[Checkins] SVN: Products.CMFCore/branches/2.1/Products/CMFCore/ - CatalogTool: If proxy roles are set on a script that uses the catalog
Jens Vagelpohl
jens at dataflake.org
Thu Sep 25 16:33:25 EDT 2008
Log message for revision 91487:
- CatalogTool: If proxy roles are set on a script that uses the catalog
and those proxy roles have been unset using the ZMI, which results
in an empty tuple as proxy roles, then the catalog would not correctly
determine what the current user is allowed to see.
(https://bugs.launchpad.net/zope-cmf/+bug/161729)
Changed:
U Products.CMFCore/branches/2.1/Products/CMFCore/CHANGES.txt
U Products.CMFCore/branches/2.1/Products/CMFCore/CatalogTool.py
U Products.CMFCore/branches/2.1/Products/CMFCore/tests/test_CatalogTool.py
-=-
Modified: Products.CMFCore/branches/2.1/Products/CMFCore/CHANGES.txt
===================================================================
--- Products.CMFCore/branches/2.1/Products/CMFCore/CHANGES.txt 2008-09-25 20:30:28 UTC (rev 91486)
+++ Products.CMFCore/branches/2.1/Products/CMFCore/CHANGES.txt 2008-09-25 20:33:24 UTC (rev 91487)
@@ -4,6 +4,12 @@
2.1.3-beta (unreleased)
-----------------------
+- CatalogTool: If proxy roles are set on a script that uses the catalog
+ and those proxy roles have been unset using the ZMI, which results
+ in an empty tuple as proxy roles, then the catalog would not correctly
+ determine what the current user is allowed to see.
+ (https://bugs.launchpad.net/zope-cmf/+bug/161729)
+
- Properties export/import: Get the string encoding for property
imports from the import context and fall back to UTF-8, which
mirrors the behavior for exports. This fixes property export/import
Modified: Products.CMFCore/branches/2.1/Products/CMFCore/CatalogTool.py
===================================================================
--- Products.CMFCore/branches/2.1/Products/CMFCore/CatalogTool.py 2008-09-25 20:30:28 UTC (rev 91486)
+++ Products.CMFCore/branches/2.1/Products/CMFCore/CatalogTool.py 2008-09-25 20:33:24 UTC (rev 91487)
@@ -149,7 +149,7 @@
if sm.calledByExecutable():
eo = sm._context.stack[-1]
proxy_roles = getattr(eo, '_proxy_roles', None)
- if proxy_roles is not None:
+ if proxy_roles:
effective_roles = proxy_roles
result = list( effective_roles )
result.append( 'Anonymous' )
Modified: Products.CMFCore/branches/2.1/Products/CMFCore/tests/test_CatalogTool.py
===================================================================
--- Products.CMFCore/branches/2.1/Products/CMFCore/tests/test_CatalogTool.py 2008-09-25 20:30:28 UTC (rev 91486)
+++ Products.CMFCore/branches/2.1/Products/CMFCore/tests/test_CatalogTool.py 2008-09-25 20:33:24 UTC (rev 91487)
@@ -18,6 +18,7 @@
import unittest
import Testing
+from AccessControl.SecurityManagement import getSecurityManager
from AccessControl.SecurityManagement import newSecurityManager
from DateTime import DateTime
@@ -417,7 +418,38 @@
'fails): %s entries after refreshCatalog'
% (len(ctool._catalog.searchResults()),))
+ def test_listAllowedRolesAndUsers_proxyroles(self):
+ # https://bugs.launchpad.net/zope-cmf/+bug/161729
+ catalog = self._makeOne()
+ self.loginWithRoles('Blob')
+ user = getSecurityManager().getUser()
+ # First case, no proxy roles set at all
+ arus = catalog._listAllowedRolesAndUsers(user)
+ self.assertEquals(len(arus), 3)
+ self.failUnless('Anonymous' in arus)
+ self.failUnless('Blob' in arus)
+ self.failUnless('user:%s' % user.getId() in arus)
+
+ # Second case, a proxy role is set
+ self.setupProxyRoles('Waggle')
+ arus = catalog._listAllowedRolesAndUsers(user)
+ self.assertEquals(len(arus), 3)
+ self.failUnless('Anonymous' in arus)
+ self.failUnless('Waggle' in arus)
+ self.failUnless('user:%s' % user.getId() in arus)
+
+ # Third case, proxy roles are an empty tuple. This happens if
+ # proxy roles are unset using the ZMI. The behavior should
+ # mirror the first case with no proxy role setting at all.
+ self.setupProxyRoles()
+ arus = catalog._listAllowedRolesAndUsers(user)
+ self.assertEquals(len(arus), 3)
+ self.failUnless('Anonymous' in arus)
+ self.failUnless('Blob' in arus)
+ self.failUnless('user:%s' % user.getId() in arus)
+
+
def test_suite():
return unittest.TestSuite((
unittest.makeSuite(IndexableObjectWrapperTests),
More information about the Checkins
mailing list