[Zope3-checkins] CVS: Zope3/src/zope/security/tests - test_builtins.py:1.1 test_interpreter.py:1.1 test_management.py:1.1 test_manager.py:1.1 test_checker.py:1.3 test_restrictedbuiltins.py:NONE test_restrictedinterpreter.py:NONE test_securitymanagement.py:NONE test_securitymanager.py:NONE
Jim Fulton
jim@zope.com
Mon, 30 Dec 2002 22:35:17 -0500
Update of /cvs-repository/Zope3/src/zope/security/tests
In directory cvs.zope.org:/tmp/cvs-serv32330/src/zope/security/tests
Modified Files:
test_checker.py
Added Files:
test_builtins.py test_interpreter.py test_management.py
test_manager.py
Removed Files:
test_restrictedbuiltins.py test_restrictedinterpreter.py
test_securitymanagement.py test_securitymanager.py
Log Message:
More renaming.
=== Added File Zope3/src/zope/security/tests/test_builtins.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE
#
##############################################################################
"""
Revision information:
$Id: test_builtins.py,v 1.1 2002/12/31 03:35:15 jim Exp $
"""
from unittest import TestCase, TestSuite, main, makeSuite
from zope.testing.cleanup import CleanUp # Base class w registry cleanup
class Test(CleanUp, TestCase):
def test(self):
from zope.security.builtins import RestrictedBuiltins
from zope.security.proxy import Proxy
from zope.exceptions import Forbidden
def e(expr):
return eval(expr, {'__builtins__': RestrictedBuiltins})
self.assertEqual(e('__import__("sys").__name__'), "sys")
self.assertEqual(e('__import__("zope.security").__name__'), "zope")
self.assertEqual(e(
'__import__("zope.security", {}, None, ["__doc__"]).__name__'),
"zope.security")
self.assertRaises(Forbidden, e, '__import__("sys").exit')
def test_suite():
return makeSuite(Test)
if __name__=='__main__':
main(defaultTest='test_suite')
=== Added File Zope3/src/zope/security/tests/test_interpreter.py ===
import unittest
from zope.security.interpreter import RestrictedInterpreter
from zope.security.proxy import ProxyFactory
from zope.security.checker import defineChecker
from zope.testing.cleanup import CleanUp
class RITests(unittest.TestCase, CleanUp):
def setUp(self):
CleanUp.setUp(self)
self.rinterp = RestrictedInterpreter()
def tearDown(self):
CleanUp.tearDown(self)
def testExec(self):
self.rinterp.ri_exec("str(type(1))\n")
def testImport(self):
self.rinterp.ri_exec("import zope.security.proxy")
def testWrapping(self):
# make sure we've really got proxies
import types
from zope.security.checker import NamesChecker
checker = NamesChecker(['Proxy'])
import zope.security.proxy
defineChecker(zope.security.proxy, checker)
checker = NamesChecker(['BuiltinFunctionType'])
defineChecker(types, checker)
code = ("from zope.security.proxy import Proxy\n"
"import types\n"
"assert type(id) is not types.BuiltinFunctionType\n"
)
self.rinterp.ri_exec(code)
def test_suite():
return unittest.makeSuite(RITests)
if __name__=='__main__':
from unittest import main
main(defaultTest='test_suite')
=== Added File Zope3/src/zope/security/tests/test_management.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" Unit tests for SecurityManagement
$Id: test_management.py,v 1.1 2002/12/31 03:35:15 jim Exp $
"""
import unittest
from zope.interface.verify import verifyObject
from zope.testing.cleanup import CleanUp
import zope.security.management
from zope.security.management import noSecurityManager, newSecurityManager
from zope.security.management import setSecurityPolicy
class Test(CleanUp, unittest.TestCase):
def test_import(self):
from zope.security import management
from zope.security.interfaces import ISecurityManagement
from zope.security.interfaces \
import ISecurityManagementSetup
verifyObject(ISecurityManagementSetup, management)
verifyObject(ISecurityManagement, management)
def test_ISecurityManagementSetup(self):
from zope.security.management import noSecurityManager
from zope.security.management import newSecurityManager
from zope.security.management import replaceSecurityManager
some_user = []
other_user = []
old = newSecurityManager(some_user)
self.assertEqual(old, None)
old = newSecurityManager(other_user)
self.failUnless(old is not None)
self.failUnless(old.getPrincipal() is some_user)
old2 = replaceSecurityManager(old)
self.failUnless(old2 is not None)
self.failUnless(old2.getPrincipal() is other_user)
noSecurityManager()
def test_getSecurityManager(self):
# This is a test for the case when there is no principal
from zope.security.management import noSecurityManager
from zope.security.management import replaceSecurityManager
from zope.security.management import getSecurityManager
noSecurityManager()
self.failUnless(replaceSecurityManager(None) is None)
mgr = getSecurityManager()
self.assertEqual(mgr.getPrincipal(), None)
# XXX maybe add test for default principal case
self.failIf(mgr.calledByExecutable())
self.assertEqual(replaceSecurityManager(None), mgr)
noSecurityManager()
def _setPermissive(self):
from zope.security.management import setSecurityPolicy
from zope.security.simplepolicies import PermissiveSecurityPolicy
setSecurityPolicy(PermissiveSecurityPolicy())
def _setParanoid(self):
from zope.security.management import setSecurityPolicy
from zope.security.simplepolicies import ParanoidSecurityPolicy
setSecurityPolicy(ParanoidSecurityPolicy())
def test_setSecurityPolicy(self):
from zope.security.management import noSecurityManager
from zope.security.management import getSecurityManager
from zope.exceptions import Unauthorized
# test against default policy (paranoid)
self._setParanoid()
newSecurityManager('some user')
mgr = getSecurityManager()
self.failIf(mgr.checkPermission(None, None))
# test against explicit permissive policy
self._setPermissive()
newSecurityManager('some user')
mgr = getSecurityManager()
self.failUnless(mgr.checkPermission(None, None))
# test against explicit paranoid policy
self._setParanoid()
newSecurityManager('some user')
mgr = getSecurityManager()
self.failIf(mgr.checkPermission(None, None))
def test_suite():
loader=unittest.TestLoader()
return loader.loadTestsFromTestCase(Test)
if __name__=='__main__':
unittest.TextTestRunner().run(test_suite())
=== Added File Zope3/src/zope/security/tests/test_manager.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" Unit tests for SecurityManager """
import unittest
from zope.interface.verify import verifyClass
from zope.security import manager
from zope.security.simplepolicies import ParanoidSecurityPolicy
from zope.security.simplepolicies import PermissiveSecurityPolicy
from zope.security.context import SecurityContext
from zope.exceptions import Unauthorized
class DummyExecutable:
"""__implements__ = (pseudo) IExecutableObject"""
class DummyExecutableWithCustomPolicy:
"""__implements__ = (pseudo) IExecutableObjectWithCustomSecurityPolicy"""
def _customSecurityPolicy(self):
return PermissiveSecurityPolicy()
class Test(unittest.TestCase):
def setUp(self):
self._oldPolicy = manager._defaultPolicy
manager.setSecurityPolicy(ParanoidSecurityPolicy())
self._context = SecurityContext('xyzzy')
def tearDown(self):
from zope.security.manager import setSecurityPolicy
setSecurityPolicy(self._oldPolicy)
def _makeMgr(self):
from zope.security.manager import SecurityManager
return SecurityManager(self._context)
def _setPermissive(self):
from zope.security.manager import setSecurityPolicy
setSecurityPolicy(PermissiveSecurityPolicy())
def test_import(self):
from zope.security.manager import SecurityManager
from zope.security.interfaces import ISecurityManager
verifyClass(ISecurityManager, SecurityManager)
def test_empty(self):
mgr = self._makeMgr()
self.assertEqual(mgr.getPrincipal(), self._context.user)
self.failIf(mgr.calledByExecutable())
def test_w_default_policy(self):
mgr = self._makeMgr()
self.failIf(mgr.checkPermission(None, None))
def test_w_permissive_policy(self):
mgr = self._makeMgr()
self._setPermissive()
self.failUnless(mgr.checkPermission(None, None))
def test_exec_stack_overflow(self):
from zope.security.manager import MAX_STACK_SIZE
mgr = self._makeMgr()
for i in range(MAX_STACK_SIZE):
mgr.pushExecutable(None)
self.assertRaises(SystemError, mgr.pushExecutable, None)
def test_pushExecutable_simple(self):
mgr = self._makeMgr()
self.failIf(mgr.calledByExecutable())
mgr.pushExecutable(DummyExecutable())
self.failUnless(mgr.calledByExecutable())
def test_popExecutable_simple(self):
mgr = self._makeMgr()
exe = DummyExecutable()
exe2 = DummyExecutable()
mgr.pushExecutable(exe)
mgr.pushExecutable(exe2)
mgr.popExecutable(exe2)
self.failUnless(mgr.calledByExecutable())
mgr.popExecutable(exe)
self.failIf(mgr.calledByExecutable())
def test_popExecutable_nomatch(self):
mgr = self._makeMgr()
exe = DummyExecutable()
exe2 = DummyExecutable()
other = DummyExecutable()
mgr.pushExecutable(exe)
mgr.pushExecutable(exe2)
mgr.popExecutable(other) # not on stack => no change
self.failUnless(mgr.calledByExecutable())
mgr.popExecutable(exe) # bottom of stack => empty it
self.failIf(mgr.calledByExecutable())
def test_pushExecutable_customPolicy(self):
mgr = self._makeMgr()
exe = DummyExecutableWithCustomPolicy()
self.failIf(mgr.checkPermission(None, None))
mgr.pushExecutable(exe)
self.failUnless(mgr.checkPermission(None, None))
mgr.popExecutable(exe)
self.failIf(mgr.checkPermission(None, None))
def test_pushPop_complexPolicies(self):
mgr = self._makeMgr()
exe1 = DummyExecutableWithCustomPolicy()
exe2 = DummyExecutable()
exe3 = DummyExecutableWithCustomPolicy()
mgr.pushExecutable(exe1) # now has custom permissive policy
self.failUnless(mgr.checkPermission(None, None))
mgr.pushExecutable(exe2) # now has default policy
self.failIf(mgr.checkPermission(None, None))
mgr.pushExecutable(exe3) # now has custom permissive policy
self.failUnless(mgr.checkPermission(None, None))
mgr.popExecutable(exe3) # back to default policy
self.failIf(mgr.checkPermission(None, None))
mgr.popExecutable(exe2) # back to has custom permissive policy
self.failUnless(mgr.checkPermission(None, None))
mgr.popExecutable(exe1) # back to default policy
self.failIf(mgr.checkPermission(None, None))
def test_suite():
loader=unittest.TestLoader()
return loader.loadTestsFromTestCase(Test)
if __name__=='__main__':
unittest.TextTestRunner().run(test_suite())
=== Zope3/src/zope/security/tests/test_checker.py 1.2 => 1.3 ===
--- Zope3/src/zope/security/tests/test_checker.py:1.2 Wed Dec 25 09:15:22 2002
+++ Zope3/src/zope/security/tests/test_checker.py Mon Dec 30 22:35:15 2002
@@ -22,7 +22,7 @@
from zope.testing.cleanup import CleanUp
from zope.security.interfaces import ISecurityPolicy
from zope.exceptions import Forbidden, Unauthorized
-from zope.security.securitymanagement import setSecurityPolicy
+from zope.security.management import setSecurityPolicy
from zope.security.proxy import getChecker, getObject
from zope.security.checker import defineChecker
import types
=== Removed File Zope3/src/zope/security/tests/test_restrictedbuiltins.py ===
=== Removed File Zope3/src/zope/security/tests/test_restrictedinterpreter.py ===
=== Removed File Zope3/src/zope/security/tests/test_securitymanagement.py ===
=== Removed File Zope3/src/zope/security/tests/test_securitymanager.py ===