1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
##############################################################################
#
# Copyright (c) 2004-2011 Zope Foundation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""
Testing support code.
This module provides some helper/stub objects for setting up interactions.
"""
import contextlib
import re
from zope.testing import renormalizing
import zope.security.management
from zope import component
from zope import interface
from zope.security import interfaces
from zope.security._compat import PYTHON2 as PY2
from zope.security.interfaces import PUBLIC_PERMISSION_NAME
from zope.security.permission import Permission
_str_prefix = 'b' if PY2 else 'u'
rules = [
(re.compile(_str_prefix + "('.*?')"), r"\1"),
(re.compile(_str_prefix + '(".*?")'), r"\1"),
]
output_checker = renormalizing.RENormalizing(rules)
@interface.implementer(interfaces.IPrincipal)
class Principal(object):
"""
A trivial implementation of :class:`zope.security.interfaces.IPrincipal`.
"""
def __init__(self, id, title=None, description='', groups=None):
self.id = id
self.title = title or id
self.description = description
if groups is not None:
self.groups = groups
interface.directlyProvides(self, interfaces.IGroupAwarePrincipal)
@interface.implementer(interfaces.IParticipation)
class Participation(object):
"""
A trivial implementation of
:class:`zope.security.interfaces.IParticipation`.
"""
def __init__(self, principal):
self.principal = principal
self.interaction = None
def addCheckerPublic():
"""
Add the CheckerPublic permission as :data:`zope.Public
<zope.security.interfaces.PUBLIC_PERMISSION_NAME>`.
"""
perm = Permission(
PUBLIC_PERMISSION_NAME,
'Public',
"""Special permission used for resources that are always public
The public permission is effectively an optimization, sine
it allows security computation to be bypassed.
"""
)
gsm = component.getGlobalSiteManager()
gsm.registerUtility(perm, interfaces.IPermission, perm.id)
return perm
def create_interaction(principal_id, **kw):
"""
Create a new interaction for the given principal ID, make it the
:func:`current interaction
<zope.security.management.newInteraction>`, and return the
:class:`Principal` object.
"""
principal = Principal(principal_id, **kw)
participation = Participation(principal)
zope.security.management.newInteraction(participation)
return principal
@contextlib.contextmanager
def interaction(principal_id, **kw):
"""
A context manager for running an interaction for the given
principal ID.
"""
if zope.security.management.queryInteraction():
# There already is an interaction. Great. Leave it alone.
yield
else:
principal = create_interaction(principal_id, **kw)
try:
yield principal
finally:
zope.security.management.endInteraction()
|