[Zope3-checkins] CVS: Zope3/src/zope/security/tests - test_checker.py:1.8
Steve Alexander
steve@cat-box.net
Wed, 28 May 2003 08:55:29 -0400
Update of /cvs-repository/Zope3/src/zope/security/tests
In directory cvs.zope.org:/tmp/cvs-serv18143/src/zope/security/tests
Modified Files:
test_checker.py
Log Message:
Merged some of the work done by SteveA and MariusG on the
stevea-decorators-branch.
* Refactored acting on WATCH_CHECKERS into a reusable and unobtrusive
mixin class. Execution speed will be faster when WATCH_CHECKERS is false.
* Improved and clearer implementation of ProxyFactory.
* Added comprehensive test of ProxyFactory.
* Made an explicit TrustedCheckerBase marker type to show the connection
between the checker module and the proxy module.
* Added a note about the poor naming of _always_available. The name
_available_by_default would better reflect actual use. That is, it is
possible to make an _always_available name unavailable.
* Added a BasicTypes_examples dict that can be imported into unit tests
that want to check whether basic types are handled properly.
* Added comprehensive test of ProxyFactory.
=== Zope3/src/zope/security/tests/test_checker.py 1.7 => 1.8 ===
--- Zope3/src/zope/security/tests/test_checker.py:1.7 Wed Apr 23 14:18:02 2003
+++ Zope3/src/zope/security/tests/test_checker.py Wed May 28 08:55:29 2003
@@ -18,26 +18,47 @@
"""
from unittest import TestCase, TestSuite, main, makeSuite
+from zope.interface import implements
+from zope.interface.verify import verifyObject
from zope.security.checker import Checker, NamesChecker, CheckerPublic
from zope.testing.cleanup import CleanUp
from zope.security.interfaces import ISecurityPolicy
-from zope.exceptions import Forbidden, Unauthorized
+from zope.exceptions import Forbidden, Unauthorized, ForbiddenAttribute
from zope.security.management import setSecurityPolicy
from zope.security.proxy import getChecker, getObject
from zope.security.checker import defineChecker, ProxyFactory
+from zope.security.proxy import Proxy
import types, pickle
+__metaclass__ = type
+
class SecurityPolicy:
- __implements__ = ISecurityPolicy
+ implements(ISecurityPolicy)
def checkPermission(self, permission, object, context):
'See ISecurityPolicy'
return permission == 'test_allowed'
+class RecordedSecurityPolicy:
+
+ implements(ISecurityPolicy)
+
+ def __init__(self):
+ self._checked = []
+
+ def checkPermission(self, permission, object, context):
+ 'See ISecurityPolicy'
+ self._checked.append(permission)
+ return True
-class TransparentProxy(object):
+ def checkChecked(self, checked):
+ res = self._checked == checked
+ self._checked = []
+ return res
+
+class TransparentProxy:
def __init__(self, ob):
self._ob = ob
@@ -46,6 +67,9 @@
return getattr(ob, name)
class OldInst:
+
+ __metaclass__ = types.ClassType
+
a=1
def b(self):
@@ -62,10 +86,14 @@
class NewInst(object, OldInst):
+ # This is not needed, but left in to show the change of metaclass
+ # __metaclass__ = type
+
def gete(self): return 3
def sete(self, v): pass
e = property(gete, sete)
+
class Test(TestCase, CleanUp):
def setUp(self):
@@ -103,8 +131,7 @@
newinst.d = NewInst()
for inst in oldinst, newinst:
- checker = NamesChecker(['a', 'b', 'c', '__getitem__'],
- 'perm')
+ checker = NamesChecker(['a', 'b', 'c', '__getitem__'], 'perm')
self.assertRaises(Unauthorized, checker.check_getattr, inst, 'a')
self.assertRaises(Unauthorized, checker.check_getattr, inst, 'b')
@@ -176,12 +203,10 @@
def test_proxy(self):
checker = NamesChecker(())
-
- for rock in (1, 1.0, 1l, 1j,
- '1', u'1', None,
- AttributeError(),
- AttributeError
- ):
+ from zope.security.checker import BasicTypes_examples
+ rocks = tuple(BasicTypes_examples.values())
+ rocks += (AttributeError(), AttributeError)
+ for rock in rocks:
proxy = checker.proxy(rock)
self.failUnless(proxy is rock, (rock, type(proxy)))
@@ -289,6 +314,59 @@
self.assertRaises(Forbidden, checker.check_setattr, inst, 'a')
self.assertRaises(Forbidden, checker.check_setattr, inst, 'z')
+ # XXX write a test to see that
+ # Checker.check/check_setattr handle permission
+ # values that evaluate to False
+
+ def test_ProxyFactory(self):
+ class SomeClass:
+ pass
+ import zope.security
+ checker = NamesChecker()
+ specific_checker = NamesChecker()
+ checker_as_magic_attr = NamesChecker()
+
+ obj = SomeClass()
+
+ proxy = ProxyFactory(obj)
+ self.assert_(type(proxy) is Proxy)
+ from zope.security.checker import _defaultChecker
+ self.assert_(getChecker(proxy) is _defaultChecker)
+
+ defineChecker(SomeClass, checker)
+
+ proxy = ProxyFactory(obj)
+ self.assert_(type(proxy) is Proxy)
+ self.assert_(getChecker(proxy) is checker)
+
+ obj.__Security_checker__ = checker_as_magic_attr
+
+ proxy = ProxyFactory(obj)
+ self.assert_(type(proxy) is Proxy)
+ self.assert_(getChecker(proxy) is checker_as_magic_attr)
+
+ proxy = ProxyFactory(obj, specific_checker)
+ self.assert_(type(proxy) is Proxy)
+ self.assert_(getChecker(proxy) is specific_checker)
+
+ def test_ProxyFactory_using_proxy(self):
+ class SomeClass:
+ pass
+ obj = SomeClass()
+ checker = NamesChecker()
+ proxy1 = ProxyFactory(obj)
+
+ proxy2 = ProxyFactory(proxy1)
+ self.assert_(proxy1 is proxy2)
+
+ # Trying to change the checker on a proxy.
+ self.assertRaises(TypeError, ProxyFactory, proxy1, checker)
+
+ # Setting exactly the same checker as the proxy already has.
+ proxy1 = ProxyFactory(obj, checker)
+ proxy2 = ProxyFactory(proxy1, checker)
+ self.assert_(proxy1 is proxy2)
+
class TestCheckerPublic(TestCase):
@@ -299,6 +377,7 @@
def test_that_CheckerPublic_identity_works_even_when_proxied(self):
self.assert_(ProxyFactory(CheckerPublic) is CheckerPublic)
+
def test_suite():
return TestSuite((