[Zope3-checkins] CVS: Zope3/src/zope/products/securitypolicy/browser/tests - __init__.py:1.2 permissionservice.py:1.2 rolepermissionmanager.py:1.2 roleservice.py:1.2 test_principalpermissionview.py:1.2 test_principalroleview.py:1.2 test_rolepermissionview.py:1.2

Chris McDonough chrism at plope.com
Wed Jan 14 17:56:06 EST 2004


Update of /cvs-repository/Zope3/src/zope/products/securitypolicy/browser/tests
In directory cvs.zope.org:/tmp/cvs-serv5558/src/zope/products/securitypolicy/browser/tests

Added Files:
	__init__.py permissionservice.py rolepermissionmanager.py 
	roleservice.py test_principalpermissionview.py 
	test_principalroleview.py test_rolepermissionview.py 
Log Message:
Merge security policy refactoring:

 - Moved all role- and grant-related functionality into
   zope.products.securitypolicy (and out of zope.app.security.grant).
   The zope.products.securitypolicy implementation is exactly
   the same as the old implementation; no changes were made
   to the actual mechanics of role-permission or principal-permission
   grants.  The only real difference is that all functionality
   that is the purview of what we want a security policy to have
   control of is now in that one place.

 - Created new modulealias directive which can be used to provide
   aliases to older modules (to not break existing ZODBs when
   module locations change).

 - Added minor feature: "make debug" launches a debug session in the
   spirit of Zope 2's "zopectl debug".
   


=== Zope3/src/zope/products/securitypolicy/browser/tests/__init__.py 1.1 => 1.2 ===
--- /dev/null	Wed Jan 14 17:56:05 2004
+++ Zope3/src/zope/products/securitypolicy/browser/tests/__init__.py	Wed Jan 14 17:55:34 2004
@@ -0,0 +1,2 @@
+#
+# This file is necessary to make this directory a package.


=== Zope3/src/zope/products/securitypolicy/browser/tests/permissionservice.py 1.1 => 1.2 ===
--- /dev/null	Wed Jan 14 17:56:05 2004
+++ Zope3/src/zope/products/securitypolicy/browser/tests/permissionservice.py	Wed Jan 14 17:55:34 2004
@@ -0,0 +1,47 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""PermissionService implementation for testing
+
+$Id$
+"""
+
+from zope.app.interfaces.security import IPermissionService
+from zope.app.interfaces.security import IPermission
+from zope.app.interfaces.services.service import ISimpleService
+from zope.interface import implements
+
+class Permission:
+
+    implements(IPermission)
+
+    def __init__(self, id, title): self._id, self._title = id, title
+    def getId(self): return self._id
+    def getTitle(self): return self._title
+    def getDescription(self): return ''
+
+class PermissionService:
+
+    implements(IPermissionService, ISimpleService)
+
+    def __init__(self, **kw):
+        self._permissions = r = {}
+        for id, title in kw.items(): r[id]=Permission(id, title)
+
+    def getPermission(self, rid):
+        '''See interface IPermissionService'''
+        return self._permissions.get(rid)
+
+    def getPermissions(self):
+        '''See interface IPermissionService'''
+        return self._permissions.values()


=== Zope3/src/zope/products/securitypolicy/browser/tests/rolepermissionmanager.py 1.1 => 1.2 ===
--- /dev/null	Wed Jan 14 17:56:05 2004
+++ Zope3/src/zope/products/securitypolicy/browser/tests/rolepermissionmanager.py	Wed Jan 14 17:55:34 2004
@@ -0,0 +1,87 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Test IRolePermissionManager class that has no context.
+
+$Id$
+"""
+
+from zope.products.securitypolicy.interfaces import IRolePermissionManager
+from zope.products.securitypolicy.interfaces import IRolePermissionMap
+from zope.products.securitypolicy.securitymap import SecurityMap
+from zope.app.security.settings import Allow, Deny, Unset
+from zope.interface import implements
+
+class RolePermissionManager:
+    """
+    provide adapter that manages role permission data in an object attribute
+    """
+
+    implements(IRolePermissionManager, IRolePermissionMap)
+
+    def __init__(self):
+        self._rp = SecurityMap()
+
+    def grantPermissionToRole(self, permission_id, role_id):
+        ''' See the interface IRolePermissionManager '''
+        rp = self._getRolePermissions(create=1)
+        rp.addCell(permission_id, role_id, Allow)
+
+    def denyPermissionToRole(self, permission_id, role_id):
+        ''' See the interface IRolePermissionManager '''
+        rp = self._getRolePermissions(create=1)
+        rp.addCell(permission_id, role_id, Deny)
+
+    def unsetPermissionFromRole(self, permission_id, role_id):
+        ''' See the interface IRolePermissionManager '''
+        rp = self._getRolePermissions()
+        # Only unset if there is a security map, otherwise, we're done
+        if rp:
+            rp.delCell(permission_id, role_id)
+
+    def getRolesForPermission(self, permission_id):
+        '''See interface IRolePermissionMap'''
+        rp = self._getRolePermissions()
+        if rp:
+            return rp.getRow(permission_id)
+        else:
+            return []
+
+    def getPermissionsForRole(self, role_id):
+        '''See interface IRolePermissionMap'''
+        rp = self._getRolePermissions()
+        if rp:
+            return rp.getCol(role_id)
+        else:
+            return []
+
+    def getRolesAndPermissions(self):
+        '''See interface IRolePermissionMap'''
+        rp = self._getRolePermissions()
+        if rp:
+            return rp.getAllCells()
+        else:
+            return []
+
+    def getSetting(self, permission_id, role_id):
+        '''See interface IRolePermissionMap'''
+        rp = self._getRolePermissions()
+        if rp:
+            return rp.getCell(permission_id, role_id)
+        else:
+            return Unset
+
+    def _getRolePermissions(self, create=0):
+        """Get the role permission map stored in the context, optionally
+           creating one if necessary"""
+        return self._rp


=== Zope3/src/zope/products/securitypolicy/browser/tests/roleservice.py 1.1 => 1.2 ===
--- /dev/null	Wed Jan 14 17:56:05 2004
+++ Zope3/src/zope/products/securitypolicy/browser/tests/roleservice.py	Wed Jan 14 17:55:34 2004
@@ -0,0 +1,45 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""RoleService implementation for testing
+
+$Id$
+"""
+
+from zope.products.securitypolicy.interfaces import IRoleService
+from zope.products.securitypolicy.interfaces import IRole
+from zope.app.interfaces.services.service import ISimpleService
+from zope.interface import implements
+
+class Role:
+
+    implements(IRole)
+
+    def __init__(self, id, title): self._id, self._title = id, title
+    def getId(self): return self._id
+    def getTitle(self): return self._title
+    def getDescription(self): return ''
+
+class RoleService:
+
+    implements(IRoleService, ISimpleService)
+
+    def __init__(self, **kw):
+        self._roles = r = {}
+        for id, title in kw.items(): r[id]=Role(id, title)
+
+    def getRole(self, rid):
+        return self._roles.get(rid)
+
+    def getRoles(self):
+        return self._roles.values()


=== Zope3/src/zope/products/securitypolicy/browser/tests/test_principalpermissionview.py 1.1 => 1.2 ===
--- /dev/null	Wed Jan 14 17:56:05 2004
+++ Zope3/src/zope/products/securitypolicy/browser/tests/test_principalpermissionview.py	Wed Jan 14 17:55:34 2004
@@ -0,0 +1,362 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""
+
+$Id$
+"""
+
+import unittest
+
+from zope.app.tests import ztapi
+from zope.component import getService, getServiceManager
+from zope.app.services.servicenames import Permissions, Adapters
+from zope.app.services.servicenames import Authentication
+from zope.app.interfaces.annotation import IAttributeAnnotatable
+from zope.app.interfaces.annotation import IAnnotations
+from zope.app.attributeannotations import AttributeAnnotations
+from zope.app.interfaces.security import IPermissionService
+from zope.app.interfaces.security import IAuthenticationService
+from zope.products.securitypolicy.interfaces \
+        import IPrincipalPermissionManager
+from zope.products.securitypolicy.interfaces import IPrincipalPermissionMap
+from zope.app.security.settings import Allow, Deny, Unset
+from zope.app.services.tests.placefulsetup \
+     import PlacefulSetup
+from zope.app.interfaces.services.service import ISimpleService
+from zope.interface import implements
+from zope.products.securitypolicy.browser.principalpermissionview \
+     import PrincipalPermissionView
+
+class DummyContext:
+
+    implements(IAttributeAnnotatable)
+#IPrincipalPermissionManager, IPrincipalPermissionMap
+
+class DummyPermissionService:
+
+    implements(IPermissionService, ISimpleService)
+
+    def __init__(self, perm_objs):
+        perms = {}
+        for perm_obj in perm_objs:
+            perms[perm_obj.getId()] = perm_obj
+
+        self.perms = perms
+
+    def getPermission(self,pr_id):
+        return self.perms[pr_id]
+
+    def getPermissions(self):
+        return self.perms.keys()
+
+
+class DummyAuthenticationService:
+    implements(IAuthenticationService, ISimpleService)
+
+    def __init__(self, principals):
+        pr = {}
+        for principal in principals:
+            pr[principal.getId()] = principal
+        self.principals = pr
+
+    def getPrincipal(self, principal_id):
+        return self.principals[principal_id]
+
+class DummyAdapter:
+
+    implements(IPrincipalPermissionManager, IPrincipalPermissionMap)
+
+    def __init__(self, context):
+        self._context = context
+        if not hasattr(self._context,'principals'):
+            self._context.principals = {}
+
+    def grantPermissionToPrincipal(self, permission, principal):
+        if not (principal in self._context.principals):
+            self._context.principals[principal]={}
+
+        self._context.principals[principal][permission]=Allow
+
+    def denyPermissionToPrincipal(self, permission, principal):
+        if not (principal in self._context.principals):
+            self._context.principals[principal]={}
+
+        self._context.principals[principal][permission]=Deny
+
+    def unsetPermissionForPrincipal(self, permission, principal):
+        if not (principal in self._context.principals):
+            return
+        try:
+            del self._context.principals[principal][permission]
+        except KeyError:
+            pass
+
+    def getSetting(self, permission, principal):
+        try:
+            setting =  self._context.principals[principal][permission]
+
+        except KeyError:
+            setting = Unset
+
+        return setting
+
+    def getPrincipalsForPermission(self, permission):
+        ret = []
+        for principal, permissions in self._context.principals.items():
+            if permissions in permissions:
+                ret.append((principal, permissions[permission]))
+        return ret
+
+    def getPermissionsForPrincipal(self, principal):
+        try:
+            return self._context.principals[principal].items()
+        except KeyError:
+            return []
+
+class DummyObject:
+    def __init__(self, id, title):
+        self._id = id
+        self._title = title
+
+    def getId(self):
+        return self._id
+
+    def getTitle(self):
+        return self._title
+
+
+class Test(PlacefulSetup, unittest.TestCase):
+
+    def setUp(self):
+        PlacefulSetup.setUp(self)
+        self._permissions = []
+        self._permissions.append(DummyObject('qux', 'Qux'))
+        self._permissions.append(DummyObject('baz', 'Baz'))
+        defineService=getServiceManager(None).defineService
+        provideService=getServiceManager(None).provideService
+
+        defineService(
+                 Permissions, IPermissionService)
+        provideService(Permissions,
+                 DummyPermissionService(self._permissions))
+
+        defineService(Authentication,
+                 IAuthenticationService)
+
+        self._principals = []
+        self._principals.append(DummyObject('foo', 'Foo'))
+        self._principals.append(DummyObject('bar', 'Bar'))
+
+        provideService(Authentication,
+            DummyAuthenticationService(principals = self._principals))
+        ztapi.provideAdapter(IAttributeAnnotatable,
+                       IPrincipalPermissionManager, DummyAdapter)
+        ztapi.provideAdapter(
+            IAttributeAnnotatable, IAnnotations, AttributeAnnotations)
+
+    def _makeOne(self):
+        return PrincipalPermissionView(DummyContext(), None)
+
+    def testGrantPermissions(self):
+        view = self._makeOne()
+        allowed_perms = view.getPermissionsForPrincipal(
+            self._principals[0].getId(), 'Allow')
+        denied_perms = view.getPermissionsForPrincipal(
+            self._principals[0].getId(), 'Deny')
+
+        self.assertEqual(len(allowed_perms), 0, 'List not empty')
+        self.assertEqual(len(denied_perms), 0, 'List not empty')
+        view.grantPermissions(self._principals[0].getId(),
+                              [self._permissions[0].getId()])
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[0].getId(),'Allow'),
+                         [self._permissions[0]])
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[0].getId(),'Deny'),
+                         [])
+
+        view.grantPermissions(self._principals[0].getId(),
+                              [self._permissions[1].getId()])
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[0].getId(),'Allow').sort(),
+                         self._permissions.sort())
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[0].getId(),'Deny'),
+                         [])
+
+        view.grantPermissions(self._principals[1].getId(),
+                              [self._permissions[0].getId()])
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[1].getId(),'Allow'),
+                         [self._permissions[0]])
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[1].getId(),'Deny'),
+                         [])
+
+        view.grantPermissions(self._principals[1].getId(),
+                              [self._permissions[1].getId()])
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[1].getId(),'Allow').sort(),
+                         self._permissions.sort())
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[1].getId(),'Deny'),
+                         [])
+
+    def testDenyPermissions(self):
+        view = self._makeOne()
+        allowed_perms = view.getPermissionsForPrincipal(
+            self._principals[0].getId(), 'Allow')
+        denied_perms = view.getPermissionsForPrincipal(
+            self._principals[0].getId(), 'Deny')
+
+        self.assertEqual(len(allowed_perms), 0, 'List not empty')
+        self.assertEqual(len(denied_perms), 0, 'List not empty')
+        view.denyPermissions(self._principals[0].getId(),
+                             [self._permissions[0].getId()])
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[0].getId(),'Deny'),
+                         [self._permissions[0]])
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[0].getId(),'Allow'),
+                         [])
+
+        view.denyPermissions(self._principals[0].getId(),
+                             [self._permissions[1].getId()])
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[0].getId(),'Deny').sort(),
+                         self._permissions.sort())
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[0].getId(),'Allow'),
+                         [])
+
+        view.denyPermissions(self._principals[1].getId(), [
+            self._permissions[0].getId()])
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[1].getId(),'Deny'),
+                         [self._permissions[0]])
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[1].getId(),'Allow'),
+                         [])
+
+        view.denyPermissions(self._principals[1].getId(),
+                             [self._permissions[1].getId()])
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[1].getId(),'Deny').sort(),
+                         self._permissions.sort())
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[1].getId(),'Allow'),
+                         [])
+
+    def testAllowDenyPermissions(self):
+        view = self._makeOne()
+        allowed_perms = view.getPermissionsForPrincipal(
+            self._principals[0].getId(), 'Allow')
+        denied_perms = view.getPermissionsForPrincipal(
+            self._principals[0].getId(), 'Deny')
+
+        self.assertEqual(len(allowed_perms), 0, 'List not empty')
+        self.assertEqual(len(denied_perms), 0, 'List not empty')
+
+        view.grantPermissions(self._principals[0].getId(),
+                              [self._permissions[0].getId()])
+
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[0].getId(),'Allow'),
+                         [self._permissions[0]])
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[0].getId(),'Deny'),
+                         [])
+
+        allowed_perms = view.getPermissionsForPrincipal(
+            self._principals[0].getId(), 'Allow')
+        self.assertEqual(len(allowed_perms), 1, 'List has wrong length')
+
+        # Now change it to deny
+        view.denyPermissions(self._principals[0].getId(),
+                             [self._permissions[0].getId()])
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[0].getId(),'Deny'),
+                         [self._permissions[0]])
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[0].getId(),'Allow'),
+                         [])
+
+        view.grantPermissions(self._principals[0].getId(),
+                              [self._permissions[1].getId()])
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[0].getId(),'Deny'),  [self._permissions[0]])
+        self.assertEqual(view.getPermissionsForPrincipal(
+            self._principals[0].getId(),'Allow'), [self._permissions[1]])
+
+    def testUnsetPermissions(self):
+        view = self._makeOne()
+
+        view.grantPermissions(self._principals[0].getId(),
+                              [self._permissions[0].getId()])
+        allowed_perms = view.getPermissionsForPrincipal(
+            self._principals[0].getId(), 'Allow')
+        self.assertEqual(len(allowed_perms), 1, 'List has wrong length')
+
+        view.unsetPermissions(self._principals[0].getId(),
+                              [self._permissions[0].getId()])
+        allowed_perms = view.getPermissionsForPrincipal(
+            self._principals[0].getId(), 'Allow')
+        self.assertEqual(len(allowed_perms), 0, 'Permission not unset')
+
+        # Deleting mutiple in one step
+        view.grantPermissions(self._principals[0].getId(),
+                              [self._permissions[0].getId(),
+                               self._permissions[1].getId()])
+        allowed_perms = view.getPermissionsForPrincipal(
+            self._principals[0].getId(), 'Allow')
+        self.assertEqual(len(allowed_perms), 2, 'List has wrong length')
+
+        view.unsetPermissions(self._principals[0].getId(),
+                              [self._permissions[0].getId(),
+                               self._permissions[1].getId()])
+        allowed_perms = view.getPermissionsForPrincipal(
+            self._principals[0].getId(), 'Allow')
+        self.assertEqual(len(allowed_perms), 0, 'Some permissions not unset')
+
+        # Deleting in a row
+        view.grantPermissions(self._principals[0].getId(),
+                              [self._permissions[0].getId(),
+                               self._permissions[1].getId()])
+        allowed_perms = view.getPermissionsForPrincipal(
+            self._principals[0].getId(), 'Allow')
+        self.assertEqual(len(allowed_perms), 2, 'List has wrong length')
+
+        view.unsetPermissions(self._principals[0].getId(),
+                              [self._permissions[0].getId()])
+        allowed_perms = view.getPermissionsForPrincipal(
+            self._principals[0].getId(), 'Allow')
+        self.assertEqual(len(allowed_perms), 1, 'Some permissions not unset')
+
+        view.unsetPermissions(self._principals[0].getId(),
+                              [self._permissions[1].getId()])
+        allowed_perms = view.getPermissionsForPrincipal(
+            self._principals[0].getId(), 'Allow')
+        self.assertEqual(len(allowed_perms), 0, 'Not all permissions unset')
+
+        # Ask for an other way of getting the unset permisssions
+        unset_perms = view.getUnsetPermissionsForPrincipal(
+            self._principals[0].getId())
+        self.assertEqual(len(unset_perms), 2, 'Not all permissions unset')
+
+def test_suite():
+    loader=unittest.TestLoader()
+    return loader.loadTestsFromTestCase(Test)
+
+if __name__=='__main__':
+    unittest.TextTestRunner().run(test_suite())


=== Zope3/src/zope/products/securitypolicy/browser/tests/test_principalroleview.py 1.1 => 1.2 ===
--- /dev/null	Wed Jan 14 17:56:05 2004
+++ Zope3/src/zope/products/securitypolicy/browser/tests/test_principalroleview.py	Wed Jan 14 17:55:34 2004
@@ -0,0 +1,158 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""
+
+$Id$
+"""
+
+import unittest
+
+from zope.app.interfaces.security import IAuthenticationService
+from zope.products.securitypolicy.interfaces import IPrincipalRoleManager
+from zope.products.securitypolicy.interfaces import IRoleService
+from zope.app.interfaces.services.service import ISimpleService
+from zope.products.securitypolicy.browser.principalroleview import \
+     PrincipalRoleView
+from zope.app.services.servicenames import Authentication
+from zope.app.services.tests.placefulsetup import PlacefulSetup
+from zope.component import getServiceManager
+from zope.interface import implements
+from zope.publisher.browser import BrowserView, TestRequest
+
+class PrincipalRoleView(PrincipalRoleView, BrowserView):
+    """Adding BrowserView to Utilities; this is usually done by ZCML."""
+
+class DummySetting:
+    def __init__(self, name):
+        self._name = name
+    def getName(self):
+        return self._name
+
+class DummyManager:
+
+    implements(IPrincipalRoleManager)
+
+    def getSetting(self, role, principal):
+        return DummySetting('%r:%r' % (role, principal))
+
+class DummyRoleService:
+
+    implements(IRoleService, ISimpleService)
+
+    def __init__(self, roles):
+        self._roles = roles
+
+    def getRoles(self):
+        return self._roles
+
+class DummyObject:
+    def __init__(self, id, title):
+        self._id = id
+        self._title = title
+
+    def getId(self):
+        return self._id
+
+    def getTitle(self):
+        return self._title
+
+class DummyAuthenticationService:
+
+    implements(IAuthenticationService, ISimpleService)
+
+    def __init__(self, principals):
+        self._principals = principals
+
+    def getPrincipals(self, name):
+        return self._principals
+
+class Test(PlacefulSetup, unittest.TestCase):
+
+    def setUp(self):
+        PlacefulSetup.setUp(self)
+        self._roles = []
+        self._roles.append(DummyObject('qux', 'Qux'))
+        self._roles.append(DummyObject('baz', 'Baz'))
+        defineService=getServiceManager(None).defineService
+        provideService=getServiceManager(None).provideService
+
+        defineService("Roles", IRoleService)
+        provideService("Roles"
+                      , DummyRoleService(roles = self._roles))
+
+        defineService(Authentication, IAuthenticationService)
+
+        self._principals = []
+        self._principals.append(DummyObject('foo', 'Foo'))
+        self._principals.append(DummyObject('bar', 'Bar'))
+
+        provideService(Authentication,
+            DummyAuthenticationService(principals = self._principals))
+
+    def _makeOne(self):
+        return PrincipalRoleView(DummyManager(), TestRequest())
+
+    def testRoles(self):
+        view = self._makeOne()
+        roles = list(view.getAllRoles())
+        self.assertEqual(len(roles), 2)
+
+        ids = map(lambda x: x.getId(), self._roles)
+
+        for role in roles:
+            self.failUnless(role.getId() in ids)
+
+    def testPrincipals(self):
+        view = self._makeOne()
+        principals = list(view.getAllPrincipals())
+        self.assertEqual(len(principals), 2)
+
+        ids = map(lambda x: x.getId(), self._principals)
+
+        for principal in principals:
+            self.failUnless(principal.getId() in ids, (principal, ids))
+
+    def testPrincipalRoleGrid(self):
+        view = self._makeOne()
+
+        grid = view.createGrid()
+
+        p_ids = [p.getId() for p in view.getAllPrincipals()]
+        r_ids = [r.getId() for r in view.getAllRoles()]
+
+        self.failUnless(grid.listAvailableValues())
+
+        for p in grid.principalIds():
+            self.failUnless(p in p_ids)
+
+        for r in grid.roleIds():
+            self.failUnless(r in r_ids)
+
+        map = DummyManager()
+
+        grid_entries = [(r, p, map.getSetting(r, p).getName())
+                        for r in grid.roleIds()
+                        for p in grid.principalIds()
+                        ]
+
+        for r, p, setting in grid_entries:
+            self.assertEquals(setting, grid.getValue(p, r))
+
+
+def test_suite():
+    loader=unittest.TestLoader()
+    return loader.loadTestsFromTestCase(Test)
+
+if __name__=='__main__':
+    unittest.TextTestRunner().run(test_suite())


=== Zope3/src/zope/products/securitypolicy/browser/tests/test_rolepermissionview.py 1.1 => 1.2 ===
--- /dev/null	Wed Jan 14 17:56:05 2004
+++ Zope3/src/zope/products/securitypolicy/browser/tests/test_rolepermissionview.py	Wed Jan 14 17:55:34 2004
@@ -0,0 +1,195 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Role-Permission View Tests
+
+$Id$
+"""
+import unittest
+from zope.app.services.tests.placefulsetup\
+           import PlacefulSetup
+from zope.app.services.servicenames import Permissions
+from zope.products.securitypolicy.interfaces import IRoleService
+from zope.products.securitypolicy.browser.tests.roleservice import RoleService
+from zope.products.securitypolicy.browser.tests.permissionservice import \
+     PermissionService
+from zope.products.securitypolicy.browser.tests.rolepermissionmanager import \
+     RolePermissionManager
+from zope.products.securitypolicy.browser.rolepermissionview \
+     import RolePermissionView
+from zope.app.interfaces.security import IPermissionService
+from zope.component import getServiceManager
+from zope.publisher.browser import BrowserView, TestRequest
+
+class RolePermissionView(RolePermissionView, BrowserView):
+    """Adding BrowserView to Utilities; this is usually done by ZCML."""
+
+
+class Test(PlacefulSetup, unittest.TestCase):
+
+    def setUp(self):
+        PlacefulSetup.setUp(self)
+        defineService=getServiceManager(None).defineService
+        provideService=getServiceManager(None).provideService
+        defineService("Roles", IRoleService)
+        provideService("Roles", RoleService(
+            manager='Manager', member='Member'))
+        defineService(Permissions, IPermissionService)
+        provideService(Permissions, PermissionService(
+            read='Read', write='Write'))
+        self.view = RolePermissionView(RolePermissionManager(), None)
+
+    def testRoles(self):
+        roles = list(self.view.roles())
+        ids = ['manager', 'member']
+        titles = ['Manager', 'Member']
+        for role in roles:
+            i=ids.index(role.getId())
+            self.failIf(i < 0)
+            self.assertEqual(role.getTitle(), titles[i])
+            del ids[i]
+            del titles[i]
+
+    def testPermisssions(self):
+        permissions = list(self.view.permissions())
+        ids = ['read', 'write']
+        titles = ['Read', 'Write']
+        for permission in permissions:
+            i=ids.index(permission.getId())
+            self.failIf(i < 0)
+            self.assertEqual(permission.getTitle(), titles[i])
+            del ids[i]
+            del titles[i]
+
+    def testMatrix(self):
+        roles = self.view.roles()
+        permissions = self.view.permissions()
+
+        #         manager  member
+        # read       +
+        # write      .       -
+        env = {
+            'p0': 'read', 'p1': 'write',
+            'r0': 'manager', 'r1': 'member',
+            'p0r0': 'Allow',
+            'p1r0': 'Unset', 'p1r1': 'Deny',
+            'SUBMIT': 1
+            }
+        self.view.request = TestRequest(environ=env)
+        self.view.update()
+        permissionRoles = self.view.permissionRoles()
+        for ip in range(len(permissionRoles)):
+            permissionRole = permissionRoles[ip]
+            rset = permissionRole.roleSettings()
+            for ir in range(len(rset)):
+                setting = rset[ir]
+                r = roles[ir].getId()
+                p = permissions[ip].getId()
+                if setting == 'Allow':
+                    self.failUnless(r == 'manager' and p == 'read')
+                elif setting == 'Deny':
+                    self.failUnless(r == 'member' and p == 'write')
+                else:
+                    self.failUnless(setting == 'Unset')
+
+        #         manager  member
+        # read       -
+        # write      +
+        env = {
+            'p0': 'read', 'p1': 'write',
+            'r0': 'manager', 'r1': 'member',
+            'p0r0': 'Deny',
+            'p1r0': 'Allow', 'p1r1': 'Unset',
+            'SUBMIT': 1
+            }
+        self.view.request = TestRequest(environ=env)
+        self.view.update()
+        permissionRoles = self.view.permissionRoles()
+        for ip in range(len(permissionRoles)):
+            permissionRole = permissionRoles[ip]
+            rset = permissionRole.roleSettings()
+            for ir in range(len(rset)):
+                setting = rset[ir]
+                r = roles[ir].getId()
+                p = permissions[ip].getId()
+                if setting == 'Allow':
+                    self.failUnless(r == 'manager' and p == 'write')
+                elif setting == 'Deny':
+                    self.failUnless(r == 'manager' and p == 'read')
+                else:
+                    self.failUnless(setting == 'Unset')
+
+    def testPermissionRoles(self):
+        env={'permission_id': 'write',
+             'settings': ['Allow', 'Unset'],
+             'SUBMIT_PERMS': 1}
+        self.view.request = TestRequest(environ=env)
+        self.view.update()
+        permission = self.view.permissionForID('write')
+        settings = permission.roleSettings()
+        self.assertEquals(settings, ['Allow', 'Unset'])
+
+
+        env={'permission_id': 'write',
+             'settings': ['Unset', 'Deny'],
+             'SUBMIT_PERMS': 1}
+        self.view.request = TestRequest(environ=env)
+        self.view.update()
+        permission = self.view.permissionForID('write')
+        settings = permission.roleSettings()
+        self.assertEquals(settings, ['Unset', 'Deny'])
+
+        env={'permission_id': 'write',
+             'settings': ['Unset', 'foo'],
+             'SUBMIT_PERMS': 1}
+        self.view.request = TestRequest(environ=env)
+        self.assertRaises(ValueError, self.view.update)
+
+    def testRolePermissions(self):
+        env={'Allow': ['read'],
+             'Deny': ['write'],
+             'SUBMIT_ROLE': 1,
+             'role_id': 'member'}
+        self.view.request = TestRequest(environ=env)
+        self.view.update(1)
+        role = self.view.roleForID('member')
+        pinfos = role.permissionsInfo()
+        for pinfo in pinfos:
+            pid = pinfo['id']
+            if pid == 'read':
+                self.assertEquals(pinfo['setting'], 'Allow')
+            if pid == 'write':
+                self.assertEquals(pinfo['setting'], 'Deny')
+
+        env={'Allow': [],
+             'Deny': ['read'],
+             'SUBMIT_ROLE': 1,
+             'role_id': 'member'}
+        self.view.request = TestRequest(environ=env)
+        self.view.update()
+        role = self.view.roleForID('member')
+        pinfos = role.permissionsInfo()
+        for pinfo in pinfos:
+            pid = pinfo['id']
+            if pid == 'read':
+                self.assertEquals(pinfo['setting'], 'Deny')
+            if pid == 'write':
+                self.assertEquals(pinfo['setting'], 'Unset')
+
+
+def test_suite():
+    loader=unittest.TestLoader()
+    return loader.loadTestsFromTestCase(Test)
+
+if __name__=='__main__':
+    unittest.TextTestRunner().run(test_suite())




More information about the Zope3-Checkins mailing list