src/zope/security/tests/test_simplepolicies.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133

##############################################################################
#
# Copyright (c) 2013 Zope Foundation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
import unittest


class ConformsToIInteraction(object):

    def _getTargetClass(self):
        raise NotImplementedError("Subclass responsibility")

    def _makeOne(self, *participations):
        return self._getTargetClass()(*participations)

    def test_class_conforms_to_IInteraction(self):
        from zope.interface.verify import verifyClass

        from zope.security.interfaces import IInteraction
        verifyClass(IInteraction, self._getTargetClass())

    def test_instance_conforms_to_IInteraction(self):
        from zope.interface.verify import verifyObject

        from zope.security.interfaces import IInteraction
        verifyObject(IInteraction, self._makeOne())


class ParanoidSecurityPolicyTests(unittest.TestCase,
                                  ConformsToIInteraction,
                                  ):

    def _getTargetClass(self):
        from zope.security.simplepolicies import ParanoidSecurityPolicy
        return ParanoidSecurityPolicy

    def test_ctor_no_participations(self):
        policy = self._makeOne()
        self.assertEqual(policy.participations, [])

    def test_ctor_w_participations(self):
        class Participation(object):
            interaction = None
        p1, p2, p3 = Participation(), Participation(), Participation()
        policy = self._makeOne(p1, p2, p3)
        self.assertEqual(policy.participations, [p1, p2, p3])
        self.assertTrue(p1.interaction is policy)
        self.assertTrue(p2.interaction is policy)
        self.assertTrue(p3.interaction is policy)

    def test_add_w_foreign_participation(self):
        class Participation(object):
            interaction = object()
        policy = self._makeOne()
        self.assertRaises(ValueError, policy.add, Participation())

    def test_remove_w_foreign_participation(self):
        class Participation(object):
            interaction = object()
        policy = self._makeOne()
        self.assertRaises(ValueError, policy.remove, Participation())

    def test_remove(self):
        class Participation(object):
            interaction = None
        p1, p2, p3 = Participation(), Participation(), Participation()
        policy = self._makeOne(p1, p2, p3)
        policy.remove(p2)

        self.assertEqual(policy.participations, [p1, p3])
        self.assertTrue(p1.interaction is policy)
        self.assertTrue(p2.interaction is None)
        self.assertTrue(p3.interaction is policy)

    def test_checkPermission_w_public(self):
        from zope.security.checker import CheckerPublic
        policy = self._makeOne()
        target = object()
        self.assertTrue(policy.checkPermission(CheckerPublic, target))

    def test_checkPermission_w_non_public_only_system_user(self):
        from zope.security._definitions import system_user

        class Participation(object):
            interaction = None
            principal = system_user
        policy = self._makeOne(Participation())
        permission = object()
        target = object()
        self.assertTrue(policy.checkPermission(permission, target))

    def test_checkPermission_w_non_public_other_user(self):
        class Participation(object):
            interaction = None
            principal = object()
        policy = self._makeOne(Participation())
        permission = object()
        target = object()
        self.assertFalse(policy.checkPermission(permission, target))

    def test_checkPermission_w_no_participations(self):
        # The permission and object don't matter: if there are no
        # participations, access is allowed.
        policy = self._makeOne()
        self.assertTrue(policy.checkPermission(None, None))
        self.assertTrue(policy.checkPermission(self, self))


class PermissiveSecurityPolicyTests(unittest.TestCase,
                                    ConformsToIInteraction):

    def _getTargetClass(self):
        from zope.security.simplepolicies import PermissiveSecurityPolicy
        return PermissiveSecurityPolicy

    def test_checkPermission_w_public(self):
        policy = self._makeOne()
        permission = object()
        target = object()
        self.assertTrue(policy.checkPermission(permission, target))


def test_suite():
    return unittest.defaultTestLoader.loadTestsFromName(__name__)