Back to index

plone3  3.1.7
Public Member Functions | Public Attributes | Static Private Attributes
GroupUserFolder.tests.testGroupUserFolder.TestGroupUserFolderCopy Class Reference
Inheritance diagram for GroupUserFolder.tests.testGroupUserFolder.TestGroupUserFolderCopy:
Inheritance graph
[legend]
Collaboration diagram for GroupUserFolder.tests.testGroupUserFolder.TestGroupUserFolderCopy:
Collaboration graph
[legend]

List of all members.

Public Member Functions

def afterSetUp
def test00userNames
def test00userIds
def test01userRoles
def test02securityMatrix
def test03usersBelongToGroups
def gruf_setup
def gruf_sources_setup
def security_context_setup
def security_context_setup_users

Public Attributes

 gruf_folder
 gruf
 lr
 sublr
 sublr2
 sublr3
 subsublr2
 subsublr3

Static Private Attributes

int _setup_done = 0

Detailed Description

Same tests as the previous class, but AFTER a copy/paste operation

Definition at line 502 of file testGroupUserFolder.py.


Member Function Documentation

afterSetUp(self,) => Basic gruf setup with a copy/paste

Definition at line 508 of file testGroupUserFolder.py.

00508 
00509     def afterSetUp(self,):
00510         """
00511         afterSetUp(self,) => Basic gruf setup with a copy/paste
00512         """
00513         # Build a security context with the regular GRUF Folder
00514         self.gruf_setup()
00515         self.security_context_setup()
00516 
00517         # Perform tests to ensure using GRUF and filling all caches
00518         self.test00userNames()
00519         self.test01userRoles()
00520         self.test02securityMatrix()
00521         self.test03usersBelongToGroups()
00522         self.test04localRoles()
00523         self.test05nestedGroups()
00524         self.test06doubleNesting()
00525 
00526         # Now copy/paste a re-build the security context in another folder
00527         self._setupUser()
00528         self.setRoles(['Manager'])
00529         self.folder.manage_addProduct['OFSP'].manage_addFolder('gruf_folder2')
00530         folder2 = self.folder.gruf_folder2
00531 
00532         # copy/paste GRUF inside
00533         copy = self.gruf_folder.manage_copyObjects(ids = ['acl_users',],)
00534         folder2.manage_pasteObjects(cb_copy_data = copy)
00535 
00536         # Back to normal
00537         self.setRoles(ZopeTestCase.user_role)
00538 

Here is the call graph for this function:

gruf_setup(self,) => Basic gruf setup

Definition at line 86 of file GRUFTestCase.py.

00086 
00087     def gruf_setup(self,):
00088         """
00089         gruf_setup(self,) => Basic gruf setup
00090         """
00091         # Replace default acl_user by a GRUF one
00092         self.folder.manage_delObjects(['acl_users'])
00093         self.folder.manage_addProduct['OFSP'].manage_addFolder('testFolder')
00094         self.gruf_folder = self.folder.testFolder
00095         self.gruf_folder.manage_addProduct['GroupUserFolder'].manage_addGroupUserFolder()
00096         self.gruf = self.gruf_folder.acl_users
00097 

Here is the caller graph for this function:

gruf_sources_setup(self,) => this method installs the required sources inside GRUF.
One can override this in a test case to install other sources and make another bunch of unit tests
For example, for LDAPUserFolder, use manage_addProduct/LDAPUserFolder/addLDAPUserFolder

Reimplemented in GroupUserFolder.tests.testLDAPGroupFolder.TestLDAPUserFolderGroups, and GroupUserFolder.tests.testLDAPUserFolder.TestLDAPUserFolderBasics.

Definition at line 98 of file GRUFTestCase.py.

00098 
00099     def gruf_sources_setup(self,):
00100         """
00101         gruf_sources_setup(self,) => this method installs the required sources inside GRUF.
00102         One can override this in a test case to install other sources and make another bunch of unit tests
00103         For example, for LDAPUserFolder, use manage_addProduct/LDAPUserFolder/addLDAPUserFolder
00104         """
00105         # Use this to replace the default user source
00106         self.gruf.replaceUserSource("Users", "manage_addProduct/OFSP/manage_addUserFolder")
00107 
00108         # Use this to replace the default group source
00109         self.gruf.replaceUserSource("Groups", "manage_addProduct/OFSP/manage_addUserFolder")
00110 
00111         # add a second (empty) user source
00112         self.gruf.addUserSource("manage_addProduct/OFSP/manage_addUserFolder")

Build a complex security environment

It creates:
  * 3 roles, r1, r2 and r3
  * 3 groups: g1, g2, g3
  * n users as follows (roles are between parenthesis)

      !   g1    ! g2(r1)     ! g3(r2)     ! g4(r2,r3)  !  Resulting roles !
  ------------!---------!------------!------------!------------!------------------!
  u1          !         !            !            !            !   => (no role)   !
  u2          !   X     !            !            !            !   => (no role)   !
  u3          !   X     !      X     !            !            !   => r1          !
  u4          !   X     !      X     !      X     !            !   => r1,r2       !
  u5(r1)      !         !      X     !      X     !            !   => r1,r2       !
  u6(r1)      !         !            !      X     !            !   => r1,r2       !
  u7(r1)      !         !            !            !     X      !   => r1,r2,r3    !
  ---------------------------------------------------------------------------------

It also creates a 'lr' folder in which g1 group and u3 and u6 are granted r3 role.


And then, it creates nested groups as follow (-> = belongs to group...):

     u/g   !  belongs to... ! resulting roles                     !
 ----------!----------------!-------------------------------------!
  ng1      !   g1           ! (no role)                           !
  ng2      !   g2, g3       ! r1, r2                              !
  ng3      !   g2, ng2      ! r1, r2                              !
  ng4(r3)  !   g2, ng2      ! r1, r2, r3                          !
  ng5      !   g2, ng4      ! r1, r2, r3                          !
  ng6      !   ng5, ng6     ! r1, r2, r3 (no circ. ref)           !
  u8       !   ng1          ! (no role)                           !
  u9       !   g1, ng2      ! r1, r2                              !
  u10      !   ng2, ng3     ! r1, r2                              !
  u11(r3)  !   ng2, ng3     ! r1, r2, r3                          !
  u12      !   ng5, ng6     ! r1, r2, r3                          !
 -----------------------------------------------------------------!

 Plus we have the following local roles matrix (roles inside parenthesis are implicitly
 user-defined, roles inside brackets are implicitly lr-defined).

 folder
   |
   |-- acl_users (GRUF)
   |
   |                                          r1    r2    r3
   |                             /--
   |                             | group_g1               x
   |-- lr                        | u3        (x)          x
       |                         | u6        (x)   (x)    x
       |                         \--
       |
       |                         /--
       |                         | group_g1              [x]
       |-- sublr                 | u3        (x)    x    [x]
       |                         | u6        (x)    x*   [x]
       |                         \--
       |
       |                         /--
       |                         | group_g1              [x]
       |-- sublr2                | u3        (x)    x    [x]
       |   |                     | u6        (x)    x*   [x]
       |   |                     \--
       |   |
       |   |                     /--
       |   |                     | group_g1              [x]
       |   |-- subsublr2         | u3        (x)   [x]   [x]
       |                         | u6        (x)  [(x)]  [x]
       |                         \--
       |
 (now we block local roles under this branch)
       |
       |                         /--
       |                         | group_g1              
       |-- sublr3                | u3        (x)    x    
   |                     | u6        (x)    x*   
   |                     \--
   |
   |                     /--
   |                     | group_g1              
   |-- subsublr3         | u3        (x)   [x]   
                         | u6        (x)  [(x)]  
                         \--
                         
*: u6 will have r2 as a localrole AND a userdefined role.

Definition at line 113 of file GRUFTestCase.py.

00113 
00114     def security_context_setup(self,):
00115         """
00116         Build a complex security environment
00117 
00118         It creates:
00119           * 3 roles, r1, r2 and r3
00120           * 3 groups: g1, g2, g3
00121           * n users as follows (roles are between parenthesis)
00122 
00123                       !   g1    ! g2(r1)     ! g3(r2)     ! g4(r2,r3)  !  Resulting roles !
00124           ------------!---------!------------!------------!------------!------------------!
00125           u1          !         !            !            !            !   => (no role)   !
00126           u2          !   X     !            !            !            !   => (no role)   !
00127           u3          !   X     !      X     !            !            !   => r1          !
00128           u4          !   X     !      X     !      X     !            !   => r1,r2       !
00129           u5(r1)      !         !      X     !      X     !            !   => r1,r2       !
00130           u6(r1)      !         !            !      X     !            !   => r1,r2       !
00131           u7(r1)      !         !            !            !     X      !   => r1,r2,r3    !
00132           ---------------------------------------------------------------------------------
00133 
00134         It also creates a 'lr' folder in which g1 group and u3 and u6 are granted r3 role.
00135 
00136 
00137         And then, it creates nested groups as follow (-> = belongs to group...):
00138 
00139              u/g   !  belongs to... ! resulting roles                     !
00140          ----------!----------------!-------------------------------------!
00141           ng1      !   g1           ! (no role)                           !
00142           ng2      !   g2, g3       ! r1, r2                              !
00143           ng3      !   g2, ng2      ! r1, r2                              !
00144           ng4(r3)  !   g2, ng2      ! r1, r2, r3                          !
00145           ng5      !   g2, ng4      ! r1, r2, r3                          !
00146           ng6      !   ng5, ng6     ! r1, r2, r3 (no circ. ref)           !
00147           u8       !   ng1          ! (no role)                           !
00148           u9       !   g1, ng2      ! r1, r2                              !
00149           u10      !   ng2, ng3     ! r1, r2                              !
00150           u11(r3)  !   ng2, ng3     ! r1, r2, r3                          !
00151           u12      !   ng5, ng6     ! r1, r2, r3                          !
00152          -----------------------------------------------------------------!
00153 
00154          Plus we have the following local roles matrix (roles inside parenthesis are implicitly
00155          user-defined, roles inside brackets are implicitly lr-defined).
00156 
00157          folder
00158            |
00159            |-- acl_users (GRUF)
00160            |
00161            |                                          r1    r2    r3
00162            |                             /--
00163            |                             | group_g1               x
00164            |-- lr                        | u3        (x)          x
00165                |                         | u6        (x)   (x)    x
00166                |                         \--
00167                |
00168                |                         /--
00169                |                         | group_g1              [x]
00170                |-- sublr                 | u3        (x)    x    [x]
00171                |                         | u6        (x)    x*   [x]
00172                |                         \--
00173                |
00174                |                         /--
00175                |                         | group_g1              [x]
00176                |-- sublr2                | u3        (x)    x    [x]
00177                |   |                     | u6        (x)    x*   [x]
00178                |   |                     \--
00179                |   |
00180                |   |                     /--
00181                |   |                     | group_g1              [x]
00182                |   |-- subsublr2         | u3        (x)   [x]   [x]
00183                |                         | u6        (x)  [(x)]  [x]
00184                |                         \--
00185                |
00186          (now we block local roles under this branch)
00187                |
00188                |                         /--
00189                |                         | group_g1              
00190                |-- sublr3                | u3        (x)    x    
00191                    |                     | u6        (x)    x*   
00192                    |                     \--
00193                    |
00194                    |                     /--
00195                    |                     | group_g1              
00196                    |-- subsublr3         | u3        (x)   [x]   
00197                                          | u6        (x)  [(x)]  
00198                                          \--
00199                                          
00200         *: u6 will have r2 as a localrole AND a userdefined role.
00201         """
00202         # Create a few roles
00203         self.gruf.userFolderAddRole("r1")
00204         self.gruf.userFolderAddRole("r2")
00205         self.gruf.userFolderAddRole("r3")
00206 
00207         # Set View permission on those roles
00208         permissions = self.gruf_folder.ac_inherited_permissions(1)
00209         for ip in range(len(permissions)):
00210             name, value = permissions[ip][:2]
00211             if name == "View":
00212                 break
00213         p=Permission.Permission(name,value, self.gruf_folder)
00214         p.setRoles(("r1", "r2", "r3", ))
00215 
00216         # Setup users and groups
00217         self.security_context_setup_groups()
00218         self.security_context_setup_users()
00219         
00220         # Create a few folders to play with
00221         self.gruf_folder.manage_addProduct['OFSP'].manage_addFolder('lr')
00222         lr = self.gruf_folder.lr
00223         lr.manage_addProduct['OFSP'].manage_addFolder("sublr")
00224         sublr = self.gruf_folder.lr.sublr
00225         lr.manage_addProduct['OFSP'].manage_addFolder("sublr2")
00226         sublr2 = self.gruf_folder.lr.sublr2
00227         sublr2.manage_addProduct['OFSP'].manage_addFolder("subsublr2")
00228         subsublr2 = self.gruf_folder.lr.sublr2.subsublr2
00229         lr.manage_addProduct['OFSP'].manage_addFolder("sublr3")
00230         sublr3 = self.gruf_folder.lr.sublr3
00231         sublr3.manage_addProduct['OFSP'].manage_addFolder("subsublr3")
00232         subsublr3 = self.gruf_folder.lr.sublr3.subsublr3
00233         self.gruf._acquireLocalRoles(sublr3, 0)
00234         lr.manage_addLocalRoles("group_g1", ("r3", ))
00235         lr.manage_addLocalRoles("u3", ("r3", ))
00236         lr.manage_addLocalRoles("u6", ("r3", ))
00237         sublr.manage_addLocalRoles("u3", ("r2", ))
00238         sublr.manage_addLocalRoles("u6", ("r2", ))
00239         sublr2.manage_addLocalRoles("u3", ("r2", ))
00240         sublr2.manage_addLocalRoles("u6", ("r2", ))
00241         sublr3.manage_addLocalRoles("u3", ("r2", ))
00242         sublr3.manage_addLocalRoles("u6", ("r2", ))
00243         self.lr = lr
00244         self.sublr = sublr
00245         self.sublr2 = sublr2
00246         self.sublr3 = sublr3
00247         self.subsublr2 = subsublr2
00248         self.subsublr3 = subsublr3
00249 

Here is the call graph for this function:

Here is the caller graph for this function:

Definition at line 250 of file GRUFTestCase.py.

00250 
00251     def security_context_setup_users(self,):
00252         # Create a manager and a few users
00253         self.gruf.userFolderAddUser('manager', 'secret', ('Manager',), (), (), )
00254         self.gruf.userFolderAddUser('u1', 'secret', (), (), (), )
00255         self.gruf.userFolderAddUser('u2', 'secret', (), (), ('g1', ), )
00256         self.gruf.userFolderAddUser('u3', 'secret', (), (), ('g1', 'g2'), )
00257         self.gruf.userFolderAddUser('u4', 'secret', (), (), ('g1', 'g2', 'g3'), )
00258         self.gruf.userFolderAddUser('u5', 'secret', ('r1', ), (), ('g2', 'g3'), )
00259         self.gruf.userFolderAddUser('u6', 'secret', ('r1', ), (), ('g3', ), )
00260         self.gruf.userFolderAddUser('u7', 'secret', ('r1', ), (), ('g4', ), )
00261 
00262         # Create nested-groups users
00263         self.gruf.userFolderAddUser('u8', 'secret', (), (), ('ng1', ), )        
00264         self.gruf.userFolderAddUser('u9', 'secret', (), (), ('g1', 'ng2', ), )
00265         self.gruf.userFolderAddUser('u10', 'secret', (), (), ('ng2', 'ng3', ), )        
        self.gruf.userFolderAddUser('u11', 'secret', ('r3', ), (), ('ng2', 'ng3', ), )        

Here is the caller graph for this function:

test00userIds(self,)
Basic test of user and group names.

Definition at line 95 of file testGroupUserFolder.py.

00095 
00096     def test00userIds(self,):
00097         """
00098         test00userIds(self,)
00099         Basic test of user and group names.
00100         """
00101         un = self.gruf.getUserIds()
00102         users = [
00103             'group_g1', 'group_g2', "group_g3", "group_g4",
00104             "group_ng1", "group_ng2", "group_ng3", "group_ng4", "group_ng5",
00105             "manager",
00106             "u1", "u2", "u3", "u4", "u5", "u6", "u7", "u8", "u9", "u10", "u11",
00107             "group_extranet", "group_intranet", "group_compta",
00108             ]
00109         un.sort()
00110         users.sort()
00111         for u in users:
00112             self.failUnless(u in un, "Invalid users list: '%s' is not in acl_users." % (u,))
00113         for u in un:
00114             self.failUnless(u in users, "Invalid users list: '%s' is in acl_users but shouldn't be there." % (u,))
00115 

test00userNames(self,)
Basic test of user and group names.

Definition at line 74 of file testGroupUserFolder.py.

00074 
00075     def test00userNames(self,):
00076         """
00077         test00userNames(self,)
00078         Basic test of user and group names.
00079         """
00080         un = self.gruf_folder.acl_users.getUserNames()
00081         users = [
00082             'g1', 'g2', "g3", "g4",
00083             "ng1", "ng2", "ng3", "ng4", "ng5",
00084             "manager",
00085             "u1", "u2", "u3", "u4", "u5", "u6", "u7", "u8", "u9", "u10", "u11",
00086             "extranet", "intranet", "compta",
00087             ]
00088         un.sort()
00089         users.sort()
00090         for u in users:
00091             self.failUnless(u in un, "Invalid users list: '%s' is not in acl_users." % (u,))
00092         for u in un:
00093             self.failUnless(u in users, "Invalid users list: '%s' is in acl_users but shouldn't be there." % (u,))
00094         

Here is the caller graph for this function:

test01userRoles => Test if the user "inherits" group roles

Definition at line 120 of file testGroupUserFolder.py.

00120 
00121     def test01userRoles(self,):
00122         """
00123         test01userRoles => Test if the user "inherits" group roles
00124         """
00125         # Add a few roles
00126         if not "userrole" in self.gruf.userFolderGetRoles():
00127             self.gruf.userFolderAddRole("userrole")
00128         if not "grouprole" in self.gruf.userFolderGetRoles():
00129             self.gruf.userFolderAddRole("grouprole")
00130 
00131         # Add the group & the user
00132         self.gruf.userFolderAddGroup(
00133             name = 'gtest',
00134             roles = ['grouprole', ],
00135             )
00136         self.gruf.userFolderAddUser(
00137             name = 'utest',
00138             password = 'secret',
00139             roles = ('userrole', ),
00140             groups = ('gtest', ),
00141             domains = (),
00142             )
00143 
00144         # Check if the user has the right roles
00145         usr = self.gruf.getUser('utest')
00146         roles = usr.getRoles()
00147         self.failUnless('Authenticated' in roles)
00148         self.failUnless('userrole' in roles)
00149         self.failUnless('grouprole' in roles)
00150 
00151         # Remove the group & user
00152         self.gruf.userFolderDelUsers(['utest',])
00153         self.gruf.userFolderDelGroups(['gtest',])

Here is the caller graph for this function:

test02securityMatrix(self,) => Test the whole security matrix !

We just check that people has the right roles

Definition at line 154 of file testGroupUserFolder.py.

00154 
00155     def test02securityMatrix(self,):
00156         """
00157         test02securityMatrix(self,) => Test the whole security matrix !
00158 
00159         We just check that people has the right roles
00160         """
00161         self.failUnless(self.compareRoles(None, "u1", ()))
00162         self.failUnless(self.compareRoles(None, "u2", ()))
00163         self.failUnless(self.compareRoles(None, "u3", ("r1", )))
00164         self.failUnless(self.compareRoles(None, "u4", ("r1", "r2", )))
00165         self.failUnless(self.compareRoles(None, "u5", ("r1", "r2", )))
00166         self.failUnless(self.compareRoles(None, "u6", ("r1", "r2", )))
00167         self.failUnless(self.compareRoles(None, "u7", ("r1", "r2", "r3", )))
00168 

Here is the call graph for this function:

Here is the caller graph for this function:

test03usersBelongToGroups(self,) => test that the users belong to the right groups.
This implies nested groups testing

Definition at line 169 of file testGroupUserFolder.py.

00169 
00170     def test03usersBelongToGroups(self,):
00171         """
00172         test03usersBelongToGroups(self,) => test that the users belong to the right groups.
00173         This implies nested groups testing
00174         """
00175         # Check regular users
00176         self.failUnless(self.compareGroups("u1", ()))
00177         self.failUnless(self.compareGroups("u2", ("g1", )))
00178         self.failUnless(self.compareGroups("u3", ("g1", "g2", )))
00179         self.failUnless(self.compareGroups("u4", ("g1", "g2", "g3", )))
00180         self.failUnless(self.compareGroups("u5", ("g2", "g3", )))
00181         self.failUnless(self.compareGroups("u6", ("g3", )))
00182         self.failUnless(self.compareGroups("u7", ("g4", )))
00183 
00184         # Check nested groups
00185         self.failUnless(self.compareGroups("group_ng1", ("g1", )))
00186         self.failUnless(self.compareGroups("group_ng2", ("g2", "g3", )))
00187         self.failUnless(self.compareGroups("group_ng3", ("g2", "g3", "ng2", )))
00188         self.failUnless(self.compareGroups("group_ng4", ("g2", "g3", "ng2", )))
        self.failUnless(self.compareGroups("group_ng5", ("g2", "g3", "ng2", "ng4", )))

Here is the caller graph for this function:


Member Data Documentation

Definition at line 506 of file testGroupUserFolder.py.

Definition at line 95 of file GRUFTestCase.py.

Definition at line 93 of file GRUFTestCase.py.

Definition at line 242 of file GRUFTestCase.py.

Definition at line 243 of file GRUFTestCase.py.

Definition at line 244 of file GRUFTestCase.py.

Definition at line 245 of file GRUFTestCase.py.

Definition at line 246 of file GRUFTestCase.py.

Definition at line 247 of file GRUFTestCase.py.


The documentation for this class was generated from the following file: