[CMF-checkins] SVN: CMF/trunk/CMFCore/tests/test_fiveactionstool.py Now the security tests works too (the security always worked in real

Lennart Regebro regebro at gmail.com
Thu Jan 19 14:08:17 EST 2006


Log message for revision 41371:
  Now the security tests works too (the security always worked in real 
  life).
  

Changed:
  U   CMF/trunk/CMFCore/tests/test_fiveactionstool.py

-=-
Modified: CMF/trunk/CMFCore/tests/test_fiveactionstool.py
===================================================================
--- CMF/trunk/CMFCore/tests/test_fiveactionstool.py	2006-01-19 18:24:40 UTC (rev 41370)
+++ CMF/trunk/CMFCore/tests/test_fiveactionstool.py	2006-01-19 19:08:17 UTC (rev 41371)
@@ -37,21 +37,24 @@
       >>> zcml.load_config('permissions.zcml', Products.Five)
       >>> zcml.load_config('meta.zcml', Products.CMFCore)
       >>> folder = self.folder
+
+    For menus to work, the request must have defaultSkin.
     
-    Do a Zope 2 login:
+      >>> from zope.app.publication.browser import setDefaultSkin
+      >>> setDefaultSkin(self.folder.REQUEST)
+      
+    We need to make Zope 3 use Zope 2s security policy
     
+      >>> from zope.security.management import thread_local
+      >>> thread_local.interaction = None
       >>> from Products.Five.security import newInteraction
       >>> newInteraction()
 
-    The request needs a skin layer for the test.
-    XXX: There is probably a better way to do this.
-    
-      >>> zcml.load_string('''<configure xmlns="http://namespaces.zope.org/five">
-      ...       <implements class="ZPublisher.HTTPRequest.HTTPRequest"
-      ...          interface="zope.publisher.interfaces.browser.IDefaultBrowserLayer"
-      ...          />
-      ...     </configure>''')
-      
+    Log in as manager
+   
+      >>> uf = self.folder.acl_users
+      >>> uf._doAddUser('manager', 'r00t', ['Manager'], [])
+      >>> self.login('manager')
 
     Let's create a Five actions tool:
 
@@ -62,7 +65,8 @@
     Let's create some simple content object providing ISimpleContent:
 
       >>> from Products.Five.tests.testing.simplecontent import SimpleContent
-      >>> foo = SimpleContent('foo', 'Foo')
+      >>> id = self.folder._setObject('foo', SimpleContent('foo', 'Foo'))
+      >>> foo = self.folder.foo
 
     Now we'll load a configuration file specifying some menu and menu
     items for ISimpleContent.
@@ -70,12 +74,21 @@
       >>> import Products.CMFCore.tests
       >>> zcml.load_config('fiveactions.zcml', Products.CMFCore.tests)
 
-    Let's look what the tool lists as actions for such an object. Note
-    that 'action_content_protected.html' is not present, as it was
-    protected by a more restrictive permission:
+    Let's look what the tool lists as actions for such an object. 
 
-      >>> actions = tool.listActions(object=foo, info="kuk")
+      >>> actions = tool.listActions(object=foo)
       >>> [(action.category, action.id) for action in actions]
+      [('mymenu', 'action_foo_public.html'), ('mymenu', 'action_foo_protected.html')]
+
+    But if we log in as a user who is not manager, we should not get the
+    protected menu item, , as it was protected by a more restrictive permission:
+    
+      >>> uf = self.folder.acl_users
+      >>> uf._doAddUser('user', 'user', [], [])
+      >>> self.login('user')
+      
+      >>> actions = tool.listActions(object=foo)
+      >>> [(action.category, action.id) for action in actions]
       [('mymenu', 'action_foo_public.html')]
 
     When looking at an object not implementing ISimpleContent, we see no



More information about the CMF-checkins mailing list