[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security/tests - testSecurityManager.py:1.1.2.2

[Tres Seaver]

Update of /cvs-repository/Zope3/lib/python/Zope/App/Security/tests
In directory cvs.zope.org:/tmp/cvs-serv21496/tests

Modified Files:
      Tag: Zope-3x-branch
	testSecurityManager.py 
Log Message:


  - Remove fossil 'roles' argument from 'ISecurityManager.validateValue',
    and rectify comment to indicate new "always raise if not allowed"
    protocol.

  - Refactor SecurityManager:

    o Remove dependency on ZopeSecurityPolicy

    o Install a "deny all" policy by default.

    o Remove crufty 'thread_id' arg from ctor.

    o Move redundant policy lookup into helper method, '_getPolicy'.

    o Remove fossil

  - Refactor SecurityManager:

    o Remove dependency on ZopeSecurityPolicy

    o Install a "deny all" policy by default.

    o Remove crufty 'thread_id' arg from ctor.

    o Move redundant policy lookup into helper method, '_getPolicy'.

    o Remove fossil 'roles' argument from 'validateValue'.

  - Add tests for SecurityManager's 'validate', 'validateValue', and
    'checkPermission' methods, both with default (deny all) policy
    and with permissive (allow all) policy.


=== Zope3/lib/python/Zope/App/Security/tests/testSecurityManager.py 1.1.2.1 => 1.1.2.2 ===
 from Interface import verify
 
+from Zope.App.Security.ISecurityPolicy import ISecurityPolicy
+from Zope.App.Security.SecurityContext import SecurityContext
+from Zope.Exceptions import Unauthorized
+
+class PermissiveSecurityPolicy:
+    """
+        Allow all.
+    """
+    __implements__ = ISecurityPolicy
+        
+    def validate( self, name, value, context ):
+        pass
+
+    def checkPermission( self, permission, object, context ):
+        return 1
+
 class Test( unittest.TestCase ):
 
+    _oldPolicy = None
+
+    def setUp( self ):
+        self._context = SecurityContext( 'xyzzy' )
+
+    def tearDown( self ):
+        if self._oldPolicy is not None:
+            from Zope.App.Security.SecurityManager import setSecurityPolicy
+            setSecurityPolicy( self._oldPolicy )
+
+    def _makeMgr( self ):
+        
+        from Zope.App.Security.SecurityManager import SecurityManager
+
+        return SecurityManager( self._context )
+
+    def _setPermissive( self ):
+        from Zope.App.Security.SecurityManager import setSecurityPolicy
+        self._oldPolicy = setSecurityPolicy( PermissiveSecurityPolicy() )
+            
     def test_import( self ):
         from Zope.App.Security.SecurityManager import SecurityManager
         from Zope.App.Security.ISecurityManager import ISecurityManager
 
         verify( ISecurityManager, SecurityManager )
 
-    def test_creation( self ):
+    def test_empty( self ):
         
-        from Zope.App.Security.SecurityManager import SecurityManager
+        mgr = self._makeMgr()
+
+        self.assertEqual( mgr.getUser(), self._context.user )
+        self.failIf( mgr.calledByExecutable() )
+
+    def test_w_default_policy( self ):
+        
+        mgr = self._makeMgr()
+
+        self.assertRaises( Unauthorized, mgr.validate, None, None )
+        self.assertRaises( Unauthorized, mgr.validateValue, None )
+        self.failIf( mgr.checkPermission( None, None ) )
+
+    def test_w_permissive_policy( self ):
+        
+        mgr = self._makeMgr()
+        self._setPermissive()
 
-        mgr = SecurityManager( None, None )
+        mgr.validate( None, None )
+        mgr.validateValue( None )
+        self.failUnless( mgr.checkPermission( None, None ) )