[CMF-checkins] SVN: CMF/branches/tseaver-viewification/CMFCore/ Merge yuppie's copy/paste fixes from the trunk

Tres Seaver tseaver at palladion.com
Wed Dec 7 10:37:28 EST 2005


Log message for revision 40620:
  Merge yuppie's copy/paste fixes from the trunk

Changed:
  U   CMF/branches/tseaver-viewification/CMFCore/PortalFolder.py
  U   CMF/branches/tseaver-viewification/CMFCore/tests/test_OpaqueItems.py
  U   CMF/branches/tseaver-viewification/CMFCore/tests/test_PortalContent.py
  U   CMF/branches/tseaver-viewification/CMFCore/tests/test_PortalFolder.py

-=-
Modified: CMF/branches/tseaver-viewification/CMFCore/PortalFolder.py
===================================================================
--- CMF/branches/tseaver-viewification/CMFCore/PortalFolder.py	2005-12-07 15:35:38 UTC (rev 40619)
+++ CMF/branches/tseaver-viewification/CMFCore/PortalFolder.py	2005-12-07 15:37:27 UTC (rev 40620)
@@ -365,75 +365,48 @@
         # This assists the version in OFS.CopySupport.
         # It enables the clipboard to function correctly
         # with objects created by a multi-factory.
-        securityChecksDone = False
-        sm = getSecurityManager()
-        parent = aq_parent(aq_inner(object))
-        object_id = object.getId()
         mt = getattr(object, '__factory_meta_type__', None)
         meta_types = getattr(self, 'all_meta_types', None)
 
         if mt is not None and meta_types is not None:
-            method_name=None
-            permission_name = None
+            method_name = None
+            mt_permission = None
 
             if callable(meta_types):
                 meta_types = meta_types()
 
             for d in meta_types:
-
-                if d['name']==mt:
-                    method_name=d['action']
-                    permission_name = d.get('permission', None)
+                if d['name'] == mt:
+                    method_name = d['action']
+                    mt_permission = d.get('permission')
                     break
 
-            if permission_name is not None:
+            if mt_permission is not None:
+                sm = getSecurityManager()
 
-                if not sm.checkPermission(permission_name,self):
-                    raise AccessControl_Unauthorized, method_name
+                if sm.checkPermission(mt_permission, self):
+                    if validate_src:
+                        # Ensure the user is allowed to access the object on
+                        # the clipboard.
+                        parent = aq_parent(aq_inner(object))
 
-                if validate_src:
+                        if not sm.validate(None, parent, None, object):
+                            raise AccessControl_Unauthorized(object.getId())
 
-                    if not sm.validate(None, parent, None, object):
-                        raise AccessControl_Unauthorized, object_id
-
-                if validate_src > 1:
-                    if not sm.checkPermission(DeleteObjects, parent):
-                        raise AccessControl_Unauthorized
-
-                # validation succeeded
-                securityChecksDone = 1
-
-            #
-            # Old validation for objects that may not have registered
-            # themselves in the proper fashion.
-            #
-            elif method_name is not None:
-
-                meth = self.unrestrictedTraverse(method_name)
-
-                factory = getattr(meth, 'im_self', None)
-
-                if factory is None:
-                    factory = aq_parent(aq_inner(meth))
-
-                if not sm.validate(None, factory, None, meth):
-                    raise AccessControl_Unauthorized, method_name
-
-                # Ensure the user is allowed to access the object on the
-                # clipboard.
-                if validate_src:
-
-                    if not sm.validate(None, parent, None, object):
-                        raise AccessControl_Unauthorized, object_id
-
-                if validate_src > 1: # moving
-                    if not sm.checkPermission(DeleteObjects, parent):
-                        raise AccessControl_Unauthorized
-
-                securityChecksDone = 1
-
-        # Call OFS' _verifyObjectPaste if necessary
-        if not securityChecksDone:
+                        if validate_src == 2: # moving
+                            if not sm.checkPermission(DeleteObjects, parent):
+                                raise AccessControl_Unauthorized('Delete not '
+                                                                 'allowed.')
+                else:
+                    raise AccessControl_Unauthorized('You do not possess the '
+                            '%r permission in the context of the container '
+                            'into which you are pasting, thus you are not '
+                            'able to perform this operation.' % mt_permission)
+            else:
+                raise AccessControl_Unauthorized('The object %r does not '
+                        'support this operation.' % object.getId())
+        else:
+            # Call OFS' _verifyObjectPaste if necessary
             PortalFolderBase.inheritedAttribute(
                 '_verifyObjectPaste')(self, object, validate_src)
 

Modified: CMF/branches/tseaver-viewification/CMFCore/tests/test_OpaqueItems.py
===================================================================
--- CMF/branches/tseaver-viewification/CMFCore/tests/test_OpaqueItems.py	2005-12-07 15:35:38 UTC (rev 40619)
+++ CMF/branches/tseaver-viewification/CMFCore/tests/test_OpaqueItems.py	2005-12-07 15:37:27 UTC (rev 40620)
@@ -14,10 +14,8 @@
 
 $Id$
 """
-from unittest import TestSuite, makeSuite, main
+import unittest
 import Testing
-import Zope2
-Zope2.startup()
 
 from zope.interface import implements
 
@@ -39,7 +37,8 @@
 # -------------------------------------------
 
 def extra_meta_types():
-    return [{'name': 'Dummy', 'action': 'manage_addFolder'}]
+    return [{'name': 'Dummy', 'action': 'manage_addFolder',
+             'permission': 'View'}]
 
 def addDummyContent(container, id, opaqueItem):
     container._setObject(id, DummyContent(id, opaqueItem=opaqueItem, catalog=1))
@@ -265,9 +264,9 @@
 
 
 def test_suite():
-    return TestSuite((
-        makeSuite(ManageBeforeAfterTests),
+    return unittest.TestSuite((
+        unittest.makeSuite(ManageBeforeAfterTests),
         ))
 
 if __name__ == '__main__':
-    main(defaultTest='test_suite')
+    unittest.main(defaultTest='test_suite')

Modified: CMF/branches/tseaver-viewification/CMFCore/tests/test_PortalContent.py
===================================================================
--- CMF/branches/tseaver-viewification/CMFCore/tests/test_PortalContent.py	2005-12-07 15:35:38 UTC (rev 40619)
+++ CMF/branches/tseaver-viewification/CMFCore/tests/test_PortalContent.py	2005-12-07 15:37:27 UTC (rev 40620)
@@ -19,9 +19,10 @@
 import Testing
 
 from AccessControl.SecurityManagement import newSecurityManager
-from AccessControl.SecurityManagement import noSecurityManager
 from Acquisition import aq_base
 
+from Products.CMFCore.tests.base.dummy import DummySite
+from Products.CMFCore.tests.base.dummy import DummyUserFolder
 from Products.CMFCore.tests.base.testcase import SecurityRequestTest
 
 
@@ -53,22 +54,13 @@
     # Tests related to http://www.zope.org/Collectors/CMF/205
     # Copy/pasting a content item must set ownership to pasting user
 
-    def _initFolders(self):
-        from OFS.Folder import Folder
+    def setUp(self):
+        SecurityRequestTest.setUp(self)
 
-        FOLDER_IDS = ( 'acl_users', 'folder1', 'folder2' )
+        self.root._setObject('site', DummySite('site'))
+        self.site = self.root.site
+        self.acl_users = self.site._setObject('acl_users', DummyUserFolder())
 
-        for folder_id in FOLDER_IDS:
-            if folder_id not in self.root.objectIds():
-                self.root._setObject( folder_id, Folder( folder_id ) )
-
-        # Hack, we need a _p_mtime for the file, so we make sure that it
-        # has one. We use a subtransaction, which means we can rollback
-        # later and pretend we didn't touch the ZODB.
-        #transaction.savepoint(optimistic=True)
-
-        return [ self.root._getOb( folder_id ) for folder_id in FOLDER_IDS ]
-
     def _initContent(self, folder, id):
         from Products.CMFCore.PortalContent import PortalContent
 
@@ -80,30 +72,30 @@
 
     def test_CopyPasteSetsOwnership(self):
         # Copy/pasting a File should set new ownership including local roles
+        from OFS.Folder import Folder
 
-        acl_users, folder1, folder2 = self._initFolders()
-        acl_users._doAddUser('user1', '', ('Member',), ())
-        user1 = acl_users.getUserById('user1').__of__(acl_users)
-        acl_users._doAddUser('user2', '', ('Member',), ())
-        user2 = acl_users.getUserById('user2').__of__(acl_users)
+        acl_users = self.acl_users
+        folder1 = self.site._setObject('folder1', Folder('folder1'))
+        folder2 = self.site._setObject('folder2', Folder('folder2'))
 
-        newSecurityManager(None, user1)
+        newSecurityManager(None, acl_users.user_foo)
         content = self._initContent(folder1, 'content')
-        content.manage_setLocalRoles(user1.getId(), ['Owner'])
+        content.manage_setLocalRoles(acl_users.user_foo.getId(), ['Owner'])
 
-        newSecurityManager(None, user2)
+        newSecurityManager(None, acl_users.all_powerful_Oz)
         cb = folder1.manage_copyObjects(['content'])
         folder2.manage_pasteObjects(cb)
 
         # Now test executable ownership and "owner" local role
         # "member" should have both.
         moved = folder2._getOb('content')
-        self.assertEqual(aq_base(moved.getOwner()), aq_base(user2))
+        self.assertEqual(aq_base(moved.getOwner()),
+                         aq_base(acl_users.all_powerful_Oz))
 
         local_roles = moved.get_local_roles()
         self.assertEqual(len(local_roles), 1)
         userid, roles = local_roles[0]
-        self.assertEqual(userid, user2.getId())
+        self.assertEqual(userid, acl_users.all_powerful_Oz.getId())
         self.assertEqual(len(roles), 1)
         self.assertEqual(roles[0], 'Owner')
 

Modified: CMF/branches/tseaver-viewification/CMFCore/tests/test_PortalFolder.py
===================================================================
--- CMF/branches/tseaver-viewification/CMFCore/tests/test_PortalFolder.py	2005-12-07 15:35:38 UTC (rev 40619)
+++ CMF/branches/tseaver-viewification/CMFCore/tests/test_PortalFolder.py	2005-12-07 15:37:27 UTC (rev 40620)
@@ -49,7 +49,8 @@
 
 
 def extra_meta_types():
-    return [  { 'name' : 'Dummy', 'action' : 'manage_addFolder' } ]
+    return [{'name': 'Dummy', 'action': 'manage_addFolder',
+             'permission': 'View'}]
 
 
 class PortalFolderFactoryTests( SecurityTest ):
@@ -1072,8 +1073,12 @@
         def _no_manage_addFile( a, c, n, v, *args, **kw ):
             return n != 'manage_addFile'
 
-        self._initPolicyAndUser( v_lambda=_no_manage_addFile )
+        def _no_add_images_and_files(permission, object, context):
+            return permission != ADD_IMAGES_AND_FILES
 
+        self._initPolicyAndUser( v_lambda=_no_manage_addFile,
+                                 c_lambda=_no_add_images_and_files )
+
         cookie = folder1.manage_cutObjects( ids=( 'file', ) )
         self._assertCopyErrorUnauth( folder2.manage_pasteObjects
                                    , cookie



More information about the CMF-checkins mailing list