Back to index

plone3  3.1.7
Public Member Functions | Public Attributes
GroupUserFolder.tests.GRUFTestCase.GRUFTestCase Class Reference
Inheritance diagram for GroupUserFolder.tests.GRUFTestCase.GRUFTestCase:
Inheritance graph
[legend]

List of all members.

Public Member Functions

def gruf_setup
def gruf_sources_setup
def security_context_setup
def security_context_setup_users

Public Attributes

 gruf_folder
 gruf
 lr
 sublr
 sublr2
 sublr3
 subsublr2
 subsublr3

Detailed Description

Definition at line 84 of file GRUFTestCase.py.


Member Function Documentation

gruf_setup(self,) => Basic gruf setup

Definition at line 86 of file GRUFTestCase.py.

00086 
00087     def gruf_setup(self,):
00088         """
00089         gruf_setup(self,) => Basic gruf setup
00090         """
00091         # Replace default acl_user by a GRUF one
00092         self.folder.manage_delObjects(['acl_users'])
00093         self.folder.manage_addProduct['OFSP'].manage_addFolder('testFolder')
00094         self.gruf_folder = self.folder.testFolder
00095         self.gruf_folder.manage_addProduct['GroupUserFolder'].manage_addGroupUserFolder()
00096         self.gruf = self.gruf_folder.acl_users
00097 

Here is the caller graph for this function:

gruf_sources_setup(self,) => this method installs the required sources inside GRUF.
One can override this in a test case to install other sources and make another bunch of unit tests
For example, for LDAPUserFolder, use manage_addProduct/LDAPUserFolder/addLDAPUserFolder

Reimplemented in GroupUserFolder.tests.testLDAPGroupFolder.TestLDAPUserFolderGroups, and GroupUserFolder.tests.testLDAPUserFolder.TestLDAPUserFolderBasics.

Definition at line 98 of file GRUFTestCase.py.

00098 
00099     def gruf_sources_setup(self,):
00100         """
00101         gruf_sources_setup(self,) => this method installs the required sources inside GRUF.
00102         One can override this in a test case to install other sources and make another bunch of unit tests
00103         For example, for LDAPUserFolder, use manage_addProduct/LDAPUserFolder/addLDAPUserFolder
00104         """
00105         # Use this to replace the default user source
00106         self.gruf.replaceUserSource("Users", "manage_addProduct/OFSP/manage_addUserFolder")
00107 
00108         # Use this to replace the default group source
00109         self.gruf.replaceUserSource("Groups", "manage_addProduct/OFSP/manage_addUserFolder")
00110 
00111         # add a second (empty) user source
00112         self.gruf.addUserSource("manage_addProduct/OFSP/manage_addUserFolder")

Build a complex security environment

It creates:
  * 3 roles, r1, r2 and r3
  * 3 groups: g1, g2, g3
  * n users as follows (roles are between parenthesis)

      !   g1    ! g2(r1)     ! g3(r2)     ! g4(r2,r3)  !  Resulting roles !
  ------------!---------!------------!------------!------------!------------------!
  u1          !         !            !            !            !   => (no role)   !
  u2          !   X     !            !            !            !   => (no role)   !
  u3          !   X     !      X     !            !            !   => r1          !
  u4          !   X     !      X     !      X     !            !   => r1,r2       !
  u5(r1)      !         !      X     !      X     !            !   => r1,r2       !
  u6(r1)      !         !            !      X     !            !   => r1,r2       !
  u7(r1)      !         !            !            !     X      !   => r1,r2,r3    !
  ---------------------------------------------------------------------------------

It also creates a 'lr' folder in which g1 group and u3 and u6 are granted r3 role.


And then, it creates nested groups as follow (-> = belongs to group...):

     u/g   !  belongs to... ! resulting roles                     !
 ----------!----------------!-------------------------------------!
  ng1      !   g1           ! (no role)                           !
  ng2      !   g2, g3       ! r1, r2                              !
  ng3      !   g2, ng2      ! r1, r2                              !
  ng4(r3)  !   g2, ng2      ! r1, r2, r3                          !
  ng5      !   g2, ng4      ! r1, r2, r3                          !
  ng6      !   ng5, ng6     ! r1, r2, r3 (no circ. ref)           !
  u8       !   ng1          ! (no role)                           !
  u9       !   g1, ng2      ! r1, r2                              !
  u10      !   ng2, ng3     ! r1, r2                              !
  u11(r3)  !   ng2, ng3     ! r1, r2, r3                          !
  u12      !   ng5, ng6     ! r1, r2, r3                          !
 -----------------------------------------------------------------!

 Plus we have the following local roles matrix (roles inside parenthesis are implicitly
 user-defined, roles inside brackets are implicitly lr-defined).

 folder
   |
   |-- acl_users (GRUF)
   |
   |                                          r1    r2    r3
   |                             /--
   |                             | group_g1               x
   |-- lr                        | u3        (x)          x
       |                         | u6        (x)   (x)    x
       |                         \--
       |
       |                         /--
       |                         | group_g1              [x]
       |-- sublr                 | u3        (x)    x    [x]
       |                         | u6        (x)    x*   [x]
       |                         \--
       |
       |                         /--
       |                         | group_g1              [x]
       |-- sublr2                | u3        (x)    x    [x]
       |   |                     | u6        (x)    x*   [x]
       |   |                     \--
       |   |
       |   |                     /--
       |   |                     | group_g1              [x]
       |   |-- subsublr2         | u3        (x)   [x]   [x]
       |                         | u6        (x)  [(x)]  [x]
       |                         \--
       |
 (now we block local roles under this branch)
       |
       |                         /--
       |                         | group_g1              
       |-- sublr3                | u3        (x)    x    
   |                     | u6        (x)    x*   
   |                     \--
   |
   |                     /--
   |                     | group_g1              
   |-- subsublr3         | u3        (x)   [x]   
                         | u6        (x)  [(x)]  
                         \--
                         
*: u6 will have r2 as a localrole AND a userdefined role.

Definition at line 113 of file GRUFTestCase.py.

00113 
00114     def security_context_setup(self,):
00115         """
00116         Build a complex security environment
00117 
00118         It creates:
00119           * 3 roles, r1, r2 and r3
00120           * 3 groups: g1, g2, g3
00121           * n users as follows (roles are between parenthesis)
00122 
00123                       !   g1    ! g2(r1)     ! g3(r2)     ! g4(r2,r3)  !  Resulting roles !
00124           ------------!---------!------------!------------!------------!------------------!
00125           u1          !         !            !            !            !   => (no role)   !
00126           u2          !   X     !            !            !            !   => (no role)   !
00127           u3          !   X     !      X     !            !            !   => r1          !
00128           u4          !   X     !      X     !      X     !            !   => r1,r2       !
00129           u5(r1)      !         !      X     !      X     !            !   => r1,r2       !
00130           u6(r1)      !         !            !      X     !            !   => r1,r2       !
00131           u7(r1)      !         !            !            !     X      !   => r1,r2,r3    !
00132           ---------------------------------------------------------------------------------
00133 
00134         It also creates a 'lr' folder in which g1 group and u3 and u6 are granted r3 role.
00135 
00136 
00137         And then, it creates nested groups as follow (-> = belongs to group...):
00138 
00139              u/g   !  belongs to... ! resulting roles                     !
00140          ----------!----------------!-------------------------------------!
00141           ng1      !   g1           ! (no role)                           !
00142           ng2      !   g2, g3       ! r1, r2                              !
00143           ng3      !   g2, ng2      ! r1, r2                              !
00144           ng4(r3)  !   g2, ng2      ! r1, r2, r3                          !
00145           ng5      !   g2, ng4      ! r1, r2, r3                          !
00146           ng6      !   ng5, ng6     ! r1, r2, r3 (no circ. ref)           !
00147           u8       !   ng1          ! (no role)                           !
00148           u9       !   g1, ng2      ! r1, r2                              !
00149           u10      !   ng2, ng3     ! r1, r2                              !
00150           u11(r3)  !   ng2, ng3     ! r1, r2, r3                          !
00151           u12      !   ng5, ng6     ! r1, r2, r3                          !
00152          -----------------------------------------------------------------!
00153 
00154          Plus we have the following local roles matrix (roles inside parenthesis are implicitly
00155          user-defined, roles inside brackets are implicitly lr-defined).
00156 
00157          folder
00158            |
00159            |-- acl_users (GRUF)
00160            |
00161            |                                          r1    r2    r3
00162            |                             /--
00163            |                             | group_g1               x
00164            |-- lr                        | u3        (x)          x
00165                |                         | u6        (x)   (x)    x
00166                |                         \--
00167                |
00168                |                         /--
00169                |                         | group_g1              [x]
00170                |-- sublr                 | u3        (x)    x    [x]
00171                |                         | u6        (x)    x*   [x]
00172                |                         \--
00173                |
00174                |                         /--
00175                |                         | group_g1              [x]
00176                |-- sublr2                | u3        (x)    x    [x]
00177                |   |                     | u6        (x)    x*   [x]
00178                |   |                     \--
00179                |   |
00180                |   |                     /--
00181                |   |                     | group_g1              [x]
00182                |   |-- subsublr2         | u3        (x)   [x]   [x]
00183                |                         | u6        (x)  [(x)]  [x]
00184                |                         \--
00185                |
00186          (now we block local roles under this branch)
00187                |
00188                |                         /--
00189                |                         | group_g1              
00190                |-- sublr3                | u3        (x)    x    
00191                    |                     | u6        (x)    x*   
00192                    |                     \--
00193                    |
00194                    |                     /--
00195                    |                     | group_g1              
00196                    |-- subsublr3         | u3        (x)   [x]   
00197                                          | u6        (x)  [(x)]  
00198                                          \--
00199                                          
00200         *: u6 will have r2 as a localrole AND a userdefined role.
00201         """
00202         # Create a few roles
00203         self.gruf.userFolderAddRole("r1")
00204         self.gruf.userFolderAddRole("r2")
00205         self.gruf.userFolderAddRole("r3")
00206 
00207         # Set View permission on those roles
00208         permissions = self.gruf_folder.ac_inherited_permissions(1)
00209         for ip in range(len(permissions)):
00210             name, value = permissions[ip][:2]
00211             if name == "View":
00212                 break
00213         p=Permission.Permission(name,value, self.gruf_folder)
00214         p.setRoles(("r1", "r2", "r3", ))
00215 
00216         # Setup users and groups
00217         self.security_context_setup_groups()
00218         self.security_context_setup_users()
00219         
00220         # Create a few folders to play with
00221         self.gruf_folder.manage_addProduct['OFSP'].manage_addFolder('lr')
00222         lr = self.gruf_folder.lr
00223         lr.manage_addProduct['OFSP'].manage_addFolder("sublr")
00224         sublr = self.gruf_folder.lr.sublr
00225         lr.manage_addProduct['OFSP'].manage_addFolder("sublr2")
00226         sublr2 = self.gruf_folder.lr.sublr2
00227         sublr2.manage_addProduct['OFSP'].manage_addFolder("subsublr2")
00228         subsublr2 = self.gruf_folder.lr.sublr2.subsublr2
00229         lr.manage_addProduct['OFSP'].manage_addFolder("sublr3")
00230         sublr3 = self.gruf_folder.lr.sublr3
00231         sublr3.manage_addProduct['OFSP'].manage_addFolder("subsublr3")
00232         subsublr3 = self.gruf_folder.lr.sublr3.subsublr3
00233         self.gruf._acquireLocalRoles(sublr3, 0)
00234         lr.manage_addLocalRoles("group_g1", ("r3", ))
00235         lr.manage_addLocalRoles("u3", ("r3", ))
00236         lr.manage_addLocalRoles("u6", ("r3", ))
00237         sublr.manage_addLocalRoles("u3", ("r2", ))
00238         sublr.manage_addLocalRoles("u6", ("r2", ))
00239         sublr2.manage_addLocalRoles("u3", ("r2", ))
00240         sublr2.manage_addLocalRoles("u6", ("r2", ))
00241         sublr3.manage_addLocalRoles("u3", ("r2", ))
00242         sublr3.manage_addLocalRoles("u6", ("r2", ))
00243         self.lr = lr
00244         self.sublr = sublr
00245         self.sublr2 = sublr2
00246         self.sublr3 = sublr3
00247         self.subsublr2 = subsublr2
00248         self.subsublr3 = subsublr3
00249 

Here is the call graph for this function:

Here is the caller graph for this function:

Definition at line 250 of file GRUFTestCase.py.

00250 
00251     def security_context_setup_users(self,):
00252         # Create a manager and a few users
00253         self.gruf.userFolderAddUser('manager', 'secret', ('Manager',), (), (), )
00254         self.gruf.userFolderAddUser('u1', 'secret', (), (), (), )
00255         self.gruf.userFolderAddUser('u2', 'secret', (), (), ('g1', ), )
00256         self.gruf.userFolderAddUser('u3', 'secret', (), (), ('g1', 'g2'), )
00257         self.gruf.userFolderAddUser('u4', 'secret', (), (), ('g1', 'g2', 'g3'), )
00258         self.gruf.userFolderAddUser('u5', 'secret', ('r1', ), (), ('g2', 'g3'), )
00259         self.gruf.userFolderAddUser('u6', 'secret', ('r1', ), (), ('g3', ), )
00260         self.gruf.userFolderAddUser('u7', 'secret', ('r1', ), (), ('g4', ), )
00261 
00262         # Create nested-groups users
00263         self.gruf.userFolderAddUser('u8', 'secret', (), (), ('ng1', ), )        
00264         self.gruf.userFolderAddUser('u9', 'secret', (), (), ('g1', 'ng2', ), )
00265         self.gruf.userFolderAddUser('u10', 'secret', (), (), ('ng2', 'ng3', ), )        
        self.gruf.userFolderAddUser('u11', 'secret', ('r3', ), (), ('ng2', 'ng3', ), )        

Here is the caller graph for this function:


Member Data Documentation

Definition at line 95 of file GRUFTestCase.py.

Definition at line 93 of file GRUFTestCase.py.

Definition at line 242 of file GRUFTestCase.py.

Definition at line 243 of file GRUFTestCase.py.

Definition at line 244 of file GRUFTestCase.py.

Definition at line 245 of file GRUFTestCase.py.

Definition at line 246 of file GRUFTestCase.py.

Definition at line 247 of file GRUFTestCase.py.


The documentation for this class was generated from the following file: