[Zope3-checkins] SVN: Zope3/trunk/ Defined global groups for
unuathenticated, authenticated, and all
Jim Fulton
jim at zope.com
Fri Feb 4 18:50:27 EST 2005
Log message for revision 29051:
Defined global groups for unuathenticated, authenticated, and all
users. Registered these groups as utilities to make them easy to get
to. Also register the unauthenticated principal as a utility, so one
could get to it's meta data to provide an alternate principal-object
implementation with the same id and other data.
Changed:
U Zope3/trunk/doc/CHANGES.txt
U Zope3/trunk/ftesting.zcml
U Zope3/trunk/sample_principals.zcml
A Zope3/trunk/src/zope/app/security/globalprincipals.txt
U Zope3/trunk/src/zope/app/security/interfaces.py
U Zope3/trunk/src/zope/app/security/meta.zcml
U Zope3/trunk/src/zope/app/security/metaconfigure.py
U Zope3/trunk/src/zope/app/security/metadirectives.py
U Zope3/trunk/src/zope/app/security/principalregistry.py
U Zope3/trunk/src/zope/app/security/tests/test_directives.py
U Zope3/trunk/zopeskel/etc/principals.zcml.in
-=-
Modified: Zope3/trunk/doc/CHANGES.txt
===================================================================
--- Zope3/trunk/doc/CHANGES.txt 2005-02-04 23:50:24 UTC (rev 29050)
+++ Zope3/trunk/doc/CHANGES.txt 2005-02-04 23:50:26 UTC (rev 29051)
@@ -10,6 +10,9 @@
New features
+ - Groups for unauthenticated users, authenticated users, and
+ everybody can now be defined in ZCML.
+
- A handler attribute is now used in subscriber directives for
event subscribers that don't create objects, which is the case
for most subscribers. Using the factory attribute without a
Modified: Zope3/trunk/ftesting.zcml
===================================================================
--- Zope3/trunk/ftesting.zcml 2005-02-04 23:50:24 UTC (rev 29050)
+++ Zope3/trunk/ftesting.zcml 2005-02-04 23:50:26 UTC (rev 29051)
@@ -20,6 +20,21 @@
id="zope.anybody"
title="Unauthenticated User" />
+ <unauthenticatedGroup
+ id="zope.Anybody"
+ title="Unauthenticated Users"
+ />
+
+ <authenticatedGroup
+ id="zope.Authenticated"
+ title="Authenticated Users"
+ />
+
+ <everybodyGroup
+ id="zope.Everybody"
+ title="All Users"
+ />
+
<!-- Principal that tests generally run as -->
<principal
id="zope.mgr"
Modified: Zope3/trunk/sample_principals.zcml
===================================================================
--- Zope3/trunk/sample_principals.zcml 2005-02-04 23:50:24 UTC (rev 29050)
+++ Zope3/trunk/sample_principals.zcml 2005-02-04 23:50:26 UTC (rev 29051)
@@ -6,8 +6,24 @@
<unauthenticatedPrincipal
id="zope.anybody"
- title="Unauthenticated User" />
+ title="Unauthenticated User"
+ />
+ <unauthenticatedGroup
+ id="zope.Anybody"
+ title="Unauthenticated Users"
+ />
+
+ <authenticatedGroup
+ id="zope.Authenticated"
+ title="Authenticated Users"
+ />
+
+ <everybodyGroup
+ id="zope.Everybody"
+ title="All Users"
+ />
+
<principal
id="zope.sample_manager"
title="Sample Manager"
Added: Zope3/trunk/src/zope/app/security/globalprincipals.txt
===================================================================
--- Zope3/trunk/src/zope/app/security/globalprincipals.txt 2005-02-04 23:50:24 UTC (rev 29050)
+++ Zope3/trunk/src/zope/app/security/globalprincipals.txt 2005-02-04 23:50:26 UTC (rev 29051)
@@ -0,0 +1,277 @@
+Global principal definition
+===========================
+
+Global principals are defined via ZCML. There are several kinds of
+principals that can be defined.
+
+Authenticated Users
+-------------------
+
+There are principals that can log in:
+
+ >>> zcml("""
+ ... <configure
+ ... xmlns="http://namespaces.zope.org/zope"
+ ... >
+ ...
+ ... <principal
+ ... id="zope.manager"
+ ... title="Manager"
+ ... description="System Manager"
+ ... login="admin"
+ ... password="123"
+ ... />
+ ...
+ ... </configure>
+ ... """)
+
+ >>> from zope.app.security.principalregistry import principalRegistry
+ >>> [p] = principalRegistry.getPrincipals('')
+ >>> p.id, p.title, p.description, p.getLogin(), p.validate('123')
+ ('zope.manager', u'Manager', u'System Manager', u'admin', True)
+
+The unauthenticated principal
+-----------------------------
+
+There is the unauthenticated principal:
+
+ >>> zcml("""
+ ... <configure
+ ... xmlns="http://namespaces.zope.org/zope"
+ ... >
+ ...
+ ... <unauthenticatedPrincipal
+ ... id="zope.unknown"
+ ... title="Anonymous user"
+ ... description="A person we don't know"
+ ... />
+ ...
+ ... </configure>
+ ... """)
+
+ >>> p = principalRegistry.unauthenticatedPrincipal()
+ >>> p.id, p.title, p.description
+ ('zope.unknown', u'Anonymous user', u"A person we don't know")
+
+The unauthenticated principal will also be registered as a utility.
+This is to provide easy access to the data defined for the principal so
+that other (more featureful) principal objects can be created for the
+same principal.
+
+ >>> from zope import component
+ >>> from zope.app.security import interfaces
+ >>> p = component.getUtility(interfaces.IUnauthenticatedPrincipal)
+ >>> p.id, p.title, p.description
+ ('zope.unknown', u'Anonymous user', u"A person we don't know")
+
+The unauthenticated group
+-------------------------
+
+An unauthenticated group can also be defined in ZCML:
+
+ >>> zcml("""
+ ... <configure
+ ... xmlns="http://namespaces.zope.org/zope"
+ ... >
+ ...
+ ... <unauthenticatedGroup
+ ... id="zope.unknowngroup"
+ ... title="Anonymous users"
+ ... description="People we don't know"
+ ... />
+ ...
+ ... </configure>
+ ... """)
+
+This directive creates a group and registers it as a utility providing
+IUnauthenticatedGroup:
+
+ >>> g = component.getUtility(interfaces.IUnauthenticatedGroup)
+ >>> g.id, g.title, g.description
+ ('zope.unknowngroup', u'Anonymous users', u"People we don't know")
+
+The unauthenticatedGroup directive also updates the group of the
+unauthenticated principal:
+
+ >>> p = principalRegistry.unauthenticatedPrincipal()
+ >>> g.id in p.groups
+ True
+ >>> p = component.getUtility(interfaces.IUnauthenticatedPrincipal)
+ >>> g.id in p.groups
+ True
+
+If the unauthenticated principal is defined after the unauthenticated
+group, it will likewise have the group added to it:
+
+ >>> reset()
+ >>> zcml("""
+ ... <configure
+ ... xmlns="http://namespaces.zope.org/zope"
+ ... >
+ ...
+ ... <unauthenticatedGroup
+ ... id="zope.unknowngroup2"
+ ... title="Anonymous users"
+ ... description="People we don't know"
+ ... />
+ ... <unauthenticatedPrincipal
+ ... id="zope.unknown2"
+ ... title="Anonymous user"
+ ... description="A person we don't know"
+ ... />
+ ...
+ ... </configure>
+ ... """)
+
+ >>> g = component.getUtility(interfaces.IUnauthenticatedGroup)
+ >>> g.id, g.title, g.description
+ ('zope.unknowngroup2', u'Anonymous users', u"People we don't know")
+ >>> p = principalRegistry.unauthenticatedPrincipal()
+ >>> p.id, g.id in p.groups
+ ('zope.unknown2', True)
+ >>> p = component.getUtility(interfaces.IUnauthenticatedPrincipal)
+ >>> p.id, g.id in p.groups
+ ('zope.unknown2', True)
+
+The unauthenticated group shows up as a principal in the principal
+registry:
+
+ >>> principalRegistry.getPrincipal(g.id) == g
+ True
+
+ >>> list(principalRegistry.getPrincipals("Anonymous")) == [g]
+ True
+
+The authenticated group
+-----------------------
+
+There is an authenticated group:
+
+ >>> reset()
+ >>> zcml("""
+ ... <configure
+ ... xmlns="http://namespaces.zope.org/zope"
+ ... >
+ ...
+ ... <unauthenticatedPrincipal
+ ... id="zope.unknown3"
+ ... title="Anonymous user"
+ ... description="A person we don't know"
+ ... />
+ ... <principal
+ ... id="zope.manager2"
+ ... title="Manager"
+ ... description="System Manager"
+ ... login="admin"
+ ... password="123"
+ ... />
+ ... <authenticatedGroup
+ ... id="zope.authenticated"
+ ... title="Authenticated users"
+ ... description="People we know"
+ ... />
+ ... <principal
+ ... id="zope.manager3"
+ ... title="Manager 3"
+ ... login="admin3"
+ ... password="123"
+ ... />
+ ...
+ ... </configure>
+ ... """)
+
+It defines an IAuthenticatedGroup utility:
+
+ >>> g = component.getUtility(interfaces.IAuthenticatedGroup)
+ >>> g.id, g.title, g.description
+ ('zope.authenticated', u'Authenticated users', u'People we know')
+
+It also adds it self to the groups of any non-group principals already
+defined, and, when non-group principals are defined, they put
+themselves in the group if it's defined:
+
+ >>> principals = list(principalRegistry.getPrincipals(''))
+ >>> principals.sort(lambda p1, p2: cmp(p1.id, p2.id))
+ >>> for p in principals:
+ ... print p.id, p.groups == [g.id]
+ zope.authenticated False
+ zope.manager2 True
+ zope.manager3 True
+
+Excluding unauthenticated principals, of course:
+
+ >>> p = principalRegistry.unauthenticatedPrincipal()
+ >>> p.id, g.id in p.groups
+ ('zope.unknown3', False)
+ >>> p = component.getUtility(interfaces.IUnauthenticatedPrincipal)
+ >>> p.id, g.id in p.groups
+ ('zope.unknown3', False)
+
+
+The everybody group
+-------------------
+
+Finally, there is an everybody group:
+
+ >>> reset()
+ >>> zcml("""
+ ... <configure
+ ... xmlns="http://namespaces.zope.org/zope"
+ ... >
+ ...
+ ... <unauthenticatedPrincipal
+ ... id="zope.unknown4"
+ ... title="Anonymous user"
+ ... description="A person we don't know"
+ ... />
+ ... <principal
+ ... id="zope.manager4"
+ ... title="Manager"
+ ... description="System Manager"
+ ... login="admin"
+ ... password="123"
+ ... />
+ ... <everybodyGroup
+ ... id="zope.everybody"
+ ... title="Everybody"
+ ... description="All People"
+ ... />
+ ... <principal
+ ... id="zope.manager5"
+ ... title="Manager 5"
+ ... login="admin5"
+ ... password="123"
+ ... />
+ ...
+ ... </configure>
+ ... """)
+
+The everybodyGroup directive defines an IEveryoneGroup utility:
+
+ >>> g = component.getUtility(interfaces.IEveryoneGroup)
+ >>> g.id, g.title, g.description
+ ('zope.everybody', u'Everybody', u'All People')
+
+It also adds it self to the groups of any non-group principals already
+defined, and, when non-group principals are defined, they put
+themselves in the group if it's defined:
+
+ >>> principals = list(principalRegistry.getPrincipals(''))
+ >>> principals.sort(lambda p1, p2: cmp(p1.id, p2.id))
+ >>> for p in principals:
+ ... print p.id, p.groups == [g.id]
+ zope.everybody False
+ zope.manager4 True
+ zope.manager5 True
+
+Including unauthenticated principals, of course:
+
+ >>> p = principalRegistry.unauthenticatedPrincipal()
+ >>> p.id, g.id in p.groups
+ ('zope.unknown4', True)
+ >>> p = component.getUtility(interfaces.IUnauthenticatedPrincipal)
+ >>> p.id, g.id in p.groups
+ ('zope.unknown4', True)
+
+Note that it is up to IAuthentication implementations to associate
+these groups with their principals, as appropriate.
Property changes on: Zope3/trunk/src/zope/app/security/globalprincipals.txt
___________________________________________________________________
Name: svn:eol-style
+ native
Modified: Zope3/trunk/src/zope/app/security/interfaces.py
===================================================================
--- Zope3/trunk/src/zope/app/security/interfaces.py 2005-02-04 23:50:24 UTC (rev 29050)
+++ Zope3/trunk/src/zope/app/security/interfaces.py 2005-02-04 23:50:26 UTC (rev 29051)
@@ -18,7 +18,7 @@
from zope.interface import Interface
from zope.app.i18n import ZopeMessageIDFactory as _
from zope.schema import Text, TextLine
-from zope.security.interfaces import IPrincipal, IPermission
+from zope.security.interfaces import IPrincipal, IPermission, IGroup
from zope.schema.interfaces import ISource
from zope.exceptions import NotFoundError
@@ -33,6 +33,24 @@
Authenticated principals are preferable to UnauthenticatedPrincipals.
"""
+class IUnauthenticatedGroup(IGroup):
+ """A group containing unauthenticated users
+ """
+
+class IAuthenticatedGroup(IGroup):
+ """A group containing authenticated users
+ """
+
+class IEveryoneGroup(IGroup):
+ """A group containing all users
+ """
+
+class IUnauthenticatedPrincipal(IPrincipal):
+ """A principal that hasn't been authenticated.
+
+ Authenticated principals are preferable to UnauthenticatedPrincipals.
+ """
+
class IAuthentication(Interface):
"""Provide support for establishing principals for requests.
Modified: Zope3/trunk/src/zope/app/security/meta.zcml
===================================================================
--- Zope3/trunk/src/zope/app/security/meta.zcml 2005-02-04 23:50:24 UTC (rev 29050)
+++ Zope3/trunk/src/zope/app/security/meta.zcml 2005-02-04 23:50:26 UTC (rev 29051)
@@ -15,11 +15,29 @@
handler=".metaconfigure.principal" />
<meta:directive
+ name="unauthenticatedPrincipal"
namespace="http://namespaces.zope.org/zope"
- name="unauthenticatedPrincipal"
schema=".metadirectives.IDefineUnauthenticatedPrincipalDirective"
handler=".metaconfigure.unauthenticatedPrincipal" />
+ <meta:directive
+ name="unauthenticatedGroup"
+ namespace="http://namespaces.zope.org/zope"
+ schema=".metadirectives.IDefineUnauthenticatedGroupDirective"
+ handler=".metaconfigure.unauthenticatedGroup" />
+
+ <meta:directive
+ name="authenticatedGroup"
+ namespace="http://namespaces.zope.org/zope"
+ schema=".metadirectives.IDefineAuthenticatedGroupDirective"
+ handler=".metaconfigure.authenticatedGroup" />
+
+ <meta:directive
+ name="everybodyGroup"
+ namespace="http://namespaces.zope.org/zope"
+ schema=".metadirectives.IDefineEverybodyGroupDirective"
+ handler=".metaconfigure.everybodyGroup" />
+
<meta:directive
name="securityPolicy"
namespace="http://namespaces.zope.org/zope"
Modified: Zope3/trunk/src/zope/app/security/metaconfigure.py
===================================================================
--- Zope3/trunk/src/zope/app/security/metaconfigure.py 2005-02-04 23:50:24 UTC (rev 29050)
+++ Zope3/trunk/src/zope/app/security/metaconfigure.py 2005-02-04 23:50:26 UTC (rev 29051)
@@ -15,16 +15,19 @@
$Id$
"""
-from zope.app.component.metaconfigure import utility
+from zope import component
from zope.security.checker import moduleChecker, Checker, defineChecker
from zope.security.checker import CheckerPublic
from zope.security.management import setSecurityPolicy
-from zope.app.security.interfaces import IPermission
+from zope.security.interfaces import IPermission
+
+from zope.app.component.metaconfigure import utility
+
from zope.app.security.permission import Permission
-from zope.app.security.principalregistry import principalRegistry
+from zope.app.security import principalregistry
+from zope.app.security import interfaces
-
def securityPolicy(_context, component):
_context.action(
@@ -93,19 +96,112 @@
utility(_context, IPermission, permission, name=id)
+def _principal():
+ group = component.queryUtility(interfaces.IAuthenticatedGroup)
+ if group is not None:
+ _authenticatedGroup(group.id)
+ group = component.queryUtility(interfaces.IEveryoneGroup)
+ if group is not None:
+ _everybodyGroup(group.id)
+
def principal(_context, id, title, login, password, description=''):
_context.action(
discriminator = ('principal', id),
- callable = principalRegistry.definePrincipal,
+ callable = principalregistry.principalRegistry.definePrincipal,
args = (id, title, description, login, password) )
+ _context.action(discriminator = None, callable = _principal, args = ())
+def _unauthenticatedPrincipal():
+ group = component.queryUtility(interfaces.IUnauthenticatedGroup)
+ if group is not None:
+ _unauthenticatedGroup(group.id)
+ group = component.queryUtility(interfaces.IEveryoneGroup)
+ if group is not None:
+ _everybodyGroup(group.id)
+
def unauthenticatedPrincipal(_context, id, title, description=''):
+ principal = principalregistry.UnauthenticatedPrincipal(
+ id, title, description)
_context.action(
discriminator = 'unauthenticatedPrincipal',
- callable = principalRegistry.defineDefaultPrincipal,
- args = (id, title, description) )
+ callable = principalregistry.principalRegistry.defineDefaultPrincipal,
+ args = (id, title, description, principal) )
+ utility(_context, interfaces.IUnauthenticatedPrincipal, principal)
+ _context.action(
+ discriminator = None,
+ callable = _unauthenticatedPrincipal,
+ args = (),
+ )
+def _unauthenticatedGroup(group):
+ p = principalregistry.principalRegistry.unauthenticatedPrincipal()
+ if p is not None:
+ p.groups.append(group)
+
+def unauthenticatedGroup(_context, id, title, description=''):
+ principal = principalregistry.UnauthenticatedGroup(
+ id, title, description)
+ utility(_context, interfaces.IUnauthenticatedGroup, principal)
+ _context.action(
+ discriminator = None,
+ callable = _unauthenticatedGroup,
+ args = (principal.id, ),
+ )
+ _context.action(
+ discriminator = None,
+ callable = principalregistry.principalRegistry.registerGroup,
+ args = (principal, ),
+ )
+
+def _authenticatedGroup(group):
+ for p in principalregistry.principalRegistry.getPrincipals(''):
+ if not isinstance(p, principalregistry.Principal):
+ continue
+ if group not in p.groups:
+ p.groups.append(group)
+
+def authenticatedGroup(_context, id, title, description=''):
+ principal = principalregistry.AuthenticatedGroup(
+ id, title, description)
+ utility(_context, interfaces.IAuthenticatedGroup, principal)
+ _context.action(
+ discriminator = None,
+ callable = _authenticatedGroup,
+ args = (principal.id, ),
+ )
+ _context.action(
+ discriminator = None,
+ callable = principalregistry.principalRegistry.registerGroup,
+ args = (principal, ),
+ )
+
+def _everybodyGroup(group):
+ for p in principalregistry.principalRegistry.getPrincipals(''):
+ if not isinstance(p, principalregistry.Principal):
+ continue
+ if group not in p.groups:
+ p.groups.append(group)
+ p = principalregistry.principalRegistry.unauthenticatedPrincipal()
+ if p is not None:
+ p.groups.append(group)
+
+def everybodyGroup(_context, id, title, description=''):
+ principal = principalregistry.EverybodyGroup(
+ id, title, description)
+ utility(_context, interfaces.IEveryoneGroup, principal)
+ _context.action(
+ discriminator = None,
+ callable = _everybodyGroup,
+ args = (principal.id, ),
+ )
+ _context.action(
+ discriminator = None,
+ callable = principalregistry.principalRegistry.registerGroup,
+ args = (principal, ),
+ )
+
+
def redefinePermission(_context, from_, to):
_context = _context.context
Modified: Zope3/trunk/src/zope/app/security/metadirectives.py
===================================================================
--- Zope3/trunk/src/zope/app/security/metadirectives.py 2005-02-04 23:50:24 UTC (rev 29050)
+++ Zope3/trunk/src/zope/app/security/metadirectives.py 2005-02-04 23:50:26 UTC (rev 29051)
@@ -131,6 +131,15 @@
class IDefineUnauthenticatedPrincipalDirective(IBasePrincipalDirective):
"""Define a new unauthenticated principal."""
+class IDefineUnauthenticatedGroupDirective(IBasePrincipalDirective):
+ """Define the unauthenticated group."""
+
+class IDefineAuthenticatedGroupDirective(IBasePrincipalDirective):
+ """Define the authenticated group."""
+
+class IDefineEverybodyGroupDirective(IBasePrincipalDirective):
+ """Define the everybody group."""
+
class IRedefinePermission(Interface):
"""Define a permission to replace another permission."""
Modified: Zope3/trunk/src/zope/app/security/principalregistry.py
===================================================================
--- Zope3/trunk/src/zope/app/security/principalregistry.py 2005-02-04 23:50:24 UTC (rev 29050)
+++ Zope3/trunk/src/zope/app/security/principalregistry.py 2005-02-04 23:50:26 UTC (rev 29051)
@@ -19,9 +19,8 @@
from zope.interface import implements
from zope.app.security.interfaces import PrincipalLookupError
from zope.app import zapi
-from zope.app.security.interfaces import ILoginPassword
-from zope.app.security.interfaces import IAuthentication, IPrincipal
-from zope.app.security.interfaces import IUnauthenticatedPrincipal
+from zope.security.interfaces import IPrincipal, IGroupAwarePrincipal
+from zope.app.security import interfaces
from zope.app.container.contained import Contained, contained
from warnings import warn
@@ -30,12 +29,12 @@
class PrincipalRegistry(object):
- implements(IAuthentication)
+ implements(interfaces.IAuthentication)
# Methods implementing IAuthentication
def authenticate(self, request):
- a = ILoginPassword(request, None)
+ a = interfaces.ILoginPassword(request, None)
if a is not None:
login = a.getLogin()
if login is not None:
@@ -49,21 +48,22 @@
__defaultid = None
__defaultObject = None
- def defineDefaultPrincipal(self, principal, title, description=''):
- id = principal
+ def defineDefaultPrincipal(self, id, title, description='',
+ principal=None):
if id in self.__principalsById:
raise DuplicateId(id)
self.__defaultid = id
- p = UnauthenticatedPrincipal(principal, title, description)
- self.__defaultObject = contained(p, self, id)
- return p
+ if principal is None:
+ principal = UnauthenticatedPrincipal(id, title, description)
+ self.__defaultObject = contained(principal, self, id)
+ return principal
def unauthenticatedPrincipal(self):
return self.__defaultObject
def unauthorized(self, id, request):
if id is None or id is self.__defaultid:
- a = ILoginPassword(request)
+ a = interfaces.ILoginPassword(request)
a.needLogin(realm="zope")
def getPrincipal(self, id):
@@ -106,6 +106,13 @@
return p
+ def registerGroup(self, group):
+ id = group.id
+ if id in self.__principalsById or id == self.__defaultid:
+ raise DuplicateId(id)
+
+ self.__principalsById[group.id] = group
+
def _clear(self):
self.__init__()
@@ -122,11 +129,16 @@
self.id = id
self.title = title
self.description = description
+ self.groups = []
+class Group(PrincipalBase):
+ def getLogin(self):
+ return '' # to make registry search happy
+
class Principal(PrincipalBase):
- implements(IPrincipal)
+ implements(IGroupAwarePrincipal)
def __init__(self, id, title, description, login, pw):
super(Principal, self).__init__(id, title, description)
@@ -142,4 +154,17 @@
class UnauthenticatedPrincipal(PrincipalBase):
- implements(IUnauthenticatedPrincipal)
+ implements(interfaces.IUnauthenticatedPrincipal)
+
+class UnauthenticatedGroup(Group):
+
+ implements(interfaces.IUnauthenticatedGroup)
+
+class AuthenticatedGroup(Group):
+
+ implements(interfaces.IAuthenticatedGroup)
+
+class EverybodyGroup(Group):
+
+ implements(interfaces.IEveryoneGroup)
+
Modified: Zope3/trunk/src/zope/app/security/tests/test_directives.py
===================================================================
--- Zope3/trunk/src/zope/app/security/tests/test_directives.py 2005-02-04 23:50:24 UTC (rev 29050)
+++ Zope3/trunk/src/zope/app/security/tests/test_directives.py 2005-02-04 23:50:26 UTC (rev 29051)
@@ -18,8 +18,10 @@
import unittest
from pprint import PrettyPrinter
from zope.interface import Interface, Attribute
-from zope.testing.doctestunit import DocTestSuite
+from zope.testing import doctest
+from zope.configuration import xmlconfig
+import zope.app.security
from zope.security.checker import moduleChecker
from zope.app.tests import ztapi
from zope.app.tests.placelesssetup import setUp, tearDown
@@ -217,10 +219,23 @@
def testRedefinePermission(self):
self.assertEqual(perms, ['zope.Security'])
+def zcml(s):
+ context = xmlconfig.file('meta.zcml', package=zope.app.security)
+ xmlconfig.string(s, context)
+
+def reset():
+ tearDown()
+ setUp()
+
def test_suite():
return unittest.TestSuite((
- DocTestSuite(setUp=setUp, tearDown=tearDown),
+ doctest.DocTestSuite(setUp=setUp, tearDown=tearDown),
unittest.makeSuite(DirectivesTest),
+ doctest.DocFileSuite(
+ '../globalprincipals.txt',
+ globs={'zcml': zcml, 'reset': reset},
+ setUp=setUp, tearDown=tearDown,
+ )
))
if __name__ == '__main__': unittest.main()
Modified: Zope3/trunk/zopeskel/etc/principals.zcml.in
===================================================================
--- Zope3/trunk/zopeskel/etc/principals.zcml.in 2005-02-04 23:50:24 UTC (rev 29050)
+++ Zope3/trunk/zopeskel/etc/principals.zcml.in 2005-02-04 23:50:26 UTC (rev 29051)
@@ -8,6 +8,21 @@
id="zope.anybody"
title="Unauthenticated User" />
+ <unauthenticatedGroup
+ id="zope.Anybody"
+ title="Unauthenticated Users"
+ />
+
+ <authenticatedGroup
+ id="zope.Authenticated"
+ title="Authenticated Users"
+ />
+
+ <everybodyGroup
+ id="zope.Everybody"
+ title="All Users"
+ />
+
<principal
id="zope.manager"
title="Manager"
More information about the Zope3-Checkins
mailing list