[Checkins] SVN: grokcore.security/trunk/s add ftests for the role component in grokcore.security
Jan Wijbrand Kolman
cvs-admin at zope.org
Mon Apr 30 14:25:03 UTC 2012
Log message for revision 125444:
add ftests for the role component in grokcore.security
Changed:
U grokcore.security/trunk/setup.py
A grokcore.security/trunk/src/grokcore/security/ftesting.zcml
A grokcore.security/trunk/src/grokcore/security/ftests/
A grokcore.security/trunk/src/grokcore/security/ftests/__init__.py
A grokcore.security/trunk/src/grokcore/security/ftests/role/
A grokcore.security/trunk/src/grokcore/security/ftests/role/__init__.py
A grokcore.security/trunk/src/grokcore/security/ftests/role/roles.py
A grokcore.security/trunk/src/grokcore/security/ftests/test_all.py
-=-
Modified: grokcore.security/trunk/setup.py
===================================================================
--- grokcore.security/trunk/setup.py 2012-04-30 14:00:19 UTC (rev 125443)
+++ grokcore.security/trunk/setup.py 2012-04-30 14:24:59 UTC (rev 125444)
@@ -11,6 +11,7 @@
)
tests_require = [
+ 'zope.app.wsgi',
'zope.configuration',
'zope.testing',
]
Copied: grokcore.security/trunk/src/grokcore/security/ftesting.zcml (from rev 125437, grokcore.permission/trunk/src/grokcore/permission/ftesting.zcml)
===================================================================
--- grokcore.security/trunk/src/grokcore/security/ftesting.zcml (rev 0)
+++ grokcore.security/trunk/src/grokcore/security/ftesting.zcml 2012-04-30 14:24:59 UTC (rev 125444)
@@ -0,0 +1,14 @@
+<configure
+ xmlns="http://namespaces.zope.org/zope"
+ xmlns:grok="http://namespaces.zope.org/grok"
+ xmlns:browser="http://namespaces.zope.org/browser"
+ i18n_domain="grokcore.security"
+ package="grokcore.security">
+
+ <include package="grokcore.view" file="ftesting.zcml" />
+ <include package="grokcore.security" file="meta.zcml" />
+ <include package="grokcore.view" file="publication_security.zcml" />
+
+ <grok:grok package=".ftests" />
+
+</configure>
Added: grokcore.security/trunk/src/grokcore/security/ftests/role/roles.py
===================================================================
--- grokcore.security/trunk/src/grokcore/security/ftests/role/roles.py (rev 0)
+++ grokcore.security/trunk/src/grokcore/security/ftests/role/roles.py 2012-04-30 14:24:59 UTC (rev 125444)
@@ -0,0 +1,99 @@
+"""
+Viewing a protected view with insufficient privileges will yield
+Unauthorized:
+
+ >>> from zope.app.wsgi.testlayer import Browser
+ >>> browser = Browser()
+
+ >>> browser.open("http://localhost/@@cavepainting")
+ Traceback (most recent call last):
+ HTTPError: HTTP Error 401: Unauthorized
+
+ >>> browser.open("http://localhost/@@editcavepainting")
+ Traceback (most recent call last):
+ HTTPError: HTTP Error 401: Unauthorized
+
+ >>> browser.open("http://localhost/@@erasecavepainting")
+ Traceback (most recent call last):
+ HTTPError: HTTP Error 401: Unauthorized
+
+Let's now grant anonymous the PaintingOwner role locally (so that we
+don't have to modify the global setup). Then we can access the views
+just fine:
+
+ >>> from zope.securitypolicy.interfaces import IPrincipalRoleManager
+ >>> root = getRootFolder()
+ >>> IPrincipalRoleManager(root).assignRoleToPrincipal(
+ ... 'paint.PaintingOwner', 'zope.anybody')
+
+ >>> browser.open("http://localhost/@@cavepainting")
+ >>> print browser.contents
+ What a beautiful painting.
+
+ >>> browser.open("http://localhost/@@editcavepainting")
+ >>> print browser.contents
+ Let's make it even prettier.
+
+ >>> browser.open("http://localhost/@@erasecavepainting")
+ >>> print browser.contents
+ Oops, mistake, let's erase it.
+
+ >>> browser.open("http://localhost/@@approvecavepainting")
+ Traceback (most recent call last):
+ HTTPError: HTTP Error 401: Unauthorized
+"""
+
+import grokcore.security
+import grokcore.view
+import grokcore.component as grok
+import zope.interface
+
+class ViewPermission(grokcore.security.Permission):
+ grok.name('paint.ViewPainting')
+
+class EditPermission(grokcore.security.Permission):
+ grok.name('paint.EditPainting')
+
+class ErasePermission(grokcore.security.Permission):
+ grok.name('paint.ErasePainting')
+
+class ApprovePermission(grokcore.security.Permission):
+ grok.name('paint.ApprovePainting')
+
+class PaintingOwner(grokcore.security.Role):
+ grok.name('paint.PaintingOwner')
+ grok.title('Painting Owner')
+ grokcore.security.permissions(
+ 'paint.ViewPainting', 'paint.EditPainting', 'paint.ErasePainting')
+
+class CavePainting(grokcore.view.View):
+
+ grok.context(zope.interface.Interface)
+ grokcore.security.require(ViewPermission)
+
+ def render(self):
+ return 'What a beautiful painting.'
+
+class EditCavePainting(grokcore.view.View):
+
+ grok.context(zope.interface.Interface)
+ grokcore.security.require(EditPermission)
+
+ def render(self):
+ return 'Let\'s make it even prettier.'
+
+class EraseCavePainting(grokcore.view.View):
+
+ grok.context(zope.interface.Interface)
+ grokcore.security.require(ErasePermission)
+
+ def render(self):
+ return 'Oops, mistake, let\'s erase it.'
+
+class ApproveCavePainting(grokcore.view.View):
+
+ grok.context(zope.interface.Interface)
+ grokcore.security.require(ApprovePermission)
+
+ def render(self):
+ return 'Painting owners cannot approve their paintings.'
Copied: grokcore.security/trunk/src/grokcore/security/ftests/test_all.py (from rev 125437, grokcore.permission/trunk/src/grokcore/permission/ftests/test_grok_functional.py)
===================================================================
--- grokcore.security/trunk/src/grokcore/security/ftests/test_all.py (rev 0)
+++ grokcore.security/trunk/src/grokcore/security/ftests/test_all.py 2012-04-30 14:24:59 UTC (rev 125444)
@@ -0,0 +1,49 @@
+import re
+import doctest
+import unittest
+import grokcore.security
+
+from pkg_resources import resource_listdir
+from zope.testing import renormalizing
+from zope.app.wsgi.testlayer import BrowserLayer, http
+
+FunctionalLayer = BrowserLayer(grokcore.security)
+
+checker = renormalizing.RENormalizing([
+ # Accommodate to exception wrapping in newer versions of mechanize
+ (re.compile(r'httperror_seek_wrapper:', re.M), 'HTTPError:'),
+ ])
+
+def suiteFromPackage(name):
+ files = resource_listdir(__name__, name)
+ suite = unittest.TestSuite()
+ for filename in files:
+ if not filename.endswith('.py'):
+ continue
+ if filename == '__init__.py':
+ continue
+ dottedname = 'grokcore.security.ftests.%s.%s' % (name, filename[:-3])
+ test = doctest.DocTestSuite(
+ dottedname,
+ checker=checker,
+ extraglobs=dict(
+ http=http,
+ getRootFolder=FunctionalLayer.getRootFolder),
+ optionflags=(
+ doctest.ELLIPSIS +
+ doctest.NORMALIZE_WHITESPACE +
+ doctest.REPORT_NDIFF))
+ test.layer = FunctionalLayer
+ suite.addTest(test)
+ return suite
+
+def test_suite():
+ suite = unittest.TestSuite()
+ for name in [
+ 'role'
+ ]:
+ suite.addTest(suiteFromPackage(name))
+ return suite
+
+if __name__ == '__main__':
+ unittest.main(defaultTest='test_suite')
More information about the checkins
mailing list