[Zope-Checkins] CVS: Zope3/lib/python/Zope/Security/tests - testChecker.py:1.1.2.2 testRestrictedInterpreter.py:1.1.2.7
Jim Fulton
jim@zope.com
Thu, 18 Apr 2002 20:29:10 -0400
Update of /cvs-repository/Zope3/lib/python/Zope/Security/tests
In directory cvs.zope.org:/tmp/cvs-serv16151/lib/python/Zope/Security/tests
Modified Files:
Tag: SecurityProxy-branch
testChecker.py testRestrictedInterpreter.py
Log Message:
Refactored Checker constructor to simply take a function to compute a
permission from a name.
Provided some convenience checker factory functions.
Moved checker registry into a separate module.
=== Zope3/lib/python/Zope/Security/tests/testChecker.py 1.1.2.1 => 1.1.2.2 ===
from unittest import TestCase, TestSuite, main, makeSuite
-from Zope.Security.Checker import Checker
+from Zope.Security.Checker import NamesChecker, CheckerPublic
from Zope.Testing.CleanUp import cleanUp
from Zope.App.Security.ISecurityPolicy import ISecurityPolicy
from Zope.Exceptions import Forbidden, Unauthorized
from Zope.App.Security.SecurityManagement import setSecurityPolicy
from Zope.Security._Proxy import getChecker, getObject
-from Zope.Security.Proxy import Proxy, defineChecker
+from Zope.Security.CheckerRegistry import defineChecker
+from Zope.Security.Proxy import Proxy
class SecurityPolicy:
@@ -97,9 +98,8 @@
newinst.d = NewInst()
for inst in oldinst, newinst:
- checker = Checker([({'a': 1, 'b': 1, 'c': 1,
- '__getitem__': 1}.has_key,
- 'perm')])
+ checker = NamesChecker(['a', 'b', 'c', '__getitem__'],
+ 'perm')
self.assertRaises(Unauthorized, checker.check_getattr, inst, 'a')
self.assertRaises(Unauthorized, checker.check_getattr, inst, 'b')
@@ -110,9 +110,8 @@
self.assertRaises(Forbidden, checker.check_getattr, inst, 'e')
self.assertRaises(Forbidden, checker.check_getattr, inst, 'f')
- checker = Checker([({'a': 1, 'b': 1, 'c': 1,
- '__getitem__': 1}.has_key,
- 'test_allowed')])
+ checker = NamesChecker(['a', 'b', 'c', '__getitem__'],
+ 'test_allowed')
checker.check_getattr(inst, 'a')
checker.check_getattr(inst, 'b')
@@ -124,7 +123,7 @@
self.assertRaises(Forbidden, checker.check_getattr, inst, 'f')
def test_proxy(self):
- checker = Checker(())
+ checker = NamesChecker(())
for rock in (1, 1.0, 1l, 1j,
@@ -132,7 +131,8 @@
AttributeError, AttributeError(),
):
proxy = checker.proxy(rock)
- self.failUnless(proxy is rock, proxy)
+
+ self.failUnless(proxy is rock, (rock, type(proxy)))
for class_ in OldInst, NewInst:
inst = class_()
@@ -140,22 +140,79 @@
for ob in inst, class_:
proxy = checker.proxy(ob)
self.failUnless(getObject(proxy) is ob)
- database = getChecker(proxy)._Checker__database
+ checker = getChecker(proxy)
if ob is inst:
- self.failIf(database, database)
+ self.assertEqual(checker.permission_id('__str__'),
+ None)
else:
- self.failUnless(database)
+ self.assertEqual(checker.permission_id('__str__'),
+ CheckerPublic)
- special = Checker([({'a': 1, 'b': 1}.has_key, 'test_allowed')])
+ special = NamesChecker(['a', 'b'], 'test_allowed')
defineChecker(class_, special)
proxy = checker.proxy(inst)
self.failUnless(getObject(proxy) is inst)
+
+
checker = getChecker(proxy)
self.failUnless(checker is special, checker.__dict__)
proxy2 = checker.proxy(proxy)
self.failUnless(proxy2 is proxy, [proxy, proxy2])
+
+ def testMultiChecker(self):
+ from Interface import Interface
+
+ class I1(Interface):
+ def f1(): ''
+ def f2(): ''
+
+ class I2(I1):
+ def f3(): ''
+ def f4(): ''
+
+ class I3(Interface):
+ def g(): ''
+
+ from Zope.Exceptions import DuplicationError
+
+ from Zope.Security.Checker import MultiChecker
+
+ self.assertRaises(DuplicationError,
+ MultiChecker,
+ [(I1, 'p1'), (I2, 'p2')])
+
+ self.assertRaises(DuplicationError,
+ MultiChecker,
+ [(I1, 'p1'), {'f2': 'p2'}])
+
+ MultiChecker([(I1, 'p1'), (I2, 'p1')])
+
+ checker = MultiChecker([
+ (I2, 'p1'),
+ {'a': 'p3'},
+ (I3, 'p2'),
+ (('x','y','z'), 'p4'),
+ ])
+
+ self.assertEqual(checker.permission_id('f1'), 'p1')
+ self.assertEqual(checker.permission_id('f2'), 'p1')
+ self.assertEqual(checker.permission_id('f3'), 'p1')
+ self.assertEqual(checker.permission_id('f4'), 'p1')
+ self.assertEqual(checker.permission_id('g'), 'p2')
+ self.assertEqual(checker.permission_id('a'), 'p3')
+ self.assertEqual(checker.permission_id('x'), 'p4')
+ self.assertEqual(checker.permission_id('y'), 'p4')
+ self.assertEqual(checker.permission_id('z'), 'p4')
+ self.assertEqual(checker.permission_id('zzz'), None)
+
+ def testNonPrivateChecker(self):
+ from Zope.Security.Checker import NonPrivateChecker
+ checker = NonPrivateChecker('p')
+ self.assertEqual(checker.permission_id('z'), 'p')
+ self.assertEqual(checker.permission_id('_z'), None)
+
def test_suite():
=== Zope3/lib/python/Zope/Security/tests/testRestrictedInterpreter.py 1.1.2.6 => 1.1.2.7 ===
from Zope.Security.RestrictedInterpreter import RestrictedInterpreter
-from Zope.Security.Proxy import Proxy, defineChecker
+from Zope.Security.Proxy import Proxy
+from Zope.Security.CheckerRegistry import defineChecker
from Zope.Testing.CleanUp import cleanUp
@@ -33,10 +34,10 @@
def testWrapping(self):
# make sure we've really got proxies
import types
- from Zope.Security.Checker import Checker
- checker = Checker([({'Proxy':1, '_Proxy':1}.has_key, None)])
+ from Zope.Security.Checker import NamesChecker
+ checker = NamesChecker(['Proxy', '_Proxy'])
defineChecker(Zope.Security.Proxy, checker)
- checker = Checker([({'BuiltinFunctionType':1}.has_key, None)])
+ checker = NamesChecker(['BuiltinFunctionType'])
defineChecker(types, checker)
code = ("from Zope.Security.Proxy import Proxy, _Proxy\n"
"import types\n"