrincipalsForRole(role1)
+ self.assertEqual(len(principals), 2)
+ self.failUnless((prin1, Allow) in principals)
+ self.failUnless((prin2, Allow) in principals)
+
+ def testPrincipalsAndRoles(self):
+ role1 = rregistry.defineRole('Role One', 'Role #1').getId()
+ role2 = rregistry.defineRole('Role Two', 'Role #2').getId()
+ prin1 = self._make_principal()
+ prin2 = self._make_principal('Principal 2', 'Principal Two')
+ principalRoleManager.assignRoleToPrincipal(role1, prin1)
+ principalRoleManager.assignRoleToPrincipal(role1, prin2)
+ principalRoleManager.assignRoleToPrincipal(role2, prin1)
+ principalsAndRoles = principalRoleManager.getPrincipalsAndRoles()
+ self.assertEqual(len(principalsAndRoles), 3)
+ self.failUnless((role1, prin1, Allow) in principalsAndRoles)
+ self.failUnless((role1, prin2, Allow) in principalsAndRoles)
+ self.failUnless((role2, prin1, Allow) in principalsAndRoles)
+
+def test_suite():
+ loader=unittest.TestLoader()
+ return loader.loadTestsFromTestCase(Test)
+
+if __name__=='__main__':
+ unittest.TextTestRunner().run(test_suite())
=== Zope3/src/zope/app/security/grants/tests/test_rolepermissionmanager.py 1.1 => 1.2 ===
--- /dev/null Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/grants/tests/test_rolepermissionmanager.py Wed Dec 25 09:13:17 2002
@@ -0,0 +1,92 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Test handler for RolePermissionManager module."""
+
+import sys
+import unittest
+
+from zope.app.security.registries.permissionregistry \
+ import permissionRegistry as pregistry
+from zope.app.security.registries.roleregistry \
+ import roleRegistry as rregistry
+from zope.app.security.grants.rolepermissionmanager \
+ import rolePermissionManager as manager
+from zope.app.security.settings \
+ import Allow, Deny, Unset
+from zope.testing.cleanup import CleanUp # Base class w registry cleanup
+
+class Test(CleanUp, unittest.TestCase):
+
+ def testUnboundRolePermission(self):
+ permission = pregistry.definePermission('APerm', 'aPerm title').getId()
+ role = rregistry.defineRole('ARole', 'A Role').getId()
+ self.assertEqual(manager.getRolesForPermission(permission), [])
+ self.assertEqual(manager.getPermissionsForRole(role), [])
+
+ def testRolePermission(self):
+ permission = pregistry.definePermission('APerm', 'aPerm title').getId()
+ role = rregistry.defineRole('ARole', 'A Role').getId()
+ manager.grantPermissionToRole(permission, role)
+ self.assertEqual(manager.getRolesForPermission(permission),
+ [(role,Allow)])
+ self.assertEqual(manager.getPermissionsForRole(role),
+ [(permission,Allow)])
+
+ def testManyPermissionsOneRole(self):
+ perm1 = pregistry.definePermission('Perm One', 'P1').getId()
+ perm2 = pregistry.definePermission('Perm Two', 'P2').getId()
+ perm3 = pregistry.definePermission('Perm Three', 'P3').getId()
+ role1 = rregistry.defineRole('Role One', 'Role #1').getId()
+ perms = manager.getPermissionsForRole(role1)
+ self.assertEqual(len(perms), 0)
+ manager.grantPermissionToRole(perm1, role1)
+ manager.grantPermissionToRole(perm2, role1)
+ manager.grantPermissionToRole(perm2, role1)
+ manager.denyPermissionToRole(perm3, role1)
+ perms = manager.getPermissionsForRole(role1)
+ self.assertEqual(len(perms), 3)
+ self.failUnless((perm1,Allow) in perms)
+ self.failUnless((perm2,Allow) in perms)
+ self.failUnless((perm3,Deny) in perms)
+ manager.unsetPermissionFromRole(perm1, role1)
+ perms = manager.getPermissionsForRole(role1)
+ self.assertEqual(len(perms), 2)
+ self.failUnless((perm2,Allow) in perms)
+
+ def testManyRolesOnePermission(self):
+ perm1 = pregistry.definePermission('Perm One', 'title').getId()
+ role1 = rregistry.defineRole('Role One', 'Role #1').getId()
+ role2 = rregistry.defineRole('Role Two', 'Role #2').getId()
+ roles = manager.getRolesForPermission(perm1)
+ self.assertEqual(len(roles), 0)
+ manager.grantPermissionToRole(perm1, role1)
+ manager.grantPermissionToRole(perm1, role2)
+ manager.grantPermissionToRole(perm1, role2)
+ manager.denyPermissionToRole(perm1, role1)
+ roles = manager.getRolesForPermission(perm1)
+ self.assertEqual(len(roles), 2)
+ self.failIf((role1,Allow) in roles)
+ self.failUnless((role1,Deny) in roles)
+ self.failUnless((role2,Allow) in roles)
+ manager.unsetPermissionFromRole(perm1, role1)
+ roles = manager.getRolesForPermission(perm1)
+ self.assertEqual(len(roles), 1)
+ self.failUnless((role2,Allow) in roles)
+
+def test_suite():
+ loader=unittest.TestLoader()
+ return loader.loadTestsFromTestCase(Test)
+
+if __name__=='__main__':
+ unittest.TextTestRunner().run(test_suite())