[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security/tests - testAnnotationPrincipalPermissionManager.py:1.1.2.1 testAnnotationPrincipalRoleManager.py:1.1.2.1 testAnnotationRolePermissionManager.py:1.1.2.1 testZSP.py:1.1.2.17 testAttributePrincipalPermissionManager.py:NONE testAttributePrincipalRoleManager.py:NONE testAttributeRolePermissionManager.py:NONE

Steve Alexander steve@cat-box.net
Sun, 26 May 2002 14:20:50 -0400


Update of /cvs-repository/Zope3/lib/python/Zope/App/Security/tests
In directory cvs.zope.org:/tmp/cvs-serv6102/lib/python/Zope/App/Security/tests

Modified Files:
      Tag: Zope-3x-branch
	testZSP.py 
Added Files:
      Tag: Zope-3x-branch
	testAnnotationPrincipalPermissionManager.py 
	testAnnotationPrincipalRoleManager.py 
	testAnnotationRolePermissionManager.py 
Removed Files:
      Tag: Zope-3x-branch
	testAttributePrincipalPermissionManager.py 
	testAttributePrincipalRoleManager.py 
	testAttributeRolePermissionManager.py 
Log Message:
Security-related management screens now work!

I've had to change the way use of Annotations is declared in classes
a little bit. I'll explain more about that in an email to
zope3-dev shortly.


=== Added File Zope3/lib/python/Zope/App/Security/tests/testAnnotationPrincipalPermissionManager.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
# 
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""Test handler for AnnotationPrincipalPermissionManager module."""

import sys
import unittest

from Zope.App.OFS.Annotation.IAttributeAnnotatable import IAttributeAnnotatable
from Zope.ComponentArchitecture import getService
from Zope.App.OFS.Annotation.IAnnotations import IAnnotations
from Zope.App.OFS.Annotation.AttributeAnnotations import AttributeAnnotations
from Zope.App.Security.PermissionRegistry \
    import permissionRegistry as permregistry
from Zope.App.Security.PrincipalRegistry \
    import principalRegistry as prinregistry
from Zope.App.Security.AnnotationPrincipalPermissionManager \
    import AnnotationPrincipalPermissionManager 
from Zope.App.Security.Settings import Allow, Deny, Unset
from Zope.ComponentArchitecture.tests.PlacelessSetup import PlacelessSetup

class Manageable:
    __implements__ = IAttributeAnnotatable

class Test(PlacelessSetup, unittest.TestCase):
    
    def setUp(self):
        PlacelessSetup.setUp(self)
        getService(None,"Adapters").provideAdapter(
            IAttributeAnnotatable, IAnnotations,
            AttributeAnnotations)

    def _make_principal(self, id=None, title=None):
        p = prinregistry.definePrincipal(
            id or 'APrincipal',
            title or 'A Principal',
            login = id or 'APrincipal')
        return p.getId()

    def testUnboundPrincipalPermission(self):
        manager = AnnotationPrincipalPermissionManager(Manageable())
        permission = permregistry.definePermission('APerm', 'title')
        permission = permission.getId()
        principal = self._make_principal()
        self.assertEqual(manager.getPrincipalsForPermission(permission), [])
        self.assertEqual(manager.getPermissionsForPrincipal(principal), [])

    def testPrincipalPermission(self):
        manager = AnnotationPrincipalPermissionManager(Manageable())
        permission = permregistry.definePermission('APerm', 'title')
        permission = permission.getId()
        principal = self._make_principal()
        
        # check that an allow permission is saved correctly
        manager.grantPermissionToPrincipal(permission, principal)
        self.assertEqual(manager.getPrincipalsForPermission(permission),
                         [(principal, Allow)])
        self.assertEqual(manager.getPermissionsForPrincipal(principal),
                         [(permission, Allow)])
                         
        # check that the allow permission is removed.
        manager.unsetPermissionForPrincipal(permission, principal)
        self.assertEqual(manager.getPrincipalsForPermission(permission), [])
        self.assertEqual(manager.getPermissionsForPrincipal(principal), [])
        
        # now put a deny in there, check it's set.
        manager.denyPermissionToPrincipal(permission, principal)
        self.assertEqual(manager.getPrincipalsForPermission(permission),
                         [(principal, Deny)])
        self.assertEqual(manager.getPermissionsForPrincipal(principal),
                         [(permission, Deny)])
                         
        # test for deny followed by allow . The latter should override.
        manager.grantPermissionToPrincipal(permission, principal)
        self.assertEqual(manager.getPrincipalsForPermission(permission),
                         [(principal, Allow)])
        self.assertEqual(manager.getPermissionsForPrincipal(principal),
                         [(permission, Allow)])
                         
        # check that allow followed by allow is just a single allow.
        manager.grantPermissionToPrincipal(permission, principal)
        self.assertEqual(manager.getPrincipalsForPermission(permission),
                         [(principal, Allow)])
        self.assertEqual(manager.getPermissionsForPrincipal(principal),
                         [(permission, Allow)])
                         
        # check that two unsets in a row quietly ignores the second one.
        manager.unsetPermissionForPrincipal(permission, principal)
        manager.unsetPermissionForPrincipal(permission, principal)
        self.assertEqual(manager.getPrincipalsForPermission(permission), [])
        self.assertEqual(manager.getPermissionsForPrincipal(principal), [])
        
        # check the result of getSetting() when it's empty.
        self.assertEqual(manager.getSetting(permission, principal), Unset)
        
        # check the result of getSetting() when it's allowed.
        manager.grantPermissionToPrincipal(permission, principal)
        self.assertEqual(manager.getSetting(permission, principal), Allow)
        
        # check the result of getSetting() when it's denied.
        manager.denyPermissionToPrincipal(permission, principal)
        self.assertEqual(manager.getSetting(permission, principal), Deny)

    def testManyPermissionsOnePrincipal(self):
        manager = AnnotationPrincipalPermissionManager(Manageable())
        perm1 = permregistry.definePermission('Perm One', 'title').getId()
        perm2 = permregistry.definePermission('Perm Two', 'title').getId()
        prin1 = self._make_principal()
        manager.grantPermissionToPrincipal(perm1, prin1)
        manager.grantPermissionToPrincipal(perm2, prin1)
        perms = manager.getPermissionsForPrincipal(prin1)
        self.assertEqual(len(perms), 2)
        self.failUnless((perm1,Allow) in perms)
        self.failUnless((perm2,Allow) in perms)
        manager.denyPermissionToPrincipal(perm2, prin1)
        perms = manager.getPermissionsForPrincipal(prin1)
        self.assertEqual(len(perms), 2)
        self.failUnless((perm1,Allow) in perms)
        self.failUnless((perm2,Deny) in perms)

    def testManyPrincipalsOnePermission(self):
        manager = AnnotationPrincipalPermissionManager(Manageable())
        perm1 = permregistry.definePermission('Perm One', 'title').getId()
        prin1 = self._make_principal()
        prin2 = self._make_principal('Principal 2', 'Principal Two')
        manager.grantPermissionToPrincipal(perm1, prin1)
        manager.denyPermissionToPrincipal(perm1, prin2)
        principals = manager.getPrincipalsForPermission(perm1)
        self.assertEqual(len(principals), 2)
        self.failUnless((prin1,Allow) in principals)
        self.failUnless((prin2,Deny) in principals)

def test_suite():
    loader=unittest.TestLoader()
    return loader.loadTestsFromTestCase(Test)

if __name__=='__main__':
    unittest.TextTestRunner().run(test_suite())


=== Added File Zope3/lib/python/Zope/App/Security/tests/testAnnotationPrincipalRoleManager.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
# 
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
# 
##############################################################################
"""Test handler for PrincipalRoleManager module."""

import sys
import unittest

from Zope.App.OFS.Annotation.IAttributeAnnotatable import IAttributeAnnotatable
from Zope.ComponentArchitecture import getService
from Zope.App.OFS.Annotation.IAnnotations import IAnnotations
from Zope.App.OFS.Annotation.AttributeAnnotations import AttributeAnnotations
from Zope.App.Security.RoleRegistry import roleRegistry as rregistry
from Zope.App.Security.PrincipalRegistry import principalRegistry as pregistry
from Zope.App.Security.AnnotationPrincipalRoleManager \
        import AnnotationPrincipalRoleManager
from Zope.App.Security.Settings import Assign, Remove
from Zope.App.OFS.Services.ServiceManager.tests.PlacefulSetup import PlacefulSetup

class Manageable:
    __implements__ = IAttributeAnnotatable

class Test(PlacefulSetup, unittest.TestCase):

    def setUp(self):
        PlacefulSetup.setUp(self)
        getService(None,"Adapters").provideAdapter(
            IAttributeAnnotatable, IAnnotations,
            AttributeAnnotations)
                       
    def _make_principal(self, id=None, title=None):
        p = pregistry.definePrincipal(
            id or 'APrincipal',
            title or 'A Principal',
            login = id or 'APrincipal')
        return p.getId()

    def testUnboundPrincipalRole(self):
        principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
        role = rregistry.defineRole('ARole', 'A Role').getId()
        principal = self._make_principal()
        self.assertEqual(principalRoleManager.getPrincipalsForRole(role), [])
        self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
                         [])

    def testPrincipalRoleAssign(self):
        principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
        role = rregistry.defineRole('ARole', 'A Role').getId()
        principal = self._make_principal()
        principalRoleManager.assignRoleToPrincipal(role, principal)
        self.assertEqual(principalRoleManager.getPrincipalsForRole(role),
                         [(principal,Assign)])
        self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
                         [(role,Assign)])

    def testPrincipalRoleRemove(self):
        principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
        role = rregistry.defineRole('ARole', 'A Role').getId()
        principal = self._make_principal()
        principalRoleManager.removeRoleFromPrincipal(role, principal)
        self.assertEqual(principalRoleManager.getPrincipalsForRole(role),
                         [(principal,Remove)])
        self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
                         [(role,Remove)])

    def testPrincipalRoleUnset(self):
        principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
        role = rregistry.defineRole('ARole', 'A Role').getId()
        principal = self._make_principal()
        principalRoleManager.removeRoleFromPrincipal(role, principal)
        principalRoleManager.unsetRoleForPrincipal(role, principal)
        self.assertEqual(principalRoleManager.getPrincipalsForRole(role),
                         [])
        self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
                         [])

    def testManyRolesOnePrincipal(self):
        principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
        role1 = rregistry.defineRole('Role One', 'Role #1').getId()
        role2 = rregistry.defineRole('Role Two', 'Role #2').getId()
        prin1 = self._make_principal()
        principalRoleManager.assignRoleToPrincipal(role1, prin1)
        principalRoleManager.assignRoleToPrincipal(role2, prin1)
        roles = principalRoleManager.getRolesForPrincipal(prin1)
        self.assertEqual(len(roles), 2)
        self.failUnless((role1,Assign) in roles)
        self.failUnless((role2,Assign) in roles)

    def testManyPrincipalsOneRole(self):
        principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
        role1 = rregistry.defineRole('Role One', 'Role #1').getId()
        prin1 = self._make_principal()
        prin2 = self._make_principal('Principal 2', 'Principal Two')
        principalRoleManager.assignRoleToPrincipal(role1, prin1)
        principalRoleManager.assignRoleToPrincipal(role1, prin2)
        principals = principalRoleManager.getPrincipalsForRole(role1)
        self.assertEqual(len(principals), 2)
        self.failUnless((prin1,Assign) in principals)
        self.failUnless((prin2,Assign) in principals)

    def testPrincipalsAndRoles(self):
        principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
        principalsAndRoles = principalRoleManager.getPrincipalsAndRoles()
        self.assertEqual(len(principalsAndRoles), 0)
        role1 = rregistry.defineRole('Role One', 'Role #1').getId()
        role2 = rregistry.defineRole('Role Two', 'Role #2').getId()
        prin1 = self._make_principal()
        prin2 = self._make_principal('Principal 2', 'Principal Two')
        principalRoleManager.assignRoleToPrincipal(role1, prin1)
        principalRoleManager.assignRoleToPrincipal(role1, prin2)
        principalRoleManager.assignRoleToPrincipal(role2, prin1)
        principalsAndRoles = principalRoleManager.getPrincipalsAndRoles()
        self.assertEqual(len(principalsAndRoles), 3)
        self.failUnless((role1,prin1,Assign) in principalsAndRoles)
        self.failUnless((role1,prin2,Assign) in principalsAndRoles)
        self.failUnless((role2,prin1,Assign) in principalsAndRoles)


def test_suite():
    loader=unittest.TestLoader()
    return loader.loadTestsFromTestCase(Test)

if __name__=='__main__':
    unittest.TextTestRunner().run(test_suite())


=== Added File Zope3/lib/python/Zope/App/Security/tests/testAnnotationRolePermissionManager.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
# 
##############################################################################
from Zope.App.Security.AnnotationRolePermissionManager \
     import AnnotationRolePermissionManager
from Zope.App.OFS.Annotation.IAttributeAnnotatable import IAttributeAnnotatable
from Zope.App.OFS.Annotation.IAnnotations import IAnnotations
from Zope.App.OFS.Annotation.AttributeAnnotations import AttributeAnnotations
from Zope.ComponentArchitecture \
     import getServiceManager, getService
from Zope.App.Security.IRoleService import IRoleService
from Zope.App.Security.IPermissionService import IPermissionService
from Zope.App.Security.RoleRegistry import roleRegistry
from Zope.App.Security.PermissionRegistry import permissionRegistry
from Zope.App.Security.Settings import Allow, Deny
from Zope.App.OFS.Services.ServiceManager.tests.PlacefulSetup \
    import PlacefulSetup

import unittest, sys

class Manageable:
    __implements__ = IAttributeAnnotatable

class Test(PlacefulSetup, unittest.TestCase):

    def setUp(self):
        PlacefulSetup.setUp(self)
        defineService=getServiceManager(None).defineService
        provideService=getServiceManager(None).provideService
        defineService('RoleService', IRoleService)
        defineService('PermissionService', IPermissionService)
        provideService('RoleService', roleRegistry)
        provideService('PermissionService', permissionRegistry)
        provideAdapter=getService(None,"Adapters").provideAdapter
        provideAdapter(IAttributeAnnotatable, IAnnotations, 
                       AttributeAnnotations)                       

        read = permissionRegistry.definePermission('read', 'Read Something')
        self.read = read.getId()
        
        write = permissionRegistry.definePermission('write', 'Write Something')
        self.write = write.getId()

        peon = roleRegistry.defineRole('peon', 'Poor Slob')
        self.peon = peon.getId()
        
        manager = roleRegistry.defineRole('manager', 'Supreme Being')
        self.manager = manager.getId()
        
    def testNormal(self):
        obj = Manageable()
        mgr = AnnotationRolePermissionManager(obj)
        mgr.grantPermissionToRole(self.read,self.manager)
        mgr.grantPermissionToRole(self.write,self.manager)
        mgr.grantPermissionToRole(self.write,self.manager)

        mgr.grantPermissionToRole(self.read,self.peon)

        l = list(mgr.getPermissionsForRole(self.manager))
        self.failUnless( (self.read, Allow) in l )
        self.failUnless( (self.write, Allow) in l )

        l = list(mgr.getPermissionsForRole(self.peon))
        self.failUnless( [(self.read, Allow)] == l )

        l = list(mgr.getRolesForPermission(self.read))
        self.failUnless( (self.manager, Allow) in l )
        self.failUnless( (self.peon, Allow) in l )

        l = list(mgr.getRolesForPermission(self.write))
        self.assertEqual(l, [ (self.manager, Allow) ] )

        mgr.denyPermissionToRole(self.read, self.peon)
        l = list(mgr.getPermissionsForRole(self.peon))
        self.assertEqual(l, [(self.read, Deny)] )

        mgr.unsetPermissionFromRole(self.read, self.peon)

        l = list(mgr.getRolesForPermission(self.read))
        self.assertEqual(l, [ (self.manager, Allow) ] )


def test_suite():
    loader=unittest.TestLoader()
    return loader.loadTestsFromTestCase(Test)

if __name__=='__main__':
    unittest.TextTestRunner().run(test_suite())


=== Zope3/lib/python/Zope/App/Security/tests/testZSP.py 1.1.2.16 => 1.1.2.17 ===
 from Zope.App.Security.RolePermissionManager import rolePermissionManager 
 from Zope.App.Security.PrincipalRoleManager import principalRoleManager 
-from Zope.App.Security.AttributePrincipalPermissionManager \
-    import AttributePrincipalPermissionManager 
+from Zope.App.Security.AnnotationPrincipalPermissionManager \
+    import AnnotationPrincipalPermissionManager 
 from Zope.App.Security.PrincipalPermissionManager \
     import PrincipalPermissionManager 
 from Zope.App.Security.IPrincipalPermissionManager \
     import IPrincipalPermissionManager 
-from Zope.App.Security.AttributePrincipalRoleManager \
-    import AttributePrincipalRoleManager 
+from Zope.App.Security.AnnotationPrincipalRoleManager \
+    import AnnotationPrincipalRoleManager 
 from Zope.App.Security.PrincipalRoleManager \
     import PrincipalRoleManager 
-from Zope.App.Security.AttributeRolePermissionManager \
-    import AttributeRolePermissionManager 
+from Zope.App.Security.AnnotationRolePermissionManager \
+    import AnnotationRolePermissionManager 
 from Zope.App.Security.IPrincipalRoleManager import IPrincipalRoleManager 
 from Zope.Exceptions import Unauthorized, Forbidden
 from Zope.App.OFS.Annotation.IAttributeAnnotatable import IAttributeAnnotatable
@@ -144,7 +144,7 @@
 
     def testPlayfulRolePermissions(self):
         
-        ARPM = AttributeRolePermissionManager
+        ARPM = AnnotationRolePermissionManager
         getService(None,"Adapters").provideAdapter(ITest,
                             IRolePermissionManager, ARPM)
         test = permissionRegistry.definePermission('test', 'Test', '')
@@ -186,7 +186,7 @@
         self.failIf(self.policy.checkPermission(test, ob, Context(new)))
                     
     def testPlayfulPrinciplePermissions(self):
-        APPM = AttributePrincipalPermissionManager
+        APPM = AnnotationPrincipalPermissionManager
         getService(None,"Adapters").provideAdapter(ITest,
                        IPrincipalPermissionManager, APPM)
 

=== Removed File Zope3/lib/python/Zope/App/Security/tests/testAttributePrincipalPermissionManager.py ===

=== Removed File Zope3/lib/python/Zope/App/Security/tests/testAttributePrincipalRoleManager.py ===

=== Removed File Zope3/lib/python/Zope/App/Security/tests/testAttributeRolePermissionManager.py ===