[Zope3-checkins] CVS: Zope3/src/zope/security/tests - test_checker.py:1.7.10.1

Marius Gedminas mgedmin@codeworks.lt
Wed, 14 May 2003 06:39:06 -0400


Update of /cvs-repository/Zope3/src/zope/security/tests
In directory cvs.zope.org:/tmp/cvs-serv2024/src/zope/security/tests

Modified Files:
      Tag: stevea-decorators-branch
	test_checker.py 
Log Message:
Refactored WATCH_CHECKERS from base Checker code into a separate mixin class.
New class: DecoratedChecker.
Some work on the global decorator service.



=== Zope3/src/zope/security/tests/test_checker.py 1.7 => 1.7.10.1 ===
--- Zope3/src/zope/security/tests/test_checker.py:1.7	Wed Apr 23 14:18:02 2003
+++ Zope3/src/zope/security/tests/test_checker.py	Wed May 14 06:39:05 2003
@@ -18,26 +18,45 @@
 """
 
 from unittest import TestCase, TestSuite, main, makeSuite
+from zope.interface import implements
 from zope.security.checker import Checker, NamesChecker, CheckerPublic
 from zope.testing.cleanup import CleanUp
 from zope.security.interfaces import ISecurityPolicy
-from zope.exceptions import Forbidden, Unauthorized
+from zope.exceptions import Forbidden, Unauthorized, ForbiddenAttribute
 from zope.security.management import setSecurityPolicy
 from zope.security.proxy import getChecker, getObject
 from zope.security.checker import defineChecker, ProxyFactory
 import types, pickle
 
+__metaclass__ = type
+
 class SecurityPolicy:
 
-    __implements__ =  ISecurityPolicy
+    implements(ISecurityPolicy)
 
     def checkPermission(self, permission, object, context):
         'See ISecurityPolicy'
 
         return permission == 'test_allowed'
 
+class RecordedSecurityPolicy:
+
+    implements(ISecurityPolicy)
+
+    def __init__(self):
+        self._checked = []
+
+    def checkPermission(self, permission, object, context):
+        'See ISecurityPolicy'
+        self._checked.append(permission)
+        return True
 
-class TransparentProxy(object):
+    def checkChecked(self, checked):
+        res = self._checked == checked
+        self._checked = []
+        return res
+
+class TransparentProxy:
     def __init__(self, ob):
         self._ob = ob
 
@@ -46,6 +65,9 @@
         return getattr(ob, name)
 
 class OldInst:
+
+    __metaclass__ = types.ClassType
+
     a=1
 
     def b(self):
@@ -62,10 +84,14 @@
 
 class NewInst(object, OldInst):
 
+    # This is not needed, but left in to show the change of metaclass
+    # __metaclass__ = type
+
     def gete(self): return 3
     def sete(self, v): pass
     e = property(gete, sete)
 
+
 class Test(TestCase, CleanUp):
 
     def setUp(self):
@@ -289,6 +315,10 @@
             self.assertRaises(Forbidden, checker.check_setattr, inst, 'a')
             self.assertRaises(Forbidden, checker.check_setattr, inst, 'z')
 
+    # XXX write a test to see that
+    # Checker.check/check_setattr handle permission
+    # values that evaluate to False
+
 
 class TestCheckerPublic(TestCase):
 
@@ -300,10 +330,46 @@
     def test_that_CheckerPublic_identity_works_even_when_proxied(self):
         self.assert_(ProxyFactory(CheckerPublic) is CheckerPublic)
 
+
+class TestDecoratedChecker(TestCase):
+
+    def setUp(self):
+        TestCase.setUp(self)
+        self.policy = RecordedSecurityPolicy()
+        self.__oldpolicy = setSecurityPolicy(self.policy)
+
+    def tearDown(self):
+        setSecurityPolicy(self.__oldpolicy)
+        TestCase.tearDown(self)
+
+    def test_checking(self):
+        from zope.security.checker import DecoratedChecker
+        c = NamesChecker(['foo', 'bar', '__str__'], 'baseperm')
+        dc = DecoratedChecker(c, {'foo': 'perm1'}, {'foo': 'perm2'})
+
+        o = object()
+        dc.check_getattr(o, 'foo')
+        self.assert_(self.policy.checkChecked(['perm1']))
+        dc.check_getattr(o, 'bar')
+        self.assert_(self.policy.checkChecked(['baseperm']))
+        self.assertRaises(ForbiddenAttribute, dc.check_getattr, o, 'baz')
+        self.assert_(self.policy.checkChecked([]))
+        dc.check(o, '__str__')
+        self.assert_(self.policy.checkChecked(['baseperm']))
+
+        dc.check_setattr(o, 'foo')
+        self.assert_(self.policy.checkChecked(['perm2']))
+        self.assertRaises(ForbiddenAttribute, dc.check_setattr, o, 'bar')
+        self.assert_(self.policy.checkChecked([]))
+        self.assertRaises(ForbiddenAttribute, dc.check_setattr, o, 'baz')
+        self.assert_(self.policy.checkChecked([]))
+
+
 def test_suite():
     return TestSuite((
         makeSuite(Test),
         makeSuite(TestCheckerPublic),
+        makeSuite(TestDecoratedChecker),
         ))
 
 if __name__=='__main__':