[Checkins] SVN: grok/branches/philikon-ftest-layer-does-fixture-setup/src/grok/ftests/security/roles.py Fix roles test:

Philipp von Weitershausen philikon at philikon.de
Fri Aug 24 09:05:49 EDT 2007 

Log message for revision 79230:
  Fix roles test:
  * the manager (zope.mgr) is always granted everything, so taking this principal
    isn't very useful when making sure that you can't access something. Let's simply
    take the anonymous user.
  * ftests shouldn't make changes to the global setup. They can, however, make changes
    to persistent objects, those will be thrown away.  Therefore, instead of modifying
    the global principal-role map, we make a local grant.
  

Changed:
  U   grok/branches/philikon-ftest-layer-does-fixture-setup/src/grok/ftests/security/roles.py

-=-
Modified: grok/branches/philikon-ftest-layer-does-fixture-setup/src/grok/ftests/security/roles.py
===================================================================
--- grok/branches/philikon-ftest-layer-does-fixture-setup/src/grok/ftests/security/roles.py	2007-08-24 12:46:10 UTC (rev 79229)
+++ grok/branches/philikon-ftest-layer-does-fixture-setup/src/grok/ftests/security/roles.py	2007-08-24 13:05:48 UTC (rev 79230)
@@ -4,22 +4,28 @@
 
   >>> from zope.testbrowser.testing import Browser
   >>> browser = Browser()
+
   >>> browser.open("http://localhost/@@cavepainting")
   Traceback (most recent call last):
   HTTPError: HTTP Error 401: Unauthorized
+
   >>> browser.open("http://localhost/@@editcavepainting")
   Traceback (most recent call last):
   HTTPError: HTTP Error 401: Unauthorized
+
   >>> browser.open("http://localhost/@@erasecavepainting")
   Traceback (most recent call last):
   HTTPError: HTTP Error 401: Unauthorized
 
-When we log in (e.g. as a manager), we can access the views just fine:
+Let's now grant anonymous the PaintingOwner role locally (so that we
+don't have to modify the global setup).  Then we can access the views
+just fine:
 
-  >>> from zope.app.securitypolicy.principalrole import principalRoleManager
-  >>> principalRoleManager.assignRoleToPrincipal(
-  ...    'grok.PaintingOwner', 'zope.mgr')
-  >>> browser.addHeader('Authorization', 'Basic mgr:mgrpw')
+  >>> from zope.app.securitypolicy.interfaces import IPrincipalRoleManager
+  >>> root = getRootFolder()
+  >>> IPrincipalRoleManager(root).assignRoleToPrincipal(
+  ...    'grok.PaintingOwner', 'zope.anybody')
+
   >>> browser.open("http://localhost/@@cavepainting")
   >>> print browser.contents
   What a beautiful painting.
@@ -34,7 +40,7 @@
 
   >>> browser.open("http://localhost/@@approvecavepainting")
   Traceback (most recent call last):
-  HTTPError: HTTP Error 403: Forbidden
+  HTTPError: HTTP Error 401: Unauthorized
 """
 
 import grok

More information about the Checkins mailing list