diff options
| author | Jason Madden <jason+github@nextthought.com> | 2017-09-13 09:17:34 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-09-13 09:17:34 -0500 |
| commit | dde46cb714f32d40f3cc1ed70bf5653dcc6a7654 (patch) | |
| tree | c04a86bdbd85ac19c8f2fc1ca693af4e18eb87b2 | |
| parent | 54ee5cd67f94667b82180cf165a80ec38946b652 (diff) | |
| parent | 9874e2d11728a68477d8270e22bc99f9aab5e894 (diff) | |
| download | zope-security-dde46cb714f32d40f3cc1ed70bf5653dcc6a7654.tar.gz | |
Merge pull request #41 from zopefoundation/issue40
Reach 100% coverage
27 files changed, 1011 insertions, 1225 deletions
diff --git a/.coveragerc b/.coveragerc index bb46267..6bd02c1 100644 --- a/.coveragerc +++ b/.coveragerc @@ -1,5 +1,6 @@ [run] source = zope.security +omit = */flycheck_*.py [report] precision = 2 diff --git a/CHANGES.rst b/CHANGES.rst index cfeedca..c6eacf3 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -1,14 +1,15 @@ -Changes -======= +========= + Changes +========= -4.1.2 (unreleased) ------------------- +4.2.0 (unreleased) +================== - Fix the extremely rare potential for a crash when the C extensions are in use. See `issue 35 <https://github.com/zopefoundation/zope.security/issues/35>`_. - Fix `issue 7 - <https://github.com/zopefoundation/zope.security/issues/7`_: The + <https://github.com/zopefoundation/zope.security/issues/7>`_: The pure-Python proxy didn't propagate ``TypeError`` from ``__repr__`` and ``__str__`` like the C implementation did. @@ -43,8 +44,24 @@ Changes - Fix watching checkers (``ZOPE_WATCH_CHECKERS=1``) in pure-Python mode. See `issue 8 <https://github.com/zopefoundation/zope.security/issues/8>`_. +- Remove unused internal files from ``tests/``. + +- Remove ``zope.security.setup``. It was unused and did not work + anyway. + +- Fix the pure-Python proxy on Python 2 letting ``__getslice__`` and + ``__setslice__`` fall through to ``__getitem__`` or ``__setitem__``, + respectively, if it raised an error. + +- Fix the pure-Python proxy calling a wrapped ``__getattr__`` or + ``__getattribute__`` more than once in situations where the C + implementation only called it one time (when it raised an + AttributeError). + +- Reach 100% test coverage and maintain it via automated checks. + 4.1.1 (2017-05-17) ------------------- +================== - Fix `issue 23 <https://github.com/zopefoundation/zope.security/issues/23>`_: iteration of ``collections.OrderedDict`` and its various views is @@ -54,7 +71,7 @@ Changes allowed by default. 4.1.0 (2017-04-24) ------------------- +================== - When testing ``PURE_PYTHON`` environments under ``tox``, avoid poisoning the user's global wheel cache. @@ -68,13 +85,13 @@ Changes ``BTrees.items()`` on Python 3. The same applies for ``keys()`` and ``values()``. 4.0.3 (2015-06-02) ------------------- +================== - Fix iteration over security proxies in Python 3 using the pure-Python implementation. 4.0.2 (2015-06-02) ------------------- +================== - Fix compatibility with ``zope.proxy`` 4.1.5 under PyPy. @@ -82,12 +99,12 @@ Changes incorrect results if given a proxy under PyPy. 4.0.1 (2014-03-19) ------------------- +================== - Add support for Python 3.4. 4.0.0 (2013-07-09) ------------------- +================== - Update ``boostrap.py`` to version 2.2. @@ -98,7 +115,7 @@ Changes 4.0.0b1 (2013-03-11) --------------------- +==================== - Add support for PyPy. @@ -106,26 +123,26 @@ Changes 4.0.0a5 (2013-02-28) --------------------- +==================== - Undo changes from 4.0.0a4. Instead, ``zope.untrustedpython`` is only included during Python 2 installs. 4.0.0a4 (2013-02-28) --------------------- +==================== - Remove ``untrustedpython`` extra again, since we do not want to support ``zope.untrustedpython`` in ZTK 2.0. If BBB is really needed, we will create a 3.10.0 release. 4.0.0a3 (2013-02-15) --------------------- +==================== - Fix test breakage in 4.0.0a2 due to deprecation strategy. 4.0.0a2 (2013-02-15) --------------------- +==================== - Add back the ``untrustedpython`` extra: now pulls in ``zope.untrustedpython``. Restored deprecated backward-compatible imports @@ -134,7 +151,7 @@ Changes 4.0.0a1 (2013-02-14) --------------------- +==================== - Add support for Python 3.2 and 3.3. @@ -185,7 +202,7 @@ Changes ``with interaction()``. 3.9.0 (2012-12-21) ------------------- +================== - Pin ``zope.proxy >= 4.1.0`` @@ -193,18 +210,18 @@ Changes 4.1.x version ov ``zope.proxy``. 3.8.5 (2012-12-21) ------------------- +================== - Ship with an included ``proxy.h`` header which is compatible with the supported versions of ``zope.proxy``. 3.8.4 (2012-12-20) ------------------- +================== - Pin ``zope.proxy >= 3.4.2, <4.1dev`` 3.8.3 (2011-09-24) ------------------- +================== - Fix a regression introduced in 3.8.1: ``zope.location``\'s LocationProxy did not get a security checker if ``zope.security.decorator`` was not @@ -213,13 +230,13 @@ Changes 3.8.1. 3.8.2 (2011-05-24) ------------------- +================== - Fix a test that failed on Python 2.7. 3.8.1 (2011-05-03) ------------------- +================== - Fix circular import beween ``zope.security.decorator`` and ``zope.security.proxy`` which led to an ``ImportError`` when only @@ -227,7 +244,7 @@ Changes 3.8.0 (2010-12-14) ------------------- +================== - Add tests for our own ``configure.zcml``. @@ -239,7 +256,7 @@ Changes 3.7.3 (2010-04-30) ------------------- +================== - Prefer the standard library's ``doctest`` module to the one from ``zope.testing``. @@ -255,13 +272,13 @@ Changes 3.7.2 (2009-11-10) ------------------- +================== - Add compatibility with Python 2.6 abstract base classes. 3.7.1 (2009-08-13) ------------------- +================== - Fix for LP bug 181833 (from Gustavo Niemeyer). Before "visiting" a sub-object, a check should be made to ensure the object is still valid. @@ -273,7 +290,7 @@ Changes 3.7.0 (2009-05-13) ------------------- +================== - Make ``pytz`` a soft dependency: the checker for ``pytz.UTC`` is created / tested only if the package is already present. Run @@ -281,7 +298,7 @@ Changes 3.6.3 (2009-03-23) ------------------- +================== - Ensure that simple zope.schema's ``VocabularyRegistry`` is used for ``PermissionVocabulary`` tests, because it's replaced implicitly in @@ -295,7 +312,7 @@ Changes 3.6.2 (2009-03-14) ------------------- +================== - Add ``zope.i18nmessageid.Message`` to non-proxied basic types. It's okay, because messages are immutable. Done previously by ``zope.app.security``. @@ -324,7 +341,7 @@ Changes 3.6.1 (2009-03-10) ------------------- +================== - Use ``from`` imports instead of ``zope.deferred`` to avoid circular import problems, thus drop dependency on ``zope.deferredimport``. @@ -343,7 +360,7 @@ Changes 3.6.0 (2009-01-31) ------------------- +================== - Install decorated security checker support on ``LocationProxy`` from the outside. @@ -361,27 +378,27 @@ Changes 3.5.2 (2008-07-27) ------------------- +================== - Make C code compatible with Python 2.5 on 64bit architectures. 3.5.1 (2008-06-04) ------------------- +================== - Add ``frozenset``, ``set``, ``reversed``, and ``sorted`` to the list of safe builtins. 3.5.0 (2008-03-05) ------------------- +================== - Changed title for ``zope.security.management.system_user`` to be more presentable. 3.4.3 - (2009/11/26) --------------------- +==================== - Backport a fix made by Gary Poster to the 3.4 branch: Fix for LP bug 181833 (from Gustavo Niemeyer). Before "visiting" a @@ -394,7 +411,7 @@ Changes 3.4.2 - (2009/03/23) --------------------- +==================== - Add dependency on ``zope.thread`` to setup.py; without it, the tests were failing. @@ -407,31 +424,31 @@ Changes 3.4.1 - 2008/07/27 ------------------- +================== - Make C code compatible with Python 2.5 on 64bit architectures. 3.4.0 (2007-10-02) ------------------- +================== - Update meta-data. 3.4.0b5 (2007-08-15) --------------------- +==================== - Fix a circular import in the C implementation. 3.4.0b4 (2007-08-14) --------------------- +==================== - Improve ugly/brittle ID of ``zope.security.management.system_user``. 3.4.0b3 (2007-08-14) --------------------- +==================== - Add support for Python 2.5. @@ -444,7 +461,7 @@ Changes 3.4.0b2 (2007-06-15) --------------------- +==================== - Bug: Remove stack extraction in ``newInteraction``. When using eggs this is an extremly expensive function. The publisher is now more than 10 times @@ -452,7 +469,7 @@ Changes 3.4.0b1 -------- +======= - Temporarily fixed the hidden (and accidental) dependency on zope.testing to become optional. @@ -462,7 +479,7 @@ individual package and have been documented in the Zope 3 changelog. 3.2.0 (2006-01-05) ------------------- +================== - Corresponds to the verison of the ``zope.security`` package shipped as part of the Zope 3.2.0 release. @@ -481,7 +498,7 @@ individual package and have been documented in the Zope 3 changelog. 3.1.0 (2005-10-03) ------------------- +================== - Add support for use of the new Python 2.4 datatypes, ``set`` and ``frozenset``, within checked code. @@ -510,7 +527,7 @@ individual package and have been documented in the Zope 3 changelog. 3.0.0 (2004-11-07) ------------------- +================== - Corresponds to the version of the ``zope.security`` package shipped as part of the Zope X3.0.0 release. @@ -1,20 +1,27 @@ -``zope.security`` -================= +=============== + zope.security +=============== .. image:: https://img.shields.io/pypi/v/zope.security.svg - :target: https://pypi.python.org/pypi/zope.security/ - :alt: Latest Version + :target: https://pypi.python.org/pypi/zope.security/ + :alt: Latest release + +.. image:: https://img.shields.io/pypi/pyversions/zope.security.svg + :target: https://pypi.org/project/zope.security/ + :alt: Supported Python versions .. image:: https://travis-ci.org/zopefoundation/zope.security.png?branch=master :target: https://travis-ci.org/zopefoundation/zope.security -.. image:: https://readthedocs.org/projects/zopesecurity/badge/?version=latest - :target: http://zopesecurity.readthedocs.org/en/latest/ - :alt: Documentation Status - .. image:: https://coveralls.io/repos/github/zopefoundation/zope.security/badge.svg?branch=master :target: https://coveralls.io/github/zopefoundation/zope.security?branch=master +.. image:: https://readthedocs.org/projects/zopesecurity/badge/?version=latest + :target: https://zopesecurity.readthedocs.io/en/latest/ + :alt: Documentation Status + The Security framework provides a generic mechanism to implement security policies on Python objects. + +Documentation is available at https://zopesecurity.readthedocs.io/ @@ -116,7 +116,7 @@ if is_pypy or is_jython: setup_requires = [] features = {} else: - setup_requires = ['zope.proxy >= 4.1.0'] + setup_requires = ['zope.proxy >= 4.3.0'] features = { 'codeoptimization': codeoptimization, } @@ -132,7 +132,7 @@ TESTS_REQUIRE = [ setup(name='zope.security', - version='4.1.2.dev0', + version='4.2.0.dev0', author='Zope Foundation and Contributors', author_email='zope-dev@zope.org', description='Zope Security Framework', @@ -177,7 +177,7 @@ setup(name='zope.security', 'zope.i18nmessageid', 'zope.interface', 'zope.location', - 'zope.proxy >= 4.1.0', + 'zope.proxy >= 4.3.0', 'zope.schema', ], tests_require=TESTS_REQUIRE, diff --git a/src/zope/security/adapter.py b/src/zope/security/adapter.py index c830cf4..f92ac34 100644 --- a/src/zope/security/adapter.py +++ b/src/zope/security/adapter.py @@ -65,9 +65,8 @@ class LocatingTrustedAdapterFactory(object): return assertLocation(adapter, context) def _customizeUnprotected(self, adapter, context): - if (ILocation.providedBy(adapter) - and adapter.__parent__ is None): - adapter.__parent__ = context + if ILocation.providedBy(adapter) and adapter.__parent__ is None: + adapter.__parent__ = context return adapter def __call__(self, *args): diff --git a/src/zope/security/checker.py b/src/zope/security/checker.py index 575d16d..7de50d5 100644 --- a/src/zope/security/checker.py +++ b/src/zope/security/checker.py @@ -64,7 +64,7 @@ WATCH_CHECKERS = 0 if os.environ.get('ZOPE_WATCH_CHECKERS'): try: WATCH_CHECKERS = int(os.environ.get('ZOPE_WATCH_CHECKERS')) - except ValueError: + except ValueError: # pragma: no cover WATCH_CHECKERS = 1 @@ -414,7 +414,7 @@ def defineChecker(type_, checker): """ if not isinstance(type_, DEFINABLE_TYPES): raise TypeError( - 'type_ must be a type, class or module, not a %s' % type_) + 'type_ must be a type, class or module, not a %s' % type_) if type_ in _checkers: raise DuplicationError(type_) _checkers[type_] = checker @@ -503,7 +503,8 @@ class CombinedChecker(Checker): except ForbiddenAttribute: self._checker2.check_setattr(object, name) except Unauthorized as unauthorized_exception: - try: self._checker2.check_setattr(object, name) + try: + self._checker2.check_setattr(object, name) except ForbiddenAttribute: raise unauthorized_exception @@ -530,7 +531,7 @@ class CheckerLoggingMixin(object): if self.verbosity > 1: if name in _available_by_default: self._log('[CHK] + Always available: %s on %r' - % (name, object), 2) + % (name, object), 2) else: self._log( '[CHK] + Granted: %s on %r' % (name, object), 2) @@ -608,42 +609,47 @@ def moduleChecker(module): return _checkers.get(module) -_available_by_default[:] = ['__lt__', '__le__', '__eq__', - '__gt__', '__ge__', '__ne__', - '__hash__', '__nonzero__', - '__class__', '__providedBy__', '__implements__', - '__repr__', '__conform__', - '__name__', '__parent__', - ] +_available_by_default[:] = [ + '__lt__', '__le__', '__eq__', + '__gt__', '__ge__', '__ne__', + '__hash__', '__nonzero__', + '__class__', '__providedBy__', '__implements__', + '__repr__', '__conform__', + '__name__', '__parent__', +] _callableChecker = NamesChecker(['__str__', '__name__', '__call__']) -_typeChecker = NamesChecker( - ['__str__', '__name__', '__module__', '__bases__', '__mro__', - '__implemented__']) +_typeChecker = NamesChecker([ + '__str__', '__name__', '__module__', '__bases__', '__mro__', + '__implemented__', +]) _namedChecker = NamesChecker(['__name__']) - -_iteratorChecker = NamesChecker(['next', '__next__', '__iter__', '__len__', - '__length_hint__',]) - -_setChecker = NamesChecker(['__iter__', '__len__', '__str__', '__contains__', - 'copy', 'difference', 'intersection', 'issubset', - 'issuperset', 'symmetric_difference', 'union', - '__and__', '__or__', '__sub__', '__xor__', - '__rand__', '__ror__', '__rsub__', '__rxor__', - '__eq__', '__ne__', '__lt__', '__gt__', - '__le__', '__ge__']) - -class BasicTypes(dict): +_iteratorChecker = NamesChecker([ + 'next', '__next__', '__iter__', '__len__', + '__length_hint__', +]) + +_setChecker = NamesChecker([ + '__iter__', '__len__', '__str__', '__contains__', + 'copy', 'difference', 'intersection', 'issubset', + 'issuperset', 'symmetric_difference', 'union', + '__and__', '__or__', '__sub__', '__xor__', + '__rand__', '__ror__', '__rsub__', '__rxor__', + '__eq__', '__ne__', '__lt__', '__gt__', + '__le__', '__ge__', +]) + +class _BasicTypes(dict): """Basic Types Dictionary Make sure that checkers are really updated, when a new type is added. """ def __setitem__(self, name, value): - super(BasicTypes.__class__, self).__setitem__(name, value) + dict.__setitem__(self, name, value) _checkers[name] = value def __delitem__(self, name): - super(BasicTypes.__class__, self).__delitem__(name) + dict.__delitem__(self, name) del _checkers[name] def clear(self): @@ -651,7 +657,7 @@ class BasicTypes(dict): raise NotImplementedError def update(self, d): - super(BasicTypes.__class__, self).update(d) + dict.update(self, d) _checkers.update(d) _basic_types = { @@ -680,12 +686,12 @@ else: # pragma: no cover try: import pytz -except ImportError: +except ImportError: # pragma: no cover pass -else: # pragma: no cover +else: _basic_types[type(pytz.UTC)] = NoProxy -BasicTypes = BasicTypes(_basic_types) +BasicTypes = _BasicTypes(_basic_types) del _basic_types # Available for tests. Located here so it can be kept in sync with BasicTypes. @@ -709,9 +715,11 @@ if PYTHON2: BasicTypes_examples[long] = long(65536) -class _Sequence(object): # pragma: no cover - def __len__(self): return 0 - def __getitem__(self, i): raise IndexError +class _Sequence(object): + def __len__(self): + raise NotImplementedError() + def __getitem__(self, i): + raise NotImplementedError() _Declaration_checker = InterfaceChecker( IDeclaration, @@ -773,7 +781,7 @@ _default_checkers = { __str__=CheckerPublic, _implied=CheckerPublic, subscribe=CheckerPublic, ), zope.interface.interface.Method: InterfaceChecker( - zope.interface.interfaces.IMethod), + zope.interface.interfaces.IMethod), zope.interface.declarations.ProvidesClass: _Declaration_checker, zope.interface.declarations.ClassProvides: _Declaration_checker, zope.interface.declarations.Implements: _Declaration_checker, @@ -908,34 +916,35 @@ def _fixup_itertools(): missing_in_py2 = {'zip_longest', 'accumulate', 'compress', 'combinations', 'combinations_with_replacement'} missing = missing_in_py3 if sys.version_info[0] >= 3 else missing_in_py2 - for func, args in (('count', ()), - ('cycle', ((),)), - ('dropwhile', pred_iterable), - ('ifilter', pred_iterable), - ('ifilterfalse', pred_iterable), - ('imap', pred_iterable), - ('islice', (iterable, 2)), - ('izip', (iterable,)), - ('izip_longest', (iterable,)), - ('permutations', (iterable,)), - ('product', (iterable,)), - ('repeat', (1, 2)), - ('starmap', pred_iterable), - ('takewhile', pred_iterable), - ('tee', (iterable,)), - # Python 3 additions - ('zip_longest', (iterable,)), - ('accumulate', (iterable,)), - ('compress', (iterable, ())), - ('combinations', (iterable, 1)), - ('combinations_with_replacement', (iterable, 1)), + for func, args in ( + ('count', ()), + ('cycle', ((),)), + ('dropwhile', pred_iterable), + ('ifilter', pred_iterable), + ('ifilterfalse', pred_iterable), + ('imap', pred_iterable), + ('islice', (iterable, 2)), + ('izip', (iterable,)), + ('izip_longest', (iterable,)), + ('permutations', (iterable,)), + ('product', (iterable,)), + ('repeat', (1, 2)), + ('starmap', pred_iterable), + ('takewhile', pred_iterable), + ('tee', (iterable,)), + # Python 3 additions + ('zip_longest', (iterable,)), + ('accumulate', (iterable,)), + ('compress', (iterable, ())), + ('combinations', (iterable, 1)), + ('combinations_with_replacement', (iterable, 1)), ): try: func = getattr(itertools, func) except AttributeError: - if func in missing: - continue - raise + assert func in missing, "Expected %s but not found" % (func,) + continue # pragma: no cover This is hit on Python 2, but it doesn't always show + result = func(*args) if func == itertools.tee: result = result[0] diff --git a/src/zope/security/interfaces.py b/src/zope/security/interfaces.py index 9831b29..1035b77 100644 --- a/src/zope/security/interfaces.py +++ b/src/zope/security/interfaces.py @@ -119,7 +119,7 @@ class IChecker(Interface): def check_setattr(ob, name): """Check whether attribute assignment is allowed. - + May raise Unauthorized or Forbidden. Returns no value. """ @@ -236,7 +236,7 @@ class IInteractionManagement(Interface): Does nothing if there is no interaction. """ - + class IPrincipal(Interface): """Principals are security artifacts that execute actions in a security environment. @@ -268,13 +268,13 @@ class IPrincipal(Interface): title=_("Description"), description=_("A detailed description of the principal."), required=False) - - + + class IGroupAwarePrincipal(IPrincipal): """Group aware principal interface Extends IPrincipal to contain group information. """ - + groups = Attribute( 'An iterable of groups to which the principal directly belongs') diff --git a/src/zope/security/management.py b/src/zope/security/management.py index 6539200..7a77f1a 100644 --- a/src/zope/security/management.py +++ b/src/zope/security/management.py @@ -76,7 +76,7 @@ def newInteraction(*participations): """Start a new interaction.""" if queryInteraction() is not None: raise ExistingInteraction("newInteraction called" - " while another interaction is active.") + " while another interaction is active.") thread_local.interaction = getSecurityPolicy()(*participations) def endInteraction(): @@ -134,13 +134,9 @@ def _clear(): global _defaultPolicy _defaultPolicy = ParanoidSecurityPolicy -# XXX This code is used to support automated testing. However, it shouldn't be -# here and needs to be refactored. The empty addCleanUp-method is a temporary -# workaround to fix packages that depend on zope.security but don't have a -# need for zope.testing. try: from zope.testing.cleanup import addCleanUp -except ImportError: #pragma NO COVER +except ImportError: # pragma: no cover pass else: addCleanUp(_clear) diff --git a/src/zope/security/metaconfigure.py b/src/zope/security/metaconfigure.py index e2dd0a0..5f4884f 100644 --- a/src/zope/security/metaconfigure.py +++ b/src/zope/security/metaconfigure.py @@ -56,17 +56,17 @@ class ClassDirective(object): def implements(self, _context, interface): for interface in interface: _context.action( - discriminator = ( - 'ContentDirective', self.__class, object()), - callable = classImplements, - args = (self.__class, interface), - ) + discriminator=( + 'ContentDirective', self.__class, object()), + callable=classImplements, + args=(self.__class, interface), + ) _context.action( - discriminator = None, - callable = provideInterface, - args = (interface.__module__ + '.' + interface.getName(), - interface) - ) + discriminator=None, + callable=provideInterface, + args=(interface.__module__ + '.' + interface.getName(), + interface) + ) def require(self, _context, permission=None, attributes=None, interface=None, @@ -101,7 +101,7 @@ class ClassDirective(object): discriminator=('mimic', self.__class, object()), callable=protectLikeUnto, args=(self.__class, class_), - ) + ) def allow(self, _context, attributes=None, interface=None): """Like require, but with permission_id zope.Public""" @@ -112,19 +112,19 @@ class ClassDirective(object): for n, d in sorted(interface.namesAndDescriptions(1)): self.__protectName(n, permission_id) self.__context.action( - discriminator = None, - callable = provideInterface, - args = (interface.__module__ + '.' + interface.getName(), - interface) - ) + discriminator=None, + callable=provideInterface, + args=(interface.__module__ + '.' + interface.getName(), + interface) + ) def __protectName(self, name, permission_id): "Set a permission on a particular name." self.__context.action( - discriminator = ('protectName', self.__class, name), - callable = protectName, - args = (self.__class, name, permission_id) - ) + discriminator=('protectName', self.__class, name), + callable=protectName, + args=(self.__class, name, permission_id) + ) def __protectNames(self, names, permission_id): "Set a permission on a bunch of names." @@ -135,10 +135,10 @@ class ClassDirective(object): "Set a permission on a bunch of names." for name in names: self.__context.action( - discriminator = ('protectSetAttribute', self.__class, name), - callable = protectSetAttribute, - args = (self.__class, name, permission_id) - ) + discriminator=('protectSetAttribute', self.__class, name), + callable=protectSetAttribute, + args=(self.__class, name, permission_id) + ) def __protectSetSchema(self, schema, permission_id): "Set a permission on a bunch of names." @@ -147,16 +147,16 @@ class ClassDirective(object): field = schema[name] if IField.providedBy(field) and not field.readonly: _context.action( - discriminator = ('protectSetAttribute', self.__class, name), - callable = protectSetAttribute, - args = (self.__class, name, permission_id) - ) + discriminator=('protectSetAttribute', self.__class, name), + callable=protectSetAttribute, + args=(self.__class, name, permission_id) + ) _context.action( - discriminator = None, - callable = provideInterface, - args = (schema.__module__ + '.' + schema.getName(), - schema) - ) + discriminator=None, + callable=provideInterface, + args=(schema.__module__ + '.' + schema.getName(), + schema) + ) def __call__(self): "Handle empty/simple declaration." @@ -214,9 +214,9 @@ def allow(context, attributes=(), interface=()): context.action( discriminator=('http://namespaces.zope.org/zope:module', context.module, name), - callable = protectModule, - args = (context.module, name, 'zope.Public'), - ) + callable=protectModule, + args=(context.module, name, 'zope.Public'), + ) def require(context, permission, attributes=(), interface=()): @@ -224,6 +224,6 @@ def require(context, permission, attributes=(), interface=()): context.action( discriminator=('http://namespaces.zope.org/zope:module', context.module, name), - callable = protectModule, - args = (context.module, name, permission), - ) + callable=protectModule, + args=(context.module, name, permission), + ) diff --git a/src/zope/security/metadirectives.py b/src/zope/security/metadirectives.py index 1a81658..bd1f793 100644 --- a/src/zope/security/metadirectives.py +++ b/src/zope/security/metadirectives.py @@ -170,8 +170,8 @@ class IAllow(Interface): interface = Tokens( title=u"Interface", description=(u"Interfaces whos names to provide access to. Access " - u"will be provided to all of the names defined by the " - u"interface(s). Multiple interfaces can be supplied."), + u"will be provided to all of the names defined by the " + u"interface(s). Multiple interfaces can be supplied."), value_type=GlobalInterface(), required=False) diff --git a/src/zope/security/permission.py b/src/zope/security/permission.py index 8044d4d..cfc1eee 100644 --- a/src/zope/security/permission.py +++ b/src/zope/security/permission.py @@ -47,9 +47,9 @@ def checkPermission(context, permission_id): def allPermissions(context=None): """Get the ids of all defined permissions """ - for id, permission in getUtilitiesFor(IPermission, context): - if id != u'zope.Public': - yield id + for name, _permission in getUtilitiesFor(IPermission, context): + if name != u'zope.Public': + yield name def PermissionsVocabulary(context=None): """A vocabulary of permission IDs. @@ -57,8 +57,8 @@ def PermissionsVocabulary(context=None): Term values are permissions, while term tokens are permission IDs. """ terms = [] - for id, permission in getUtilitiesFor(IPermission, context): - terms.append(SimpleTerm(permission, id)) + for name, permission in getUtilitiesFor(IPermission, context): + terms.append(SimpleTerm(permission, name)) return SimpleVocabulary(terms) directlyProvides(PermissionsVocabulary, IVocabularyFactory) @@ -77,7 +77,7 @@ def PermissionIdsVocabulary(context=None): """ terms = [] has_public = False - for name, permission in getUtilitiesFor(IPermission, context): + for name, _permission in getUtilitiesFor(IPermission, context): if name == 'zope.Public': has_public = True else: diff --git a/src/zope/security/proxy.py b/src/zope/security/proxy.py index 9e7333d..8f6d7c3 100644 --- a/src/zope/security/proxy.py +++ b/src/zope/security/proxy.py @@ -17,7 +17,8 @@ import functools import sys from zope.proxy import PyProxyBase -from zope.security._compat import PYPY, PURE_PYTHON +from zope.security._compat import PURE_PYTHON +from zope.security._compat import _BUILTINS from zope.security.interfaces import ForbiddenAttribute def _check_name(meth, wrap_result=True): @@ -53,17 +54,16 @@ def _fmt_address(obj): # directly (and ctypes seems like overkill). if sys.platform != 'win32': return '0x%0x' % id(obj) - elif sys.maxsize < 2**32: + if sys.maxsize < 2**32: # pragma: no cover return '0x%08X' % id(obj) - else: - return '0x%016X' % id(obj) + return '0x%016X' % id(obj) # pragma: no cover class ProxyPy(PyProxyBase): __slots__ = ('_wrapped', '_checker') def __new__(cls, value, checker): - inst = super(PyProxyBase, cls).__new__(cls) + inst = super(ProxyPy, cls).__new__(cls) inst._wrapped = value inst._checker = checker return inst @@ -80,10 +80,10 @@ class ProxyPy(PyProxyBase): # Only allow _wrapped and _checker to be accessed from inside. if sys._getframe(1).f_locals.get('self') is not self: raise AttributeError(name) - wrapped = super(PyProxyBase, self).__getattribute__('_wrapped') + wrapped = super(ProxyPy, self).__getattribute__('_wrapped') if name == '_wrapped': return wrapped - checker = super(PyProxyBase, self).__getattribute__('_checker') + checker = super(ProxyPy, self).__getattribute__('_checker') if name == '_checker': return checker if name not in ('__cmp__', '__hash__', '__bool__', '__nonzero__', @@ -116,92 +116,113 @@ class ProxyPy(PyProxyBase): return checker.proxy(val) def __getattr__(self, name): - wrapped = super(PyProxyBase, self).__getattribute__('_wrapped') - checker = super(PyProxyBase, self).__getattribute__('_checker') + # We only get here if __getattribute__ has already raised an + # AttributeError (we have to implement this because the super + # class does). We expect that we will also raise that same + # error, one way or another---either it will be forbidden by + # the checker or it won't exist. However, if the underlying + # object is playing games in *its* + # __getattribute__/__getattr__, and we call getattr() on it, + # (maybe there are threads involved), we might actually + # succeed this time. + + # The C implementation *does not* do two checks; it only does + # one check, and raises either the ForbiddenAttribute or the + # underlying AttributeError, *without* invoking any defined + # __getattribute__/__getattr__ more than once. So we + # explicitly do the same. The consequence is that we lose a + # good stack trace if the object implemented its own methods + # but we're consistent. We would provide a better error + # message or even subclass of AttributeError, but that's liable to break + # (doc)tests. + wrapped = super(ProxyPy, self).__getattribute__('_wrapped') + checker = super(ProxyPy, self).__getattribute__('_checker') checker.check_getattr(wrapped, name) - return checker.proxy(getattr(wrapped, name)) + raise AttributeError(name) def __setattr__(self, name, value): if name in ('_wrapped', '_checker'): - return super(PyProxyBase, self).__setattr__(name, value) - wrapped = super(PyProxyBase, self).__getattribute__('_wrapped') - checker = super(PyProxyBase, self).__getattribute__('_checker') + return super(ProxyPy, self).__setattr__(name, value) + wrapped = super(ProxyPy, self).__getattribute__('_wrapped') + checker = super(ProxyPy, self).__getattribute__('_checker') checker.check_setattr(wrapped, name) setattr(wrapped, name, value) def __delattr__(self, name): if name in ('_wrapped', '_checker'): raise AttributeError() - wrapped = super(PyProxyBase, self).__getattribute__('_wrapped') - checker = super(PyProxyBase, self).__getattribute__('_checker') + wrapped = super(ProxyPy, self).__getattribute__('_wrapped') + checker = super(ProxyPy, self).__getattribute__('_checker') checker.check_setattr(wrapped, name) delattr(wrapped, name) @_check_name def __getslice__(self, start, end): + wrapped = object.__getattribute__(self, '_wrapped') try: - return self._wrapped.__getslice__(start, end) - except: - getitem = PyProxyBase.__getattribute__(self, '__getitem__') - return getitem(slice(start, end)) + getslice = wrapped.__getslice__ + except AttributeError: + return wrapped.__getitem__(slice(start, end)) + return getslice(start, end) @_check_name - def __setslice__(self, i, j, value): + def __setslice__(self, start, end, value): + wrapped = object.__getattribute__(self, '_wrapped') try: - return self._wrapped.__setslice__(i, j, value) - except: - setitem = PyProxyBase.__getattribute__(self, '__setitem__') - return setitem(slice(i, j), value) + setslice = wrapped.__setslice__ + except AttributeError: + return wrapped.__setitem__(slice(start, end), value) + return setslice(start, end, value) def __cmp__(self, other): # no check - wrapped = super(PyProxyBase, self).__getattribute__('_wrapped') + wrapped = super(ProxyPy, self).__getattribute__('_wrapped') return cmp(wrapped, other) def __lt__(self, other): # no check - wrapped = super(PyProxyBase, self).__getattribute__('_wrapped') + wrapped = super(ProxyPy, self).__getattribute__('_wrapped') return wrapped < other def __le__(self, other): # no check - wrapped = super(PyProxyBase, self).__getattribute__('_wrapped') + wrapped = super(ProxyPy, self).__getattribute__('_wrapped') return wrapped <= other def __eq__(self, other): # no check - wrapped = super(PyProxyBase, self).__getattribute__('_wrapped') + wrapped = super(ProxyPy, self).__getattribute__('_wrapped') return wrapped == other def __ne__(self, other): # no check - wrapped = super(PyProxyBase, self).__getattribute__('_wrapped') + wrapped = super(ProxyPy, self).__getattribute__('_wrapped') return wrapped != other def __ge__(self, other): # no check - wrapped = super(PyProxyBase, self).__getattribute__('_wrapped') + wrapped = super(ProxyPy, self).__getattribute__('_wrapped') return wrapped >= other def __gt__(self, other): # no check - wrapped = super(PyProxyBase, self).__getattribute__('_wrapped') + wrapped = super(ProxyPy, self).__getattribute__('_wrapped') return wrapped > other def __hash__(self): # no check - wrapped = super(PyProxyBase, self).__getattribute__('_wrapped') + wrapped = super(ProxyPy, self).__getattribute__('_wrapped') return hash(wrapped) def __nonzero__(self): # no check - wrapped = super(PyProxyBase, self).__getattribute__('_wrapped') + wrapped = super(ProxyPy, self).__getattribute__('_wrapped') return bool(wrapped) __bool__ = __nonzero__ def __length_hint__(self): # no check - wrapped = super(PyProxyBase, self).__getattribute__('_wrapped') + wrapped = super(ProxyPy, self).__getattribute__('_wrapped') try: hint = wrapped.__length_hint__ except AttributeError: @@ -211,8 +232,8 @@ class ProxyPy(PyProxyBase): def __coerce__(self, other): # For some reason _check_name does not work for coerce() - wrapped = super(PyProxyBase, self).__getattribute__('_wrapped') - checker = super(PyProxyBase, self).__getattribute__('_checker') + wrapped = super(ProxyPy, self).__getattribute__('_wrapped') + checker = super(ProxyPy, self).__getattribute__('_checker') checker.check(wrapped, '__coerce__') return super(ProxyPy, self).__coerce__(other) @@ -226,7 +247,7 @@ class ProxyPy(PyProxyBase): raise except: # The C implementation catches all exceptions. - wrapped = super(PyProxyBase, self).__getattribute__('_wrapped') + wrapped = super(ProxyPy, self).__getattribute__('_wrapped') return '<security proxied %s.%s instance at %s>' %( wrapped.__class__.__module__, wrapped.__class__.__name__, _fmt_address(wrapped)) @@ -240,7 +261,7 @@ class ProxyPy(PyProxyBase): except TypeError: raise except: - wrapped = super(PyProxyBase, self).__getattribute__('_wrapped') + wrapped = super(ProxyPy, self).__getattribute__('_wrapped') return '<security proxied %s.%s instance at %s>' %( wrapped.__class__.__module__, wrapped.__class__.__name__, _fmt_address(wrapped)) @@ -311,8 +332,9 @@ for name in ['__call__', meth = getattr(PyProxyBase, name) setattr(ProxyPy, name, _check_name(meth)) -for name in ['__len__', - ]: +for name in ( + '__len__', +): meth = getattr(PyProxyBase, name) setattr(ProxyPy, name, _check_name(meth, False)) @@ -334,30 +356,30 @@ for name in ['__iadd__', setattr(ProxyPy, name, _check_name_inplace(meth)) def getCheckerPy(proxy): - return super(PyProxyBase, proxy).__getattribute__('_checker') + return super(ProxyPy, proxy).__getattribute__('_checker') -if PYPY: - _builtin_isinstance = __builtins__.isinstance -else: - _builtin_isinstance = __builtins__['isinstance'] + +_builtin_isinstance = sys.modules[_BUILTINS].isinstance def getObjectPy(proxy): if not _builtin_isinstance(proxy, ProxyPy): return proxy - return super(PyProxyBase, proxy).__getattribute__('_wrapped') + return super(ProxyPy, proxy).__getattribute__('_wrapped') + _c_available = not PURE_PYTHON if _c_available: try: from zope.security._proxy import _Proxy - except (ImportError, AttributeError): #pragma NO COVER PyPy / PURE_PYTHON + except (ImportError, AttributeError): # pragma: no cover PyPy / PURE_PYTHON _c_available = False -if not _c_available: - getChecker = getCheckerPy - getObject = getObjectPy - Proxy = ProxyPy -else: #pragma NO COVER CPython + +getChecker = getCheckerPy +getObject = getObjectPy +Proxy = ProxyPy + +if _c_available: from zope.security._proxy import getChecker from zope.security._proxy import getObject Proxy = _Proxy diff --git a/src/zope/security/setup.py b/src/zope/security/setup.py deleted file mode 100644 index d8f8f33..0000000 --- a/src/zope/security/setup.py +++ /dev/null @@ -1,20 +0,0 @@ -#! /usr/bin/env python -############################################################################## -# -# Copyright (c) 2001, 2002 Zope Foundation and Contributors. -# All Rights Reserved. -# -# This software is subject to the provisions of the Zope Public License, -# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution. -# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED -# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS -# FOR A PARTICULAR PURPOSE. -# -############################################################################## -"""Security setup -""" -from distutils.core import setup, Extension - -setup(name="_Proxy", version = "0.1", - ext_modules=[Extension("_Proxy", ["_Proxy.c"])]) diff --git a/src/zope/security/testing.py b/src/zope/security/testing.py index ee13db8..1553060 100644 --- a/src/zope/security/testing.py +++ b/src/zope/security/testing.py @@ -15,33 +15,28 @@ This module provides some helper/stub objects for setting up interactions. """ -import sys +import contextlib import re from zope import interface, component + from zope.security import interfaces from zope.security.permission import Permission -import contextlib import zope.security.management +from zope.security._compat import PYTHON2 as PY2 + from zope.testing import renormalizing -PY2 = sys.version_info[0] == 2 - -if PY2: - _u = unicode - rules = [(re.compile("b('.*?')"), r"\1"), - (re.compile('b(".*?")'), r"\1"), - ] - output_checker = renormalizing.RENormalizing(rules) -else: - _u = str - rules = [(re.compile("u('.*?')"), r"\1"), - (re.compile('u(".*?")'), r"\1"), - ] - output_checker = renormalizing.RENormalizing(rules) +_str_prefix = 'b' if PY2 else 'u' + +rules = [ + (re.compile(_str_prefix + "('.*?')"), r"\1"), + (re.compile(_str_prefix + '(".*?")'), r"\1"), +] +output_checker = renormalizing.RENormalizing(rules) @interface.implementer(interfaces.IPrincipal) -class Principal: +class Principal(object): def __init__(self, id, title=None, description='', groups=None): self.id = id @@ -53,7 +48,7 @@ class Principal: @interface.implementer(interfaces.IParticipation) -class Participation: +class Participation(object): def __init__(self, principal): self.principal = principal @@ -63,16 +58,18 @@ class Participation: def addCheckerPublic(): """Add the CheckerPublic permission as 'zope.Public'""" - perm = Permission('zope.Public', 'Public', - """Special permission used for resources that are always public + perm = Permission( + 'zope.Public', 'Public', + """Special permission used for resources that are always public - The public permission is effectively an optimization, sine - it allows security computation to be bypassed. - """ - ) + The public permission is effectively an optimization, sine + it allows security computation to be bypassed. + """ + ) gsm = component.getGlobalSiteManager() gsm.registerUtility(perm, interfaces.IPermission, perm.id) + return perm def create_interaction(principal_id, **kw): principal = Principal(principal_id, **kw) diff --git a/src/zope/security/tests/adapter.py b/src/zope/security/tests/adapter.py deleted file mode 100644 index 23b20ba..0000000 --- a/src/zope/security/tests/adapter.py +++ /dev/null @@ -1,66 +0,0 @@ -############################################################################## -# -# Copyright (c) 2004 Zope Foundation and Contributors. -# All Rights Reserved. -# -# This software is subject to the provisions of the Zope Public License, -# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution. -# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED -# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS -# FOR A PARTICULAR PURPOSE. -# -############################################################################## -"""Sample adapter class for testing -""" -from zope.interface import Interface -from zope.interface import implementer -from zope.component import adapter -from .components import IContent - -class I1(Interface): - pass - -class I2(Interface): - pass - -class I3(Interface): - def f1(): pass - def f2(): pass - def f3(): pass - -class IS(Interface): - pass - - -class Adapter(object): - def __init__(self, *args): - self.context = args - -@implementer(I1) -class A1(Adapter): - pass - -@implementer(I2) -class A2(Adapter): - pass - -@adapter(IContent, I1, I2) -@implementer(I3) -class A3(Adapter): - pass - -class A4: - pass - -a4 = A4() - -@implementer(I1, I2) -class A5: - pass - -a5 = A5() - -def Handler(content, *args): - # uninteresting handler - content.args = getattr(content, 'args', ()) + (args, ) diff --git a/src/zope/security/tests/components.py b/src/zope/security/tests/components.py deleted file mode 100644 index bdd2b91..0000000 --- a/src/zope/security/tests/components.py +++ /dev/null @@ -1,43 +0,0 @@ -############################################################################## -# -# Copyright (c) 2002 Zope Foundation and Contributors. -# All Rights Reserved. -# -# This software is subject to the provisions of the Zope Public License, -# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution. -# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED -# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS -# FOR A PARTICULAR PURPOSE. -# -############################################################################## -"""Components for testing -""" -from zope.interface import Interface, Attribute, implementer -from zope.component import adapter - -class IAppb(Interface): - a = Attribute('test attribute') - def f(): "test func" - -class IApp(IAppb): - pass - -class IContent(Interface): pass - -@implementer(IContent) -class Content(object): - pass - -@adapter(IContent) -@implementer(IApp) -class Comp(object): - - def __init__(self, *args): - # Ignore arguments passed to constructor - pass - - a = 1 - def f(): pass - -comp = Comp() diff --git a/src/zope/security/tests/emptymodule.py b/src/zope/security/tests/emptymodule.py deleted file mode 100644 index f35cab6..0000000 --- a/src/zope/security/tests/emptymodule.py +++ /dev/null @@ -1,18 +0,0 @@ -############################################################################## -# -# Copyright (c) 2001, 2002 Zope Foundation and Contributors. -# All Rights Reserved. -# -# This software is subject to the provisions of the Zope Public License, -# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution. -# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED -# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS -# FOR A PARTICULAR PURPOSE. -# -############################################################################## -"""This empty module is for containing objects used in the course of tests. - -(There is a problem with the way the unit tests interact with the modules -being tests, so the objects can't be expected to show up in place.) -""" diff --git a/src/zope/security/tests/module.py b/src/zope/security/tests/module.py index 3ae0ffb..5b26ff5 100644 --- a/src/zope/security/tests/module.py +++ b/src/zope/security/tests/module.py @@ -23,21 +23,21 @@ from zope.schema import Text class I(Interface): def m1(): - pass + "m1" def m2(): - pass + "m2" class I2(I): def m4(): - pass + "m4" class I3(Interface): def m3(): - pass + "m3" class I4(Interface): def m2(): - pass + "m2" class S(Interface): diff --git a/src/zope/security/tests/modulehookup.py b/src/zope/security/tests/modulehookup.py deleted file mode 100644 index eb56905..0000000 --- a/src/zope/security/tests/modulehookup.py +++ /dev/null @@ -1,30 +0,0 @@ -############################################################################## -# -# Copyright (c) 2001, 2002 Zope Foundation and Contributors. -# All Rights Reserved. -# -# This software is subject to the provisions of the Zope Public License, -# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution. -# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED -# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS -# FOR A PARTICULAR PURPOSE. -# -############################################################################## -"""Preliminaries to hookup a test suite with the external TestModule. - -This is necessary because the test framework interferes with seeing changes in -the running modules via the module namespace. This enables having some -subject classes, instances, permissions, etc, that don't live in the test -modules, themselves. -""" -from zope.interface import Interface - -from zope.security.tests import emptymodule as TestModule - -class I(Interface): - def m1(): - pass - def m2(): - pass - diff --git a/src/zope/security/tests/test_adapter.py b/src/zope/security/tests/test_adapter.py index f9bebb3..a3dd541 100644 --- a/src/zope/security/tests/test_adapter.py +++ b/src/zope/security/tests/test_adapter.py @@ -13,19 +13,13 @@ ############################################################################## import unittest +from zope.interface import directlyProvides +from zope.interface import implementer +from zope.location import ILocation +from zope.location import LocationProxy +from zope.proxy import getProxiedObject -def _skip_wo_zope_location(testfunc): - try: - import zope.location - except ImportError: - from functools import update_wrapper - def dummy(self): - pass - update_wrapper(dummy, testfunc) - return dummy - else: - return testfunc - +# pylint:disable=attribute-defined-outside-init,protected-access class Test_assertLocation(unittest.TestCase): @@ -33,36 +27,27 @@ class Test_assertLocation(unittest.TestCase): from zope.security.adapter import assertLocation return assertLocation(adapter, parent) - @_skip_wo_zope_location def test_w_non_ILocation(self): - from zope.location import LocationProxy - from zope.proxy import getProxiedObject class _NotAdapter(object): pass adapter = _NotAdapter() parent = object() returned = self._callFUT(adapter, parent) self.assertTrue(isinstance(returned, LocationProxy)) - self.assertTrue(getProxiedObject(returned) is adapter) - self.assertTrue(returned.__parent__ is parent) + self.assertIs(getProxiedObject(returned), adapter) + self.assertIs(returned.__parent__, parent) - @_skip_wo_zope_location def test_w_ILocation_no_parent(self): - from zope.interface import implementer - from zope.location import ILocation @implementer(ILocation) class _Adapter(object): __parent__ = None adapter = _Adapter() parent = object() returned = self._callFUT(adapter, parent) - self.assertTrue(returned is adapter) - self.assertTrue(returned.__parent__ is parent) + self.assertIs(returned, adapter) + self.assertIs(returned.__parent__, parent) - @_skip_wo_zope_location def test_w_ILocation_w_parent(self): - from zope.interface import implementer - from zope.location import ILocation parent = object() @implementer(ILocation) class _Adapter(object): @@ -70,8 +55,8 @@ class Test_assertLocation(unittest.TestCase): adapter = _Adapter() new_parent = object() returned = self._callFUT(adapter, new_parent) - self.assertTrue(returned is adapter) - self.assertTrue(returned.__parent__ is parent) + self.assertIs(returned, adapter) + self.assertIs(returned.__parent__, parent) class LocatingTrustedAdapterFactoryTests(unittest.TestCase): @@ -87,6 +72,7 @@ class LocatingTrustedAdapterFactoryTests(unittest.TestCase): class _Factory(object): __name__ = 'testing' __module__ = 'zope.security.tests.test_adapter' + _called_with = () def __call__(self, *args): self._called_with = args return self @@ -95,11 +81,10 @@ class LocatingTrustedAdapterFactoryTests(unittest.TestCase): def test_ctor(self): factory = self._makeFactory() ltaf = self._makeOne(factory) - self.assertTrue(ltaf.factory is factory) + self.assertIs(ltaf.factory, factory) self.assertEqual(ltaf.__name__, 'testing') self.assertEqual(ltaf.__module__, 'zope.security.tests.test_adapter') - @_skip_wo_zope_location def test__call__w_non_ILocation_non_spacesuit(self): factory = self._makeFactory() ltaf = self._makeOne(factory) @@ -108,13 +93,12 @@ class LocatingTrustedAdapterFactoryTests(unittest.TestCase): adapter = _NotAdapter() before = factory.__dict__.copy() returned = ltaf(adapter) - self.assertTrue(returned is factory) - after = dict([(k, v) for k, v in returned.__dict__.items() - if k != '_called_with']) + self.assertIs(returned, factory) + after = {k: v for k, v in returned.__dict__.items() + if k != '_called_with'} self.assertEqual(factory._called_with, (adapter,)) self.assertEqual(after, before) # no added attrs - @_skip_wo_zope_location def test__call__w_non_ILocation_non_spacesuit_multiple_args(self): factory = self._makeFactory() ltaf = self._makeOne(factory) @@ -124,16 +108,13 @@ class LocatingTrustedAdapterFactoryTests(unittest.TestCase): extra = object() before = factory.__dict__.copy() returned = ltaf(adapter, extra) - self.assertTrue(returned is factory) - after = dict([(k, v) for k, v in returned.__dict__.items() - if k != '_called_with']) + self.assertIs(returned, factory) + after = {k: v for k, v in returned.__dict__.items() + if k != '_called_with'} self.assertEqual(factory._called_with, (adapter, extra)) self.assertEqual(after, before) # no added attrs - @_skip_wo_zope_location def test__call__w_ILocation_w_existing_parent_non_spacesuit(self): - from zope.interface import directlyProvides - from zope.location import ILocation factory = self._makeFactory() parent = factory.__parent__ = object() directlyProvides(factory, ILocation) @@ -141,15 +122,11 @@ class LocatingTrustedAdapterFactoryTests(unittest.TestCase): class _NotAdapter(object): pass adapter = _NotAdapter() - before = factory.__dict__.copy() returned = ltaf(adapter) - self.assertTrue(returned is factory) - self.assertTrue(returned.__parent__ is parent) + self.assertIs(returned, factory) + self.assertIs(returned.__parent__, parent) - @_skip_wo_zope_location def test__call__w_ILocation_wo_existing_parent_non_spacesuit(self): - from zope.interface import directlyProvides - from zope.location import ILocation factory = self._makeFactory() factory.__parent__ = None directlyProvides(factory, ILocation) @@ -157,15 +134,11 @@ class LocatingTrustedAdapterFactoryTests(unittest.TestCase): class _NotAdapter(object): pass adapter = _NotAdapter() - before = factory.__dict__.copy() returned = ltaf(adapter) - self.assertTrue(returned is factory) - self.assertTrue(returned.__parent__ is adapter) + self.assertIs(returned, factory) + self.assertIs(returned.__parent__, adapter) - @_skip_wo_zope_location def test__call__w_non_ILocation_w_spacesuit(self): - from zope.proxy import getProxiedObject - from zope.security.proxy import getObject from zope.security.proxy import ProxyFactory from zope.security.proxy import removeSecurityProxy factory = self._makeFactory() @@ -178,17 +151,15 @@ class LocatingTrustedAdapterFactoryTests(unittest.TestCase): returned = ltaf(proxy) self.assertFalse(returned is factory) ploc = removeSecurityProxy(returned) - self.assertTrue(ploc.__parent__ is adapter) + self.assertIs(ploc.__parent__, adapter) unwrapped = getProxiedObject(ploc) - self.assertTrue(unwrapped is factory) - after = dict([(k, v) for k, v in unwrapped.__dict__.items() - if k not in ('_called_with',)]) + self.assertIs(unwrapped, factory) + after = {k: v for k, v in unwrapped.__dict__.items() + if k not in ('_called_with',)} self.assertEqual(factory._called_with, (adapter,)) self.assertEqual(after, before) # no added attrs - @_skip_wo_zope_location def test__call__w_non_ILocation_w_spacesuit_multiple_args(self): - from zope.proxy import getProxiedObject from zope.security.proxy import ProxyFactory from zope.security.proxy import removeSecurityProxy factory = self._makeFactory() @@ -202,17 +173,15 @@ class LocatingTrustedAdapterFactoryTests(unittest.TestCase): returned = ltaf(proxy, extra) self.assertFalse(returned is factory) ploc = removeSecurityProxy(returned) - self.assertTrue(ploc.__parent__ is adapter) + self.assertIs(ploc.__parent__, adapter) unwrapped = getProxiedObject(ploc) - self.assertTrue(unwrapped is factory) - after = dict([(k, v) for k, v in unwrapped.__dict__.items() - if k not in ('_called_with',)]) + self.assertIs(unwrapped, factory) + after = {k: v for k, v in unwrapped.__dict__.items() + if k not in ('_called_with',)} self.assertEqual(factory._called_with, (adapter, extra)) self.assertEqual(after, before) # no added attrs - @_skip_wo_zope_location def test__call__w_non_ILocation_multiple_args_extra_spacesuit(self): - from zope.proxy import getProxiedObject from zope.security.proxy import ProxyFactory from zope.security.proxy import removeSecurityProxy factory = self._makeFactory() @@ -228,18 +197,15 @@ class LocatingTrustedAdapterFactoryTests(unittest.TestCase): returned = ltaf(adapter, proxy) self.assertFalse(returned is factory) ploc = removeSecurityProxy(returned) - self.assertTrue(ploc.__parent__ is adapter) + self.assertIs(ploc.__parent__, adapter) unwrapped = getProxiedObject(ploc) - self.assertTrue(unwrapped is factory) - after = dict([(k, v) for k, v in unwrapped.__dict__.items() - if k not in ('_called_with',)]) + self.assertIs(unwrapped, factory) + after = {k: v for k, v in unwrapped.__dict__.items() + if k not in ('_called_with',)} self.assertEqual(factory._called_with, (adapter, extra)) self.assertEqual(after, before) # no added attrs - @_skip_wo_zope_location def test__call__w_ILocation_w_spacesuit(self): - from zope.interface import directlyProvides - from zope.location import ILocation from zope.security.proxy import getObject from zope.security.proxy import ProxyFactory from zope.security.proxy import removeSecurityProxy @@ -251,24 +217,21 @@ class LocatingTrustedAdapterFactoryTests(unittest.TestCase): pass adapter = _Adapter() proxy = ProxyFactory(adapter) - before = dict([(k, v) for k, v in factory.__dict__.items() - if k not in ('_called_with', '__parent__')]) + before = {k: v for k, v in factory.__dict__.items() + if k not in ('_called_with', '__parent__')} returned = ltaf(proxy) self.assertFalse(returned is factory) ploc = removeSecurityProxy(returned) - self.assertTrue(ploc.__parent__ is adapter) + self.assertIs(ploc.__parent__, adapter) unwrapped = getObject(ploc) - self.assertTrue(unwrapped is factory) - after = dict([(k, v) for k, v in unwrapped.__dict__.items() - if k not in ('_called_with', '__parent__')]) + self.assertIs(unwrapped, factory) + after = {k: v for k, v in unwrapped.__dict__.items() + if k not in ('_called_with', '__parent__')} self.assertEqual(factory._called_with, (adapter,)) - self.assertTrue(factory.__parent__ is adapter) + self.assertIs(factory.__parent__, adapter) self.assertEqual(after, before) # no added attrs - @_skip_wo_zope_location def test__call__w_ILocation_w_spacesuit_w_existing_parent(self): - from zope.interface import directlyProvides - from zope.location import ILocation from zope.security.proxy import getObject from zope.security.proxy import ProxyFactory from zope.security.proxy import removeSecurityProxy @@ -281,16 +244,16 @@ class LocatingTrustedAdapterFactoryTests(unittest.TestCase): pass adapter = _Adapter() proxy = ProxyFactory(adapter) - before = dict([(k, v) for k, v in factory.__dict__.items() - if k not in ('_called_with', '__parent__')]) + before = {k: v for k, v in factory.__dict__.items() + if k not in ('_called_with', '__parent__')} returned = ltaf(proxy) self.assertFalse(returned is factory) ploc = removeSecurityProxy(returned) - self.assertTrue(ploc.__parent__ is parent) + self.assertIs(ploc.__parent__, parent) unwrapped = getObject(ploc) - self.assertTrue(unwrapped is factory) - after = dict([(k, v) for k, v in unwrapped.__dict__.items() - if k not in ('_called_with', '__parent__')]) + self.assertIs(unwrapped, factory) + after = {k: v for k, v in unwrapped.__dict__.items() + if k not in ('_called_with', '__parent__')} self.assertEqual(factory._called_with, (adapter,)) self.assertEqual(after, before) # no added attrs @@ -313,7 +276,6 @@ class TrustedAdapterFactoryTests(unittest.TestCase): return self return _Factory() - @_skip_wo_zope_location def test__call__w_non_ILocation_w_spacesuit(self): from zope.security.proxy import ProxyFactory from zope.security.proxy import removeSecurityProxy @@ -328,13 +290,12 @@ class TrustedAdapterFactoryTests(unittest.TestCase): self.assertFalse(returned is factory) unwrapped = removeSecurityProxy(returned) self.assertTrue('__parent__' not in unwrapped.__dict__) - self.assertTrue(unwrapped is factory) - after = dict([(k, v) for k, v in unwrapped.__dict__.items() - if k not in ('_called_with',)]) + self.assertIs(unwrapped, factory) + after = {k: v for k, v in unwrapped.__dict__.items() + if k not in ('_called_with',)} self.assertEqual(factory._called_with, (adapter,)) self.assertEqual(after, before) # no added attrs - @_skip_wo_zope_location def test__call__w_non_ILocation_w_spacesuit_multiple_args(self): from zope.security.proxy import ProxyFactory from zope.security.proxy import removeSecurityProxy @@ -350,13 +311,12 @@ class TrustedAdapterFactoryTests(unittest.TestCase): self.assertFalse(returned is factory) unwrapped = removeSecurityProxy(returned) self.assertTrue('__parent__' not in unwrapped.__dict__) - self.assertTrue(unwrapped is factory) - after = dict([(k, v) for k, v in unwrapped.__dict__.items() - if k not in ('_called_with',)]) + self.assertIs(unwrapped, factory) + after = {k: v for k, v in unwrapped.__dict__.items() + if k not in ('_called_with',)} self.assertEqual(factory._called_with, (adapter, extra)) self.assertEqual(after, before) # no added attrs - @_skip_wo_zope_location def test__call__w_non_ILocation_multiple_args_extra_spacesuit(self): from zope.security.proxy import ProxyFactory from zope.security.proxy import removeSecurityProxy @@ -374,16 +334,13 @@ class TrustedAdapterFactoryTests(unittest.TestCase): self.assertFalse(returned is factory) unwrapped = removeSecurityProxy(returned) self.assertTrue('__parent__' not in unwrapped.__dict__) - self.assertTrue(unwrapped is factory) - after = dict([(k, v) for k, v in unwrapped.__dict__.items() - if k not in ('_called_with',)]) + self.assertIs(unwrapped, factory) + after = {k: v for k, v in unwrapped.__dict__.items() + if k not in ('_called_with',)} self.assertEqual(factory._called_with, (adapter, extra)) self.assertEqual(after, before) # no added attrs - @_skip_wo_zope_location def test__call__w_ILocation_w_spacesuit(self): - from zope.interface import directlyProvides - from zope.location import ILocation from zope.security.proxy import ProxyFactory from zope.security.proxy import removeSecurityProxy factory = self._makeFactory() @@ -394,22 +351,19 @@ class TrustedAdapterFactoryTests(unittest.TestCase): pass adapter = _Adapter() proxy = ProxyFactory(adapter) - before = dict([(k, v) for k, v in factory.__dict__.items() - if k not in ('_called_with', '__parent__')]) + before = {k: v for k, v in factory.__dict__.items() + if k not in ('_called_with', '__parent__')} returned = ltaf(proxy) self.assertFalse(returned is factory) unwrapped = removeSecurityProxy(returned) - self.assertTrue(unwrapped.__parent__ is adapter) - self.assertTrue(unwrapped is factory) - after = dict([(k, v) for k, v in unwrapped.__dict__.items() - if k not in ('_called_with', '__parent__')]) + self.assertIs(unwrapped.__parent__, adapter) + self.assertIs(unwrapped, factory) + after = {k: v for k, v in unwrapped.__dict__.items() + if k not in ('_called_with', '__parent__')} self.assertEqual(factory._called_with, (adapter,)) self.assertEqual(after, before) # no added attrs - @_skip_wo_zope_location def test__call__w_ILocation_w_spacesuit_w_existing_parent(self): - from zope.interface import directlyProvides - from zope.location import ILocation from zope.security.proxy import ProxyFactory from zope.security.proxy import removeSecurityProxy factory = self._makeFactory() @@ -421,15 +375,15 @@ class TrustedAdapterFactoryTests(unittest.TestCase): pass adapter = _Adapter() proxy = ProxyFactory(adapter) - before = dict([(k, v) for k, v in factory.__dict__.items() - if k not in ('_called_with', '__parent__')]) + before = {k: v for k, v in factory.__dict__.items() + if k not in ('_called_with', '__parent__')} returned = ltaf(proxy) self.assertFalse(returned is factory) unwrapped = removeSecurityProxy(returned) - self.assertTrue(unwrapped.__parent__ is parent) - self.assertTrue(unwrapped is factory) - after = dict([(k, v) for k, v in unwrapped.__dict__.items() - if k not in ('_called_with', '__parent__')]) + self.assertIs(unwrapped.__parent__, parent) + self.assertIs(unwrapped, factory) + after = {k: v for k, v in unwrapped.__dict__.items() + if k not in ('_called_with', '__parent__')} self.assertEqual(factory._called_with, (adapter,)) self.assertEqual(after, before) # no added attrs @@ -447,6 +401,7 @@ class LocatingUntrustedAdapterFactoryTests(unittest.TestCase): class _Factory(object): __name__ = 'testing' __module__ = 'zope.security.tests.test_adapter' + _called_with = () def __call__(self, *args): self._called_with = args return self @@ -455,13 +410,11 @@ class LocatingUntrustedAdapterFactoryTests(unittest.TestCase): def test_ctor(self): factory = self._makeFactory() ltaf = self._makeOne(factory) - self.assertTrue(ltaf.factory is factory) + self.assertIs(ltaf.factory, factory) self.assertEqual(ltaf.__name__, 'testing') self.assertEqual(ltaf.__module__, 'zope.security.tests.test_adapter') - @_skip_wo_zope_location def test__call__w_non_ILocation(self): - from zope.proxy import getProxiedObject factory = self._makeFactory() ltaf = self._makeOne(factory) class _NotAdapter(object): @@ -471,15 +424,13 @@ class LocatingUntrustedAdapterFactoryTests(unittest.TestCase): returned = ltaf(adapter) self.assertFalse(returned is factory) unwrapped = getProxiedObject(returned) - self.assertTrue(unwrapped is factory) - after = dict([(k, v) for k, v in returned.__dict__.items() - if k != '_called_with']) + self.assertIs(unwrapped, factory) + after = {k: v for k, v in returned.__dict__.items() + if k != '_called_with'} self.assertEqual(factory._called_with, (adapter,)) self.assertEqual(after, before) # no added attrs - @_skip_wo_zope_location def test__call__w_non_ILocation_multiple_args(self): - from zope.proxy import getProxiedObject factory = self._makeFactory() ltaf = self._makeOne(factory) class _NotAdapter(object): @@ -490,16 +441,13 @@ class LocatingUntrustedAdapterFactoryTests(unittest.TestCase): returned = ltaf(adapter, extra) self.assertFalse(returned is factory) unwrapped = getProxiedObject(returned) - self.assertTrue(unwrapped is factory) - after = dict([(k, v) for k, v in returned.__dict__.items() - if k != '_called_with']) + self.assertIs(unwrapped, factory) + after = {k: v for k, v in returned.__dict__.items() + if k != '_called_with'} self.assertEqual(factory._called_with, (adapter, extra)) self.assertEqual(after, before) # no added attrs - @_skip_wo_zope_location def test__call__w_ILocation_w_existing_parent(self): - from zope.interface import directlyProvides - from zope.location import ILocation factory = self._makeFactory() parent = factory.__parent__ = object() directlyProvides(factory, ILocation) @@ -507,15 +455,11 @@ class LocatingUntrustedAdapterFactoryTests(unittest.TestCase): class _NotAdapter(object): pass adapter = _NotAdapter() - before = factory.__dict__.copy() returned = ltaf(adapter) - self.assertTrue(returned is factory) - self.assertTrue(returned.__parent__ is parent) + self.assertIs(returned, factory) + self.assertIs(returned.__parent__, parent) - @_skip_wo_zope_location def test__call__w_ILocation_wo_existing_parent(self): - from zope.interface import directlyProvides - from zope.location import ILocation factory = self._makeFactory() factory.__parent__ = None directlyProvides(factory, ILocation) @@ -523,16 +467,10 @@ class LocatingUntrustedAdapterFactoryTests(unittest.TestCase): class _NotAdapter(object): pass adapter = _NotAdapter() - before = factory.__dict__.copy() returned = ltaf(adapter) - self.assertTrue(returned is factory) - self.assertTrue(returned.__parent__ is adapter) + self.assertIs(returned, factory) + self.assertIs(returned.__parent__, adapter) def test_suite(): - return unittest.TestSuite(( - unittest.makeSuite(Test_assertLocation), - unittest.makeSuite(LocatingTrustedAdapterFactoryTests), - unittest.makeSuite(TrustedAdapterFactoryTests), - unittest.makeSuite(LocatingUntrustedAdapterFactoryTests), - )) + return unittest.defaultTestLoader.loadTestsFromName(__name__) diff --git a/src/zope/security/tests/test_checker.py b/src/zope/security/tests/test_checker.py index d5cdc7f..14f6002 100644 --- a/src/zope/security/tests/test_checker.py +++ b/src/zope/security/tests/test_checker.py @@ -13,74 +13,66 @@ ############################################################################## """Tests for zope.security.checker """ - import unittest -from zope.security import checker +from zope.security import checker as sec_checker from zope.security.tests import QuietWatchingChecker +from zope.security._compat import PYTHON3 as PY3 +from zope.security._compat import PYTHON2 as PY2 -def _skip_if_not_Py2(testfunc): - import sys - return unittest.skipIf(sys.version_info[0] >= 3, "Needs Python 2")(testfunc) - -def _skip_if_no_btrees(testfunc): - try: - import BTrees - except ImportError: - return unittest.skip("BTrees is not installed")(testfunc) - else: - return testfunc +# pylint:disable=protected-access,inherit-non-class,no-method-argument,old-style-class +# pylint:disable=blacklisted-name,no-init class Test_ProxyFactory(unittest.TestCase): - def _callFUT(self, object, checker=None): + def _callFUT(self, obj, checker=None): from zope.security.checker import ProxyFactory - return ProxyFactory(object, checker) + return ProxyFactory(obj, checker) def test_w_already_proxied_no_checker(self): from zope.security.proxy import Proxy, getChecker obj = object() def _check(*x): - pass + raise AssertionError("Never called") proxy = Proxy(obj, _check) returned = self._callFUT(proxy, None) - self.assertTrue(returned is proxy) - self.assertTrue(getChecker(returned) is _check) + self.assertIs(returned, proxy) + self.assertIs(getChecker(returned), _check) def test_w_already_proxied_same_checker(self): from zope.security.proxy import Proxy, getChecker obj = object() def _check(*x): - pass + raise AssertionError("Never called") proxy = Proxy(obj, _check) returned = self._callFUT(proxy, _check) - self.assertTrue(returned is proxy) - self.assertTrue(getChecker(returned) is _check) + self.assertIs(returned, proxy) + self.assertIs(getChecker(returned), _check) def test_w_already_proxied_different_checker(self): from zope.security.proxy import Proxy obj = object() def _check(*x): - pass + raise AssertionError("Never called") proxy = Proxy(obj, _check) def _sneaky(*x): - pass + raise AssertionError("Never called") self.assertRaises(TypeError, self._callFUT, proxy, _sneaky) def test_w_explicit_checker(self): from zope.security.proxy import getChecker obj = object() def _check(*x): - pass + raise AssertionError("Never called") returned = self._callFUT(obj, _check) self.assertFalse(returned is obj) - self.assertTrue(getChecker(returned) is _check) + self.assertIs(getChecker(returned), _check) def test_no_checker_no_dunder_no_select(self): obj = object() returned = self._callFUT(obj) - self.assertTrue(returned is obj) + self.assertIs(returned, obj) def test_no_checker_w_dunder(self): from zope.security.proxy import getChecker, getObject @@ -90,8 +82,8 @@ class Test_ProxyFactory(unittest.TestCase): obj = _WithChecker() returned = self._callFUT(obj) self.assertFalse(returned is obj) - self.assertTrue(getObject(returned) is obj) - self.assertTrue(getChecker(returned) is _check) + self.assertIs(getObject(returned), obj) + self.assertIs(getChecker(returned), _check) def test_no_checker_no_dunder_w_select(self): from zope.security.checker import Checker @@ -108,8 +100,8 @@ class Test_ProxyFactory(unittest.TestCase): try: returned = self._callFUT(obj) self.assertFalse(returned is obj) - self.assertTrue(getObject(returned) is obj) - self.assertTrue(getChecker(returned) is _checker) + self.assertIs(getObject(returned), obj) + self.assertIs(getChecker(returned), _checker) finally: _clear() @@ -202,8 +194,10 @@ class Test_canAccess(unittest.TestCase): self.assertRaises(ForbiddenAttribute, self._callFUT, proxy, 'whatever') -_marker = [] +_marker = object() + class CheckerTestsBase(QuietWatchingChecker): + # pylint:disable=no-member def _getTargetClass(self): raise NotImplementedError("Subclasses must define") @@ -233,7 +227,7 @@ class CheckerTestsBase(QuietWatchingChecker): def test_permission_id_miss(self): checker = self._makeOne() - self.assertTrue(checker.permission_id('nonesuch') is None) + self.assertIsNone(checker.permission_id('nonesuch')) def test_permission_id_hit(self): checker = self._makeOne({'name': 'PERMISSION'}) @@ -241,11 +235,11 @@ class CheckerTestsBase(QuietWatchingChecker): def test_setattr_permission_id_miss_none_set(self): checker = self._makeOne() - self.assertTrue(checker.setattr_permission_id('nonesuch') is None) + self.assertIsNone(checker.setattr_permission_id('nonesuch')) def test_setattr_permission_id_miss(self): checker = self._makeOne(set_permissions={'name': 'PERMISSION'}) - self.assertTrue(checker.setattr_permission_id('nonesuch') is None) + self.assertIsNone(checker.setattr_permission_id('nonesuch')) def test_setattr_permission_id_hit(self): checker = self._makeOne(set_permissions={'name': 'PERMISSION'}) @@ -349,18 +343,18 @@ class CheckerTestsBase(QuietWatchingChecker): from zope.security.proxy import Proxy, getChecker obj = object() def _check(*x): - pass + raise AssertionError("Never called") proxy = Proxy(obj, _check) checker = self._makeOne({'name': 'view'}) returned = checker.proxy(proxy) - self.assertTrue(returned is proxy) - self.assertTrue(getChecker(returned) is _check) + self.assertIs(returned, proxy) + self.assertIs(getChecker(returned), _check) def test_proxy_no_dunder_no_select(self): obj = object() checker = self._makeOne() returned = checker.proxy(obj) - self.assertTrue(returned is obj) + self.assertIs(returned, obj) def test_proxy_no_checker_w_dunder(self): from zope.security.proxy import getChecker, getObject @@ -371,8 +365,8 @@ class CheckerTestsBase(QuietWatchingChecker): checker = self._makeOne() returned = checker.proxy(obj) self.assertFalse(returned is obj) - self.assertTrue(getObject(returned) is obj) - self.assertTrue(getChecker(returned) is _check) + self.assertIs(getObject(returned), obj) + self.assertIs(getChecker(returned), _check) def test_proxy_no_checker_no_dunder_w_select(self): from zope.security.checker import Checker @@ -390,14 +384,13 @@ class CheckerTestsBase(QuietWatchingChecker): checker = self._makeOne() returned = checker.proxy(obj) self.assertFalse(returned is obj) - self.assertTrue(getObject(returned) is obj) - self.assertTrue(getChecker(returned) is _checker) + self.assertIs(getObject(returned), obj) + self.assertIs(getChecker(returned), _checker) finally: _clear() def _check_iteration_of_dict_like(self, dict_like): from zope.security.proxy import Proxy - from zope.security.checker import Checker from zope.security.checker import _default_checkers checker = _default_checkers[dict] @@ -417,7 +410,6 @@ class CheckerTestsBase(QuietWatchingChecker): self.assertEqual([2], list(proxy.values())) - @_skip_if_no_btrees def test_iteration_of_btree_items_keys_values(self): # iteration of BTree.items() is allowed by default. import BTrees @@ -509,7 +501,6 @@ class CheckerTestsBase(QuietWatchingChecker): # https://github.com/zopefoundation/zope.security/issues/27 from zope.security.proxy import Proxy from zope.security.checker import _iteratorChecker - from zope.security.checker import Checker class Iter(object): __Security_checker__ = _iteratorChecker @@ -561,7 +552,6 @@ class CheckerTestsBase(QuietWatchingChecker): # itertools.groupby is a custom iterator type. # The groups it returns are also custom. from zope.security.checker import ProxyFactory - from zope.security.checker import Checker from itertools import groupby @@ -590,20 +580,20 @@ class CheckerTestsBase(QuietWatchingChecker): class TestCheckerPy(CheckerTestsBase, unittest.TestCase): def _getTargetClass(self): - return checker.CheckerPy + return sec_checker.CheckerPy class TestChecker(CheckerTestsBase, unittest.TestCase): def _getTargetClass(self): - return checker.Checker + return sec_checker.Checker -@unittest.skipIf(checker.Checker is checker.WatchingChecker, +@unittest.skipIf(sec_checker.Checker is sec_checker.WatchingChecker, "WatchingChecker is the default") class TestWatchingChecker(TestChecker): def _getTargetClass(self): - return checker.WatchingChecker + return sec_checker.WatchingChecker class TestTracebackSupplement(unittest.TestCase): @@ -625,9 +615,9 @@ class TestTracebackSupplement(unittest.TestCase): ]: tbs = self._makeOne(val) self.assertEqual(tbs.getInfo().splitlines(), - [' - class: %s.%s' % (_BUILTINS, typ), - ' - type: %s.%s' % (_BUILTINS, typ), - ]) + [' - class: %s.%s' % (_BUILTINS, typ), + ' - type: %s.%s' % (_BUILTINS, typ), + ]) def test_getInfo_newstyle_instance(self): class C(object): @@ -638,14 +628,17 @@ class TestTracebackSupplement(unittest.TestCase): ' - type: %s.C' % self.__class__.__module__, ]) - @_skip_if_not_Py2 def test_getInfo_classic_instance(self): - exec("class C: pass", globals(), locals()) - tbs = self._makeOne(locals()['C']()) - self.assertEqual(tbs.getInfo().splitlines(), - [' - class: %s.C' % self.__class__.__module__, - ' - type: __builtin__.instance', - ]) + class C: + pass + tbs = self._makeOne(C()) + + lines = tbs.getInfo().splitlines() + self.assertEqual(lines[0], + ' - class: %s.C' % self.__class__.__module__) + kind = '__builtin__.instance' if PY2 else '%s.C' % self.__class__.__module__ + self.assertEqual(lines[1], + ' - type: ' + kind) class TestGlobal(unittest.TestCase): @@ -654,13 +647,10 @@ class TestGlobal(unittest.TestCase): from zope.security.checker import Global return Global - def _makeOne(self, name, module=_marker): - if module is _marker: - return self._getTargetClass()(name) + def _makeOne(self, name, module): return self._getTargetClass()(name, module) def test_ctor_name_and_module(self): - global glob glob = self._makeOne('foo', 'bar.baz') self.assertEqual(glob.__name__, 'foo') self.assertEqual(glob.__module__, 'bar.baz') @@ -685,34 +675,34 @@ class Test_NamesChecker(unittest.TestCase): from zope.security.interfaces import IChecker checker = self._callFUT() verifyObject(IChecker, checker) - self.assertTrue(checker.permission_id('nonesuch') is None) + self.assertIsNone(checker.permission_id('nonesuch')) def test_w_names_no_kw(self): from zope.security.checker import CheckerPublic checker = self._callFUT(('foo', 'bar', 'baz')) - self.assertTrue(checker.permission_id('foo') is CheckerPublic) - self.assertTrue(checker.permission_id('bar') is CheckerPublic) - self.assertTrue(checker.permission_id('baz') is CheckerPublic) - self.assertTrue(checker.permission_id('nonesuch') is None) + self.assertIs(checker.permission_id('foo'), CheckerPublic) + self.assertIs(checker.permission_id('bar'), CheckerPublic) + self.assertIs(checker.permission_id('baz'), CheckerPublic) + self.assertIsNone(checker.permission_id('nonesuch')) def test_w_names_no_kw_explicit_permission(self): other_perm = object() checker = self._callFUT(('foo', 'bar', 'baz'), permission_id=other_perm) - self.assertTrue(checker.permission_id('foo') is other_perm) - self.assertTrue(checker.permission_id('bar') is other_perm) - self.assertTrue(checker.permission_id('baz') is other_perm) - self.assertTrue(checker.permission_id('nonesuch') is None) + self.assertIs(checker.permission_id('foo'), other_perm) + self.assertIs(checker.permission_id('bar'), other_perm) + self.assertIs(checker.permission_id('baz'), other_perm) + self.assertIsNone(checker.permission_id('nonesuch')) def test_w_names_w_kw_no_clash(self): from zope.security.checker import CheckerPublic other_perm = object() checker = self._callFUT(('foo', 'bar', 'baz'), bam=other_perm) - self.assertTrue(checker.permission_id('foo') is CheckerPublic) - self.assertTrue(checker.permission_id('bar') is CheckerPublic) - self.assertTrue(checker.permission_id('baz') is CheckerPublic) - self.assertTrue(checker.permission_id('bam') is other_perm) - self.assertTrue(checker.permission_id('nonesuch') is None) + self.assertIs(checker.permission_id('foo'), CheckerPublic) + self.assertIs(checker.permission_id('bar'), CheckerPublic) + self.assertIs(checker.permission_id('baz'), CheckerPublic) + self.assertIs(checker.permission_id('bam'), other_perm) + self.assertIsNone(checker.permission_id('nonesuch')) def test_w_names_w_kw_w_clash(self): from zope.security.checker import DuplicationError @@ -734,8 +724,8 @@ class Test_InterfaceChecker(unittest.TestCase): class IFoo(Interface): bar = Attribute('Bar') checker = self._callFUT(IFoo) - self.assertTrue(checker.permission_id('bar') is CheckerPublic) - self.assertTrue(checker.permission_id('nonesuch') is None) + self.assertIs(checker.permission_id('bar'), CheckerPublic) + self.assertIsNone(checker.permission_id('nonesuch')) def test_simple_iface_w_explicit_permission(self): from zope.interface import Attribute @@ -744,7 +734,7 @@ class Test_InterfaceChecker(unittest.TestCase): bar = Attribute('Bar') other_perm = object() checker = self._callFUT(IFoo, other_perm) - self.assertTrue(checker.permission_id('bar') is other_perm) + self.assertIs(checker.permission_id('bar'), other_perm) def test_simple_iface_w_kw(self): from zope.interface import Attribute @@ -754,9 +744,9 @@ class Test_InterfaceChecker(unittest.TestCase): bar = Attribute('Bar') other_perm = object() checker = self._callFUT(IFoo, baz=other_perm) - self.assertTrue(checker.permission_id('bar') is CheckerPublic) - self.assertTrue(checker.permission_id('baz') is other_perm) - self.assertTrue(checker.permission_id('nonesuch') is None) + self.assertIs(checker.permission_id('bar'), CheckerPublic) + self.assertIs(checker.permission_id('baz'), other_perm) + self.assertIsNone(checker.permission_id('nonesuch')) def test_derived_iface(self): from zope.interface import Attribute @@ -767,9 +757,9 @@ class Test_InterfaceChecker(unittest.TestCase): class IBar(IFoo): baz = Attribute('Baz') checker = self._callFUT(IBar) - self.assertTrue(checker.permission_id('bar') is CheckerPublic) - self.assertTrue(checker.permission_id('baz') is CheckerPublic) - self.assertTrue(checker.permission_id('nonesuch') is None) + self.assertIs(checker.permission_id('bar'), CheckerPublic) + self.assertIs(checker.permission_id('baz'), CheckerPublic) + self.assertIsNone(checker.permission_id('nonesuch')) def test_w_clash(self): from zope.interface import Attribute @@ -794,15 +784,15 @@ class Test_MultiChecker(unittest.TestCase): from zope.security.interfaces import IChecker checker = self._callFUT([]) verifyObject(IChecker, checker) - self.assertTrue(checker.permission_id('nonesuch') is None) + self.assertIsNone(checker.permission_id('nonesuch')) def test_w_spec_as_names(self): from zope.security.checker import CheckerPublic checker = self._callFUT([(('foo', 'bar', 'baz'), CheckerPublic)]) - self.assertTrue(checker.permission_id('foo') is CheckerPublic) - self.assertTrue(checker.permission_id('bar') is CheckerPublic) - self.assertTrue(checker.permission_id('baz') is CheckerPublic) - self.assertTrue(checker.permission_id('nonesuch') is None) + self.assertIs(checker.permission_id('foo'), CheckerPublic) + self.assertIs(checker.permission_id('bar'), CheckerPublic) + self.assertIs(checker.permission_id('baz'), CheckerPublic) + self.assertIsNone(checker.permission_id('nonesuch')) def test_w_spec_as_iface(self): from zope.interface import Attribute @@ -811,8 +801,8 @@ class Test_MultiChecker(unittest.TestCase): bar = Attribute('Bar') other_perm = object() checker = self._callFUT([(IFoo, other_perm)]) - self.assertTrue(checker.permission_id('bar') is other_perm) - self.assertTrue(checker.permission_id('nonesuch') is None) + self.assertIs(checker.permission_id('bar'), other_perm) + self.assertIsNone(checker.permission_id('nonesuch')) def test_w_spec_as_names_and_iface(self): from zope.interface import Attribute @@ -823,10 +813,10 @@ class Test_MultiChecker(unittest.TestCase): other_perm = object() checker = self._callFUT([(IFoo, other_perm), (('foo', 'baz'), CheckerPublic)]) - self.assertTrue(checker.permission_id('foo') is CheckerPublic) - self.assertTrue(checker.permission_id('bar') is other_perm) - self.assertTrue(checker.permission_id('baz') is CheckerPublic) - self.assertTrue(checker.permission_id('nonesuch') is None) + self.assertIs(checker.permission_id('foo'), CheckerPublic) + self.assertIs(checker.permission_id('bar'), other_perm) + self.assertIs(checker.permission_id('baz'), CheckerPublic) + self.assertIsNone(checker.permission_id('nonesuch')) def test_w_spec_as_names_and_iface_clash(self): from zope.interface import Attribute @@ -847,16 +837,17 @@ class Test_MultiChecker(unittest.TestCase): 'bar': other_perm, } checker = self._callFUT([spec]) - self.assertTrue(checker.permission_id('foo') is CheckerPublic) - self.assertTrue(checker.permission_id('bar') is other_perm) - self.assertTrue(checker.permission_id('nonesuch') is None) + self.assertIs(checker.permission_id('foo'), CheckerPublic) + self.assertIs(checker.permission_id('bar'), other_perm) + self.assertIsNone(checker.permission_id('nonesuch')) def test_w_spec_as_names_and_mapping_clash(self): from zope.security.checker import CheckerPublic from zope.security.checker import DuplicationError other_perm = object() - spec = {'foo': other_perm, - } + spec = { + 'foo': other_perm, + } self.assertRaises(DuplicationError, self._callFUT, [(('foo', 'bar'), CheckerPublic), spec]) @@ -864,6 +855,10 @@ class Test_MultiChecker(unittest.TestCase): class _SelectCheckerBase(object): + # pylint:disable=no-member + + def _callFUT(self, obj): + raise NotImplementedError("Subclass responsibility") def setUp(self): from zope.security.checker import _clear @@ -891,7 +886,7 @@ class _SelectCheckerBase(object): datetime.datetime.now().time(), datetime.tzinfo(), ]: - self.assertTrue(self._callFUT(obj) is None) + self.assertIsNone(self._callFUT(obj)) def test_w_checker_inst(self): from zope.security.checker import Checker @@ -899,7 +894,7 @@ class _SelectCheckerBase(object): class Foo(object): pass checker = _checkers[Foo] = Checker({}) - self.assertTrue(self._callFUT(Foo()) is checker) + self.assertIs(self._callFUT(Foo()), checker) def test_w_factory_returning_checker(self): from zope.security.checker import Checker @@ -910,7 +905,7 @@ class _SelectCheckerBase(object): def _factory(obj): return checker _checkers[Foo] = _factory - self.assertTrue(self._callFUT(Foo()) is checker) + self.assertIs(self._callFUT(Foo()), checker) def test_w_factory_returning_NoProxy(self): from zope.security.checker import NoProxy @@ -920,7 +915,7 @@ class _SelectCheckerBase(object): def _factory(obj): return NoProxy _checkers[Foo] = _factory - self.assertTrue(self._callFUT(Foo()) is None) + self.assertIsNone(self._callFUT(Foo())) def test_w_factory_returning_None(self): from zope.security.checker import _checkers @@ -929,7 +924,7 @@ class _SelectCheckerBase(object): def _factory(obj): pass _checkers[Foo] = _factory - self.assertTrue(self._callFUT(Foo()) is None) + self.assertIsNone(self._callFUT(Foo())) def test_w_factory_factory(self): from zope.security.checker import Checker @@ -942,7 +937,7 @@ class _SelectCheckerBase(object): def _factory_factory(obj): return _factory _checkers[Foo] = _factory_factory - self.assertTrue(self._callFUT(Foo()) is checker) + self.assertIs(self._callFUT(Foo()), checker) def test_itertools_checkers(self): from zope.security.checker import _iteratorChecker @@ -956,34 +951,35 @@ class _SelectCheckerBase(object): missing_in_py2 = {'zip_longest', 'accumulate', 'compress', 'combinations', 'combinations_with_replacement'} missing = missing_in_py3 if sys.version_info[0] >= 3 else missing_in_py2 - for func, args in (('count', ()), - ('cycle', ((),)), - ('dropwhile', pred_iterable), - ('ifilter', pred_iterable), - ('ifilterfalse', pred_iterable), - ('imap', pred_iterable), - ('islice', (iterable, 2)), - ('izip', (iterable,)), - ('izip_longest', (iterable,)), - ('permutations', (iterable,)), - ('product', (iterable,)), - ('repeat', (1, 2)), - ('starmap', pred_iterable), - ('takewhile', pred_iterable), - ('tee', (iterable,)), - # Python 3 additions - ('zip_longest', (iterable,)), - ('accumulate', (iterable,)), - ('compress', (iterable, ())), - ('combinations', (iterable, 1)), - ('combinations_with_replacement', (iterable, 1)), + for func, args in ( + ('count', ()), + ('cycle', ((),)), + ('dropwhile', pred_iterable), + ('ifilter', pred_iterable), + ('ifilterfalse', pred_iterable), + ('imap', pred_iterable), + ('islice', (iterable, 2)), + ('izip', (iterable,)), + ('izip_longest', (iterable,)), + ('permutations', (iterable,)), + ('product', (iterable,)), + ('repeat', (1, 2)), + ('starmap', pred_iterable), + ('takewhile', pred_iterable), + ('tee', (iterable,)), + # Python 3 additions + ('zip_longest', (iterable,)), + ('accumulate', (iterable,)), + ('compress', (iterable, ())), + ('combinations', (iterable, 1)), + ('combinations_with_replacement', (iterable, 1)), ): try: func = getattr(itertools, func) except AttributeError: if func in missing: continue - raise + self.fail("Attribute error raised", func) __traceback_info__ = func result = func(*args) if func == itertools.tee: @@ -1000,7 +996,7 @@ class Test_selectCheckerPy(_SelectCheckerBase, unittest.TestCase): -@unittest.skipIf(checker.selectChecker is checker.selectCheckerPy, +@unittest.skipIf(sec_checker.selectChecker is sec_checker.selectCheckerPy, "Pure Python") class Test_selectChecker(_SelectCheckerBase, unittest.TestCase): @@ -1026,14 +1022,14 @@ class Test_getCheckerForInstancesOf(unittest.TestCase): def test_miss(self): class Unknown(object): pass - self.assertTrue(self._callFUT(Unknown) is None) + self.assertIsNone(self._callFUT(Unknown)) def test_hit(self): from zope.security.checker import _checkers class Foo(object): pass checker = _checkers[Foo] = object() - self.assertTrue(self._callFUT(Foo) is checker) + self.assertIs(self._callFUT(Foo), checker) class Test_defineChecker(unittest.TestCase): @@ -1077,23 +1073,22 @@ class Test_defineChecker(unittest.TestCase): class Foo(object): pass self._callFUT(Foo, checker) - self.assertTrue(_checkers[Foo] is checker) + self.assertIs(_checkers[Foo], checker) def test_w_module(self): import zope.interface from zope.security.checker import _checkers checker = object() self._callFUT(zope.interface, checker) - self.assertTrue(_checkers[zope.interface] is checker) + self.assertIs(_checkers[zope.interface], checker) - @_skip_if_not_Py2 def test_w_oldstyle_class(self): from zope.security.checker import _checkers checker = object() class Foo: pass self._callFUT(Foo, checker) - self.assertTrue(_checkers[Foo] is checker) + self.assertIs(_checkers[Foo], checker) class Test_undefineChecker(unittest.TestCase): @@ -1119,7 +1114,7 @@ class Test_undefineChecker(unittest.TestCase): from zope.security.checker import _checkers class Foo(object): pass - checker = _checkers[Foo] = object() + _checkers[Foo] = object() self._callFUT(Foo) self.assertFalse(Foo in _checkers) @@ -1160,9 +1155,9 @@ class TestCombinedChecker(QuietWatchingChecker, from zope.security.checker import CheckerPublic from zope.security.checker import Checker class _NeverCalled(Checker): - def check(self, *args, **kw): - raise AssertionError - obj = object() + def check(self, object, name): # pylint:disable=redefined-builtin + raise AssertionError("Never called") + lhs = self._makeOther({'name': CheckerPublic}) rhs = _NeverCalled({}) combined = self._makeOne(lhs, rhs) @@ -1174,7 +1169,7 @@ class TestCombinedChecker(QuietWatchingChecker, class _Interaction(object): def checkPermission(self, obj, perm): return False - obj = object() + lhs = self._makeOther({'name': 'view'}) # unauth rhs = self._makeOther({'name': CheckerPublic}) combined = self._makeOne(lhs, rhs) @@ -1190,7 +1185,7 @@ class TestCombinedChecker(QuietWatchingChecker, class _Interaction(object): def checkPermission(self, obj, perm): return False - obj = object() + lhs = self._makeOther({'name': 'view'}) # unauth rhs = self._makeOther() # forbidden combined = self._makeOne(lhs, rhs) @@ -1207,7 +1202,7 @@ class TestCombinedChecker(QuietWatchingChecker, class _Interaction(object): def checkPermission(self, obj, perm): return False - obj = object() + lhs = self._makeOther({'name': 'view'}) # unauth rhs = self._makeOther({'name': 'inspect'}) combined = self._makeOne(lhs, rhs) @@ -1220,7 +1215,7 @@ class TestCombinedChecker(QuietWatchingChecker, def test_check_lhs_forbidden_rhs_ok(self): from zope.security.checker import CheckerPublic - obj = object() + lhs = self._makeOther() # forbidden rhs = self._makeOther({'name': CheckerPublic}) combined = self._makeOne(lhs, rhs) @@ -1228,7 +1223,7 @@ class TestCombinedChecker(QuietWatchingChecker, def test_check_lhs_forbidden_rhs_forbidden(self): from zope.security.interfaces import Forbidden - obj = object() + lhs = self._makeOther() # forbidden rhs = self._makeOther() # forbidden combined = self._makeOne(lhs, rhs) @@ -1241,7 +1236,7 @@ class TestCombinedChecker(QuietWatchingChecker, class _Interaction(object): def checkPermission(self, obj, perm): return False - obj = object() + lhs = self._makeOther() # Forbidden rhs = self._makeOther({'name': 'inspect'}) combined = self._makeOne(lhs, rhs) @@ -1256,9 +1251,9 @@ class TestCombinedChecker(QuietWatchingChecker, from zope.security.checker import CheckerPublic from zope.security.checker import Checker class _NeverCalled(Checker): - def check_setattr(self, *args, **kw): - raise AssertionError - obj = object() + def check_setattr(self, object, name): # pylint:disable=redefined-builtin + raise AssertionError("Never called") + lhs = self._makeOther(set_permissions={'name': CheckerPublic}) rhs = _NeverCalled({}) combined = self._makeOne(lhs, rhs) @@ -1270,7 +1265,7 @@ class TestCombinedChecker(QuietWatchingChecker, class _Interaction(object): def checkPermission(self, obj, perm): return False - obj = object() + lhs = self._makeOther(set_permissions={'name': 'update'}) # unauth rhs = self._makeOther(set_permissions={'name': CheckerPublic}) combined = self._makeOne(lhs, rhs) @@ -1286,7 +1281,7 @@ class TestCombinedChecker(QuietWatchingChecker, class _Interaction(object): def checkPermission(self, obj, perm): return False - obj = object() + lhs = self._makeOther(set_permissions={'name': 'view'}) # unauth rhs = self._makeOther() # forbidden combined = self._makeOne(lhs, rhs) @@ -1303,7 +1298,7 @@ class TestCombinedChecker(QuietWatchingChecker, class _Interaction(object): def checkPermission(self, obj, perm): return False - obj = object() + lhs = self._makeOther(set_permissions={'name': 'view'}) # unauth rhs = self._makeOther(set_permissions={'name': 'inspect'}) # unauth combined = self._makeOne(lhs, rhs) @@ -1316,7 +1311,7 @@ class TestCombinedChecker(QuietWatchingChecker, def test_check_setattr_lhs_forbidden_rhs_ok(self): from zope.security.checker import CheckerPublic - obj = object() + lhs = self._makeOther() # forbidden rhs = self._makeOther(set_permissions={'name': CheckerPublic}) combined = self._makeOne(lhs, rhs) @@ -1324,7 +1319,7 @@ class TestCombinedChecker(QuietWatchingChecker, def test_check_setattr_lhs_forbidden_rhs_forbidden(self): from zope.security.interfaces import Forbidden - obj = object() + lhs = self._makeOther() # forbidden rhs = self._makeOther() # forbidden combined = self._makeOne(lhs, rhs) @@ -1337,7 +1332,7 @@ class TestCombinedChecker(QuietWatchingChecker, class _Interaction(object): def checkPermission(self, obj, perm): return False - obj = object() + lhs = self._makeOther() # forbidden rhs = self._makeOther(set_permissions={'name': 'inspect'}) # unauth combined = self._makeOne(lhs, rhs) @@ -1348,12 +1343,12 @@ class TestCombinedChecker(QuietWatchingChecker, finally: del thread_local.interaction -@unittest.skipIf(checker.WatchingCombinedChecker is checker.CombinedChecker, +@unittest.skipIf(sec_checker.WatchingCombinedChecker is sec_checker.CombinedChecker, "WatchingCombinedChecker is the default") class TestWatchingCombinedChecker(TestCombinedChecker): def _getTargetClass(self): - return checker.WatchingCombinedChecker + return sec_checker.WatchingCombinedChecker class TestCheckerLoggingMixin(unittest.TestCase): @@ -1366,7 +1361,7 @@ class TestCheckerLoggingMixin(unittest.TestCase): def __init__(self, raising, stream): self._file = stream self._raising = raising - def check(self, object, name): + def check(self, obj, name): if self._raising: raise self._raising check_getattr = check_setattr = check @@ -1537,14 +1532,14 @@ class Test__instanceChecker(unittest.TestCase): from zope.security.checker import _defaultChecker class Foo(object): pass - self.assertTrue(self._callFUT(Foo()) is _defaultChecker) + self.assertIs(self._callFUT(Foo()), _defaultChecker) def test_hit(self): from zope.security.checker import _checkers class Foo(object): pass checker = _checkers[Foo] = object() - self.assertTrue(self._callFUT(Foo()) is checker) + self.assertIs(self._callFUT(Foo()), checker) class Test_moduleChecker(unittest.TestCase): @@ -1563,59 +1558,15 @@ class Test_moduleChecker(unittest.TestCase): def test_miss(self): from zope.interface import verify - self.assertTrue(self._callFUT(verify) is None) + self.assertIsNone(self._callFUT(verify)) def test_hit(self): from zope.interface import verify from zope.security.checker import _checkers checker = _checkers[verify] = object() - self.assertTrue(self._callFUT(verify) is checker) - - -class TestBasicTypes(unittest.TestCase): + self.assertIs(self._callFUT(verify), checker) - def setUp(self): - from zope.security.checker import _clear - _clear() - def tearDown(self): - from zope.security.checker import _clear - _clear() - - def test___setitem__(self): - from zope.security.checker import BasicTypes - from zope.security.checker import _checkers - class Foo(object): - pass - checker = object() - BasicTypes[Foo] = checker - self.assertTrue(BasicTypes[Foo] is checker) - self.assertTrue(_checkers[Foo] is checker) - - def test___delitem__(self): - from zope.security.checker import BasicTypes - from zope.security.checker import _checkers - class Foo(object): - pass - checker = object() - BasicTypes[Foo] = checker - del BasicTypes[Foo] - self.assertFalse(Foo in BasicTypes) - self.assertFalse(Foo in _checkers) - - def test_clear(self): - from zope.security.checker import BasicTypes - self.assertRaises(NotImplementedError, BasicTypes.clear) - - def test_update(self): - from zope.security.checker import BasicTypes - from zope.security.checker import _checkers - class Foo(object): - pass - checker = object() - BasicTypes.update({Foo: checker}) - self.assertTrue(BasicTypes[Foo] is checker) - self.assertTrue(_checkers[Foo] is checker) # Pre-geddon tests start here @@ -1628,7 +1579,7 @@ class TestSecurityPolicy(QuietWatchingChecker, from zope.security.management import newInteraction from zope.security.management import setSecurityPolicy - checker._clear() + sec_checker._clear() self.__oldpolicy = setSecurityPolicy(self._makeSecurityPolicy()) newInteraction() @@ -1639,31 +1590,41 @@ class TestSecurityPolicy(QuietWatchingChecker, from zope.security.management import setSecurityPolicy endInteraction() setSecurityPolicy(self.__oldpolicy) - checker._clear() + sec_checker._clear() + + def _get_old_class_type(self): + # Py3 has no ClassType and no old-style classes + import types + old_type = getattr(types, 'ClassType', type) + self.assertTrue((PY2 and old_type is not type) + or (PY3 and old_type is type)) + return old_type def _makeSecurityPolicy(self): from zope.interface import implementer from zope.security.interfaces import ISecurityPolicy @implementer(ISecurityPolicy) class SecurityPolicy(object): - def checkPermission(self, permission, object): + def checkPermission(self, permission, _object): return permission == 'test_allowed' return SecurityPolicy - @_skip_if_not_Py2 def test_defineChecker_oldstyle_class(self): - import types from zope.security.checker import defineChecker from zope.security.checker import NamesChecker + old_type = self._get_old_class_type() class ClassicClass: - __metaclass__ = types.ClassType + __metaclass__ = old_type + self.assertIsInstance(ClassicClass, old_type) + defineChecker(ClassicClass, NamesChecker()) def test_defineChecker_newstyle_class(self): from zope.security.checker import defineChecker from zope.security.checker import NamesChecker - class NewStyleClass: - __metaclass__ = type + class NewStyleClass(object): + pass + self.assertIsInstance(NewStyleClass, type) defineChecker(NewStyleClass, NamesChecker()) def test_defineChecker_module(self): @@ -1677,33 +1638,35 @@ class TestSecurityPolicy(QuietWatchingChecker, from zope.security.checker import NamesChecker not_a_type = object() self.assertRaises(TypeError, - defineChecker, not_a_type, NamesChecker()) + defineChecker, not_a_type, NamesChecker()) def _makeClasses(self): - import types + old_type = self._get_old_class_type() class OldInst: - __metaclass__ = types.ClassType a = 1 def b(self): - pass + raise AssertionError("Never called") c = 2 def gete(self): - return 3 + raise AssertionError("Never called") e = property(gete) def __getitem__(self, x): - return 5, x + raise AssertionError("Never called") def __setitem__(self, x, v): - pass + raise AssertionError("Never called") - class NewInst(object, OldInst): + self.assertIsInstance(OldInst, old_type) + + class NewInst(OldInst, object): # This is not needed, but left in to show the change of metaclass # __metaclass__ = type def gete(self): - return 3 + raise AssertionError("Never called") def sete(self, v): - pass + raise AssertionError("Never called") e = property(gete, sete) + self.assertIsInstance(NewInst, type) return OldInst, NewInst # check_getattr cases: @@ -1711,8 +1674,8 @@ class TestSecurityPolicy(QuietWatchingChecker, # - no attribute there # - method # - allow and disallow by permission - @_skip_if_not_Py2 def test_check_getattr(self): + # pylint:disable=attribute-defined-outside-init from zope.security.interfaces import Forbidden from zope.security.interfaces import Unauthorized from zope.security.checker import NamesChecker @@ -1762,8 +1725,8 @@ class TestSecurityPolicy(QuietWatchingChecker, self.assertRaises(Forbidden, checker.check_getattr, inst, 'e') self.assertRaises(Forbidden, checker.check_getattr, inst, 'f') - @_skip_if_not_Py2 def test_check_setattr(self): + # pylint:disable=attribute-defined-outside-init from zope.security.interfaces import Forbidden from zope.security.interfaces import Unauthorized from zope.security.checker import Checker @@ -1803,7 +1766,6 @@ class TestSecurityPolicy(QuietWatchingChecker, self.assertRaises(Forbidden, checker.check_setattr, inst, 'e') self.assertRaises(Forbidden, checker.check_setattr, inst, 'f') - @_skip_if_not_Py2 def test_proxy(self): from zope.security.proxy import getChecker from zope.security.proxy import removeSecurityProxy @@ -1818,14 +1780,14 @@ class TestSecurityPolicy(QuietWatchingChecker, rocks = tuple(BasicTypes_examples.values()) for rock in rocks: proxy = checker.proxy(rock) - self.assertTrue(proxy is rock, (rock, type(proxy))) + self.assertIs(proxy, rock, (rock, type(proxy))) for class_ in OldInst, NewInst: inst = class_() for ob in inst, class_: proxy = checker.proxy(ob) - self.assertTrue(removeSecurityProxy(proxy) is ob) + self.assertIs(removeSecurityProxy(proxy), ob) checker = getChecker(proxy) if ob is inst: self.assertEqual(checker.permission_id('__str__'), @@ -1834,29 +1796,8 @@ class TestSecurityPolicy(QuietWatchingChecker, self.assertEqual(checker.permission_id('__str__'), CheckerPublic) - #No longer doing anything special for transparent proxies. - #A proxy needs to provide its own security checker. - # - #special = NamesChecker(['a', 'b'], 'test_allowed') - #defineChecker(class_, special) - # - #class TransparentProxy(object): - # def __init__(self, ob): - # self._ob = ob - # - # def __getattribute__(self, name): - # ob = object.__getattribute__(self, '_ob') - # return getattr(ob, name) - #for ob in inst, TransparentProxy(inst): - # proxy = checker.proxy(ob) - # self.assertTrue(removeSecurityProxy(proxy) is ob) - # - # checker = getChecker(proxy) - # self.assertTrue(checker is special, - # checker.get_permissions) - # - # proxy2 = checker.proxy(proxy) - # self.assertTrue(proxy2 is proxy, [proxy, proxy2]) + # No longer doing anything special for transparent proxies. + # A proxy needs to provide its own security checker. def test_iteration(self): from zope.security.checker import ProxyFactory @@ -1879,28 +1820,33 @@ class TestSecurityPolicy(QuietWatchingChecker, # base is not proxied, so we expect a proxy proxy1 = checker.proxy(base) - self.assertTrue(type(proxy1) is Proxy) - self.assertTrue(getObject(proxy1) is base) + self.assertIs(type(proxy1), Proxy) + self.assertIs(getObject(proxy1), base) # proxy is a proxy, so we don't expect to get another proxy2 = checker.proxy(proxy1) - self.assertTrue(proxy2 is proxy1) - self.assertTrue(getObject(proxy2) is base) + self.assertIs(proxy2, proxy1) + self.assertIs(getObject(proxy2), base) def testMultiChecker(self): from zope.interface import Interface class I1(Interface): - def f1(): '' - def f2(): '' + def f1(): + "f1" + def f2(): + "f2" class I2(I1): - def f3(): '' - def f4(): '' + def f3(): + "f3" + def f4(): + "f4" class I3(Interface): - def g(): '' + def g(): + "g" from zope.exceptions import DuplicationError @@ -1920,8 +1866,8 @@ class TestSecurityPolicy(QuietWatchingChecker, (I2, 'p1'), {'a': 'p3'}, (I3, 'p2'), - (('x','y','z'), 'p4'), - ]) + (('x', 'y', 'z'), 'p4'), + ]) self.assertEqual(checker.permission_id('f1'), 'p1') self.assertEqual(checker.permission_id('f2'), 'p1') @@ -1937,7 +1883,8 @@ class TestSecurityPolicy(QuietWatchingChecker, def testAlwaysAvailable(self): from zope.security.checker import NamesChecker checker = NamesChecker(()) - class C(object): pass + class C(object): + pass self.assertEqual(checker.check(C, '__hash__'), None) self.assertEqual(checker.check(C, '__nonzero__'), None) self.assertEqual(checker.check(C, '__class__'), None) @@ -1951,7 +1898,6 @@ class TestSecurityPolicy(QuietWatchingChecker, self.assertEqual(checker.check(C, '__name__'), None) self.assertEqual(checker.check(C, '__parent__'), None) - @_skip_if_not_Py2 def test_setattr(self): from zope.security.interfaces import Forbidden from zope.security.checker import NamesChecker @@ -1970,6 +1916,7 @@ class TestSecurityPolicy(QuietWatchingChecker, # values that evaluate to False def test_ProxyFactory(self): + # pylint:disable=attribute-defined-outside-init from zope.security.checker import _defaultChecker from zope.security.checker import defineChecker from zope.security.checker import NamesChecker @@ -1985,24 +1932,24 @@ class TestSecurityPolicy(QuietWatchingChecker, obj = SomeClass() proxy = ProxyFactory(obj) - self.assertTrue(type(proxy) is Proxy) - self.assertTrue(getChecker(proxy) is _defaultChecker) + self.assertIs(type(proxy), Proxy) + self.assertIs(getChecker(proxy), _defaultChecker) defineChecker(SomeClass, checker) proxy = ProxyFactory(obj) - self.assertTrue(type(proxy) is Proxy) - self.assertTrue(getChecker(proxy) is checker) + self.assertIs(type(proxy), Proxy) + self.assertIs(getChecker(proxy), checker) obj.__Security_checker__ = checker_as_magic_attr proxy = ProxyFactory(obj) - self.assertTrue(type(proxy) is Proxy) - self.assertTrue(getChecker(proxy) is checker_as_magic_attr) + self.assertIs(type(proxy), Proxy) + self.assertIs(getChecker(proxy), checker_as_magic_attr) proxy = ProxyFactory(obj, specific_checker) - self.assertTrue(type(proxy) is Proxy) - self.assertTrue(getChecker(proxy) is specific_checker) + self.assertIs(type(proxy), Proxy) + self.assertIs(getChecker(proxy), specific_checker) def test_define_and_undefineChecker(self): from zope.security.checker import defineChecker @@ -2014,11 +1961,11 @@ class TestSecurityPolicy(QuietWatchingChecker, checker = NamesChecker() from zope.security.checker import _defaultChecker, selectChecker - self.assertTrue(selectChecker(obj) is _defaultChecker) + self.assertIs(selectChecker(obj), _defaultChecker) defineChecker(SomeClass, checker) - self.assertTrue(selectChecker(obj) is checker) + self.assertIs(selectChecker(obj), checker) undefineChecker(SomeClass) - self.assertTrue(selectChecker(obj) is _defaultChecker) + self.assertIs(selectChecker(obj), _defaultChecker) def test_ProxyFactory_using_proxy(self): from zope.security.checker import ProxyFactory @@ -2030,7 +1977,7 @@ class TestSecurityPolicy(QuietWatchingChecker, proxy1 = ProxyFactory(obj) proxy2 = ProxyFactory(proxy1) - self.assertTrue(proxy1 is proxy2) + self.assertIs(proxy1, proxy2) # Trying to change the checker on a proxy. self.assertRaises(TypeError, ProxyFactory, proxy1, checker) @@ -2038,7 +1985,7 @@ class TestSecurityPolicy(QuietWatchingChecker, # Setting exactly the same checker as the proxy already has. proxy1 = ProxyFactory(obj, checker) proxy2 = ProxyFactory(proxy1, checker) - self.assertTrue(proxy1 is proxy2) + self.assertIs(proxy1, proxy2) def test_canWrite_canAccess(self): # the canWrite and canAccess functions are conveniences. Often code @@ -2132,11 +2079,16 @@ class TestCheckerPublic(unittest.TestCase): def test_that_CheckerPublic_identity_works_even_when_proxied(self): from zope.security.checker import ProxyFactory from zope.security.checker import CheckerPublic - self.assertTrue(ProxyFactory(CheckerPublic) is CheckerPublic) + self.assertIs(ProxyFactory(CheckerPublic), CheckerPublic) class TestMixinDecoratedChecker(unittest.TestCase): + policy = None + _oldpolicy = None + interaction = None + obj = None + def decoratedSetUp(self): from zope.security.management import getInteraction from zope.security.management import newInteraction @@ -2152,6 +2104,10 @@ class TestMixinDecoratedChecker(unittest.TestCase): from zope.security.management import setSecurityPolicy endInteraction() setSecurityPolicy(self._oldpolicy) + del self.policy + del self._oldpolicy + del self.obj + del self.interaction def _makeSecurityPolicy(self): from zope.interface import implementer @@ -2161,7 +2117,7 @@ class TestMixinDecoratedChecker(unittest.TestCase): def __init__(self): self._checked = [] self.permissions = {} - def checkPermission(self, permission, object): + def checkPermission(self, permission, _obj): self._checked.append(permission) return self.permissions.get(permission, True) def checkChecked(self, checked): @@ -2254,36 +2210,82 @@ class TestCombinedCheckerMixin(QuietWatchingChecker, class TestBasicTypes(unittest.TestCase): + def setUp(self): + from zope.security.checker import _clear + _clear() + + def tearDown(self): + from zope.security.checker import _clear + _clear() + + def test___setitem__(self): + from zope.security.checker import BasicTypes + from zope.security.checker import _checkers + class Foo(object): + pass + checker = object() + BasicTypes[Foo] = checker + self.assertIs(BasicTypes[Foo], checker) + self.assertIs(_checkers[Foo], checker) + + def test___delitem__(self): + from zope.security.checker import BasicTypes + from zope.security.checker import _checkers + class Foo(object): + pass + checker = object() + BasicTypes[Foo] = checker + del BasicTypes[Foo] + self.assertFalse(Foo in BasicTypes) + self.assertFalse(Foo in _checkers) + + def test_clear(self): + from zope.security.checker import BasicTypes + self.assertRaises(NotImplementedError, BasicTypes.clear) + + def test_update(self): + from zope.security.checker import BasicTypes + from zope.security.checker import _checkers + class Foo(object): + pass + checker = object() + BasicTypes.update({Foo: checker}) + self.assertIs(BasicTypes[Foo], checker) + self.assertIs(_checkers[Foo], checker) + + def test(self): from zope.security.checker import BasicTypes from zope.security.checker import NoProxy from zope.security.checker import _checkers from zope.security.checker import _clear - class MyType(object): pass - class MyType2(object): pass + class MyType(object): + pass + class MyType2(object): + pass # When an item is added to the basic types, it should also be added to # the list of checkers. BasicTypes[MyType] = NoProxy - self.assertTrue(MyType in _checkers) + self.assertIn(MyType, _checkers) # If we clear the checkers, the type should still be there _clear() - self.assertTrue(MyType in BasicTypes) - self.assertTrue(MyType in _checkers) + self.assertIn(MyType, BasicTypes) + self.assertIn(MyType, _checkers) # Now delete the type from the dictionary, will also delete it from # the checkers del BasicTypes[MyType] - self.assertTrue(MyType not in BasicTypes) - self.assertTrue(MyType not in _checkers) + self.assertNotIn(MyType, BasicTypes) + self.assertNotIn(MyType, _checkers) # The quick way of adding new types is using update BasicTypes.update({MyType: NoProxy, MyType2: NoProxy}) - self.assertTrue(MyType in BasicTypes) - self.assertTrue(MyType2 in BasicTypes) - self.assertTrue(MyType in _checkers) - self.assertTrue(MyType2 in _checkers) + self.assertIn(MyType, BasicTypes) + self.assertIn(MyType2, BasicTypes) + self.assertIn(MyType, _checkers) + self.assertIn(MyType2, _checkers) # Let's remove the two new types del BasicTypes[MyType] @@ -2292,17 +2294,17 @@ class TestBasicTypes(unittest.TestCase): # Of course, BasicTypes is a full dictionary. This dictionary is by # default filled with several entries: keys = BasicTypes.keys() - self.assertTrue(bool in keys) - self.assertTrue(int in keys) - self.assertTrue(float in keys) - self.assertTrue(str in keys) + self.assertIn(bool, keys) + self.assertIn(int, keys) + self.assertIn(float, keys) + self.assertIn(str, keys) try: unicode - except NameError: #pragma NO COVER Py3k + except NameError: # pragma: no cover Py3k pass - else: #pragma NO COVER Python2 - self.assertTrue(unicode in keys) - self.assertTrue(object in keys) + else: # pragma: no cover Python2 + self.assertIn(unicode, keys) + self.assertIn(object, keys) # ... # Finally, the ``clear()`` method has been deactivated to avoid diff --git a/src/zope/security/tests/test_location.py b/src/zope/security/tests/test_location.py index 5625f4e..bc5fb03 100644 --- a/src/zope/security/tests/test_location.py +++ b/src/zope/security/tests/test_location.py @@ -15,23 +15,14 @@ """ import unittest +from zope.location.location import LocationProxy from zope.security.tests import QuietWatchingChecker -def _skip_wo_zope_location(testfunc): - try: - import zope.location as zl - except ImportError: - zl = None - - return unittest.skipIf(zl is None, "Need zope.location")(testfunc) - class LocationSecurityProxyTests(QuietWatchingChecker, unittest.TestCase): - @_skip_wo_zope_location def test_locationproxy_security(self): - from zope.location.location import LocationProxy from zope.security.checker import defineChecker from zope.security.checker import NamesChecker from zope.security.proxy import ProxyFactory diff --git a/src/zope/security/tests/test_permission.py b/src/zope/security/tests/test_permission.py index d7bd91a..ad5cc19 100644 --- a/src/zope/security/tests/test_permission.py +++ b/src/zope/security/tests/test_permission.py @@ -14,7 +14,7 @@ """Test permissions """ import unittest - +from zope.component.testing import PlacelessSetup class PermissionTests(unittest.TestCase): @@ -22,15 +22,9 @@ class PermissionTests(unittest.TestCase): from zope.security.permission import Permission return Permission - def _makeOne(self, id, title=None, description=None): + def _makeOne(self, id, *args): klass = self._getTargetClass() - if description is None: - if title is None: - return klass(id) - return klass(id, title) - if title is None: - return klass(id, description=description) - return klass(id, title, description) + return klass(id, *args) def test_class_conforms_to_IPermission(self): from zope.interface.verify import verifyClass @@ -55,15 +49,7 @@ class PermissionTests(unittest.TestCase): self.assertEqual(permission.description, 'DESCRIPTION') -class Test_checkPermission(unittest.TestCase): - - def setUp(self): - from zope.component.testing import setUp - setUp() - - def tearDown(self): - from zope.component.testing import tearDown - tearDown() +class Test_checkPermission(PlacelessSetup, unittest.TestCase): def _callFUT(self, context, permission_id): from zope.security.permission import checkPermission @@ -84,15 +70,7 @@ class Test_checkPermission(unittest.TestCase): self._callFUT(None, 'testing') # no raise -class Test_allPermissions(unittest.TestCase): - - def setUp(self): - from zope.component.testing import setUp - setUp() - - def tearDown(self): - from zope.component.testing import tearDown - tearDown() +class Test_allPermissions(PlacelessSetup, unittest.TestCase): def _callFUT(self): from zope.security.permission import allPermissions @@ -120,15 +98,7 @@ class Test_allPermissions(unittest.TestCase): self.assertEqual(list(self._callFUT()), ['testing']) -class Test_PermissionsVocabulary(unittest.TestCase): - - def setUp(self): - from zope.component.testing import setUp - setUp() - - def tearDown(self): - from zope.component.testing import tearDown - tearDown() +class Test_PermissionsVocabulary(PlacelessSetup, unittest.TestCase): def _callFUT(self): from zope.security.permission import PermissionsVocabulary @@ -162,15 +132,7 @@ class Test_PermissionsVocabulary(unittest.TestCase): ['testing', 'zope.Public']) -class Test_PermissionIdsVocabulary(unittest.TestCase): - - def setUp(self): - from zope.component.testing import setUp - setUp() - - def tearDown(self): - from zope.component.testing import tearDown - tearDown() +class Test_PermissionIdsVocabulary(PlacelessSetup, unittest.TestCase): def _callFUT(self): from zope.security.permission import PermissionIdsVocabulary @@ -208,10 +170,4 @@ class Test_PermissionIdsVocabulary(unittest.TestCase): def test_suite(): - return unittest.TestSuite([ - unittest.makeSuite(PermissionTests), - unittest.makeSuite(Test_checkPermission), - unittest.makeSuite(Test_allPermissions), - unittest.makeSuite(Test_PermissionsVocabulary), - unittest.makeSuite(Test_PermissionIdsVocabulary), - ]) + return unittest.defaultTestLoader.loadTestsFromName(__name__) diff --git a/src/zope/security/tests/test_proxy.py b/src/zope/security/tests/test_proxy.py index dd04d70..216b002 100644 --- a/src/zope/security/tests/test_proxy.py +++ b/src/zope/security/tests/test_proxy.py @@ -20,12 +20,9 @@ from zope.security._compat import PYTHON2, PURE_PYTHON def _skip_if_not_Py2(testfunc): return unittest.skipUnless(PYTHON2, "Only on Py2")(testfunc) -def _skip_if_Py2(testfunc): - return unittest.skipIf(PYTHON2, "Only on Py3")(testfunc) - # pylint:disable=protected-access,eval-used,too-many-lines,too-many-public-methods -if not PYTHON2: +if not PYTHON2: # pragma: no cover (Python 3) def coerce(*args): raise NotImplementedError("Not on Python 3") cmp = coerce @@ -35,11 +32,20 @@ class AbstractProxyTestBase(object): # pylint:disable=no-member,blacklisted-name + # The names of attributes that are spelled different on Py2 + # vs Py3 + itruediv = '__itruediv__' if not PYTHON2 else '__idiv__' + idiv = itruediv + div = '__truediv__' if not PYTHON2 else '__div__' + truediv = div + getslice = '__getitem__' if not PYTHON2 else '__getslice__' + setslice = '__setitem__' if not PYTHON2 else '__setslice__' + def _getTargetClass(self): raise NotImplementedError("Subclass responsibility") - def _makeOne(self, object, checker): - return self._getTargetClass()(object, checker) + def _makeOne(self, obj, checker): + return self._getTargetClass()(obj, checker) def test_ctor_w_checker_None(self): self.assertRaises(ValueError, self._makeOne, object(), None) @@ -51,6 +57,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = self._makeOne(target, checker) self.assertEqual(proxy.bar, 'Bar') + self.assertEqual(getattr(proxy, 'bar'), 'Bar') self.assertEqual(checker._checked, 'bar') self.assertEqual(checker._proxied, 'Bar') @@ -71,9 +78,29 @@ class AbstractProxyTestBase(object): target = Foo() checker = DummyChecker(ForbiddenAttribute) proxy = self._makeOne(target, checker) - self.assertRaises(ForbiddenAttribute, getattr, proxy, 'bar') + + with self.assertRaises(ForbiddenAttribute): + getattr(proxy, 'bar') self.assertEqual(checker._checked, 'bar') + def test__getattr__w_checker_ok_dynamic_attribute_called_once(self): + class Dynamic(object): + count = 0 + def __getattr__(self, name): + self.count += 1 + if self.count == 1: + # Called from __getattribute__ + raise AttributeError(name) + raise AssertionError("We should not be called more than once") + + target = Dynamic() + checker = DummyChecker() + proxy = self._makeOne(target, checker) + + with self.assertRaisesRegexp(AttributeError, "name"): + getattr(proxy, 'name') + self.assertEqual(1, target.count) + def test___setattr___w_checker_ok(self): class Foo(object): bar = 'Bar' @@ -274,6 +301,30 @@ class AbstractProxyTestBase(object): o_proxy = self._makeOne(target, checker) self.assertEqual(cmp(proxy, o_proxy), 0) + def test__le__(self): + target = 1 + checker = object() # checker not consulted + proxy = self._makeOne(target, checker) + self.assertTrue(proxy <= 1) + + def test__ne__(self): + target = 1 + checker = object() # checker not consulted + proxy = self._makeOne(target, checker) + self.assertFalse(proxy != 1) + + def test__ge__(self): + target = 1 + checker = object() # checker not consulted + proxy = self._makeOne(target, checker) + self.assertTrue(proxy >= 1) + + def test__gt__(self): + target = 1 + checker = object() # checker not consulted + proxy = self._makeOne(target, checker) + self.assertTrue(proxy > 0) + def test___hash___w_self(self): target = object() checker = object() # checker not consulted @@ -295,7 +346,7 @@ class AbstractProxyTestBase(object): from zope.security.interfaces import Unauthorized class Foo(object): def __call__(self): - return 'Bar' + raise AssertionError("Never called") target = Foo() checker = DummyChecker(Unauthorized, ['__name__', '__str__']) proxy = self._makeOne(target, checker) @@ -306,7 +357,7 @@ class AbstractProxyTestBase(object): from zope.security.interfaces import ForbiddenAttribute class Foo(object): def __call__(self): - return 'Bar' + raise AssertionError("Never called") target = Foo() checker = DummyChecker(ForbiddenAttribute, ['__str__']) proxy = self._makeOne(target, checker) @@ -439,39 +490,35 @@ class AbstractProxyTestBase(object): self.assertRaises(ForbiddenAttribute, lambda: proxy * 2) self.assertEqual(checker._checked, '__mul__') - @_skip_if_not_Py2 def test___div___w_checker_allows(self): target = 3 checker = DummyChecker() proxy = self._makeOne(target, checker) self.assertEqual(proxy / 2, target / 2) - self.assertEqual(checker._checked, '__div__') + self.assertEqual(checker._checked, self.div) - @_skip_if_not_Py2 def test___div___w_checker_forbids(self): from zope.security.interfaces import ForbiddenAttribute target = 3 checker = DummyChecker(ForbiddenAttribute) proxy = self._makeOne(target, checker) self.assertRaises(ForbiddenAttribute, lambda: proxy / 2) - self.assertEqual(checker._checked, '__div__') + self.assertEqual(checker._checked, self.div) - @_skip_if_Py2 def test___truediv___w_checker_allows(self): target = 3.0 checker = DummyChecker() proxy = self._makeOne(target, checker) self.assertEqual(proxy / 2, target / 2) - self.assertEqual(checker._checked, '__truediv__') + self.assertEqual(checker._checked, self.truediv) - @_skip_if_Py2 def test___truediv___w_checker_forbids(self): from zope.security.interfaces import ForbiddenAttribute target = 3.0 checker = DummyChecker(ForbiddenAttribute) proxy = self._makeOne(target, checker) self.assertRaises(ForbiddenAttribute, lambda: proxy / 2) - self.assertEqual(checker._checked, '__truediv__') + self.assertEqual(checker._checked, self.truediv) def test___floordiv___w_checker_allows(self): target = 3 @@ -726,7 +773,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy += 3 - self.assertFalse(proxy is before) + self.assertIsNot(proxy, before) self.assertEqual(proxy, 6) self.assertEqual(checker._checked, '__iadd__') @@ -741,7 +788,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy += 3 - self.assertTrue(proxy is before) + self.assertIs(proxy, before) self.assertEqual(target.value, 6) self.assertEqual(checker._checked, '__iadd__') @@ -750,12 +797,8 @@ class AbstractProxyTestBase(object): target = 3 checker = DummyChecker(ForbiddenAttribute) proxy = self._makeOne(target, checker) - try: + with self.assertRaises(ForbiddenAttribute): proxy += 3 - except ForbiddenAttribute: - pass - else: - self.fail() self.assertEqual(checker._checked, '__iadd__') def test___isub___not_inplace_checker_allows(self): @@ -763,7 +806,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy -= 3 - self.assertFalse(proxy is before) + self.assertIsNot(proxy, before) self.assertEqual(proxy, 0) self.assertEqual(checker._checked, '__isub__') @@ -778,7 +821,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy -= 3 - self.assertTrue(proxy is before) + self.assertIs(proxy, before) self.assertEqual(target.value, 0) self.assertEqual(checker._checked, '__isub__') @@ -787,12 +830,8 @@ class AbstractProxyTestBase(object): target = 3 checker = DummyChecker(ForbiddenAttribute) proxy = self._makeOne(target, checker) - try: + with self.assertRaises(ForbiddenAttribute): proxy -= 3 - except ForbiddenAttribute: - pass - else: - self.fail() self.assertEqual(checker._checked, '__isub__') def test___imul___not_inplace_checker_allows(self): @@ -800,7 +839,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy *= 3 - self.assertFalse(proxy is before) + self.assertIsNot(proxy, before) self.assertEqual(proxy, 9) self.assertEqual(checker._checked, '__imul__') @@ -815,7 +854,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy *= 3 - self.assertTrue(proxy is before) + self.assertIs(proxy, before) self.assertEqual(target.value, 9) self.assertEqual(checker._checked, '__imul__') @@ -824,25 +863,19 @@ class AbstractProxyTestBase(object): target = 3 checker = DummyChecker(ForbiddenAttribute) proxy = self._makeOne(target, checker) - try: + with self.assertRaises(ForbiddenAttribute): proxy *= 3 - except ForbiddenAttribute: - pass - else: - self.fail() self.assertEqual(checker._checked, '__imul__') - @_skip_if_not_Py2 def test___idiv___not_inplace_checker_allows(self): target = 6 checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy /= 3 - self.assertFalse(proxy is before) + self.assertIsNot(proxy, before) self.assertEqual(proxy, 2) - self.assertEqual(checker._checked, '__idiv__') + self.assertEqual(checker._checked, self.idiv) - @_skip_if_not_Py2 def test___idiv___inplace_checker_allows(self): class Foo(object): def __init__(self, value): @@ -850,39 +883,33 @@ class AbstractProxyTestBase(object): def __idiv__(self, rhs): self.value /= rhs return self + __itruediv__ = __idiv__ target = Foo(6) checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy /= 3 - self.assertTrue(proxy is before) + self.assertIs(proxy, before) self.assertEqual(target.value, 2) - self.assertEqual(checker._checked, '__idiv__') + self.assertEqual(checker._checked, self.idiv) - @_skip_if_not_Py2 def test___idiv___w_checker_forbids(self): from zope.security.interfaces import ForbiddenAttribute target = 6 checker = DummyChecker(ForbiddenAttribute) proxy = self._makeOne(target, checker) - try: + with self.assertRaises(ForbiddenAttribute): proxy /= 3 - except ForbiddenAttribute: - pass - else: - self.fail() - self.assertEqual(checker._checked, '__idiv__') + self.assertEqual(checker._checked, self.idiv) - @_skip_if_Py2 def test___itruediv___not_inplace_checker_allows(self): target = 6 checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy /= 3 - self.assertFalse(proxy is before) + self.assertIsNot(proxy, before) self.assertEqual(proxy, 2) - self.assertEqual(checker._checked, '__itruediv__') + self.assertEqual(checker._checked, self.itruediv) - @_skip_if_Py2 def test___itruediv___inplace_checker_allows(self): class Foo(object): def __init__(self, value): @@ -890,34 +917,30 @@ class AbstractProxyTestBase(object): def __itruediv__(self, rhs): self.value /= rhs return self + __idiv__ = __itruediv__ target = Foo(6) checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy /= 3 - self.assertTrue(proxy is before) + self.assertIs(proxy, before) self.assertEqual(target.value, 2) - self.assertEqual(checker._checked, '__itruediv__') + self.assertEqual(checker._checked, self.itruediv) - @_skip_if_Py2 def test___itruediv___w_checker_forbids(self): from zope.security.interfaces import ForbiddenAttribute target = 6 checker = DummyChecker(ForbiddenAttribute) proxy = self._makeOne(target, checker) - try: + with self.assertRaises(ForbiddenAttribute): proxy /= 3 - except ForbiddenAttribute: - pass - else: - self.fail() - self.assertEqual(checker._checked, '__itruediv__') + self.assertEqual(checker._checked, self.itruediv) def test___ifloordiv___not_inplace_checker_allows(self): target = 6 checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy //= 3 - self.assertFalse(proxy is before) + self.assertIsNot(proxy, before) self.assertEqual(proxy, 2) self.assertEqual(checker._checked, '__ifloordiv__') @@ -932,7 +955,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy //= 3 - self.assertTrue(proxy is before) + self.assertIs(proxy, before) self.assertEqual(target.value, 2) self.assertEqual(checker._checked, '__ifloordiv__') @@ -941,12 +964,8 @@ class AbstractProxyTestBase(object): target = 6 checker = DummyChecker(ForbiddenAttribute) proxy = self._makeOne(target, checker) - try: + with self.assertRaises(ForbiddenAttribute): proxy //= 3 - except ForbiddenAttribute: - pass - else: - self.fail() self.assertEqual(checker._checked, '__ifloordiv__') def test___imod___not_inplace_checker_allows(self): @@ -954,7 +973,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy %= 3 - self.assertFalse(proxy is before) + self.assertIsNot(proxy, before) self.assertEqual(proxy, 0) self.assertEqual(checker._checked, '__imod__') @@ -969,7 +988,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy %= 3 - self.assertTrue(proxy is before) + self.assertIs(proxy, before) self.assertEqual(target.value, 0) self.assertEqual(checker._checked, '__imod__') @@ -978,12 +997,8 @@ class AbstractProxyTestBase(object): target = 6 checker = DummyChecker(ForbiddenAttribute) proxy = self._makeOne(target, checker) - try: + with self.assertRaises(ForbiddenAttribute): proxy %= 3 - except ForbiddenAttribute: - pass - else: - self.fail() self.assertEqual(checker._checked, '__imod__') def test___ipow___not_inplace_checker_allows(self): @@ -991,7 +1006,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy **= 3 - self.assertFalse(proxy is before) + self.assertIsNot(proxy, before) self.assertEqual(proxy, 8) self.assertEqual(checker._checked, '__ipow__') @@ -1006,7 +1021,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy **= 3 - self.assertTrue(proxy is before) + self.assertIs(proxy, before) self.assertEqual(target.value, 8) self.assertEqual(checker._checked, '__ipow__') @@ -1015,12 +1030,8 @@ class AbstractProxyTestBase(object): target = 2 checker = DummyChecker(ForbiddenAttribute) proxy = self._makeOne(target, checker) - try: + with self.assertRaises(ForbiddenAttribute): proxy **= 3 - except ForbiddenAttribute: - pass - else: - self.fail() self.assertEqual(checker._checked, '__ipow__') def test___ilshift___not_inplace_checker_allows(self): @@ -1028,7 +1039,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy <<= 3 - self.assertFalse(proxy is before) + self.assertIsNot(proxy, before) self.assertEqual(proxy, 16) self.assertEqual(checker._checked, '__ilshift__') @@ -1043,7 +1054,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy <<= 3 - self.assertTrue(proxy is before) + self.assertIs(proxy, before) self.assertEqual(target.value, 16) self.assertEqual(checker._checked, '__ilshift__') @@ -1052,12 +1063,8 @@ class AbstractProxyTestBase(object): target = 2 checker = DummyChecker(ForbiddenAttribute) proxy = self._makeOne(target, checker) - try: + with self.assertRaises(ForbiddenAttribute): proxy <<= 3 - except ForbiddenAttribute: - pass - else: - self.fail() self.assertEqual(checker._checked, '__ilshift__') def test___irshift___not_inplace_checker_allows(self): @@ -1065,7 +1072,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy >>= 3 - self.assertFalse(proxy is before) + self.assertIsNot(proxy, before) self.assertEqual(proxy, 2) self.assertEqual(checker._checked, '__irshift__') @@ -1080,7 +1087,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy >>= 3 - self.assertTrue(proxy is before) + self.assertIs(proxy, before) self.assertEqual(target.value, 2) self.assertEqual(checker._checked, '__irshift__') @@ -1089,12 +1096,8 @@ class AbstractProxyTestBase(object): target = 16 checker = DummyChecker(ForbiddenAttribute) proxy = self._makeOne(target, checker) - try: + with self.assertRaises(ForbiddenAttribute): proxy >>= 3 - except ForbiddenAttribute: - pass - else: - self.fail() self.assertEqual(checker._checked, '__irshift__') def test___iand___not_inplace_checker_allows(self): @@ -1102,7 +1105,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy &= 3 - self.assertFalse(proxy is before) + self.assertIsNot(proxy, before) self.assertEqual(proxy, 3) self.assertEqual(checker._checked, '__iand__') @@ -1117,7 +1120,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy &= 3 - self.assertTrue(proxy is before) + self.assertIs(proxy, before) self.assertEqual(target.value, 3) self.assertEqual(checker._checked, '__iand__') @@ -1126,12 +1129,8 @@ class AbstractProxyTestBase(object): target = 7 checker = DummyChecker(ForbiddenAttribute) proxy = self._makeOne(target, checker) - try: + with self.assertRaises(ForbiddenAttribute): proxy &= 3 - except ForbiddenAttribute: - pass - else: - self.fail() self.assertEqual(checker._checked, '__iand__') def test___ixor___not_inplace_checker_allows(self): @@ -1139,7 +1138,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy ^= 3 - self.assertFalse(proxy is before) + self.assertIsNot(proxy, before) self.assertEqual(checker._checked, '__ixor__') self.assertEqual(proxy, 4) @@ -1154,7 +1153,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy ^= 3 - self.assertTrue(proxy is before) + self.assertIs(proxy, before) self.assertEqual(target.value, 4) self.assertEqual(checker._checked, '__ixor__') @@ -1163,12 +1162,10 @@ class AbstractProxyTestBase(object): target = 7 checker = DummyChecker(ForbiddenAttribute) proxy = self._makeOne(target, checker) - try: + + with self.assertRaises(ForbiddenAttribute): proxy ^= 3 - except ForbiddenAttribute: - pass - else: - self.fail() + self.assertEqual(checker._checked, '__ixor__') def test___ior___not_inplace_checker_allows(self): @@ -1176,7 +1173,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy |= 3 - self.assertFalse(proxy is before) + self.assertIsNot(proxy, before) self.assertEqual(proxy, 7) self.assertEqual(checker._checked, '__ior__') @@ -1191,7 +1188,7 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = before = self._makeOne(target, checker) proxy |= 3 - self.assertTrue(proxy is before) + self.assertIs(proxy, before) self.assertEqual(target.value, 7) self.assertEqual(checker._checked, '__ior__') @@ -1200,12 +1197,8 @@ class AbstractProxyTestBase(object): target = 6 checker = DummyChecker(ForbiddenAttribute) proxy = self._makeOne(target, checker) - try: + with self.assertRaises(ForbiddenAttribute): proxy |= 3 - except ForbiddenAttribute: - pass - else: - self.fail() self.assertEqual(checker._checked, '__ior__') def test___len___w_checker_allows(self): @@ -1223,6 +1216,20 @@ class AbstractProxyTestBase(object): self.assertRaises(ForbiddenAttribute, len, proxy) self.assertEqual(checker._checked, '__len__') + def test__length_hint_w_checker_allows(self): + target = iter([0, 1, 2]) + checker = DummyChecker() + proxy = self._makeOne(target, checker) + hint = object.__getattribute__(proxy, '__length_hint__') + self.assertEqual(3, hint()) + + def test__length_hint_dne(self): + target = object() + checker = DummyChecker() + proxy = self._makeOne(target, checker) + hint = object.__getattribute__(proxy, '__length_hint__') + self.assertEqual(NotImplemented, hint()) + def test___contains___hit_w_checker_allows(self): target = [0, 1, 2] checker = DummyChecker() @@ -1300,7 +1307,40 @@ class AbstractProxyTestBase(object): checker = DummyChecker() proxy = self._makeOne(target, checker) self.assertEqual(proxy[1:3], [1, 2]) - self.assertEqual(checker._checked, '__getslice__') + self.assertEqual(checker._checked, self.getslice) + + def test___getslice___error_propagates(self): + class Missing(Exception): + pass + class Get(object): + def __getitem__(self, x): + raise Missing('__getitem__') # pragma: no cover (only py3) + def __getslice__(self, start, stop): + raise Missing("__getslice__") + target = Get() + checker = DummyChecker() + proxy = self._makeOne(target, checker) + with self.assertRaisesRegexp(Missing, + self.getslice): + proxy[1:2] + + self.assertEqual(checker._checked, self.getslice) + + def test___getslice___dne_uses_getitem(self): + class Missing(Exception): + pass + class Get(object): + def __getitem__(self, x): + raise Missing('__getitem__') + + target = Get() + checker = DummyChecker() + proxy = self._makeOne(target, checker) + with self.assertRaisesRegexp(Missing, + '__getitem__'): + proxy[1:2] + + self.assertEqual(checker._checked, self.getslice) @_skip_if_not_Py2 def test___getslice___w_checker_forbids(self): @@ -1331,6 +1371,39 @@ class AbstractProxyTestBase(object): self.assertRaises(ForbiddenAttribute, _try) self.assertEqual(checker._checked, '__setslice__') + def test___setslice___error_propagates(self): + class Missing(Exception): + pass + class Set(object): + def __setitem__(self, k, v): + raise Missing('__setitem__') # pragma: no cover (only py3) + def __setslice__(self, start, stop, value): + raise Missing("__setslice__") + target = Set() + checker = DummyChecker() + proxy = self._makeOne(target, checker) + with self.assertRaisesRegexp(Missing, + self.setslice): + proxy[1:2] = 1 + + self.assertEqual(checker._checked, self.setslice) + + def test___setslice___dne_uses_setitem(self): + class Missing(Exception): + pass + class Set(object): + def __setitem__(self, k, v): + raise Missing('__setitem__') + + target = Set() + checker = DummyChecker() + proxy = self._makeOne(target, checker) + with self.assertRaisesRegexp(Missing, + '__setitem__'): + proxy[1:2] = 1 + + self.assertEqual(checker._checked, self.setslice) + def test___getitem___mapping_hit_w_checker_allows(self): target = {'a': 0, 'b': 1, 'c': 2} checker = DummyChecker() @@ -1416,14 +1489,24 @@ class ProxyPyTests(AbstractProxyTestBase, self.assertRaises(AttributeError, getattr, proxy, '_wrapped') self.assertRaises(AttributeError, getattr, proxy, '_checker') + def test_access_checker_from_subclass(self): + target = object() + checker = DummyChecker() + class Sub(self._getTargetClass()): + def get_checker(self): + return self._checker + + sub = Sub(target, checker) + self.assertIs(checker, sub.get_checker()) + def test_ctor_w_checker(self): from zope.security.proxy import getObjectPy, getCheckerPy # Can't access '_wrapped' / '_checker' in C version target = object() checker = object() proxy = self._makeOne(target, checker) - self.assertTrue(getObjectPy(proxy) is target) - self.assertTrue(getCheckerPy(proxy) is checker) + self.assertIs(getObjectPy(proxy), target) + self.assertIs(getCheckerPy(proxy), checker) def test___delattr___w__wrapped(self): target = object() @@ -1481,6 +1564,32 @@ class ProxyPyTests(AbstractProxyTestBase, finally: zope.security.proxy._builtin_isinstance = orig_builtin_isinstance + def test_getObjectPy_other_object(self): + # If it's not a proxy, return it + from zope.security.proxy import getObjectPy + self.assertIs(self, getObjectPy(self)) + + def test_get_reduce(self): + class Reduce(object): + def __reduce__(self): + return 1 + + def __reduce_ex__(self, prot): + return prot + + reduce_ = Reduce() + proxy = self._makeOne(reduce_, DummyChecker()) + self.assertEqual(1, proxy.__reduce__()) + self.assertEqual(2, proxy.__reduce_ex__(2)) + + def test__module__(self): + class WithModule(object): + __module__ = 'foo' + + module = WithModule() + proxy = self._makeOne(module, DummyChecker()) + self.assertEqual(WithModule.__module__, proxy.__module__) + class DummyChecker(object): _proxied = _checked = None def __init__(self, raising=None, allowed=()): @@ -1554,15 +1663,15 @@ class Checker(object): unproxied_types = {str,} - def check_getattr(self, object, name): + def check_getattr(self, _object, name): if name not in ("foo", "next", "__class__", "__name__", "__module__"): raise RuntimeError - def check_setattr(self, object, name): + def check_setattr(self, _object, name): if name != "foo": raise RuntimeError - def check(self, object, opname): + def check(self, _object, _opname): if not self.ok: raise RuntimeError @@ -1601,7 +1710,7 @@ class Something: return [42] def __setslice__(self, i, j, value): if value != [42]: - raise ValueError + raise AssertionError("Value should be [42]") def __contains__(self, x): return x == 42 @@ -1620,11 +1729,8 @@ class ProxyTests(unittest.TestCase): self.c.ok = 1 def testDerivation(self): - if PURE_PYTHON: - from zope.proxy import PyProxyBase as ProxyBase - else: - from zope.proxy import ProxyBase - self.assertTrue(isinstance(self.p, ProxyBase)) + from zope.proxy import ProxyBase + self.assertIsInstance(self.p, ProxyBase) def testStr(self): from zope.security.proxy import ProxyFactory @@ -1860,7 +1966,7 @@ class ProxyTests(unittest.TestCase): a = [1, 2, 3] pa = qa = P(a) pa += [4, 5, 6] - self.assertTrue(pa is qa) + self.assertIs(pa, qa) self.assertEqual(a, [1, 2, 3, 4, 5, 6]) def doit(): @@ -1872,10 +1978,10 @@ class ProxyTests(unittest.TestCase): pa **= 2 self.assertEqual(removeSecurityProxy(pa), 4) - def doit(): + def doit2(): pa = P(2) pa **= 2 - self.shouldFail(doit) + self.shouldFail(doit2) @_skip_if_not_Py2 def test_coerce(self): diff --git a/src/zope/security/tests/test_testing.py b/src/zope/security/tests/test_testing.py index 06be624..50b3f0d 100644 --- a/src/zope/security/tests/test_testing.py +++ b/src/zope/security/tests/test_testing.py @@ -13,17 +13,17 @@ ############################################################################## import unittest +from zope.testing.cleanup import CleanUp -class InteractionHelperTest(unittest.TestCase): +from zope.security import testing - def tearDown(self): - from zope.security.management import endInteraction - endInteraction() +class TestTestingFunctions(CleanUp, + unittest.TestCase): def test_create_interaction_should_return_principal(self): from zope.security.management import getInteraction - from zope.security.testing import create_interaction - principal = create_interaction( + + principal = testing.create_interaction( 'foo', groups=['bar'], description='desc') ix = getInteraction() participation = ix.participations[0] @@ -34,25 +34,41 @@ class InteractionHelperTest(unittest.TestCase): def test_usable_as_contextmanager(self): from zope.security.management import getInteraction from zope.security.management import queryInteraction - from zope.security.testing import interaction - with interaction('foo'): + + with testing.interaction('foo'): ix = getInteraction() participation = ix.participations[0] self.assertEqual('foo', participation.principal.id) + # Nesting doesn't change anything + with testing.interaction('baz'): + ix = getInteraction() + participation = ix.participations[0] + self.assertEqual('foo', participation.principal.id) + self.assertFalse(queryInteraction()) def test_contextmanager_ends_interaction_on_exception(self): from zope.security.management import queryInteraction - from zope.security.testing import interaction - try: - with interaction('foo'): - raise RuntimeError() - except RuntimeError: + class MyError(Exception): pass + + with self.assertRaises(MyError): + with testing.interaction('foo'): + raise MyError() + self.assertFalse(queryInteraction()) + def test_addCheckerPublic(self): + from zope import component + from zope.security.interfaces import IPermission + + perm = testing.addCheckerPublic() + utility = component.getUtility(IPermission, name='zope.Public') + self.assertIs(perm, utility) + + + + def test_suite(): - return unittest.TestSuite(( - unittest.makeSuite(InteractionHelperTest), - )) + return unittest.defaultTestLoader.loadTestsFromName(__name__) diff --git a/src/zope/security/tests/test_zcml_functest.py b/src/zope/security/tests/test_zcml_functest.py index b932734..eee6d57 100644 --- a/src/zope/security/tests/test_zcml_functest.py +++ b/src/zope/security/tests/test_zcml_functest.py @@ -16,14 +16,6 @@ import unittest import io -def _skip_wo_zope_configuration(testfunc): - try: - import zope.configuration.xmlconfig - except ImportError: - return unittest.skip("No zope.configuration")(testfunc) - else: - return testfunc - def configfile(s): return io.StringIO(u"""<configure @@ -42,12 +34,8 @@ class TestClassDirective(unittest.TestCase): del ExampleClass.__implements__ except AttributeError: pass - try: - from zope.component.testing import setUp - except ImportError: - pass - else: - setUp() + from zope.component.testing import setUp + setUp() def tearDown(self): from zope.security.tests.exampleclass import ExampleClass @@ -55,19 +43,16 @@ class TestClassDirective(unittest.TestCase): del ExampleClass.__implements__ except AttributeError: pass - try: - from zope.component.testing import tearDown - except ImportError: - pass - else: - tearDown() + + from zope.component.testing import tearDown + tearDown() def _meta(self): from zope.configuration.xmlconfig import XMLConfig import zope.security XMLConfig('meta.zcml', zope.security)() - @_skip_wo_zope_configuration + def testEmptyDirective(self): from zope.configuration.xmlconfig import xmlconfig self._meta() @@ -78,7 +63,6 @@ class TestClassDirective(unittest.TestCase): xmlconfig(f) - @_skip_wo_zope_configuration def testImplements(self): from zope.component.interface import queryInterface from zope.configuration.xmlconfig import xmlconfig @@ -100,7 +84,6 @@ class TestClassDirective(unittest.TestCase): "zope.security.tests.exampleclass.IExample"), IExample) - @_skip_wo_zope_configuration def testMulImplements(self): from zope.component.interface import queryInterface from zope.configuration.xmlconfig import xmlconfig @@ -131,7 +114,6 @@ class TestClassDirective(unittest.TestCase): "zope.security.tests.exampleclass.IExample2"), IExample2) - @_skip_wo_zope_configuration def testRequire(self): from zope.configuration.xmlconfig import xmlconfig self._meta() @@ -144,7 +126,6 @@ class TestClassDirective(unittest.TestCase): """) xmlconfig(f) - @_skip_wo_zope_configuration def testAllow(self): from zope.configuration.xmlconfig import xmlconfig self._meta() @@ -155,7 +136,6 @@ class TestClassDirective(unittest.TestCase): """) xmlconfig(f) - @_skip_wo_zope_configuration def testMimic(self): from zope.configuration.xmlconfig import xmlconfig self._meta() @@ -170,27 +150,19 @@ class TestClassDirective(unittest.TestCase): class TestFactorySubdirective(unittest.TestCase): def setUp(self): - try: - from zope.component.testing import setUp - except ImportError: - pass - else: - setUp() + from zope.component.testing import setUp + setUp() def tearDown(self): - try: - from zope.component.testing import tearDown - except ImportError: - pass - else: - tearDown() + from zope.component.testing import tearDown + tearDown() def _meta(self): from zope.configuration.xmlconfig import XMLConfig import zope.security XMLConfig('meta.zcml', zope.security)() - @_skip_wo_zope_configuration + def testFactory(self): from zope.component import getUtility from zope.component.interfaces import IFactory @@ -212,7 +184,6 @@ class TestFactorySubdirective(unittest.TestCase): self.assertEqual(factory.title, "Example content") self.assertEqual(factory.description, "Example description") - @_skip_wo_zope_configuration def testFactoryNoId(self): from zope.component import getUtility from zope.component.interfaces import IFactory @@ -238,7 +209,6 @@ class TestFactorySubdirective(unittest.TestCase): self.assertEqual(factory.description, "Example description") - @_skip_wo_zope_configuration def testFactoryPublicPermission(self): from zope.component import getUtility from zope.component.interfaces import IFactory @@ -258,23 +228,6 @@ class TestFactorySubdirective(unittest.TestCase): self.assertTrue(hasattr(factory, '__Security_checker__')) -class Context(object): - actions = () - - def action(self, discriminator, callable, args): - self.actions += ((discriminator, callable, args), ) - - def __repr__(self): - import re - import pprint - atre = re.compile(' at [0-9a-fA-Fx]+') - stream = io.StringIO() if bytes is not str else io.BytesIO() - pprinter = pprint.PrettyPrinter(stream=stream, width=60) - pprinter.pprint(self.actions) - r = stream.getvalue() - return (''.join(atre.split(r))).strip() - - template = """<configure xmlns='http://namespaces.zope.org/zope' xmlns:test='http://www.zope.org/NS/Zope3/test' @@ -286,27 +239,19 @@ template = """<configure class TestFactoryDirective(unittest.TestCase): def setUp(self): - try: - from zope.component.testing import setUp - except ImportError: - pass - else: - setUp() + from zope.component.testing import setUp + setUp() def tearDown(self): - try: - from zope.component.testing import tearDown - except ImportError: - pass - else: - tearDown() + from zope.component.testing import tearDown + tearDown() def meta(self): import zope.security from zope.configuration.xmlconfig import XMLConfig XMLConfig('meta.zcml', zope.security)() - @_skip_wo_zope_configuration + def testFactory(self): from zope.component import createObject from zope.configuration.xmlconfig import xmlconfig @@ -354,25 +299,23 @@ class TestRequireDirective(unittest.TestCase): def setUp(self): from zope.interface import implementer from zope.security.tests import module - try: - from zope.component.testing import setUp - except ImportError: - pass - else: - setUp() + from zope.component.testing import setUp + setUp() defineDirectives() class B(object): def m1(self): - return "m1" + raise AssertionError("Never called") def m2(self): - return "m2" + raise AssertionError("Never called") + @implementer(module.I) class C(B): def m3(self): - return "m3" + raise AssertionError("Never called") def m4(self): - return "m4" + raise AssertionError("Never called") + module.test_base = B module.test_class = C module.test_instance = C() @@ -381,12 +324,8 @@ class TestRequireDirective(unittest.TestCase): def tearDown(self): from zope.security.tests import module module.test_class = None - try: - from zope.component.testing import tearDown - except ImportError: - pass - else: - tearDown() + from zope.component.testing import tearDown + tearDown() def assertState(self, m1P=NOTSET, m2P=NOTSET, m3P=NOTSET): #Verify that class, instance, and methods have expected permissions @@ -405,7 +344,6 @@ class TestRequireDirective(unittest.TestCase): # "testSimple*" exercises tags that do NOT have children. This mode # inherently sets the instances as well as the class attributes. - @_skip_wo_zope_configuration def test_wo_any_attributes(self): from zope.configuration.exceptions import ConfigurationError from zope.security.tests import module @@ -421,7 +359,6 @@ class TestRequireDirective(unittest.TestCase): # "testSimple*" exercises tags that do NOT have children. This mode # inherently sets the instances as well as the class attributes. - @_skip_wo_zope_configuration def testSimpleMethodsPlural(self): declaration = ('''<class class="%s"> <require @@ -431,19 +368,6 @@ class TestRequireDirective(unittest.TestCase): % (_pfx("test_class"), P1)) self.assertDeclaration(declaration, m1P=P1, m3P=P1) - def assertSetattrState(self, m1P=NOTSET, m2P=NOTSET, m3P=NOTSET): - # Verify that class, instance, and methods have expected permissions - from zope.security.checker import selectChecker - from zope.security.tests import module - checker = selectChecker(module.test_instance) - self.assertEqual(checker.setattr_permission_id('m1'), (m1P or None)) - self.assertEqual(checker.setattr_permission_id('m2'), (m2P or None)) - self.assertEqual(checker.setattr_permission_id('m3'), (m3P or None)) - - def assertSetattrDeclaration(self, declaration, **state): - self.assertSetattrState(**state) - - @_skip_wo_zope_configuration def test_set_attributes(self): from zope.security.checker import selectChecker from zope.security.tests import module @@ -459,7 +383,6 @@ class TestRequireDirective(unittest.TestCase): self.assertEqual(checker.setattr_permission_id('m2'), None) self.assertEqual(checker.setattr_permission_id('m3'), P1) - @_skip_wo_zope_configuration def test_set_schema(self): from zope.component.interface import queryInterface from zope.security.checker import selectChecker @@ -485,7 +408,6 @@ class TestRequireDirective(unittest.TestCase): self.assertEqual(checker.setattr_permission_id('bar'), P1) self.assertEqual(checker.setattr_permission_id('baro'), None) - @_skip_wo_zope_configuration def test_multiple_set_schema(self): from zope.component.interface import queryInterface from zope.security.checker import selectChecker @@ -515,7 +437,6 @@ class TestRequireDirective(unittest.TestCase): self.assertEqual(checker.setattr_permission_id('bar2'), P1) self.assertEqual(checker.setattr_permission_id('baro'), None) - @_skip_wo_zope_configuration def testSimpleInterface(self): from zope.component.interface import queryInterface from zope.security.tests import module @@ -534,7 +455,6 @@ class TestRequireDirective(unittest.TestCase): self.assertEqual(queryInterface(_pfx("I")), module.I) - @_skip_wo_zope_configuration def testMultipleInterface(self): from zope.component.interface import queryInterface from zope.security.tests import module @@ -558,7 +478,7 @@ class TestRequireDirective(unittest.TestCase): # "testComposite*TopPerm" exercises tags with permission in containing tag. # "testComposite*ElementPerm" exercises tags w/permission in children. - @_skip_wo_zope_configuration + def testCompositeNoPerm(self): # Establish rejection of declarations lacking a permission spec. from zope.configuration.xmlconfig import ZopeXMLConfigurationError @@ -572,8 +492,6 @@ class TestRequireDirective(unittest.TestCase): declaration) - - @_skip_wo_zope_configuration def testCompositeMethodsPluralElementPerm(self): declaration = ('''<class class="%s"> <require @@ -584,7 +502,7 @@ class TestRequireDirective(unittest.TestCase): self.assertDeclaration(declaration, m1P=P1, m3P=P1) - @_skip_wo_zope_configuration + def testCompositeInterfaceTopPerm(self): declaration = ('''<class class="%s"> <require @@ -596,7 +514,6 @@ class TestRequireDirective(unittest.TestCase): m1P=P1, m2P=P1) - @_skip_wo_zope_configuration def testSubInterfaces(self): declaration = ('''<class class="%s"> <require @@ -608,7 +525,6 @@ class TestRequireDirective(unittest.TestCase): self.assertDeclaration(declaration, m1P=P1, m2P=P1) - @_skip_wo_zope_configuration def testMimicOnly(self): declaration = ('''<class class="%s"> <require @@ -625,7 +541,6 @@ class TestRequireDirective(unittest.TestCase): m1P=P1, m2P=P1) - @_skip_wo_zope_configuration def testMimicAsDefault(self): declaration = ('''<class class="%s"> <require @@ -654,7 +569,7 @@ def apply_declaration(declaration): return xmlconfig(io.StringIO(declaration)) -@_skip_wo_zope_configuration + def make_dummy(): from zope.interface import Interface import zope.security.zcml @@ -673,23 +588,14 @@ def dummy(context_, perm): class DirectivesTest(unittest.TestCase): def setUp(self): - try: - from zope.component.testing import setUp - except ImportError: - pass - else: - setUp() + from zope.component.testing import setUp + setUp() def tearDown(self): del perms[:] - try: - from zope.component.testing import tearDown - except ImportError: - pass - else: - tearDown() + from zope.component.testing import tearDown + tearDown() - @_skip_wo_zope_configuration def testRedefinePermission(self): from zope.configuration import xmlconfig from zope.security import tests @@ -34,7 +34,7 @@ basepython = commands = coverage run -m zope.testrunner --test-path=src [] coverage run -a -m sphinx -b doctest -d {envdir}/.cache/doctrees docs {envdir}/.cache/doctest - coverage report --fail-under=92 + coverage report --fail-under=100 deps = {[testenv]deps} coverage |