[Checkins] SVN: zope.security/trunk/ Raise NoInteraction when zope.security.checkPermission is called without interaction being active (LP #301565).
Dan Korostelev
nadako at gmail.com
Thu Mar 5 06:36:32 EST 2009
Log message for revision 97524:
Raise NoInteraction when zope.security.checkPermission is called without interaction being active (LP #301565).
Changed:
U zope.security/trunk/CHANGES.txt
U zope.security/trunk/src/zope/security/management.py
U zope.security/trunk/src/zope/security/tests/test_management.py
-=-
Modified: zope.security/trunk/CHANGES.txt
===================================================================
--- zope.security/trunk/CHANGES.txt 2009-03-05 11:21:10 UTC (rev 97523)
+++ zope.security/trunk/CHANGES.txt 2009-03-05 11:36:32 UTC (rev 97524)
@@ -5,6 +5,9 @@
3.6.1 (unreleased)
------------------
+- Raise NoInteraction when zope.security.checkPermission is called
+ without interaction being active (LP #301565).
+
- Don't define security checkers for deprecated set types from the
"sets" module on Python 2.6. It's discouraged to use them and
`set` and `frozenset` built-in types should be used instead.
Modified: zope.security/trunk/src/zope/security/management.py
===================================================================
--- zope.security/trunk/src/zope/security/management.py 2009-03-05 11:21:10 UTC (rev 97523)
+++ zope.security/trunk/src/zope/security/management.py 2009-03-05 11:36:32 UTC (rev 97524)
@@ -137,7 +137,10 @@
if permission is CheckerPublic or permission is None:
return True
if interaction is None:
- interaction = thread_local.interaction
+ try:
+ interaction = thread_local.interaction
+ except AttributeError:
+ raise zope.security.interfaces.NoInteraction
return interaction.checkPermission(permission, object)
addCleanUp(endInteraction)
Modified: zope.security/trunk/src/zope/security/tests/test_management.py
===================================================================
--- zope.security/trunk/src/zope/security/tests/test_management.py 2009-03-05 11:21:10 UTC (rev 97523)
+++ zope.security/trunk/src/zope/security/tests/test_management.py 2009-03-05 11:36:32 UTC (rev 97524)
@@ -77,7 +77,8 @@
from zope.security import checkPermission
from zope.security.management import setSecurityPolicy
from zope.security.management import queryInteraction
- from zope.security.management import newInteraction
+ from zope.security.management import newInteraction, endInteraction
+ from zope.security.interfaces import NoInteraction
permission = 'zope.Test'
obj = object()
@@ -94,6 +95,9 @@
newInteraction()
interaction = queryInteraction()
self.assertEquals(checkPermission(permission, obj), True)
+
+ endInteraction()
+ self.assertRaises(NoInteraction, checkPermission, permission, obj)
def test_checkPublicPermission(self):
from zope.security import checkPermission
More information about the Checkins
mailing list