src/zope/security/tests/test_simplepolicies.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127

##############################################################################
#
# Copyright (c) 2013 Zope Foundation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
import unittest


class ConformsToIInteraction(object):

    def test_class_conforms_to_IInteraction(self):
        from zope.interface.verify import verifyClass
        from zope.security.interfaces import IInteraction
        verifyClass(IInteraction, self._getTargetClass())

    def test_instance_conforms_to_IInteraction(self):
        from zope.interface.verify import verifyObject
        from zope.security.interfaces import IInteraction
        verifyObject(IInteraction, self._makeOne())


class ParanoidSecurityPolicyTests(unittest.TestCase,
                                  ConformsToIInteraction,
                                 ):

    def _getTargetClass(self):
        from zope.security.simplepolicies import ParanoidSecurityPolicy
        return ParanoidSecurityPolicy

    def _makeOne(self, *participations):
        return self._getTargetClass()(*participations)

    def test_ctor_no_participations(self):
        policy = self._makeOne()
        self.assertEqual(policy.participations, [])

    def test_ctor_w_participations(self):
        class Participation(object):
            interaction = None
        p1, p2, p3 = Participation(), Participation(), Participation()
        policy = self._makeOne(p1, p2, p3)
        self.assertEqual(policy.participations, [p1, p2, p3])
        self.assertTrue(p1.interaction is policy)
        self.assertTrue(p2.interaction is policy)
        self.assertTrue(p3.interaction is policy)

    def test_add_w_foreign_participation(self):
        class Participation(object):
            interaction = object()
        policy = self._makeOne()
        self.assertRaises(ValueError, policy.add, Participation())

    def test_remove_w_foreign_participation(self):
        class Participation(object):
            interaction = object()
        policy = self._makeOne()
        self.assertRaises(ValueError, policy.remove, Participation())

    def test_remove(self):
        class Participation(object):
            interaction = None
        p1, p2, p3 = Participation(), Participation(), Participation()
        policy = self._makeOne(p1, p2, p3)
        policy.remove(p2)
        target = object()
        self.assertEqual(policy.participations, [p1, p3])
        self.assertTrue(p1.interaction is policy)
        self.assertTrue(p2.interaction is None)
        self.assertTrue(p3.interaction is policy)

    def test_checkPermission_w_public(self):
        from zope.security.checker import CheckerPublic
        policy = self._makeOne()
        target = object()
        self.assertTrue(policy.checkPermission(CheckerPublic, target))

    def test_checkPermission_w_non_public_only_system_user(self):
        from zope.security._definitions import system_user
        class Participation(object):
            interaction = None
            principal = system_user
        policy = self._makeOne(Participation())
        permission = object()
        target = object()
        self.assertTrue(policy.checkPermission(permission, target))

    def test_checkPermission_w_non_public_other_user(self):
        class Participation(object):
            interaction = None
            principal = object()
        policy = self._makeOne(Participation())
        permission = object()
        target = object()
        self.assertFalse(policy.checkPermission(permission, target))


class PermissiveSecurityPolicyTests(unittest.TestCase,
                                    ConformsToIInteraction,
                                   ):

    def _getTargetClass(self):
        from zope.security.simplepolicies import PermissiveSecurityPolicy
        return PermissiveSecurityPolicy

    def _makeOne(self, *participations):
        return self._getTargetClass()(*participations)

    def test_checkPermission_w_public(self):
        policy = self._makeOne()
        permission = object()
        target = object()
        self.assertTrue(policy.checkPermission(permission, target))


def test_suite():
    return unittest.TestSuite((
        unittest.makeSuite(ParanoidSecurityPolicyTests),
        unittest.makeSuite(PermissiveSecurityPolicyTests),
    ))