[Checkins] SVN: Products.CMFCore/trunk/Products/CMFCore/ - modified 'setProperties' method

Yvo Schubbe y.2011 at wcm-solutions.de
Wed Feb 23 10:04:39 EST 2011


Log message for revision 120547:
  - modified 'setProperties' method

Changed:
  U   Products.CMFCore/trunk/Products/CMFCore/CHANGES.txt
  U   Products.CMFCore/trunk/Products/CMFCore/MemberDataTool.py
  U   Products.CMFCore/trunk/Products/CMFCore/tests/base/security.py
  U   Products.CMFCore/trunk/Products/CMFCore/tests/test_MemberDataTool.py

-=-
Modified: Products.CMFCore/trunk/Products/CMFCore/CHANGES.txt
===================================================================
--- Products.CMFCore/trunk/Products/CMFCore/CHANGES.txt	2011-02-23 14:59:07 UTC (rev 120546)
+++ Products.CMFCore/trunk/Products/CMFCore/CHANGES.txt	2011-02-23 15:04:39 UTC (rev 120547)
@@ -4,6 +4,9 @@
 2.3.0-alpha (unreleased)
 ------------------------
 
+- MemberDataTool: Modified 'setProperties' method.
+  It now can be used by user managers as well.
+
 - MembershipTool: Added 'isMemberAccessAllowed' method.
   If you don't have the 'Manage users' permission for the membership tool, you
   shouldn't have write access to other members.

Modified: Products.CMFCore/trunk/Products/CMFCore/MemberDataTool.py
===================================================================
--- Products.CMFCore/trunk/Products/CMFCore/MemberDataTool.py	2011-02-23 14:59:07 UTC (rev 120546)
+++ Products.CMFCore/trunk/Products/CMFCore/MemberDataTool.py	2011-02-23 15:04:39 UTC (rev 120547)
@@ -262,7 +262,8 @@
         '''
         # XXX: this method violates the rules for tools/utilities:
         # it depends on a non-utility tool
-        if self._user.getId() != getSecurityManager().getUser().getId():
+        mtool = getToolByName(self._tool, 'portal_membership')
+        if not mtool.isMemberAccessAllowed(self._user.getId()):
             raise BadRequest(u'Only own properties can be set.')
         if properties is None:
             properties = kw

Modified: Products.CMFCore/trunk/Products/CMFCore/tests/base/security.py
===================================================================
--- Products.CMFCore/trunk/Products/CMFCore/tests/base/security.py	2011-02-23 14:59:07 UTC (rev 120546)
+++ Products.CMFCore/trunk/Products/CMFCore/tests/base/security.py	2011-02-23 15:04:39 UTC (rev 120547)
@@ -64,6 +64,9 @@
     def getRolesInContext(self, object):
         return self._roles
 
+    def getDomains(self):
+        return self._domains
+
     def allowed(self, object, object_roles=None):
         if object_roles is None or 'Anonymous' in object_roles:
             return True

Modified: Products.CMFCore/trunk/Products/CMFCore/tests/test_MemberDataTool.py
===================================================================
--- Products.CMFCore/trunk/Products/CMFCore/tests/test_MemberDataTool.py	2011-02-23 14:59:07 UTC (rev 120546)
+++ Products.CMFCore/trunk/Products/CMFCore/tests/test_MemberDataTool.py	2011-02-23 15:04:39 UTC (rev 120547)
@@ -17,9 +17,14 @@
 import Testing
 
 import Acquisition
+from AccessControl.SecurityManagement import newSecurityManager
+from DateTime.DateTime import DateTime
 from zope.interface.verify import verifyClass
 
+from Products.CMFCore.exceptions import BadRequest
+from Products.CMFCore.tests.base.security import DummyUser as BaseDummyUser
 
+
 class DummyUserFolder(Acquisition.Implicit):
 
     def __init__(self):
@@ -33,39 +38,22 @@
         if password is not None:
             user.__ = password
         # Emulate AccessControl.User's stupid behavior (should test None)
-        user.roles = tuple(roles)
-        user.domains = tuple(domains)
+        user._roles = tuple(roles)
+        user._domains = tuple(domains)
 
     def getUsers(self):
         return self._users.values()
 
 
-class DummyUser(Acquisition.Implicit):
+class DummyUser(BaseDummyUser):
 
     def __init__(self, name, password, roles, domains):
-        self.name = name
+        self._id = self._name = name
         self.__ = password
-        self.roles = tuple(roles)
-        self.domains = tuple(domains)
+        self._roles = tuple(roles)
+        self._domains = tuple(domains)
 
-    def getId(self):
-        return self.name
 
-    def getUserName(self):
-        return 'name of %s' % self.getId()
-
-    def getRoles(self):
-        return self.roles + ('Authenticated',)
-
-    def getDomains(self):
-        return self.domains
-
-
-class DummyMemberDataTool(Acquisition.Implicit):
-
-    _members = {}
-
-
 class MemberDataToolTests(unittest.TestCase):
 
     def _getTargetClass(self):
@@ -130,9 +118,15 @@
         return self._getTargetClass()(*args, **kw)
 
     def setUp(self):
-        self.mdtool = DummyMemberDataTool()
-        self.aclu = DummyUserFolder()
+        from OFS.Folder import Folder
+        from Products.CMFCore.MemberDataTool import MemberDataTool
+        from Products.CMFCore.MembershipTool import MembershipTool
 
+        self.site = Folder('test')
+        self.site._setObject('portal_memberdata', MemberDataTool())
+        self.site._setObject('portal_membership', MembershipTool())
+        self.site._setObject('acl_users', DummyUserFolder())
+
     def test_interfaces(self):
         from AccessControl.interfaces import IUser
         from Products.CMFCore.interfaces import IMember
@@ -142,23 +136,44 @@
         verifyClass(IMemberData, self._getTargetClass())
         verifyClass(IUser, self._getTargetClass())
 
+    def test_setProperties(self):
+        user = DummyUser('bob', 'pw', ['Role'], [])
+        user = user.__of__(self.site.acl_users)
+        member = self._makeOne(user, self.site.portal_memberdata)
+        self.assertRaises(BadRequest, member.setProperties)
+
+        newSecurityManager(None, DummyUser('john', 'pw', ['Role'], []))
+        self.assertRaises(BadRequest, member.setProperties)
+
+        newSecurityManager(None, user)
+        member.setProperties()
+        self.assertEqual(member.getProperty('email'), '')
+        # MemberDataTool is initialized with a string date
+        self.assertEqual(member.getProperty('login_time'), '2000/01/01')
+
+        member.setProperties({'email': 'BOB at EXAMPLE.ORG',
+                              'login_time': '2000/02/02'})
+        self.assertEqual(member.getProperty('email'), 'BOB at EXAMPLE.ORG')
+        self.assertEqual(member.getProperty('login_time'),
+                         DateTime('2000/02/02 00:00:00'))
+
     def test_setSecurityProfile(self):
         user = DummyUser('bob', 'pw', ['Role'], ['domain'])
-        self.aclu._addUser(user)
-        user = user.__of__(self.aclu)
-        member = self._makeOne(user, self.mdtool)
+        self.site.acl_users._addUser(user)
+        user = user.__of__(self.site.acl_users)
+        member = self._makeOne(user, self.site.portal_memberdata)
         member.setSecurityProfile(password='newpw')
         self.assertEqual(user.__, 'newpw')
-        self.assertEqual(list(user.roles), ['Role'])
-        self.assertEqual(list(user.domains), ['domain'])
+        self.assertEqual(list(user.getRoles()), ['Role'])
+        self.assertEqual(list(user.getDomains()), ['domain'])
         member.setSecurityProfile(roles=['NewRole'])
         self.assertEqual(user.__, 'newpw')
-        self.assertEqual(list(user.roles), ['NewRole'])
-        self.assertEqual(list(user.domains), ['domain'])
+        self.assertEqual(list(user.getRoles()), ['NewRole'])
+        self.assertEqual(list(user.getDomains()), ['domain'])
         member.setSecurityProfile(domains=['newdomain'])
         self.assertEqual(user.__, 'newpw')
-        self.assertEqual(list(user.roles), ['NewRole'])
-        self.assertEqual(list(user.domains), ['newdomain'])
+        self.assertEqual(list(user.getRoles()), ['NewRole'])
+        self.assertEqual(list(user.getDomains()), ['newdomain'])
 
 
 def test_suite():



More information about the checkins mailing list