1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
|
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Foundation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" Unit tests for zope.security.management
"""
import unittest
class Test(unittest.TestCase):
def setUp(self):
self._cleanUp()
def tearDown(self):
self._cleanUp()
def _cleanUp(self):
from zope.security.management import _clear
from zope.security.management import endInteraction
_clear()
endInteraction()
def test_import(self):
from zope.interface.verify import verifyObject
from zope.security import management
from zope.security.interfaces import IInteractionManagement
from zope.security.interfaces import ISecurityManagement
verifyObject(ISecurityManagement, management)
verifyObject(IInteractionManagement, management)
def test_securityPolicy(self):
from zope.security.management import getSecurityPolicy
from zope.security.management import setSecurityPolicy
from zope.security.simplepolicies import PermissiveSecurityPolicy
policy = PermissiveSecurityPolicy
setSecurityPolicy(policy)
self.assertTrue(getSecurityPolicy() is policy)
def test_getInteraction_none_present(self):
from zope.security.interfaces import NoInteraction
from zope.security.management import getInteraction
self.assertRaises(NoInteraction, getInteraction)
def test_queryInteraction_none_present(self):
from zope.security.management import queryInteraction
self.assertEqual(queryInteraction(), None)
def test_newInteraction(self):
from zope.security.management import newInteraction
from zope.security.management import queryInteraction
newInteraction()
interaction = queryInteraction()
self.assertTrue(interaction is not None)
def test_newInteraction_repeated_without_end(self):
from zope.security.management import ExistingInteraction
from zope.security.management import newInteraction
newInteraction()
self.assertRaises(ExistingInteraction, newInteraction)
def test_endInteraction(self):
from zope.security.management import endInteraction
from zope.security.management import newInteraction
from zope.security.management import queryInteraction
newInteraction()
endInteraction()
self.assertEqual(queryInteraction(), None)
def test_endInteraction_repeated(self):
from zope.security.management import endInteraction
from zope.security.management import newInteraction
from zope.security.management import queryInteraction
newInteraction()
queryInteraction()
endInteraction()
self.assertEqual(queryInteraction(), None)
endInteraction()
self.assertEqual(queryInteraction(), None)
def test_restoreInteraction_after_end(self):
from zope.security.management import endInteraction
from zope.security.management import newInteraction
from zope.security.management import queryInteraction
from zope.security.management import restoreInteraction
newInteraction()
interaction = queryInteraction()
endInteraction()
restoreInteraction()
self.assertTrue(interaction is queryInteraction())
def test_restoreInteraction_after_new(self):
from zope.security.management import newInteraction
from zope.security.management import queryInteraction
from zope.security.management import restoreInteraction
newInteraction()
self.assertTrue(queryInteraction() is not None)
restoreInteraction() # restore to no interaction
self.assertTrue(queryInteraction() is None)
def test_restoreInteraction_after_neither(self):
from zope.security._definitions import thread_local
from zope.security.management import queryInteraction
from zope.security.management import restoreInteraction
try:
del thread_local.interaction
except AttributeError:
pass
try:
del thread_local.previous_interaction
except AttributeError:
pass
restoreInteraction()
self.assertTrue(queryInteraction() is None)
def test_checkPermission_w_no_interaction(self):
from zope.security.interfaces import NoInteraction
from zope.security.management import checkPermission
permission = 'zope.Test'
obj = object()
self.assertRaises(NoInteraction, checkPermission, permission, obj)
def test_checkPermission_w_interaction(self):
from zope.security.management import checkPermission
from zope.security.management import newInteraction
from zope.security.management import queryInteraction
from zope.security.management import setSecurityPolicy
permission = 'zope.Test'
obj = object()
class PolicyStub(object):
def checkPermission(s, p, o,):
self.assertTrue(p is permission)
self.assertTrue(o is obj)
self.assertTrue(s is queryInteraction() or s is interaction)
return s is interaction
setSecurityPolicy(PolicyStub)
newInteraction()
interaction = queryInteraction()
self.assertEqual(checkPermission(permission, obj), True)
def test_checkPermission_forbidden_policy(self):
from zope.security import checkPermission
from zope.security.checker import CheckerPublic
from zope.security.management import newInteraction
from zope.security.management import setSecurityPolicy
obj = object()
class ForbiddenPolicyStub(object):
def checkPermission(s, p, o):
return False
setSecurityPolicy(ForbiddenPolicyStub)
newInteraction()
self.assertEqual(checkPermission('zope.Test', obj), False)
self.assertEqual(checkPermission(None, obj), True)
self.assertEqual(checkPermission(CheckerPublic, obj), True)
def test_system_user(self):
from zope.interface.verify import verifyObject
from zope.security.interfaces import IPrincipal
from zope.security.interfaces import ISystemPrincipal
from zope.security.management import system_user
self.assertEqual(system_user.id,
u'zope.security.management.system_user')
self.assertEqual(system_user.title, u'System')
for name in 'id', 'title', 'description':
self.assertIsInstance(getattr(system_user, name),
type(u''))
verifyObject(IPrincipal, system_user)
verifyObject(ISystemPrincipal, system_user)
def test_suite():
return unittest.defaultTestLoader.loadTestsFromName(__name__)
|
