[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security/tests - testProtectClass.py:1.1.2.12.4.1 testProtectSubClass.py:1.1.2.2.6.1 testPublicClass.py:1.1.2.12.4.1 testSecurityManagement.py:1.1.2.11.6.1 testSecurityManager.py:1.1.2.9.6.1 testZSP.py:1.1.2.12.6.1
Jim Fulton
jim@zope.com
Fri, 26 Apr 2002 14:23:18 -0400
Update of /cvs-repository/Zope3/lib/python/Zope/App/Security/tests
In directory cvs.zope.org:/tmp/cvs-serv26237/lib/python/Zope/App/Security/tests
Modified Files:
Tag: SecurityProxy-branch
testProtectClass.py testProtectSubClass.py testPublicClass.py
testSecurityManagement.py testSecurityManager.py testZSP.py
Log Message:
Changed security code to use security proxies and name-based
security. This has pretty far-reaching implications:
- You now protect names/operations, *not* values. This means it's as
easy yo protect data attributes that have simple values as it is to
protect methods.
- There is no longer a __permissions__ attribute. :)
- There is no longer a validate method in either security managers or
policies.
- No more need to have a special compiler for restricted code.
In exchange, lots of objects are proxies and code sometimes needs to
be prepared to remove proxies.
In addition:
- Basic objects (None, strings, numbers, etc.) are not wrapped in
context wrappers.
- There is a test that fails unless Python 2.3 is used.
=== Zope3/lib/python/Zope/App/Security/tests/testProtectClass.py 1.1.2.12 => 1.1.2.12.4.1 ===
"Verify that class, instance, and methods have expected permissions."
- tclass, instance = TestModule.test_class, TestModule.test_instance
- self.assertEqual(
- (
- getattr(instance, "__permission__", NOTSET),
- getattr(tclass.m1, "__permission__", NOTSET),
- getattr(tclass.m2, "__permission__", NOTSET),
- getattr(tclass.m3, "__permission__", NOTSET),
- getattr(instance.m1, "__permission__", NOTSET),
- getattr(instance.m2, "__permission__", NOTSET),
- getattr(instance.m3, "__permission__", NOTSET),
- ),
- (instP, m1P, m2P, m3P, m1P, m2P, m3P))
+ from Zope.Security.Checker import selectChecker
+ from Zope.Exceptions import Forbidden
+
+ checker = selectChecker(TestModule.test_instance)
+ self.assertEqual(checker.permission_id('m1'), (m1P or None))
+ self.assertEqual(checker.permission_id('m2'), (m2P or None))
+ self.assertEqual(checker.permission_id('m3'), (m3P or None))
def assertDeclaration(self, declaration, **state):
apply_declaration(template_bracket % declaration)
@@ -105,18 +100,10 @@
# "testSimple*" exercises tags that do NOT have children. This mode
# inherently sets the instances as well as the class attributes.
- def testSimpleNoPerm(self):
- """Establish rejection of declarations lacking a permission spec."""
- declaration = ("""<security:protectClass name="%s" />"""
- % (PREFIX+"test_class"))
- self.assertRaises(protectClass.ProtectionDeclarationException,
- self.assertDeclaration,
- declaration)
-
def testSimpleMethodsPlural(self):
declaration = ("""<security:protectClass
name="%s" permission_id="%s"
- methods="m1, m3" />"""
+ names="m1, m3" />"""
% (PREFIX+"test_class", P1))
self.assertDeclaration(declaration,
instP=P1, m1P=P1, m3P=P1)
@@ -136,7 +123,7 @@
def testCompositeNoPerm(self):
"""Establish rejection of declarations lacking a permission spec."""
declaration = ("""<security:protectClass name="%s">
- <security:protect methods="m1"/>
+ <security:protect names="m1"/>
</security:protectClass>"""
% (PREFIX+"test_class"))
self.assertRaises(protectClass.ProtectionDeclarationException,
@@ -145,17 +132,17 @@
# Permission not in top tag and in one subtag but not in the other:
declaration = ("""<security:protectClass name="%s">
<security:protect permission_id="%s"
- methods="m1"/>
- <security:instances/>
+ names="m1"/>
+ <security:protect
+ names="m2"/>
</security:protectClass>"""
% (PREFIX+"test_class", P1))
self.assertRaises(protectClass.ProtectionDeclarationException,
- self.assertDeclaration,
- declaration)
+ self.assertDeclaration, declaration, m1P=P1)
def testCompositeMethodTopPerm(self):
declaration = ("""<security:protectClass name="%s" permission_id="%s">
- <security:protect methods="m1"/>
+ <security:protect names="m1"/>
</security:protectClass>"""
% (PREFIX+"test_class", P1))
self.assertDeclaration(declaration,
@@ -163,7 +150,7 @@
def testCompositeMethodElementPerm(self):
declaration = ("""<security:protectClass name="%s">
- <security:protect permission_id="%s" methods="m1"/>
+ <security:protect permission_id="%s" names="m1"/>
</security:protectClass>"""
% (PREFIX+"test_class", P1))
self.assertDeclaration(declaration,
@@ -171,7 +158,7 @@
def testCompositeMethodsPluralTopPerm(self):
declaration = ("""<security:protectClass name="%s" permission_id="%s">
- <security:protect methods="m1, m2"/>
+ <security:protect names="m1, m2"/>
</security:protectClass>"""
% (PREFIX+"test_class", P1))
self.assertDeclaration(declaration,
@@ -180,7 +167,7 @@
def testCompositeMethodsPluralElementPerm(self):
declaration = ("""<security:protectClass name="%s">
<security:protect permission_id="%s"
- methods="m1, m3"/>
+ names="m1, m3"/>
</security:protectClass>"""
% (PREFIX+"test_class", P1))
self.assertDeclaration(declaration,
@@ -205,28 +192,10 @@
def testCompositeInstancesTopPerm(self):
declaration = ("""<security:protectClass name="%s" permission_id="%s">
- <security:instances/>
</security:protectClass>"""
% (PREFIX+"test_class", P1))
self.assertDeclaration(declaration,
instP=P1)
-
- def testCompositeInstancesElementPerm(self):
- declaration = ("""<security:protectClass name="%s">
- <security:instances permission_id="%s"/>
- </security:protectClass>"""
- % (PREFIX+"test_class", P1))
- self.assertDeclaration(declaration,
- instP=P1)
-
- def testBadPermission(self):
- declaration = ("""<security:protectClass name="%s">
- <security:instances permission_id="%s"/>
- </security:protectClass>"""
- % (PREFIX+"test_class", 'bad'))
- self.assertRaises(UndefinedPermissionError, self.assertDeclaration,
- declaration, instP='bad')
-
def testSubInterfaces(self):
declaration = ("""<security:protectClass
=== Zope3/lib/python/Zope/App/Security/tests/testProtectSubClass.py 1.1.2.2 => 1.1.2.2.6.1 ===
from unittest import TestCase, TestSuite, main, makeSuite
from Zope.Testing.CleanUp import CleanUp # Base class w registry cleanup
-from Zope.App.Security.protectClass import protectMethod
+from Zope.App.Security.protectClass import protectName
from Zope.App.Security.PermissionRegistry import permissionRegistry
+from Zope.Security.Checker import selectChecker
class Test(CleanUp, TestCase):
@@ -37,28 +38,17 @@
permissionRegistry.definePermission('B1', '')
permissionRegistry.definePermission('S', '')
- protectMethod(B1, 'g', 'B1')
- protectMethod(S, 'g', 'S')
- protectMethod(S, 'h', 'S')
-
- self.assertEqual(B1.__dict__['g'].__permission__, 'B1')
- self.assertEqual(getattr(B2.__dict__['h'], '__permission__', ''), '')
- self.assertEqual(S().g.__permission__, 'S')
- self.assertEqual(S().h.__permission__, 'S')
+ protectName(B1, 'g', 'B1')
+ protectName(S, 'g', 'S')
+ protectName(S, 'h', 'S')
+
+ self.assertEqual(selectChecker(B1()).permission_id('g'), 'B1')
+ self.assertEqual(selectChecker(B2()).permission_id('h'), None)
+ self.assertEqual(selectChecker(S()).permission_id('g'), 'S')
+ self.assertEqual(selectChecker(S()).permission_id('h'), 'S')
self.assertEqual(S().g(), 'B1.g')
self.assertEqual(S().h(), 'B2.h')
-
- def testOldStyleClass(self):
-
- class B1:
- def g(self): return 'B1.g'
-
- class S(B1):
- pass
-
- permissionRegistry.definePermission('S', '')
- self.assertRaises(TypeError, protectMethod, S, 'g', 'S')
def test_suite():
=== Zope3/lib/python/Zope/App/Security/tests/testPublicClass.py 1.1.2.12 => 1.1.2.12.4.1 ===
from Zope.Configuration.meta import InvalidDirective
from TestModuleHookup import *
+from Zope.Security.Checker import CheckerPublic as PublicPermission
NOTSET = []
-PublicPermission = publicClass.PublicPermission
-
class Test(CleanUp, unittest.TestCase):
def setUp(self):
@@ -61,15 +60,12 @@
def assertState(self, instP=NOTSET,
m1P=NOTSET, m2P=NOTSET, m3P=NOTSET):
"Verify that class, instance, and methods have expected permissions."
+ from Zope.Security.Checker import selectChecker
- tclass, instance = TestModule.test_class, TestModule.test_instance
- self.assertEqual(getattr(instance, "__permission__", NOTSET), instP)
- self.assertEqual(getattr(tclass.m1, "__permission__", NOTSET), m1P)
- self.assertEqual(getattr(tclass.m2, "__permission__", NOTSET), m2P)
- self.assertEqual(getattr(tclass.m3, "__permission__", NOTSET), m3P)
- self.assertEqual(getattr(instance.m1, "__permission__", NOTSET), m1P)
- self.assertEqual(getattr(instance.m2, "__permission__", NOTSET), m2P)
- self.assertEqual(getattr(instance.m3, "__permission__", NOTSET), m3P)
+ checker = selectChecker(TestModule.test_instance)
+ self.assertEqual(checker.permission_id('m1'), (m1P or None))
+ self.assertEqual(checker.permission_id('m2'), (m2P or None))
+ self.assertEqual(checker.permission_id('m3'), (m3P or None))
def assertDeclaration(self, declaration, **state):
apply_declaration(template_bracket % declaration)
@@ -91,14 +87,14 @@
declaration)
def testMethod(self):
- declaration = ("""<security:publicClass name="%s" methods="m1" />"""
+ declaration = ("""<security:publicClass name="%s" names="m1" />"""
% (PREFIX+"test_class"))
self.assertDeclaration(declaration,
instP=PublicPermission, m1P=PublicPermission)
def testMethodsPlural(self):
declaration = ("""<security:publicClass
- name="%s" methods="m1, m3" />"""
+ name="%s" names="m1, m3" />"""
% (PREFIX+"test_class"))
self.assertDeclaration(declaration,
instP=PublicPermission, m1P=PublicPermission,
=== Zope3/lib/python/Zope/App/Security/tests/testSecurityManagement.py 1.1.2.11 => 1.1.2.11.6.1 ===
from Interface.Verify import verifyObject
+from Zope.Testing.CleanUp import CleanUp
import Zope.App.Security.SecurityManagement
from Zope.App.Security.SecurityManagement import \
- noSecurityManager, setSecurityPolicy
+ noSecurityManager, setSecurityPolicy, newSecurityManager
-class Test( unittest.TestCase ):
-
- def setUp( self ):
- noSecurityManager()
- self._oldPolicy = Zope.App.Security.SecurityManager._defaultPolicy
-
- def tearDown( self ):
- noSecurityManager()
- setSecurityPolicy( self._oldPolicy )
+class Test(CleanUp, unittest.TestCase):
def test_import( self ):
from Zope.App.Security import SecurityManagement
@@ -95,13 +88,6 @@
import ParanoidSecurityPolicy
setSecurityPolicy( ParanoidSecurityPolicy() )
- def _setNameBased(self, nameChecker):
- from Zope.App.Security.SecurityManagement import setSecurityPolicy
- from Zope.App.Security.SimpleSecurityPolicies \
- import NameBasedSecurityPolicy
- setSecurityPolicy( NameBasedSecurityPolicy(nameChecker) )
-
-
def test_setSecurityPolicy( self ):
from Zope.App.Security.SecurityManagement import noSecurityManager
@@ -110,38 +96,21 @@
# test against default policy (paranoid)
self._setParanoid()
- noSecurityManager()
+ newSecurityManager('some user')
mgr = getSecurityManager()
- self.assertRaises( Unauthorized, mgr.validate, None, None )
- self.assertRaises( Unauthorized, mgr.validateValue, None )
self.failIf( mgr.checkPermission( None, None ) )
# test against explicit permissive policy
self._setPermissive()
- noSecurityManager()
+ newSecurityManager('some user')
mgr = getSecurityManager()
- mgr.validate( None, None )
- mgr.validateValue( None )
self.failUnless( mgr.checkPermission( None, None ) )
# test against explicit paranoid policy
self._setParanoid()
- noSecurityManager()
+ newSecurityManager('some user')
mgr = getSecurityManager()
- self.assertRaises( Unauthorized, mgr.validate, None, None )
- self.assertRaises( Unauthorized, mgr.validateValue, None )
self.failIf( mgr.checkPermission( None, None ) )
-
- # test against name based policy
- def allowFoo(name):
- if name != 'foo': raise Unauthorized
- self._setNameBased(allowFoo)
- noSecurityManager()
- mgr = getSecurityManager()
- mgr.validate('foo', None)
- self.assertRaises(Unauthorized, mgr.validate, 'bar', None)
- self.assertRaises(Unauthorized, mgr.validateValue, None)
- self.failUnless( mgr.checkPermission( None, None ) )
def test_suite():
=== Zope3/lib/python/Zope/App/Security/tests/testSecurityManager.py 1.1.2.9 => 1.1.2.9.6.1 ===
mgr = self._makeMgr()
- self.assertRaises( Unauthorized, mgr.validate, None, None )
- self.assertRaises( Unauthorized, mgr.validateValue, None )
self.failIf( mgr.checkPermission( None, None ) )
def test_w_permissive_policy( self ):
@@ -85,8 +83,6 @@
mgr = self._makeMgr()
self._setPermissive()
- mgr.validate( None, None )
- mgr.validateValue( None )
self.failUnless( mgr.checkPermission( None, None ) )
def test_exec_stack_overflow( self ):
=== Zope3/lib/python/Zope/App/Security/tests/testZSP.py 1.1.2.12 => 1.1.2.12.6.1 ===
from Interface import Interface
-from Zope.ContextWrapper import Wrapper
+from Zope.Proxy.ContextWrapper import ContextWrapper
from Zope.ComponentArchitecture import provideAdapter
from Zope.App.Security.IRolePermissionManager import IRolePermissionManager
from Zope.App.Security.PermissionRegistry import permissionRegistry
@@ -58,10 +58,6 @@
pass
-class Protected:
- def __init__(self, permission):
- self.__permission__ = permission
-
class Test(CleanUp, unittest.TestCase):
@@ -154,7 +150,7 @@
ob2 = TestClass()
ob3 = TestClass()
- ob = Wrapper(ob3, Wrapper(ob2, ob1))
+ ob = ContextWrapper(ob3, ContextWrapper(ob2, ob1))
self.failIf(self.policy.checkPermission(test, ob, Context(self.tim)))
ARPM(ob2).grantPermissionToRole(test, self.manager)
@@ -196,7 +192,7 @@
test = permissionRegistry.definePermission('test', 'Test', '')
test = test.getId()
- ob = Wrapper(ob3, Wrapper(ob2, ob1))
+ ob = ContextWrapper(ob3, ContextWrapper(ob2, ob1))
self.failIf(self.policy.checkPermission(test, ob, Context(self.tim)))
APPM(ob2).grantPermissionToPrincipal(test, self.tim)
self.failUnless(self.policy.checkPermission(test, ob,
@@ -220,32 +216,6 @@
principalPermissionManager.unsetPermissionForPrincipal(
test, self.tim)
-
-
-
- def test_validate(self):
- self.policy.validate('_', Protected(self.read), Context(self.jim))
- self.policy.validate('_', Protected(self.read), Context(self.tim))
- self.policy.validate('_', Protected(self.write), Context(self.tim))
-
- self.assertRaises(Unauthorized,
- self.policy.validate,
- 'x', Protected(self.read), Context(self.unknown))
- self.assertRaises(Unauthorized,
- self.policy.validate,
- 'x', Protected(self.write), Context(self.unknown))
-
- rolePermissionManager.grantPermissionToRole(self.read, 'Anonymous')
-
- self.policy.validate('_', Protected(self.read), Context(self.unknown))
-
- principalPermissionManager.grantPermissionToPrincipal(self.write,
- self.jim)
- self.policy.validate('_', Protected(self.write), Context(self.jim))
-
- self.assertRaises(Forbidden,
- self.policy.validate,
- 'x', Unprotected(), Context(self.tim))
class ITest(IAttributeMementoStorable):
pass