[Zope-Checkins] SVN: Zope/branches/2.12/ Backport `rolesForPermissionOn` fix from standalone AccessControl project

Hano Schlichting cvs-admin at zope.org
Thu Aug 23 14:31:46 UTC 2012


Log message for revision 127557:
  Backport `rolesForPermissionOn` fix from standalone AccessControl project
  

Changed:
  U   Zope/branches/2.12/doc/CHANGES.rst
  U   Zope/branches/2.12/src/AccessControl/ZopeSecurityPolicy.py
  U   Zope/branches/2.12/src/AccessControl/tests/testZopeSecurityPolicy.py

-=-
Modified: Zope/branches/2.12/doc/CHANGES.rst
===================================================================
--- Zope/branches/2.12/doc/CHANGES.rst	2012-08-23 14:20:11 UTC (rev 127556)
+++ Zope/branches/2.12/doc/CHANGES.rst	2012-08-23 14:31:42 UTC (rev 127557)
@@ -8,6 +8,9 @@
 2.12.24 (unreleased)
 --------------------
 
+- Fix a bug in ZopeSecurityPolicy.py. Global variable `rolesForPermissionOn`
+  could be overridden if `__role__` had custom rolesForPermissionOn.
+
 - Updated distributions:
 
   - zdaemon = 2.0.7

Modified: Zope/branches/2.12/src/AccessControl/ZopeSecurityPolicy.py
===================================================================
--- Zope/branches/2.12/src/AccessControl/ZopeSecurityPolicy.py	2012-08-23 14:20:11 UTC (rev 127556)
+++ Zope/branches/2.12/src/AccessControl/ZopeSecurityPolicy.py	2012-08-23 14:31:42 UTC (rev 127557)
@@ -52,9 +52,10 @@
 
     if roles is None or isinstance(roles, tuple_or_list):
         return roles
-    
-    rolesForPermissionOn = getattr(roles, 'rolesForPermissionOn', None)
-    if rolesForPermissionOn is not None:
-        roles = rolesForPermissionOn(value)
 
+    # Do not override global variable `rolesForPermissionOn`.
+    roles_rolesForPermissionOn = getattr(roles, 'rolesForPermissionOn', None)
+    if roles_rolesForPermissionOn is not None:
+        roles = roles_rolesForPermissionOn(value)
+
     return roles

Modified: Zope/branches/2.12/src/AccessControl/tests/testZopeSecurityPolicy.py
===================================================================
--- Zope/branches/2.12/src/AccessControl/tests/testZopeSecurityPolicy.py	2012-08-23 14:20:11 UTC (rev 127556)
+++ Zope/branches/2.12/src/AccessControl/tests/testZopeSecurityPolicy.py	2012-08-23 14:31:42 UTC (rev 127557)
@@ -10,14 +10,12 @@
 # FOR A PARTICULAR PURPOSE
 #
 ##############################################################################
-"""Tests of ZopeSecurityPolicy
-"""
 
-__rcs_id__='$Id$'
-__version__='$Revision: 1.10 $'[11:-2]
+import os
+import sys
+import thread
+import unittest
 
-import os, sys, unittest
-
 import ZODB
 try:
     from zExceptions import Unauthorized
@@ -576,11 +574,61 @@
 
 from doctest import DocTestSuite
 
+
+class GetRolesWithMultiThreadTest(unittest.TestCase):
+
+    def setUp(self):
+        self._original_check_interval = sys.getcheckinterval()
+        sys.setcheckinterval(1)
+
+    def tearDown(self):
+        sys.setcheckinterval(self._original_check_interval)
+
+    def testGetRolesWithMultiThread(self):
+        from AccessControl.ZopeSecurityPolicy import getRoles
+
+        class C(object):
+            pass
+
+        class V1(object):
+            class __roles__(object):
+                @staticmethod
+                def rolesForPermissionOn(ob):
+                    return ['Member']
+
+        class V2(object):
+            class __roles__(object):
+                @staticmethod
+                def rolesForPermissionOn(ob):
+                    return ['User']
+
+        c = C()
+        c.v1 = V1()
+        c.v2 = V2()
+
+        self.assertEqual(getRoles(c, None, c.v1, 42), ['Member'])
+        self.assertEqual(getRoles(c, None, c.v2, 42), ['User'])
+        mark = []
+
+        def loop():
+            while 1:
+                getRoles(c, None, c.v2, 42)
+                if len(mark) > 0:
+                    return
+        thread.start_new_thread(loop, ())
+        try:
+            for i in range(1000):
+                self.assertEqual(getRoles(c, None, c.v1, 42), ['Member'])
+        finally:
+            mark.append(None)
+
+
 def test_suite():
     suite = unittest.TestSuite()
     suite.addTest(unittest.makeSuite(Python_ZSPTests, 'test'))
     suite.addTest(unittest.makeSuite(C_ZSPTests, 'test'))
     suite.addTest(DocTestSuite())
+    suite.addTest(unittest.makeSuite(GetRolesWithMultiThreadTest))
     return suite
 
 def main():



More information about the Zope-Checkins mailing list