[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/ZMI/tests - sampleInterfaces.py:1.1.2.4.6.1 testZMIViewUtility.py:1.1.2.7.6.1

Jim Fulton jim@zope.com
Fri, 26 Apr 2002 14:23:19 -0400


Update of /cvs-repository/Zope3/lib/python/Zope/App/ZMI/tests
In directory cvs.zope.org:/tmp/cvs-serv26237/lib/python/Zope/App/ZMI/tests

Modified Files:
      Tag: SecurityProxy-branch
	sampleInterfaces.py testZMIViewUtility.py 
Log Message:
Changed security code to use security proxies and name-based
security. This has pretty far-reaching implications:

- You now protect names/operations, *not* values. This means it's as
  easy yo protect data attributes that have simple values as it is to
  protect methods.

- There is no longer a __permissions__ attribute. :)

- There is no longer a validate method in either security managers or
  policies. 

- No more need to have a special compiler for restricted code.
  In exchange, lots of objects are proxies and code sometimes needs to
  be prepared to remove proxies.

In addition:

- Basic objects (None, strings, numbers, etc.) are not wrapped in
  context wrappers.

- There is a test that fails unless Python 2.3 is used.



=== Zope3/lib/python/Zope/App/ZMI/tests/sampleInterfaces.py 1.1.2.4 => 1.1.2.4.6.1 ===
     def __init__(self, *args, **kw): pass
 
-    def restrictedTraverse(self, *args, **kw):
+    def traverse(self, *args, **kw):
         return None
 
 


=== Zope3/lib/python/Zope/App/ZMI/tests/testZMIViewUtility.py 1.1.2.7 => 1.1.2.7.6.1 ===
 from Zope.App.ZopePublication.Traversers import DefaultTraverser
 from Zope.App.Security.SecurityManagement import setSecurityPolicy
+from Zope.App.Security.SecurityManagement import newSecurityManager
 from Zope.Exceptions import Unauthorized
-
-class SecurityPolicy:
-
-    def validate(self, name, value, context):
-        if getattr(value, 'bad', 0):
-            raise Unauthorized
-        
-    def checkPermission(self, permission, object, context):
-        return 1
-
+from Zope.Security.Checker import defineChecker, NamesChecker, CheckerPublic
+from Zope.Security.Proxy import ProxyFactory
 
 class Service:
     __implements__ = IZMIViewService
@@ -51,6 +44,7 @@
 class I(Interface): pass
 class C:
     __implements__ = I
+
 ob = C()
 ob.a1 = C()
 ob.a2 = C()
@@ -70,14 +64,12 @@
         provideService('ZMIViewService', Service())
         provideView(I, 'a3', IBrowserPublisher, V)
         provideView(None, '_traverse', IBrowserPublisher, DefaultTraverser)
-        self.oldsp = setSecurityPolicy(SecurityPolicy())
-
-    def tearDown(self):
-        CleanUp.tearDown(self)
-        setSecurityPolicy(self.oldsp)
+        defineChecker(C, NamesChecker(['a1', 'a2', 'a3'], CheckerPublic,
+                                      abad='waaa'))
 
     def test(self):
-        v = ZMIViewUtility(ob)
+        newSecurityManager('who')
+        v = ZMIViewUtility(ProxyFactory(ob))
         v.setViewRequest(Request())
         self.assertEqual(v.getZMIViews(),
                          [{'label':'l1', 'action':'../a1'},