Back to index

plone3  3.1.7
security.py
Go to the documentation of this file.
00001 ##############################################################################
00002 #
00003 # Copyright (c) 2002 Zope Corporation and Contributors. All Rights Reserved.
00004 #
00005 # This software is subject to the provisions of the Zope Public License,
00006 # Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
00007 # THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
00008 # WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
00009 # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
00010 # FOR A PARTICULAR PURPOSE.
00011 #
00012 ##############################################################################
00013 """ Unit test security.
00014 
00015 $Id: security.py 68352 2006-05-29 15:55:43Z yuppie $
00016 """
00017 
00018 from AccessControl.PermissionRole import rolesForPermissionOn
00019 from Acquisition import Implicit
00020 
00021 
00022 class PermissiveSecurityPolicy:
00023     """
00024         Very permissive security policy for unit testing purposes.
00025     """
00026     #
00027     #   Standard SecurityPolicy interface
00028     #
00029     def validate( self
00030                 , accessed=None
00031                 , container=None
00032                 , name=None
00033                 , value=None
00034                 , context=None
00035                 , roles=None
00036                 , *args
00037                 , **kw):
00038         if name and name.startswith('hidden'):
00039             return False
00040         else:
00041             return True
00042 
00043     def checkPermission(self, permission, object, context):
00044         if permission == 'forbidden permission':
00045             return 0
00046         if permission == 'addFoo':
00047             return context.user.allowed(object, ['FooAdder'])
00048         roles = rolesForPermissionOn(permission, object)
00049         if isinstance(roles, basestring):
00050             roles=[roles]
00051         return context.user.allowed(object, roles)
00052 
00053 
00054 class OmnipotentUser( Implicit ):
00055     """
00056       Omnipotent User for unit testing purposes.
00057     """
00058     def getId( self ):
00059         return 'all_powerful_Oz'
00060 
00061     getUserName = getId
00062 
00063     def getRoles(self):
00064         return ('Manager',)
00065 
00066     def allowed( self, object, object_roles=None ):
00067         return 1
00068 
00069     def getRolesInContext(self, object):
00070         return ('Manager',)
00071 
00072     def _check_context(self, object):
00073         return True
00074 
00075 
00076 class UserWithRoles( Implicit ):
00077     """
00078       User with roles specified in constructor
00079       for unit testing purposes.
00080     """
00081     def __init__( self, *roles ):
00082         self._roles = roles
00083 
00084     def getId( self ):
00085         return 'high_roller'
00086 
00087     getUserName = getId
00088 
00089     def getRoles(self):
00090         return self._roles
00091 
00092     def allowed( self, object, object_roles=None ):
00093         if object_roles is None:
00094             object_roles=()
00095         for orole in object_roles:
00096             if orole in self._roles:
00097                 return 1
00098         return 0
00099 
00100 class AnonymousUser( Implicit ):
00101     """
00102       Anonymous USer for unit testing purposes.
00103     """
00104     def getId( self ):
00105         return 'Anonymous User'
00106 
00107     getUserName = getId
00108 
00109     def has_permission(self, permission, obj):
00110         # For types tool tests dealing with filtered_meta_types
00111         return 1
00112 
00113     def allowed( self, object, object_roles=None ):
00114         # for testing permissions on actions
00115         if object.getId() == 'actions_dummy':
00116             if 'Anonymous' in object_roles:
00117                 return 1
00118             else:
00119                 return 0
00120         return 1
00121 
00122     def getRoles(self):
00123         return ('Anonymous',)