Back to index

plone3  3.1.7
Public Member Functions | Private Member Functions
CMFCore.tests.test_utils.CoreUtilsSecurityTests Class Reference
Inheritance diagram for CMFCore.tests.test_utils.CoreUtilsSecurityTests:
Inheritance graph
[legend]
Collaboration diagram for CMFCore.tests.test_utils.CoreUtilsSecurityTests:
Collaboration graph
[legend]

List of all members.

Public Member Functions

def test__checkPermission
def test_mergedLocalRolesManipulation

Private Member Functions

def _makeSite

Detailed Description

Definition at line 82 of file test_utils.py.


Member Function Documentation

Definition at line 84 of file test_utils.py.

00084 
00085     def _makeSite(self):
00086         from AccessControl.Owned import Owned
00087         from Products.CMFCore.tests.base.dummy import DummySite
00088         from Products.CMFCore.tests.base.dummy import DummyUserFolder
00089         from Products.CMFCore.tests.base.dummy import DummyObject
00090 
00091         class _DummyObject(Owned, DummyObject):
00092             pass
00093 
00094         site = DummySite('site').__of__(self.root)
00095         site._setObject( 'acl_users', DummyUserFolder() )
00096         site._setObject('foo_dummy', _DummyObject(id='foo_dummy'))
00097         site._setObject('bar_dummy', _DummyObject(id='bar_dummy'))
00098 
00099         return site

Here is the caller graph for this function:

Definition at line 100 of file test_utils.py.

00100 
00101     def test__checkPermission(self):
00102         from AccessControl import getSecurityManager
00103         from AccessControl.ImplPython import ZopeSecurityPolicy
00104         from AccessControl.Permission import Permission
00105         from AccessControl.SecurityManagement import newSecurityManager
00106         from AccessControl.SecurityManager import setSecurityPolicy
00107         from Products.CMFCore.utils import _checkPermission
00108 
00109         setSecurityPolicy(ZopeSecurityPolicy())
00110         site = self._makeSite()
00111         newSecurityManager(None, site.acl_users.user_foo)
00112         o = site.bar_dummy
00113         Permission('View',(),o).setRoles(('Anonymous',))
00114         Permission('WebDAV access',(),o).setRoles(('Authenticated',))
00115         Permission('Manage users',(),o).setRoles(('Manager',))
00116         eo = site.foo_dummy
00117         eo._owner = (['acl_users'], 'all_powerful_Oz')
00118         getSecurityManager().addContext(eo)
00119         self.failUnless( _checkPermission('View', o) )
00120         self.failUnless( _checkPermission('WebDAV access', o) )
00121         self.failIf( _checkPermission('Manage users', o) )
00122 
00123         eo._proxy_roles = ('Authenticated',)
00124         self.failIf( _checkPermission('View', o) )
00125         self.failUnless( _checkPermission('WebDAV access', o) )
00126         self.failIf( _checkPermission('Manage users', o) )
00127 
00128         eo._proxy_roles = ('Manager',)
00129         self.failIf( _checkPermission('View', o) )
00130         self.failIf( _checkPermission('WebDAV access', o) )
00131         self.failUnless( _checkPermission('Manage users', o) )

Here is the call graph for this function:

Definition at line 132 of file test_utils.py.

00132 
00133     def test_mergedLocalRolesManipulation(self):
00134         # The _mergedLocalRoles function used to return references to
00135         # actual local role settings and it was possible to manipulate them
00136         # by changing the return value. http://www.zope.org/Collectors/CMF/376
00137         from Products.CMFCore.tests.base.dummy import DummyContent
00138         from Products.CMFCore.utils import _mergedLocalRoles
00139         obj = DummyContent()
00140         obj.manage_addLocalRoles('dummyuser1', ['Manager', 'Owner'])
00141         self.assertEqual(len(obj.get_local_roles_for_userid('dummyuser1')), 2)
00142 
00143         merged_roles = _mergedLocalRoles(obj)
00144         merged_roles['dummyuser1'].append('FOO')
00145 
00146         # The values on the object itself should still the the same
00147         self.assertEqual(len(obj.get_local_roles_for_userid('dummyuser1')), 2)
00148 

Here is the call graph for this function:


The documentation for this class was generated from the following file: