Merge branch 'master' into pure_python_proxy

7 files changed, 57 insertions, 23 deletions

diff --git a/src/zope/security/_proxy.c b/src/zope/security/_proxy.c
index 52b5040..27edbb3 100644
--- a/src/zope/security/_proxy.c
+++ b/src/zope/security/_proxy.c
@@ -983,6 +983,11 @@ MOD_INIT(_proxy)
 {
   PyObject *m;
 
+  MOD_DEF(m, "_proxy", module___doc__, module_functions)
+
+  if (m == NULL)
+    return MOD_ERROR_VAL;
+
   if (Proxy_Import() < 0)
     return MOD_ERROR_VAL;
 
@@ -1083,11 +1088,6 @@ if((str_op_##S = INTERN("__" #S "__")) == NULL) return MOD_ERROR_VAL
   if (PyType_Ready(&SecurityProxyType) < 0)
     return MOD_ERROR_VAL;
 
-  MOD_DEF(m, "_proxy", module___doc__, module_functions)
-
-  if (m == NULL)
-    return MOD_ERROR_VAL;
-  
   Py_INCREF(&SecurityProxyType);
   PyModule_AddObject(m, "_Proxy", (PyObject *)&SecurityProxyType);
 
diff --git a/src/zope/security/_zope_security_checker.c b/src/zope/security/_zope_security_checker.c
index 1b91312..e5a2528 100644
--- a/src/zope/security/_zope_security_checker.c
+++ b/src/zope/security/_zope_security_checker.c
@@ -589,6 +589,14 @@ module_functions[] = {
 MOD_INIT(_zope_security_checker)
 {
   PyObject* m;
+  PyObject* mod;
+
+  MOD_DEF(mod, "_zope_security_checker", module___doc__, module_functions)
+
+  if (mod == NULL)
+  {
+    return MOD_ERROR_VAL;
+  }
 
   CheckerType.tp_new = PyType_GenericNew;
   if (PyType_Ready(&CheckerType) < 0)
@@ -673,14 +681,7 @@ if((str_##S = INTERN(#S)) == NULL) return MOD_ERROR_VAL
     return MOD_ERROR_VAL;
   }
 
-  MOD_DEF(m, "_zope_security_checker", module___doc__, module_functions)
-
-  if (m == NULL)
-  {
-    return MOD_ERROR_VAL;
-  }
-
-#define EXPORT(N) Py_INCREF(N); PyModule_AddObject(m, #N, N)
+#define EXPORT(N) Py_INCREF(N); PyModule_AddObject(mod, #N, N)
 
   EXPORT(_checkers);
   EXPORT(NoProxy);
@@ -688,7 +689,7 @@ if((str_##S = INTERN(#S)) == NULL) return MOD_ERROR_VAL
   EXPORT(_available_by_default);
 
   Py_INCREF(&CheckerType);
-  PyModule_AddObject(m, "Checker", (PyObject *)&CheckerType);
+  PyModule_AddObject(mod, "Checker", (PyObject *)&CheckerType);
 
-  return MOD_SUCCESS_VAL(m);
+  return MOD_SUCCESS_VAL(mod);
 }
diff --git a/src/zope/security/checker.py b/src/zope/security/checker.py
index e5f88dc..5f1d7df 100644
--- a/src/zope/security/checker.py
+++ b/src/zope/security/checker.py
@@ -595,7 +595,7 @@ _typeChecker = NamesChecker(
      '__implemented__'])
 _namedChecker = NamesChecker(['__name__'])
 
-_iteratorChecker = NamesChecker(['next', '__iter__'])
+_iteratorChecker = NamesChecker(['next', '__iter__', '__len__'])
 
 _setChecker = NamesChecker(['__iter__', '__len__', '__str__', '__contains__',
                             'copy', 'difference', 'intersection', 'issubset',
@@ -642,9 +642,13 @@ _basic_types = {
     datetime.time: NoProxy,
     datetime.tzinfo: NoProxy,
 }
-if PYTHON2:
+if PYTHON2: 
     _basic_types[long] = NoProxy
     _basic_types[unicode] = NoProxy
+else: #pragma NO COVER
+    _basic_types[type({}.values())] = NoProxy
+    _basic_types[type({}.keys())] = NoProxy
+    _basic_types[type({}.items())] = NoProxy
 
 try:
     import pytz
diff --git a/src/zope/security/examples/sandbox.py b/src/zope/security/examples/sandbox.py
index cb2455c..8a17984 100644
--- a/src/zope/security/examples/sandbox.py
+++ b/src/zope/security/examples/sandbox.py
@@ -253,7 +253,7 @@ class TimeGenerator(object):
                     home.transportAgent(a, new_home)
                 except Exception as e:
                     print('-- Exception --')
-                    print('moving "%s" from "%s" to "%s"' %(a, h,` new_home`))
+                    print('moving "%s" from "%s" to "%s"' %(a, h, repr(new_home)))
                     print(e)
                     print()
                 self.teardownAgent(a)
diff --git a/src/zope/security/metaconfigure.py b/src/zope/security/metaconfigure.py
index 54484ac..e2dd0a0 100644
--- a/src/zope/security/metaconfigure.py
+++ b/src/zope/security/metaconfigure.py
@@ -109,7 +109,7 @@ class ClassDirective(object):
 
     def __protectByInterface(self, interface, permission_id):
         "Set a permission on names in an interface."
-        for n, d in interface.namesAndDescriptions(1):
+        for n, d in sorted(interface.namesAndDescriptions(1)):
             self.__protectName(n, permission_id)
         self.__context.action(
             discriminator = None,
@@ -143,7 +143,7 @@ class ClassDirective(object):
     def __protectSetSchema(self, schema, permission_id):
         "Set a permission on a bunch of names."
         _context = self.__context
-        for name in schema:
+        for name in sorted(schema):
             field = schema[name]
             if IField.providedBy(field) and not field.readonly:
                 _context.action(
diff --git a/src/zope/security/testing.py b/src/zope/security/testing.py
index 53d1ebe..ee13db8 100644
--- a/src/zope/security/testing.py
+++ b/src/zope/security/testing.py
@@ -15,13 +15,30 @@
 
 This module provides some helper/stub objects for setting up interactions.
 """
+import sys
+import re
 
 from zope import interface, component
 from zope.security import interfaces
 from zope.security.permission import Permission
 import contextlib
 import zope.security.management
-
+from zope.testing import renormalizing
+
+PY2 = sys.version_info[0] == 2
+
+if PY2:
+    _u = unicode
+    rules = [(re.compile("b('.*?')"), r"\1"),
+             (re.compile('b(".*?")'), r"\1"),
+            ]
+    output_checker = renormalizing.RENormalizing(rules)
+else:
+    _u = str
+    rules = [(re.compile("u('.*?')"), r"\1"),
+             (re.compile('u(".*?")'), r"\1"),
+            ]
+    output_checker = renormalizing.RENormalizing(rules)
 
 @interface.implementer(interfaces.IPrincipal)
 class Principal:
diff --git a/src/zope/security/tests/test_proxy.py b/src/zope/security/tests/test_proxy.py
index 877616d..523cd03 100644
--- a/src/zope/security/tests/test_proxy.py
+++ b/src/zope/security/tests/test_proxy.py
@@ -14,6 +14,7 @@
 """Security proxy tests
 """
 import unittest
+import sys
 
 from zope.security._compat import PYTHON2
 
@@ -35,6 +36,15 @@ def _skip_if_Py2(testfunc):
         return dummy
     return testfunc
 
+def _fmt_address(obj):
+    # Try to replicate PyString_FromString("%p", obj), which actually uses
+    # the platform sprintf(buf, "%p", obj), which we cannot access from Python
+    # directly (and ctypes seems like overkill).
+    if sys.platform == 'win32':
+        return '0x%08x' % id(obj)
+    else:
+        return '0x%0x' % id(obj)
+
 
 class ProxyTestBase(object):
 
@@ -153,9 +163,10 @@ class ProxyTestBase(object):
         target = object()
         checker = DummyChecker(ForbiddenAttribute)
         proxy = self._makeOne(target, checker)
+        address = _fmt_address(target)
         self.assertEqual(str(proxy),
                          '<security proxied %s.object '
-                             'instance at 0x%0x>' % (_BUILTINS, id(target)))
+                             'instance at %s>' % (_BUILTINS, address))
 
     def test___repr___checker_allows_str(self):
         target = object()
@@ -169,9 +180,10 @@ class ProxyTestBase(object):
         target = object()
         checker = DummyChecker(ForbiddenAttribute)
         proxy = self._makeOne(target, checker)
+        address = _fmt_address(target)
         self.assertEqual(repr(proxy),
                          '<security proxied %s.object '
-                             'instance at 0x%0x>' % (_BUILTINS, id(target)))
+                             'instance at %s>' % (_BUILTINS, address))
 
     @_skip_if_not_Py2
     def test___cmp___w_self(self):