[Zope3-checkins] CVS: Zope3/src/zope/app/security/grants/tests - __init__.py:1.2 test_annotationprincipalpermissionmanager.py:1.2 test_annotationprincipalrolemanager.py:1.2 test_annotationrolepermissionmanager.py:1.2 test_localsecuritymap.py:1.2 test_persistentlocalsecuritymap.py:1.2 test_principalpermissionmanager.py:1.2 test_principalrolemanager.py:1.2 test_rolepermissionmanager.py:1.2

Jim Fulton jim@zope.com
Wed, 25 Dec 2002 09:13:48 -0500


Update of /cvs-repository/Zope3/src/zope/app/security/grants/tests
In directory cvs.zope.org:/tmp/cvs-serv15352/src/zope/app/security/grants/tests

Added Files:
	__init__.py test_annotationprincipalpermissionmanager.py 
	test_annotationprincipalrolemanager.py 
	test_annotationrolepermissionmanager.py 
	test_localsecuritymap.py test_persistentlocalsecuritymap.py 
	test_principalpermissionmanager.py 
	test_principalrolemanager.py test_rolepermissionmanager.py 
Log Message:
Grand renaming:

- Renamed most files (especially python modules) to lower case.

- Moved views and interfaces into separate hierarchies within each
  project, where each top-level directory under the zope package
  is a separate project.

- Moved everything to src from lib/python.

  lib/python will eventually go away. I need access to the cvs
  repository to make this happen, however.

There are probably some bits that are broken. All tests pass
and zope runs, but I haven't tried everything. There are a number
of cleanups I'll work on tomorrow.



=== Zope3/src/zope/app/security/grants/tests/__init__.py 1.1 => 1.2 ===
--- /dev/null	Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/grants/tests/__init__.py	Wed Dec 25 09:13:17 2002
@@ -0,0 +1,2 @@
+#
+# This file is necessary to make this directory a package.


=== Zope3/src/zope/app/security/grants/tests/test_annotationprincipalpermissionmanager.py 1.1 => 1.2 ===
--- /dev/null	Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/grants/tests/test_annotationprincipalpermissionmanager.py	Wed Dec 25 09:13:17 2002
@@ -0,0 +1,148 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Test handler for AnnotationPrincipalPermissionManager module."""
+
+import sys
+import unittest
+
+from zope.app.interfaces.annotation import IAttributeAnnotatable
+from zope.component import getService
+from zope.app.interfaces.annotation import IAnnotations
+from zope.app.attributeannotations import AttributeAnnotations
+from zope.app.security.registries.permissionregistry \
+    import permissionRegistry as permregistry
+from zope.app.security.registries.principalregistry \
+    import principalRegistry as prinregistry
+from zope.app.security.grants.annotationprincipalpermissionmanager \
+    import AnnotationPrincipalPermissionManager
+from zope.app.security.settings import Allow, Deny, Unset
+from zope.app.tests.placelesssetup import PlacelessSetup
+
+class Manageable:
+    __implements__ = IAttributeAnnotatable
+
+class Test(PlacelessSetup, unittest.TestCase):
+
+    def setUp(self):
+        PlacelessSetup.setUp(self)
+        getService(None,"Adapters").provideAdapter(
+            IAttributeAnnotatable, IAnnotations,
+            AttributeAnnotations)
+
+    def _make_principal(self, id=None, title=None):
+        p = prinregistry.definePrincipal(
+            id or 'APrincipal',
+            title or 'A Principal',
+            login = id or 'APrincipal')
+        return p.getId()
+
+    def testUnboundPrincipalPermission(self):
+        manager = AnnotationPrincipalPermissionManager(Manageable())
+        permission = permregistry.definePermission('APerm', 'title')
+        permission = permission.getId()
+        principal = self._make_principal()
+        self.assertEqual(manager.getPrincipalsForPermission(permission), [])
+        self.assertEqual(manager.getPermissionsForPrincipal(principal), [])
+
+    def testPrincipalPermission(self):
+        manager = AnnotationPrincipalPermissionManager(Manageable())
+        permission = permregistry.definePermission('APerm', 'title')
+        permission = permission.getId()
+        principal = self._make_principal()
+
+        # check that an allow permission is saved correctly
+        manager.grantPermissionToPrincipal(permission, principal)
+        self.assertEqual(manager.getPrincipalsForPermission(permission),
+                         [(principal, Allow)])
+        self.assertEqual(manager.getPermissionsForPrincipal(principal),
+                         [(permission, Allow)])
+
+        # check that the allow permission is removed.
+        manager.unsetPermissionForPrincipal(permission, principal)
+        self.assertEqual(manager.getPrincipalsForPermission(permission), [])
+        self.assertEqual(manager.getPermissionsForPrincipal(principal), [])
+
+        # now put a deny in there, check it's set.
+        manager.denyPermissionToPrincipal(permission, principal)
+        self.assertEqual(manager.getPrincipalsForPermission(permission),
+                         [(principal, Deny)])
+        self.assertEqual(manager.getPermissionsForPrincipal(principal),
+                         [(permission, Deny)])
+
+        # test for deny followed by allow . The latter should override.
+        manager.grantPermissionToPrincipal(permission, principal)
+        self.assertEqual(manager.getPrincipalsForPermission(permission),
+                         [(principal, Allow)])
+        self.assertEqual(manager.getPermissionsForPrincipal(principal),
+                         [(permission, Allow)])
+
+        # check that allow followed by allow is just a single allow.
+        manager.grantPermissionToPrincipal(permission, principal)
+        self.assertEqual(manager.getPrincipalsForPermission(permission),
+                         [(principal, Allow)])
+        self.assertEqual(manager.getPermissionsForPrincipal(principal),
+                         [(permission, Allow)])
+
+        # check that two unsets in a row quietly ignores the second one.
+        manager.unsetPermissionForPrincipal(permission, principal)
+        manager.unsetPermissionForPrincipal(permission, principal)
+        self.assertEqual(manager.getPrincipalsForPermission(permission), [])
+        self.assertEqual(manager.getPermissionsForPrincipal(principal), [])
+
+        # check the result of getSetting() when it's empty.
+        self.assertEqual(manager.getSetting(permission, principal), Unset)
+
+        # check the result of getSetting() when it's allowed.
+        manager.grantPermissionToPrincipal(permission, principal)
+        self.assertEqual(manager.getSetting(permission, principal), Allow)
+
+        # check the result of getSetting() when it's denied.
+        manager.denyPermissionToPrincipal(permission, principal)
+        self.assertEqual(manager.getSetting(permission, principal), Deny)
+
+    def testManyPermissionsOnePrincipal(self):
+        manager = AnnotationPrincipalPermissionManager(Manageable())
+        perm1 = permregistry.definePermission('Perm One', 'title').getId()
+        perm2 = permregistry.definePermission('Perm Two', 'title').getId()
+        prin1 = self._make_principal()
+        manager.grantPermissionToPrincipal(perm1, prin1)
+        manager.grantPermissionToPrincipal(perm2, prin1)
+        perms = manager.getPermissionsForPrincipal(prin1)
+        self.assertEqual(len(perms), 2)
+        self.failUnless((perm1,Allow) in perms)
+        self.failUnless((perm2,Allow) in perms)
+        manager.denyPermissionToPrincipal(perm2, prin1)
+        perms = manager.getPermissionsForPrincipal(prin1)
+        self.assertEqual(len(perms), 2)
+        self.failUnless((perm1,Allow) in perms)
+        self.failUnless((perm2,Deny) in perms)
+
+    def testManyPrincipalsOnePermission(self):
+        manager = AnnotationPrincipalPermissionManager(Manageable())
+        perm1 = permregistry.definePermission('Perm One', 'title').getId()
+        prin1 = self._make_principal()
+        prin2 = self._make_principal('Principal 2', 'Principal Two')
+        manager.grantPermissionToPrincipal(perm1, prin1)
+        manager.denyPermissionToPrincipal(perm1, prin2)
+        principals = manager.getPrincipalsForPermission(perm1)
+        self.assertEqual(len(principals), 2)
+        self.failUnless((prin1,Allow) in principals)
+        self.failUnless((prin2,Deny) in principals)
+
+def test_suite():
+    loader=unittest.TestLoader()
+    return loader.loadTestsFromTestCase(Test)
+
+if __name__=='__main__':
+    unittest.TextTestRunner().run(test_suite())


=== Zope3/src/zope/app/security/grants/tests/test_annotationprincipalrolemanager.py 1.1 => 1.2 ===
--- /dev/null	Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/grants/tests/test_annotationprincipalrolemanager.py	Wed Dec 25 09:13:17 2002
@@ -0,0 +1,136 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Test handler for PrincipalRoleManager module."""
+
+import sys
+import unittest
+
+from zope.app.interfaces.annotation import IAttributeAnnotatable
+from zope.component import getService
+from zope.app.interfaces.annotation import IAnnotations
+from zope.app.attributeannotations import AttributeAnnotations
+from zope.app.security.registries.roleregistry import roleRegistry as rregistry
+from zope.app.security.registries.principalregistry \
+     import principalRegistry as pregistry
+from zope.app.security.grants.annotationprincipalrolemanager \
+        import AnnotationPrincipalRoleManager
+from zope.app.security.settings import Allow, Deny
+from zope.app.services.tests.placefulsetup \
+     import PlacefulSetup
+
+class Manageable:
+    __implements__ = IAttributeAnnotatable
+
+class Test(PlacefulSetup, unittest.TestCase):
+
+    def setUp(self):
+        PlacefulSetup.setUp(self)
+        getService(None, "Adapters").provideAdapter(
+            IAttributeAnnotatable, IAnnotations,
+            AttributeAnnotations)
+
+    def _make_principal(self, id=None, title=None):
+        p = pregistry.definePrincipal(
+            id or 'APrincipal',
+            title or 'A Principal',
+            login = id or 'APrincipal')
+        return p.getId()
+
+    def testUnboundPrincipalRole(self):
+        principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
+        role = rregistry.defineRole('ARole', 'A Role').getId()
+        principal = self._make_principal()
+        self.assertEqual(principalRoleManager.getPrincipalsForRole(role), [])
+        self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
+                         [])
+
+    def testPrincipalRoleAllow(self):
+        principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
+        role = rregistry.defineRole('ARole', 'A Role').getId()
+        principal = self._make_principal()
+        principalRoleManager.assignRoleToPrincipal(role, principal)
+        self.assertEqual(principalRoleManager.getPrincipalsForRole(role),
+                         [(principal, Allow)])
+        self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
+                         [(role, Allow)])
+
+    def testPrincipalRoleDeny(self):
+        principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
+        role = rregistry.defineRole('ARole', 'A Role').getId()
+        principal = self._make_principal()
+        principalRoleManager.removeRoleFromPrincipal(role, principal)
+        self.assertEqual(principalRoleManager.getPrincipalsForRole(role),
+                         [(principal, Deny)])
+        self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
+                         [(role, Deny)])
+
+    def testPrincipalRoleUnset(self):
+        principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
+        role = rregistry.defineRole('ARole', 'A Role').getId()
+        principal = self._make_principal()
+        principalRoleManager.removeRoleFromPrincipal(role, principal)
+        principalRoleManager.unsetRoleForPrincipal(role, principal)
+        self.assertEqual(principalRoleManager.getPrincipalsForRole(role),
+                         [])
+        self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
+                         [])
+
+    def testManyRolesOnePrincipal(self):
+        principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
+        role1 = rregistry.defineRole('Role One', 'Role #1').getId()
+        role2 = rregistry.defineRole('Role Two', 'Role #2').getId()
+        prin1 = self._make_principal()
+        principalRoleManager.assignRoleToPrincipal(role1, prin1)
+        principalRoleManager.assignRoleToPrincipal(role2, prin1)
+        roles = principalRoleManager.getRolesForPrincipal(prin1)
+        self.assertEqual(len(roles), 2)
+        self.failUnless((role1, Allow) in roles)
+        self.failUnless((role2, Allow) in roles)
+
+    def testManyPrincipalsOneRole(self):
+        principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
+        role1 = rregistry.defineRole('Role One', 'Role #1').getId()
+        prin1 = self._make_principal()
+        prin2 = self._make_principal('Principal 2', 'Principal Two')
+        principalRoleManager.assignRoleToPrincipal(role1, prin1)
+        principalRoleManager.assignRoleToPrincipal(role1, prin2)
+        principals = principalRoleManager.getPrincipalsForRole(role1)
+        self.assertEqual(len(principals), 2)
+        self.failUnless((prin1, Allow) in principals)
+        self.failUnless((prin2, Allow) in principals)
+
+    def testPrincipalsAndRoles(self):
+        principalRoleManager = AnnotationPrincipalRoleManager(Manageable())
+        principalsAndRoles = principalRoleManager.getPrincipalsAndRoles()
+        self.assertEqual(len(principalsAndRoles), 0)
+        role1 = rregistry.defineRole('Role One', 'Role #1').getId()
+        role2 = rregistry.defineRole('Role Two', 'Role #2').getId()
+        prin1 = self._make_principal()
+        prin2 = self._make_principal('Principal 2', 'Principal Two')
+        principalRoleManager.assignRoleToPrincipal(role1, prin1)
+        principalRoleManager.assignRoleToPrincipal(role1, prin2)
+        principalRoleManager.assignRoleToPrincipal(role2, prin1)
+        principalsAndRoles = principalRoleManager.getPrincipalsAndRoles()
+        self.assertEqual(len(principalsAndRoles), 3)
+        self.failUnless((role1, prin1, Allow) in principalsAndRoles)
+        self.failUnless((role1, prin2, Allow) in principalsAndRoles)
+        self.failUnless((role2, prin1, Allow) in principalsAndRoles)
+
+
+def test_suite():
+    loader=unittest.TestLoader()
+    return loader.loadTestsFromTestCase(Test)
+
+if __name__=='__main__':
+    unittest.TextTestRunner().run(test_suite())


=== Zope3/src/zope/app/security/grants/tests/test_annotationrolepermissionmanager.py 1.1 => 1.2 ===
--- /dev/null	Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/grants/tests/test_annotationrolepermissionmanager.py	Wed Dec 25 09:13:17 2002
@@ -0,0 +1,98 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+from zope.app.security.grants.annotationrolepermissionmanager \
+     import AnnotationRolePermissionManager
+from zope.app.interfaces.annotation import IAttributeAnnotatable
+from zope.app.interfaces.annotation import IAnnotations
+from zope.app.attributeannotations import AttributeAnnotations
+from zope.component \
+     import getServiceManager, getService
+from zope.app.interfaces.security import IRoleService
+from zope.app.interfaces.security import IPermissionService
+from zope.app.security.registries.roleregistry import roleRegistry
+from zope.app.security.registries.permissionregistry import permissionRegistry
+from zope.app.security.settings import Allow, Deny
+from zope.app.services.tests.placefulsetup \
+    import PlacefulSetup
+
+import unittest, sys
+
+class Manageable:
+    __implements__ = IAttributeAnnotatable
+
+class Test(PlacefulSetup, unittest.TestCase):
+
+    def setUp(self):
+        PlacefulSetup.setUp(self)
+        defineService=getServiceManager(None).defineService
+        provideService=getServiceManager(None).provideService
+        defineService('Roles', IRoleService)
+        defineService('Permissions', IPermissionService)
+        provideService('Roles', roleRegistry)
+        provideService('Permissions', permissionRegistry)
+        provideAdapter=getService(None,"Adapters").provideAdapter
+        provideAdapter(IAttributeAnnotatable, IAnnotations,
+                       AttributeAnnotations)
+
+        read = permissionRegistry.definePermission('read', 'Read Something')
+        self.read = read.getId()
+
+        write = permissionRegistry.definePermission('write', 'Write Something')
+        self.write = write.getId()
+
+        peon = roleRegistry.defineRole('peon', 'Poor Slob')
+        self.peon = peon.getId()
+
+        manager = roleRegistry.defineRole('manager', 'Supreme Being')
+        self.manager = manager.getId()
+
+    def testNormal(self):
+        obj = Manageable()
+        mgr = AnnotationRolePermissionManager(obj)
+        mgr.grantPermissionToRole(self.read,self.manager)
+        mgr.grantPermissionToRole(self.write,self.manager)
+        mgr.grantPermissionToRole(self.write,self.manager)
+
+        mgr.grantPermissionToRole(self.read,self.peon)
+
+        l = list(mgr.getPermissionsForRole(self.manager))
+        self.failUnless( (self.read, Allow) in l )
+        self.failUnless( (self.write, Allow) in l )
+
+        l = list(mgr.getPermissionsForRole(self.peon))
+        self.failUnless( [(self.read, Allow)] == l )
+
+        l = list(mgr.getRolesForPermission(self.read))
+        self.failUnless( (self.manager, Allow) in l )
+        self.failUnless( (self.peon, Allow) in l )
+
+        l = list(mgr.getRolesForPermission(self.write))
+        self.assertEqual(l, [ (self.manager, Allow) ] )
+
+        mgr.denyPermissionToRole(self.read, self.peon)
+        l = list(mgr.getPermissionsForRole(self.peon))
+        self.assertEqual(l, [(self.read, Deny)] )
+
+        mgr.unsetPermissionFromRole(self.read, self.peon)
+
+        l = list(mgr.getRolesForPermission(self.read))
+        self.assertEqual(l, [ (self.manager, Allow) ] )
+
+
+def test_suite():
+    loader=unittest.TestLoader()
+    return loader.loadTestsFromTestCase(Test)
+
+if __name__=='__main__':
+    unittest.TextTestRunner().run(test_suite())


=== Zope3/src/zope/app/security/grants/tests/test_localsecuritymap.py 1.1 => 1.2 ===
--- /dev/null	Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/grants/tests/test_localsecuritymap.py	Wed Dec 25 09:13:17 2002
@@ -0,0 +1,30 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+#############################################################################
+import unittest
+from zope.interface.verify import verifyClass
+from zope.app.interfaces.security.grants.localsecuritymap import ILocalSecurityMap
+from zope.app.security.grants.localsecuritymap import LocalSecurityMap
+
+class TestLocalSecurityMap(unittest.TestCase):
+
+    def testInterface(self):
+        verifyClass(ILocalSecurityMap, LocalSecurityMap)
+
+
+def test_suite():
+    loader = unittest.TestLoader()
+    return loader.loadTestsFromTestCase(TestLocalSecurityMap)
+
+if __name__ == '__main__':
+    unittest.main()


=== Zope3/src/zope/app/security/grants/tests/test_persistentlocalsecuritymap.py 1.1 => 1.2 ===
--- /dev/null	Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/grants/tests/test_persistentlocalsecuritymap.py	Wed Dec 25 09:13:17 2002
@@ -0,0 +1,34 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+#############################################################################
+import unittest
+from zope.interface.verify import verifyClass
+from zope.app.interfaces.security.grants.localsecuritymap import ILocalSecurityMap
+from zope.app.security.grants.persistentlocalsecuritymap import PersistentLocalSecurityMap
+from zope.app.security.grants.tests.test_localsecuritymap import \
+     TestLocalSecurityMap
+
+class TestPersistentLocalSecurityMap(TestLocalSecurityMap):
+
+    def testInterface(self):
+        verifyClass(ILocalSecurityMap, PersistentLocalSecurityMap)
+
+    # XXX test persistence...
+
+
+def test_suite():
+    loader = unittest.TestLoader()
+    return loader.loadTestsFromTestCase(TestPersistentLocalSecurityMap)
+
+if __name__ == '__main__':
+    unittest.main()


=== Zope3/src/zope/app/security/grants/tests/test_principalpermissionmanager.py 1.1 => 1.2 ===
--- /dev/null	Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/grants/tests/test_principalpermissionmanager.py	Wed Dec 25 09:13:17 2002
@@ -0,0 +1,123 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Test handler for PrincipalPermissionManager module."""
+
+import sys
+import unittest
+
+from zope.app.security.registries.permissionregistry \
+    import permissionRegistry as permregistry
+from zope.app.security.registries.principalregistry \
+    import principalRegistry as prinregistry
+from zope.app.security.grants.principalpermissionmanager \
+    import principalPermissionManager as manager
+from zope.app.security.settings import Allow, Deny, Unset
+from zope.testing.cleanup import CleanUp # Base class w registry cleanup
+
+class Test(CleanUp, unittest.TestCase):
+
+    def _make_principal(self, id=None, title=None):
+        p = prinregistry.definePrincipal(
+            id or 'APrincipal',
+            title or 'A Principal',
+            login = id or 'APrincipal')
+        return p.getId()
+
+    def testUnboundPrincipalPermission(self):
+        permission = permregistry.definePermission('APerm', 'title').getId()
+        principal = self._make_principal()
+        self.assertEqual(manager.getPrincipalsForPermission(permission), [])
+        self.assertEqual(manager.getPermissionsForPrincipal(principal), [])
+
+    def testPrincipalPermission(self):
+        permission = permregistry.definePermission('APerm', 'title').getId()
+        principal = self._make_principal()
+        # check that an allow permission is saved correctly
+        manager.grantPermissionToPrincipal(permission, principal)
+        self.assertEqual(manager.getPrincipalsForPermission(permission),
+                         [(principal, Allow)])
+        self.assertEqual(manager.getPermissionsForPrincipal(principal),
+                         [(permission, Allow)])
+        # check that the allow permission is removed.
+        manager.unsetPermissionForPrincipal(permission, principal)
+        self.assertEqual(manager.getPrincipalsForPermission(permission), [])
+        self.assertEqual(manager.getPermissionsForPrincipal(principal), [])
+        # now put a deny in there, check it's set.
+        manager.denyPermissionToPrincipal(permission, principal)
+        self.assertEqual(manager.getPrincipalsForPermission(permission),
+                         [(principal, Deny)])
+        self.assertEqual(manager.getPermissionsForPrincipal(principal),
+                         [(permission, Deny)])
+        # test for deny followed by allow . The latter should override.
+        manager.grantPermissionToPrincipal(permission, principal)
+        self.assertEqual(manager.getPrincipalsForPermission(permission),
+                         [(principal, Allow)])
+        self.assertEqual(manager.getPermissionsForPrincipal(principal),
+                         [(permission, Allow)])
+        # check that allow followed by allow is just a single allow.
+        manager.grantPermissionToPrincipal(permission, principal)
+        self.assertEqual(manager.getPrincipalsForPermission(permission),
+                         [(principal, Allow)])
+        self.assertEqual(manager.getPermissionsForPrincipal(principal),
+                         [(permission, Allow)])
+        # check that two unsets in a row quietly ignores the second one.
+        manager.unsetPermissionForPrincipal(permission, principal)
+        manager.unsetPermissionForPrincipal(permission, principal)
+        self.assertEqual(manager.getPrincipalsForPermission(permission), [])
+        self.assertEqual(manager.getPermissionsForPrincipal(principal), [])
+        # check the result of getSetting() when it's empty.
+        self.assertEqual(manager.getSetting(permission, principal), Unset)
+        # check the result of getSetting() when it's allowed.
+        manager.grantPermissionToPrincipal(permission, principal)
+        self.assertEqual(manager.getSetting(permission, principal), Allow)
+        # check the result of getSetting() when it's denied.
+        manager.denyPermissionToPrincipal(permission, principal)
+        self.assertEqual(manager.getSetting(permission, principal), Deny)
+
+    def testManyPermissionsOnePrincipal(self):
+        perm1 = permregistry.definePermission('Perm One', 'title').getId()
+        perm2 = permregistry.definePermission('Perm Two', 'title').getId()
+        prin1 = self._make_principal()
+        manager.grantPermissionToPrincipal(perm1, prin1)
+        manager.grantPermissionToPrincipal(perm2, prin1)
+        perms = manager.getPermissionsForPrincipal(prin1)
+        self.assertEqual(len(perms), 2)
+        self.failUnless((perm1,Allow) in perms)
+        self.failUnless((perm2,Allow) in perms)
+        manager.denyPermissionToPrincipal(perm2, prin1)
+        perms = manager.getPermissionsForPrincipal(prin1)
+        self.assertEqual(len(perms), 2)
+        self.failUnless((perm1,Allow) in perms)
+        self.failUnless((perm2,Deny) in perms)
+        perms = manager.getPrincipalsAndPermissions()
+        self.failUnless((perm1,prin1,Allow) in perms)
+        self.failUnless((perm2,prin1,Deny) in perms)
+
+    def testManyPrincipalsOnePermission(self):
+        perm1 = permregistry.definePermission('Perm One', 'title').getId()
+        prin1 = self._make_principal()
+        prin2 = self._make_principal('Principal 2', 'Principal Two')
+        manager.grantPermissionToPrincipal(perm1, prin1)
+        manager.denyPermissionToPrincipal(perm1, prin2)
+        principals = manager.getPrincipalsForPermission(perm1)
+        self.assertEqual(len(principals), 2)
+        self.failUnless((prin1,Allow) in principals)
+        self.failUnless((prin2,Deny) in principals)
+
+def test_suite():
+    loader=unittest.TestLoader()
+    return loader.loadTestsFromTestCase(Test)
+
+if __name__=='__main__':
+    unittest.TextTestRunner().run(test_suite())


=== Zope3/src/zope/app/security/grants/tests/test_principalrolemanager.py 1.1 => 1.2 ===
--- /dev/null	Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/grants/tests/test_principalrolemanager.py	Wed Dec 25 09:13:17 2002
@@ -0,0 +1,113 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Test handler for PrincipalRoleManager module."""
+
+import sys
+import unittest
+
+from zope.app.security.registries.roleregistry \
+     import roleRegistry as rregistry
+from zope.app.security.registries.principalregistry \
+     import principalRegistry as pregistry
+from zope.app.security.grants.principalrolemanager \
+     import principalRoleManager
+from zope.app.security.settings import Allow, Deny
+from zope.testing.cleanup import CleanUp # Base class w registry cleanup
+
+class Test(CleanUp, unittest.TestCase):
+
+    def _make_principal(self, id=None, title=None):
+        p = pregistry.definePrincipal(
+            id or 'APrincipal',
+            title or 'A Principal',
+            login = id or 'APrincipal')
+        return p.getId()
+
+    def testUnboundPrincipalRole(self):
+        role = rregistry.defineRole('ARole', 'A Role').getId()
+        principal = self._make_principal()
+        self.assertEqual(principalRoleManager.getPrincipalsForRole(role), [])
+        self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
+                         [])
+
+    def testPrincipalRoleAllow(self):
+        role = rregistry.defineRole('ARole', 'A Role').getId()
+        principal = self._make_principal()
+        principalRoleManager.assignRoleToPrincipal(role, principal)
+        self.assertEqual(principalRoleManager.getPrincipalsForRole(role),
+                         [(principal, Allow)])
+        self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
+                         [(role, Allow)])
+
+    def testPrincipalRoleDeny(self):
+        role = rregistry.defineRole('ARole', 'A Role').getId()
+        principal = self._make_principal()
+        principalRoleManager.removeRoleFromPrincipal(role, principal)
+        self.assertEqual(principalRoleManager.getPrincipalsForRole(role),
+                         [(principal, Deny)])
+        self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
+                         [(role, Deny)])
+
+    def testPrincipalRoleUnset(self):
+        role = rregistry.defineRole('ARole', 'A Role').getId()
+        principal = self._make_principal()
+        principalRoleManager.removeRoleFromPrincipal(role, principal)
+        principalRoleManager.unsetRoleForPrincipal(role, principal)
+        self.assertEqual(principalRoleManager.getPrincipalsForRole(role),
+                         [])
+        self.assertEqual(principalRoleManager.getRolesForPrincipal(principal),
+                         [])
+
+    def testManyRolesOnePrincipal(self):
+        role1 = rregistry.defineRole('Role One', 'Role #1').getId()
+        role2 = rregistry.defineRole('Role Two', 'Role #2').getId()
+        prin1 = self._make_principal()
+        principalRoleManager.assignRoleToPrincipal(role1, prin1)
+        principalRoleManager.assignRoleToPrincipal(role2, prin1)
+        roles = principalRoleManager.getRolesForPrincipal(prin1)
+        self.assertEqual(len(roles), 2)
+        self.failUnless((role1, Allow) in roles)
+        self.failUnless((role2, Allow) in roles)
+
+    def testManyPrincipalsOneRole(self):
+        role1 = rregistry.defineRole('Role One', 'Role #1').getId()
+        prin1 = self._make_principal()
+        prin2 = self._make_principal('Principal 2', 'Principal Two')
+        principalRoleManager.assignRoleToPrincipal(role1, prin1)
+        principalRoleManager.assignRoleToPrincipal(role1, prin2)
+        principals = principalRoleManager.getPrincipalsForRole(role1)
+        self.assertEqual(len(principals), 2)
+        self.failUnless((prin1, Allow) in principals)
+        self.failUnless((prin2, Allow) in principals)
+
+    def testPrincipalsAndRoles(self):
+        role1 = rregistry.defineRole('Role One', 'Role #1').getId()
+        role2 = rregistry.defineRole('Role Two', 'Role #2').getId()
+        prin1 = self._make_principal()
+        prin2 = self._make_principal('Principal 2', 'Principal Two')
+        principalRoleManager.assignRoleToPrincipal(role1, prin1)
+        principalRoleManager.assignRoleToPrincipal(role1, prin2)
+        principalRoleManager.assignRoleToPrincipal(role2, prin1)
+        principalsAndRoles = principalRoleManager.getPrincipalsAndRoles()
+        self.assertEqual(len(principalsAndRoles), 3)
+        self.failUnless((role1, prin1, Allow) in principalsAndRoles)
+        self.failUnless((role1, prin2, Allow) in principalsAndRoles)
+        self.failUnless((role2, prin1, Allow) in principalsAndRoles)
+
+def test_suite():
+    loader=unittest.TestLoader()
+    return loader.loadTestsFromTestCase(Test)
+
+if __name__=='__main__':
+    unittest.TextTestRunner().run(test_suite())


=== Zope3/src/zope/app/security/grants/tests/test_rolepermissionmanager.py 1.1 => 1.2 ===
--- /dev/null	Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/grants/tests/test_rolepermissionmanager.py	Wed Dec 25 09:13:17 2002
@@ -0,0 +1,92 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Test handler for RolePermissionManager module."""
+
+import sys
+import unittest
+
+from zope.app.security.registries.permissionregistry \
+        import permissionRegistry as pregistry
+from zope.app.security.registries.roleregistry \
+        import roleRegistry as rregistry
+from zope.app.security.grants.rolepermissionmanager \
+        import rolePermissionManager as manager
+from zope.app.security.settings \
+        import Allow, Deny, Unset
+from zope.testing.cleanup import CleanUp # Base class w registry cleanup
+
+class Test(CleanUp, unittest.TestCase):
+
+    def testUnboundRolePermission(self):
+        permission = pregistry.definePermission('APerm', 'aPerm title').getId()
+        role = rregistry.defineRole('ARole', 'A Role').getId()
+        self.assertEqual(manager.getRolesForPermission(permission), [])
+        self.assertEqual(manager.getPermissionsForRole(role), [])
+
+    def testRolePermission(self):
+        permission = pregistry.definePermission('APerm', 'aPerm title').getId()
+        role = rregistry.defineRole('ARole', 'A Role').getId()
+        manager.grantPermissionToRole(permission, role)
+        self.assertEqual(manager.getRolesForPermission(permission),
+                                                        [(role,Allow)])
+        self.assertEqual(manager.getPermissionsForRole(role),
+                                                    [(permission,Allow)])
+
+    def testManyPermissionsOneRole(self):
+        perm1 = pregistry.definePermission('Perm One', 'P1').getId()
+        perm2 = pregistry.definePermission('Perm Two', 'P2').getId()
+        perm3 = pregistry.definePermission('Perm Three', 'P3').getId()
+        role1 = rregistry.defineRole('Role One', 'Role #1').getId()
+        perms = manager.getPermissionsForRole(role1)
+        self.assertEqual(len(perms), 0)
+        manager.grantPermissionToRole(perm1, role1)
+        manager.grantPermissionToRole(perm2, role1)
+        manager.grantPermissionToRole(perm2, role1)
+        manager.denyPermissionToRole(perm3, role1)
+        perms = manager.getPermissionsForRole(role1)
+        self.assertEqual(len(perms), 3)
+        self.failUnless((perm1,Allow) in perms)
+        self.failUnless((perm2,Allow) in perms)
+        self.failUnless((perm3,Deny) in perms)
+        manager.unsetPermissionFromRole(perm1, role1)
+        perms = manager.getPermissionsForRole(role1)
+        self.assertEqual(len(perms), 2)
+        self.failUnless((perm2,Allow) in perms)
+
+    def testManyRolesOnePermission(self):
+        perm1 = pregistry.definePermission('Perm One', 'title').getId()
+        role1 = rregistry.defineRole('Role One', 'Role #1').getId()
+        role2 = rregistry.defineRole('Role Two', 'Role #2').getId()
+        roles = manager.getRolesForPermission(perm1)
+        self.assertEqual(len(roles), 0)
+        manager.grantPermissionToRole(perm1, role1)
+        manager.grantPermissionToRole(perm1, role2)
+        manager.grantPermissionToRole(perm1, role2)
+        manager.denyPermissionToRole(perm1, role1)
+        roles = manager.getRolesForPermission(perm1)
+        self.assertEqual(len(roles), 2)
+        self.failIf((role1,Allow) in roles)
+        self.failUnless((role1,Deny) in roles)
+        self.failUnless((role2,Allow) in roles)
+        manager.unsetPermissionFromRole(perm1, role1)
+        roles = manager.getRolesForPermission(perm1)
+        self.assertEqual(len(roles), 1)
+        self.failUnless((role2,Allow) in roles)
+
+def test_suite():
+    loader=unittest.TestLoader()
+    return loader.loadTestsFromTestCase(Test)
+
+if __name__=='__main__':
+    unittest.TextTestRunner().run(test_suite())