[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security/tests - testSecurityManagement.py:1.1.2.2
Tres Seaver
tseaver@zope.com
Sat, 1 Dec 2001 00:19:03 -0500
Update of /cvs-repository/Zope3/lib/python/Zope/App/Security/tests
In directory cvs.zope.org:/tmp/cvs-serv20386/Zope/App/Security/tests
Modified Files:
Tag: Zope-3x-branch
testSecurityManagement.py
Log Message:
- Refactored 'SecurityManagement.new/replaceSecurityManager' to allow
return of prior value from both, and eliminate redundant code.
- Fixed reliance on return from 'SecurityManagement.newSecurityManager'
(which will actually be the *old* value) in 'getSecurityManage'.
- Implemented unit tests for 'SecurityManagement' APIs.
=== Zope3/lib/python/Zope/App/Security/tests/testSecurityManagement.py 1.1.2.1 => 1.1.2.2 ===
class Test( unittest.TestCase ):
+ _oldPolicy = None
+
+ def tearDown( self ):
+ from Zope.App.Security.SecurityManagement import noSecurityManager
+ noSecurityManager()
+ self._restorePolicy()
+
def test_import( self ):
from Zope.App.Security import SecurityManagement
from Zope.App.Security.ISecurityManagement import ISecurityManagement
from Zope.App.Security.ISecurityManagement \
import ISecurityManagementSetup
- # 'verify' doesn't work for modules, as yet.
- #verify( ISecurityManagementSetup, SecurityManagement )
- #verify( ISecurityManagement, SecurityManagement )
+ verify( ISecurityManagementSetup, SecurityManagement )
+ verify( ISecurityManagement, SecurityManagement )
+
+ def test_ISecurityManagementSetup( self ):
+
+ from Zope.App.Security.SecurityManagement import noSecurityManager
+ from Zope.App.Security.SecurityManagement import newSecurityManager
+ from Zope.App.Security.SecurityManagement import replaceSecurityManager
+
+ some_user = []
+ other_user = []
+ old = newSecurityManager( some_user )
+ self.failUnless( old is None )
+
+ old = newSecurityManager( other_user )
+ self.failUnless( old is not None )
+ self.failUnless( old.getUser() is some_user )
+
+ old2 = replaceSecurityManager( old )
+ self.failUnless( old2 is not None )
+ self.failUnless( old2.getUser() is other_user )
+
+ noSecurityManager()
+
+ def test_getSecurityManager( self ):
+
+ from Zope.App.Security.SecurityManagement import noSecurityManager
+ from Zope.App.Security.SecurityManagement import replaceSecurityManager
+ from Zope.App.Security.SecurityManagement import getSecurityManager
+
+ noSecurityManager()
+ self.failUnless( replaceSecurityManager( None ) is None )
+
+ mgr = getSecurityManager()
+ self.assertEqual( mgr.getUser().getUserName(), 'Anonymous User' )
+ self.failIf( mgr.calledByExecutable() )
+ self.assertEqual( replaceSecurityManager( None ), mgr )
+
+ noSecurityManager()
+
+ def _setPermissive( self ):
+ from Zope.App.Security.SecurityManagement import setSecurityPolicy
+ from Zope.App.Security.SimpleSecurityPolicies \
+ import PermissiveSecurityPolicy
+ self._oldPolicy = setSecurityPolicy( PermissiveSecurityPolicy() )
+
+ def _restorePolicy( self ):
+ from Zope.App.Security.SecurityManagement import setSecurityPolicy
+ if self._oldPolicy is not None:
+ setSecurityPolicy( self._oldPolicy )
+
+ def _setParanoid( self ):
+ from Zope.App.Security.SecurityManagement import setSecurityPolicy
+ from Zope.App.Security.SimpleSecurityPolicies \
+ import ParanoidSecurityPolicy
+ self._oldPolicy = setSecurityPolicy( ParanoidSecurityPolicy() )
+
+ def test_setSecurityPolicy( self ):
+
+ from Zope.App.Security.SecurityManagement import noSecurityManager
+ from Zope.App.Security.SecurityManagement import getSecurityManager
+ from Zope.Exceptions import Unauthorized
+
+ # test against default policy (paranoid)
+ noSecurityManager()
+ mgr = getSecurityManager()
+ self.assertRaises( Unauthorized, mgr.validate, None, None )
+ self.assertRaises( Unauthorized, mgr.validateValue, None )
+ self.failIf( mgr.checkPermission( None, None ) )
+
+ # test against explicit permissive policy
+ self._setPermissive()
+ noSecurityManager()
+ mgr = getSecurityManager()
+ mgr.validate( None, None )
+ mgr.validateValue( None )
+ self.failUnless( mgr.checkPermission( None, None ) )
+ # test against explicit paranoid policy
+ self._restorePolicy()
+ self._setParanoid()
+ noSecurityManager()
+ mgr = getSecurityManager()
+ self.assertRaises( Unauthorized, mgr.validate, None, None )
+ self.assertRaises( Unauthorized, mgr.validateValue, None )
+ self.failIf( mgr.checkPermission( None, None ) )