[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Traversing/tests - testTraverser.py:1.1.2.11 testZopeWrapper.py:NONE

Jim Fulton jim@zope.com
Sun, 28 Apr 2002 13:17:12 -0400


Update of /cvs-repository/Zope3/lib/python/Zope/App/Traversing/tests
In directory cvs.zope.org:/tmp/cvs-serv17050/lib/python/Zope/App/Traversing/tests

Modified Files:
      Tag: Zope-3x-branch
	testTraverser.py 
Removed Files:
      Tag: Zope-3x-branch
	testZopeWrapper.py 
Log Message:
HOTYB: Merged SecurityProxy-branch into main branch.  

All tests pass and folders can be listed and added through the web.
It is likely that most other things don't work and will need to be
fixed. The reason is that many accesses that should have been checked
before are now being checked and additional checks and thinking about
permissions and security settings are needed.

I'm in the process of drafting a paper for the wiki that describes the
changes in more detail.


=== Zope3/lib/python/Zope/App/Traversing/tests/testTraverser.py 1.1.2.10 => 1.1.2.11 ===
 from Zope.App.Traversing.Traverser import Traverser
 from Zope.App.Traversing.DefaultTraversable import DefaultTraversable
-from Zope.ContextWrapper import wrapper, Wrapper
+from Zope.Proxy.ContextWrapper import ContextWrapper
 from Zope.Exceptions import NotFoundError, Unauthorized
 from Zope.ComponentArchitecture import provideAdapter
-from Zope.App.Security.SecurityManagement import setSecurityPolicy, \
+from Zope.Security.SecurityManagement import setSecurityPolicy, \
     noSecurityManager
-from Zope.App.Security.SimpleSecurityPolicies import NameBasedSecurityPolicy
 from Zope.Testing.CleanUp import CleanUp # Base class w registry cleanup
 
 from Interface.Verify import verifyClass
 from Interface.Implements import instancesOfObjectImplements
+from Zope.Security.Checker \
+     import ProxyFactory, defineChecker, NamesChecker, CheckerPublic, Checker
+from Zope.Security.SecurityManagement import newSecurityManager
 
 class C:
     def __init__(self, name):
@@ -39,9 +41,9 @@
 class TraverserTests(CleanUp, unittest.TestCase):
     def setUp(self):
         # Build up a wrapper chain
-        self.root =   Wrapper(C('root'),   None,        name='')
-        self.folder = Wrapper(C('folder'), self.root,   name='folder')
-        self.item =   Wrapper(C('item'),   self.folder, name='item')
+        self.root =   ContextWrapper(C('root'),   None,        name='')
+        self.folder = ContextWrapper(C('folder'), self.root,   name='folder')
+        self.item =   ContextWrapper(C('item'),   self.folder, name='item')
         self.tr = Traverser(self.item)
 
     def testImplementsITraverser(self):
@@ -76,7 +78,7 @@
         self.tr = Traverser(root)
 
     def testNoTraversable(self):
-        self.assertRaises(NotFoundError, self.tr.unrestrictedTraverse,
+        self.assertRaises(NotFoundError, self.tr.traverse,
                           'folder')
 
 class UnrestrictedTraverseTests(CleanUp, unittest.TestCase):
@@ -96,51 +98,57 @@
         tr = self.tr
         item = self.item
 
-        self.assertEquals(tr.unrestrictedTraverse('/folder/item'), item)
-        self.assertEquals(tr.unrestrictedTraverse('folder/item'), item)
-        self.assertEquals(tr.unrestrictedTraverse('/folder/item/'), item)
+        self.assertEquals(tr.traverse('/folder/item'), item)
+        self.assertEquals(tr.traverse('folder/item'), item)
+        self.assertEquals(tr.traverse('/folder/item/'), item)
 
     def testSimplePathUnicode(self):
         tr = self.tr
         item = self.item
 
-        self.assertEquals(tr.unrestrictedTraverse(u'/folder/item'), item)
-        self.assertEquals(tr.unrestrictedTraverse(u'folder/item'), item)
-        self.assertEquals(tr.unrestrictedTraverse(u'/folder/item/'), item)
+        self.assertEquals(tr.traverse(u'/folder/item'), item)
+        self.assertEquals(tr.traverse(u'folder/item'), item)
+        self.assertEquals(tr.traverse(u'/folder/item/'), item)
 
     def testSimplePathTuple(self):
         tr = self.tr
         item = self.item
 
-        self.assertEquals(tr.unrestrictedTraverse(('', 'folder', 'item')),
+        self.assertEquals(tr.traverse(('', 'folder', 'item')),
                           item)
-        self.assertEquals(tr.unrestrictedTraverse(('folder', 'item')), item)
+        self.assertEquals(tr.traverse(('folder', 'item')), item)
 
     def testComplexPathString(self):
         tr = self.tr
         item = self.item
 
-        self.assertEquals(tr.unrestrictedTraverse('/folder/../folder/./item'),
+        self.assertEquals(tr.traverse('/folder/../folder/./item'),
             item)
-        self.assertEquals(tr.unrestrictedTraverse(
+        self.assertEquals(tr.traverse(
             '/../folder/../../folder/item'), item)
-        self.assertEquals(tr.unrestrictedTraverse('../../folder/item'), item)
+        self.assertEquals(tr.traverse('../../folder/item'), item)
 
     def testNotFoundDefault(self):
-        self.assertEquals(self.tr.unrestrictedTraverse('foo', 'notFound'),
+        self.assertEquals(self.tr.traverse('foo', 'notFound'),
             'notFound')
 
     def testNotFoundNoDefault(self):
-        self.assertRaises(NotFoundError, self.tr.unrestrictedTraverse, 'foo')
+        self.assertRaises(NotFoundError, self.tr.traverse, 'foo')
+
+def Denied(*names):
+
+    def check(name):
+        if name in names:
+            return 'Waaaa'
+        return CheckerPublic
+
+    return Checker(check)
 
 class RestrictedTraverseTests(CleanUp, unittest.TestCase):
     _oldPolicy = None
     _deniedNames = ()
 
     def setUp(self):
-        self._oldPolicy = setSecurityPolicy(
-            NameBasedSecurityPolicy(self.denyNames))
-
         provideAdapter(None, ITraversable, DefaultTraversable)
 
         self.root = root = C('root')
@@ -150,52 +158,30 @@
         root.folder = folder
         folder.item = item
 
-        self.tr = Traverser(root)
-
-    def tearDown(self):
-        noSecurityManager()
-        setSecurityPolicy(self._oldPolicy)
-        CleanUp.tearDown(self)
-
-    def denyNames(self, name):
-        if name in self._deniedNames:
-            raise Unauthorized
+        self.tr = Traverser(ProxyFactory(root))
 
     def testAllAllowed(self):
-        tr = self.tr
+        defineChecker(C, Checker(lambda name: CheckerPublic)) 
+        tr = Traverser(ProxyFactory(self.root))
         item = self.item
 
-        self.assertEquals(tr.restrictedTraverse(('', 'folder', 'item')), item)
-        self.assertEquals(tr.restrictedTraverse(('folder', 'item')), item)
+        self.assertEquals(tr.traverse(('', 'folder', 'item')), item)
+        self.assertEquals(tr.traverse(('folder', 'item')), item)
         
     def testItemDenied(self):
-        self._deniedNames = ('item',)
-
-        tr = self.tr
+        newSecurityManager('no one')
+        defineChecker(C, Denied('item')) 
+        tr = Traverser(ProxyFactory(self.root))
         folder = self.folder
 
-        self.assertRaises(Unauthorized, tr.restrictedTraverse, 
+        self.assertRaises(Unauthorized, tr.traverse, 
             ('', 'folder', 'item'))
-        self.assertRaises(Unauthorized, tr.restrictedTraverse, 
+        self.assertRaises(Unauthorized, tr.traverse, 
             ('folder', 'item'))
-        self.assertEquals(tr.restrictedTraverse(('', 'folder')), folder)
-        self.assertEquals(tr.restrictedTraverse(('folder', '..', 'folder')),
+        self.assertEquals(tr.traverse(('', 'folder')), folder)
+        self.assertEquals(tr.traverse(('folder', '..', 'folder')),
                           folder)
-        self.assertEquals(tr.restrictedTraverse(('folder',)), folder)
-
-    def testNoneDenied(self):
-        # If traversing up ('..') or to the root, None is passed as a name to
-        # validate.
-        self._deniedNames = (None,)
-
-        tr = self.tr
-        item = self.item
-
-        self.assertRaises(Unauthorized, tr.restrictedTraverse, 
-            ('', 'folder'))
-        self.assertRaises(Unauthorized, tr.restrictedTraverse, 
-            ('folder', '..', 'folder'))
-        self.assertEquals(tr.restrictedTraverse(('folder', 'item')), item)
+        self.assertEquals(tr.traverse(('folder',)), folder)
 
 class DefaultTraversableTests(CleanUp, unittest.TestCase):
     def testImplementsITraversable(self):

=== Removed File Zope3/lib/python/Zope/App/Traversing/tests/testZopeWrapper.py ===