Back to index

moin  1.9.0~rc2
Public Member Functions | Public Attributes
test_security.TestAcl Class Reference

List of all members.

Public Member Functions

def setup_method
def teardown_method
def testApplyACLByUser

Public Attributes

 savedUser

Detailed Description

security: testing access control list

TO DO: test unknown user?

Definition at line 183 of file test_security.py.


Member Function Documentation

def test_security.TestAcl.setup_method (   self,
  method 
)

Definition at line 188 of file test_security.py.

00188 
00189     def setup_method(self, method):
00190         # Backup user
00191         self.savedUser = self.request.user.name

def test_security.TestAcl.teardown_method (   self,
  method 
)

Definition at line 192 of file test_security.py.

00192 
00193     def teardown_method(self, method):
00194         # Restore user
00195         self.request.user.name = self.savedUser

security: applying acl by user name

Definition at line 196 of file test_security.py.

00196 
00197     def testApplyACLByUser(self):
00198         """ security: applying acl by user name"""
00199         # This acl string...
00200         acl_rights = [
00201             "-MinusGuy:read "
00202             "+MinusGuy:read "
00203             "+PlusGuy:read "
00204             "-PlusGuy:read "
00205             "Admin1,Admin2:read,write,delete,revert,admin  "
00206             "Admin3:read,write,admin  "
00207             "JoeDoe:read,write  "
00208             "name with spaces,another one:read,write  "
00209             "CamelCase,extended name:read,write  "
00210             "BadGuy:  "
00211             "All:read  "
00212             ]
00213         acl = security.AccessControlList(self.request.cfg, acl_rights)
00214 
00215         # Should apply these rights:
00216         users = (
00217             # user,                 rights
00218             # CamelCase names
00219             ('Admin1', ('read', 'write', 'admin', 'revert', 'delete')),
00220             ('Admin2', ('read', 'write', 'admin', 'revert', 'delete')),
00221             ('Admin3', ('read', 'write', 'admin')),
00222             ('JoeDoe', ('read', 'write')),
00223             ('SomeGuy', ('read', )),
00224             # Extended names or mix of extended and CamelCase
00225             ('name with spaces', ('read', 'write', )),
00226             ('another one', ('read', 'write', )),
00227             ('CamelCase', ('read', 'write', )),
00228             ('extended name', ('read', 'write', )),
00229             # Blocking bad guys
00230             ('BadGuy', ()),
00231             # All other users - every one not mentioned in the acl lines
00232             ('All', ('read', )),
00233             ('Anonymous', ('read', )),
00234             # we check whether ACL processing stops for a user/right match
00235             # with ACL modifiers
00236             ('MinusGuy', ()),
00237             ('PlusGuy', ('read', )),
00238             )
00239 
00240         # Check rights
00241         for user, may in users:
00242             mayNot = [right for right in self.request.cfg.acl_rights_valid
00243                       if right not in may]
00244             # User should have these rights...
00245             for right in may:
00246                 assert acl.may(self.request, user, right)
00247             # But NOT these:
00248             for right in mayNot:
00249                 assert not acl.may(self.request, user, right)
00250 

Here is the call graph for this function:


Member Data Documentation

Definition at line 190 of file test_security.py.


The documentation for this class was generated from the following file: