Back to index

plone3  3.1.7
testGroupUserFolderAPI.py
Go to the documentation of this file.
00001 # -*- coding: utf-8 -*-
00002 ## GroupUserFolder
00003 ## Copyright (C)2006 Ingeniweb
00004 
00005 ## This program is free software; you can redistribute it and/or modify
00006 ## it under the terms of the GNU General Public License as published by
00007 ## the Free Software Foundation; either version 2 of the License, or
00008 ## (at your option) any later version.
00009 
00010 ## This program is distributed in the hope that it will be useful,
00011 ## but WITHOUT ANY WARRANTY; without even the implied warranty of
00012 ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00013 ## GNU General Public License for more details.
00014 
00015 ## You should have received a copy of the GNU General Public License
00016 ## along with this program; see the file COPYING. If not, write to the
00017 ## Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
00018 """
00019 
00020 """
00021 __version__ = "$Revision:  $"
00022 # $Source:  $
00023 # $Id: testGroupUserFolderAPI.py 34723 2006-12-15 11:25:30Z encolpe $
00024 __docformat__ = 'restructuredtext'
00025 
00026 import os, sys
00027 if __name__ == '__main__':
00028     execfile(os.path.join(sys.path[0], 'framework.py'))
00029 
00030 # Load fixture
00031 from Testing import ZopeTestCase
00032 
00033 # Permissions / security
00034 from AccessControl.Permissions import access_contents_information, view, \
00035      add_documents_images_and_files, change_images_and_files, view_management_screens
00036 from AccessControl.SecurityManagement import newSecurityManager, \
00037      noSecurityManager, getSecurityManager
00038 from AccessControl import Unauthorized
00039 from AccessControl.User import UnrestrictedUser
00040 
00041 import urllib
00042 import string
00043 
00044 # Create the error_log object
00045 app = ZopeTestCase.app()
00046 ZopeTestCase.utils.setupSiteErrorLog(app)
00047 ZopeTestCase.close(app)
00048     
00049 from Products.GroupUserFolder.interfaces import IUserFolder
00050 from Products.GroupUserFolder import GroupUserFolder
00051 from Interface import Verify
00052 
00053 # Install our product
00054 ZopeTestCase.installProduct('GroupUserFolder')
00055 
00056 import GRUFTestCase
00057 import testInterface
00058 from Log import *
00059 
00060 class TestGroupUserFolderAPI(GRUFTestCase.GRUFTestCase, testInterface.TestInterface):
00061 
00062     klasses = (        # tell which classes to check
00063         GroupUserFolder.GroupUserFolder,
00064         )
00065 
00066     def test10GRUFMethods(self,):
00067         """
00068         We test that GRUF's API is well protected
00069         """
00070         self.assertRaises(Unauthorized, self.gruf_folder.restrictedTraverse, 'acl_users/getGRUFPhysicalRoot')
00071         self.assertRaises(Unauthorized, self.gruf_folder.restrictedTraverse, 'acl_users/getGRUFPhysicalRoot')
00072 
00073     #                                                   #
00074     #                  GRUF API testing                 #
00075     #                                                   #
00076         
00077     def test_getUserNames(self):
00078         un = self.gruf.getUserNames()
00079         users = [
00080             'g1', 'g2', "g3", "g4",
00081             "ng1", "ng2", "ng3", "ng4", "ng5",
00082             "manager",
00083             "u1", "u2", "u3", "u4", "u5", "u6", "u7", "u8", "u9", "u10", "u11",
00084             "extranet", "intranet", "compta",
00085             ]
00086         un.sort()
00087         users.sort()
00088         for u in users:
00089             self.failUnless(u in un, "Invalid users list: '%s' is not in acl_users." % (u,))
00090         for u in un:
00091             self.failUnless(u in users, "Invalid users list: '%s' is in acl_users but shouldn't be there." % (u,))
00092 
00093     def test_getUserIds(self):
00094         un = self.gruf.getUserIds()
00095         users = [
00096             'group_g1', 'group_g2', "group_g3", "group_g4",
00097             "group_ng1", "group_ng2", "group_ng3", "group_ng4", "group_ng5",
00098             "manager",
00099             "u1", "u2", "u3", "u4", "u5", "u6", "u7", "u8", "u9", "u10", "u11",
00100             "group_extranet", "group_intranet", "group_compta",
00101             ]
00102         un.sort()
00103         users.sort()
00104         for u in users:
00105             self.failUnless(u in un, "Invalid users list: '%s' is not in acl_users." % (u,))
00106         for u in un:
00107             self.failUnless(u in users, "Invalid users list: '%s' is in acl_users but shouldn't be there." % (u,))
00108                 
00109     def test_getUser(self):
00110         # Check id access
00111         usr = self.gruf.getUser("u1")
00112         self.failUnless(usr.__class__.__name__ == "GRUFUser")
00113         self.failUnless(usr.getUserName() == "u1")
00114         grp = self.gruf.getUser("group_g1")
00115         self.failUnless(grp.__class__.__name__ == "GRUFGroup")
00116         self.failUnless(grp.isGroup())
00117         self.failUnless(grp.getId() == "group_g1")
00118 
00119         # Check name access for groups
00120         grp = self.gruf.getUser("g1")
00121         self.failUnless(grp.__class__.__name__ == "GRUFGroup")
00122         self.failUnless(grp.isGroup())
00123         self.failUnless(grp.getId() == "group_g1")
00124 
00125     def test_hasUsers(self):
00126         self.failUnlessEqual(self.gruf.hasUsers(), 1, "GRUF should always return 1 on hasUsers but didn't.")
00127 
00128     def test_getUsers(self):
00129         objects = self.gruf.getUsers()
00130         un = map(lambda x: x.getId(), objects)
00131         users = [
00132             'group_g1', 'group_g2', "group_g3", "group_g4",
00133             "group_ng1", "group_ng2", "group_ng3", "group_ng4", "group_ng5",
00134             "manager",
00135             "u1", "u2", "u3", "u4", "u5", "u6", "u7", "u8", "u9", "u10", "u11",
00136             "group_extranet", "group_intranet", "group_compta",
00137             ]
00138         un.sort()
00139         users.sort()
00140         for u in users:
00141             self.failUnless(u in un, "Invalid users list: '%s' is not in acl_users." % (u,))
00142         for u in un:
00143             self.failUnless(u in users, "Invalid users list: '%s' is in acl_users but shouldn't be there." % (u,))
00144 
00145     def test_getUserById(self):
00146         # Check user & group access
00147         self.failUnless(self.gruf.getUserById("u1").getUserName() == "u1")
00148         self.failUnless(self.gruf.getUserById("group_g1").getId() == "group_g1")
00149 
00150         # Prohibit direct group access
00151         self.failUnless(self.gruf.getUserById("g1", default = None) is None)
00152 
00153         # check exception raising & default values
00154         ret = self.gruf.getUserById("ZORGLUB")
00155         self.failUnlessEqual(ret, None, "getUserById should return None")
00156         self.failUnless(self.gruf.getUserById("ZORGLUB", default = "bla") == "bla")
00157 
00158     def test_getUserByName(self):
00159         # Check user & group access
00160         self.failUnless(self.gruf.getUserByName("u1").getUserName() == "u1")
00161         self.failUnless(self.gruf.getUserByName("g1").getId() == "group_g1")
00162 
00163         # Check group id access
00164         self.failUnless(self.gruf.getUserByName("group_g1", None).getId() == "group_g1")
00165 
00166         # Check exception raising
00167         ret = self.gruf.getUserByName("ZORGLUB")
00168         self.failUnlessEqual(ret, None, "getUserByName should return None")
00169         self.failUnless(self.gruf.getUserByName("ZORGLUB", default = "bla") == "bla")
00170 
00171     # User access
00172 
00173     def test_getPureUserNames(self):
00174         """Same as getUserNames() but without groups
00175         """
00176         un = self.gruf.getPureUserNames()
00177         users = [
00178             "manager",
00179             "u1", "u2", "u3", "u4", "u5", "u6", "u7", "u8", "u9", "u10", "u11",
00180             ]
00181         un.sort()
00182         users.sort()
00183         for u in users:
00184             self.failUnless(u in un, "Invalid users list: '%s' is not in acl_users." % (u,))
00185         for u in un:
00186             self.failUnless(u in users, "Invalid users list: '%s' is in acl_users but shouldn't be there." % (u,))
00187 
00188     def test_getPureUserIds(self,):
00189         """Same as getUserIds() but without groups
00190         """
00191         un = self.gruf.getPureUserIds()
00192         users = [
00193             "manager",
00194             "u1", "u2", "u3", "u4", "u5", "u6", "u7", "u8", "u9", "u10", "u11",
00195             ]
00196         un.sort()
00197         users.sort()
00198         for u in users:
00199             self.failUnless(u in un, "Invalid users list: '%s' is not in acl_users." % (u,))
00200         for u in un:
00201             self.failUnless(u in users, "Invalid users list: '%s' is in acl_users but shouldn't be there." % (u,))
00202 
00203     def test_getPureUsers(self):
00204         """Same as getUsers() but without groups.
00205         """
00206         # Fetch pure users
00207         users = [
00208             "manager",
00209             "u1", "u2", "u3", "u4", "u5", "u6", "u7", "u8", "u9", "u10", "u11",
00210             ]
00211         objects = self.gruf.getPureUsers()
00212         un = map(lambda x: x.getId(), objects)
00213         un.sort()
00214         users.sort()
00215         for u in users:
00216             self.failUnless(u in un, "Invalid users list: '%s' is not in acl_users." % (u, ))
00217         for u in un:
00218             self.failUnless(u in users, "Invalid users list: '%s' is in acl_users but shouldn't be there." % (u,))
00219 
00220     def test_getPureUser(self,):
00221         u = self.gruf.getPureUser("u1")
00222         self.failUnless(u)
00223         u = self.gruf.getPureUser("g1")
00224         self.failUnless(not u)
00225         u = self.gruf.getPureUser("group_g1")
00226         self.failUnless(not u)
00227         u = self.gruf.getPureUser("group_u1")
00228         self.failUnless(not u)
00229         u = self.gruf.getPureUser("u4")
00230         self.failUnless(u)
00231         
00232     # Group access
00233 
00234     def test_getGroupNames(self):
00235         """Same as getUserNames() but without pure users.
00236         """
00237         un = self.gruf.getGroupNames()
00238         users = [
00239             'g1', 'g2', "g3", "g4",
00240             "ng1", "ng2", "ng3", "ng4", "ng5",
00241             "extranet", "intranet", "compta",
00242             ]
00243         un.sort()
00244         users.sort()
00245         for u in users:
00246             self.failUnless(u in un, "Invalid users list: '%s' is not in acl_users." % (u,))
00247         for u in un:
00248             self.failUnless(u in users, "Invalid users list: '%s' is in acl_users but shouldn't be there." % (u,))
00249 
00250     def test_getGroupIds(self,):
00251         un = self.gruf.getGroupIds()
00252         users = [
00253             'group_g1', 'group_g2', "group_g3", "group_g4",
00254             "group_ng1", "group_ng2", "group_ng3", "group_ng4", "group_ng5",
00255             "group_extranet", "group_intranet", "group_compta",
00256             ]
00257         un.sort()
00258         users.sort()
00259         for u in users:
00260             self.failUnless(u in un, "Invalid users list: '%s' is not in acl_users." % (u,))
00261         for u in un:
00262             self.failUnless(u in users, "Invalid users list: '%s' is in acl_users but shouldn't be there." % (u,))
00263 
00264 
00265     def test_getGroups(self):
00266         objects = self.gruf.getGroups()
00267         un = map(lambda x: x.getId(), objects)
00268         users = [
00269             'group_g1', 'group_g2', "group_g3", "group_g4",
00270             "group_ng1", "group_ng2", "group_ng3", "group_ng4", "group_ng5",
00271             "group_extranet", "group_intranet", "group_compta",
00272             ]
00273         un.sort()
00274         users.sort()
00275         for u in users:
00276             self.failUnless(u in un, "Invalid users list: '%s' is not in acl_users." % (u,))
00277         for u in un:
00278             self.failUnless(u in users, "Invalid users list: '%s' is in acl_users but shouldn't be there." % (u,))
00279 
00280     def test_getGroup(self):
00281         # Check name access
00282         grp = self.gruf.getGroup("g1")
00283         self.failUnless(grp.__class__.__name__ == "GRUFGroup")
00284         self.failUnless(grp.getId() == "group_g1")
00285 
00286         # Check id access
00287         grp = self.gruf.getGroup("group_g1")
00288         self.failUnless(grp.isGroup())
00289         self.failUnless(grp.getId() == "group_g1")
00290         self.failUnless(grp.__class__.__name__ == "GRUFGroup")
00291 
00292         # Prevent user access
00293         usr = self.gruf.getGroup("u1")
00294         self.failUnless(usr is None)
00295 
00296     def test_getGroupById(self):
00297         # Id access
00298         grp = self.gruf.getGroupById("group_g1")
00299         self.failUnless(grp.getId() == "group_g1")
00300 
00301         # Prevent name access
00302         grp = self.gruf.getGroupById("g1", default = None)
00303         self.failUnless(grp is None)
00304 
00305         # Prevent user access
00306         grp = self.gruf.getGroupById("u1", default = None)
00307         self.failUnless(grp is None)
00308 
00309         # Check raise if user/group not found
00310         self.failUnlessEqual(
00311             self.gruf.getGroupById("ZORGLUB"),
00312             None,
00313             )
00314         self.failUnless(self.gruf.getGroupById("ZORGLUB", default = "bla") == "bla")
00315 
00316     def test_getGroupByName(self):
00317         # Name access
00318         grp = self.gruf.getGroupByName("g1")
00319         self.failUnless(grp.getId() == "group_g1")
00320 
00321         # Allow id access
00322         grp = self.gruf.getGroupByName("group_g1", default = None)
00323         self.failUnless(grp.getId() == "group_g1")
00324 
00325         # Prevent user access
00326         self.failUnless(self.gruf.getGroupByName("u1", default = None) is None)
00327 
00328         # Check raise if user/group not found
00329         self.failUnlessEqual(
00330             self.gruf.getGroupByName("ZORGLUB"),
00331             None,
00332             )
00333         self.failUnless(self.gruf.getGroupByName("ZORGLUB", default = "bla") == "bla")
00334 
00335     # Mutators
00336 
00337     def test_userFolderAddUser(self):
00338         self.gruf.userFolderAddUser(
00339             name = "created_user",
00340             password = "secret",
00341             roles = [],
00342             groups = [],
00343             domains = (),
00344             )
00345         self.failUnless(self.gruf.getUser("created_user"))
00346         self.gruf.userFolderAddUser(
00347             name = "group_test_prefix",
00348             password = "secret",
00349             roles = [],
00350             groups = [],
00351             domains = (),
00352             )
00353         self.failUnless(self.gruf.getUser("group_test_prefix"))
00354         self.failIf(self.gruf.getUser("group_test_prefix").isGroup())
00355         
00356     def test_userFolderEditUser(self):
00357         self.gruf.userFolderEditUser(
00358             name = "u1",
00359             password = "secret2",
00360             roles = ["r1", ],
00361             groups = ["g1", ],
00362             domains = (),
00363             )
00364         self.compareRoles(None, "u1", ['r1',], )
00365 
00366     def test_userFolderUpdateUser(self):
00367         self.gruf.userFolderUpdateUser(
00368             name = "u5",
00369             roles = ["r2", ],
00370             )
00371         self.compareRoles(None, "u5", ['r1', 'r2',], )
00372         self.compareGroups("u5", ['g2', 'g3'], )
00373         self.gruf.userFolderUpdateUser(
00374             name = "u6",
00375             roles = None,
00376             )
00377         self.compareRoles(None, "u6", ['r1', 'r2', ], )
00378 
00379     def test_userFolderDelUsers(self):
00380         self.gruf.userFolderAddUser(
00381             name = "created_user",
00382             password = "secret",
00383             roles = [],
00384             domains = (),
00385             groups = [],
00386             )
00387         self.gruf.userFolderDelUsers(['created_user', ])
00388         self.failUnless(self.gruf.getUser("created_user") is None)
00389 
00390     def test_userFolderAddGroup(self):
00391         self.gruf.userFolderAddGroup(
00392             name = "created_group",
00393             roles = [],
00394             groups = [],
00395             )
00396         self.failUnless(self.gruf.getGroup("created_group"))
00397         self.gruf.userFolderAddGroup(
00398             name = "group_test_prefix",
00399             roles = [],
00400             groups = [],
00401             )
00402         self.failUnless(self.gruf.getGroup("group_test_prefix"))
00403         self.failUnless(self.gruf.getGroup("group_test_prefix").isGroup())
00404 
00405         # Prevent group_group_xxx names
00406         self.failUnless(self.gruf.getGroupById("group_group_test_prefix", None) is None)
00407         
00408     def test_userFolderEditGroup(self):
00409         self.gruf.userFolderAddGroup(
00410             name = "created_group",
00411             roles = [],
00412             groups = [],
00413             )
00414         self.gruf.userFolderEditGroup(
00415             name = "created_group",
00416             roles = ["r1", ],
00417             groups = ["group_g1", ],
00418             )
00419         self.compareRoles(None, "created_group", ['r1',], )
00420         self.failUnless(
00421             "g1" in self.gruf.getGroupByName("created_group").getAllGroupNames(),
00422             self.gruf.getGroupByName("created_group").getAllGroupNames(),
00423             )
00424         self.gruf.userFolderEditGroup(
00425             name = "created_group",
00426             roles = ["r1", ],
00427             groups = ["g2", ],
00428             )
00429         self.failUnless(
00430             "g2" in self.gruf.getGroupByName("created_group").getAllGroupNames(),
00431             self.gruf.getGroupByName("created_group").getAllGroupNames(),
00432             )
00433         
00434     def test_userFolderUpdateGroup(self):
00435         self.gruf.userFolderAddGroup(
00436             name = "created_group",
00437             roles = [],
00438             groups = [],
00439             )
00440         self.gruf.userFolderUpdateGroup(
00441             name = "created_group",
00442             roles = ["r1", ],
00443             groups = ["group_g1", ],
00444             )
00445         self.compareRoles(None, "created_group", ['r1',], )
00446         self.failUnless(
00447             "g1" in self.gruf.getGroupByName("created_group").getAllGroupNames(),
00448             self.gruf.getGroupByName("created_group").getAllGroupNames(),
00449             )
00450         self.gruf.userFolderUpdateGroup(
00451             name = "created_group",
00452             roles = ["r1", ],
00453             groups = None,
00454             )
00455         self.failUnless(
00456             "g1" in self.gruf.getGroupByName("created_group").getAllGroupNames(),
00457             self.gruf.getGroupByName("created_group").getAllGroupNames(),
00458             )
00459 
00460     def test_userFolderDelGroups(self):
00461         self.gruf.userFolderAddGroup(
00462             name = "created_group",
00463             roles = [],
00464             groups = [],
00465             )
00466         self.gruf.userFolderDelGroups(['created_group', ])
00467         self.failUnless(self.gruf.getGroup("created_group") is None)
00468 
00469     # User mutation
00470 
00471     def test_userSetRoles(self):
00472         self.gruf.userSetRoles("u1", ["r1", "r2", ], )
00473         self.compareRoles(None, "u1", ["r1", "r2", ], )
00474         self.gruf.userSetRoles("u1", [], )
00475         self.compareRoles(None, "u1", [], )
00476 
00477     def test_userAddRole(self):
00478         self.gruf.userAddRole("u1", "r1", )
00479         self.gruf.userAddRole("u1", "r2", )
00480         self.compareRoles(None, "u1", ["r1", "r2", ], )
00481 
00482     def test_userRemoveRole(self):
00483         """Remove the role of a user atom
00484         """
00485         self.gruf.userSetRoles("u1", ["r1", "r2", ], )
00486         self.compareRoles(None, "u1", ["r1", "r2", ], )
00487         self.gruf.userRemoveRole("u1", "r1", )
00488         self.compareRoles(None, "u1", ["r2", ], )
00489 
00490     def test_userSetPassword(self):
00491         """Test user password setting
00492         """
00493         # Regular user password
00494         user = self.gruf.getUser('u1')
00495         self.failUnless(self.gruf.authenticate("u1", 'secret', self.app.REQUEST))
00496         self.gruf.userSetPassword("u1", "bloub")
00497         user = self.gruf.getUser('u1')
00498         self.failUnless(not self.gruf.authenticate("u1", 'secret', self.app.REQUEST))
00499         self.failUnless(self.gruf.authenticate("u1", 'bloub', self.app.REQUEST))
00500 
00501         # Group password changing must fail
00502         try: self.gruf.userSetPassword("g1", "bloub")
00503         except ValueError: pass                # ok
00504         else: raise "AssertionError", "Should raise"
00505         try: self.gruf.userSetPassword("group_g1", "bloub")
00506         except ValueError: pass                # ok
00507         else: raise "AssertionError", "Should raise"
00508 
00509     def test_userGetDomains(self):
00510         ""
00511 
00512     def test_userSetDomains(self):
00513         ""
00514         u = self.gruf.getUser("u1")
00515         self.failUnless(not self.gruf.userGetDomains("u1"))
00516         self.gruf.userSetDomains("u1", ["d1", "d2", "d3", ])
00517         self.failUnless(self.gruf.userGetDomains("u1") == ("d1", "d2", "d3", ))
00518         self.gruf.userSetDomains("u1", [])
00519         self.failUnless(self.gruf.userGetDomains("u1") == ())
00520         self.gruf.userSetDomains("u1", ["xxx"])
00521         self.failUnless(self.gruf.userGetDomains("u1") == ("xxx", ))
00522 
00523     def test_userAddDomain(self):
00524         ""
00525 
00526     def test_userRemoveDomain(self):
00527         ""
00528 
00529     def test_userSetGroups(self):
00530         # Test user
00531         self.gruf.userFolderAddUser(
00532             name = "created_user",
00533             password = "secret",
00534             domains = (),
00535             roles = (),
00536             groups = [],
00537             )
00538         self.gruf.userSetGroups("created_user", ["g1", "g2", ], )
00539         self.compareGroups("created_user", ["g1", "g2", ], )
00540         self.gruf.userSetGroups("created_user", [], )
00541         self.compareGroups("created_user", [], )
00542 
00543     def test_userAddGroup(self):
00544         # Test user
00545         self.gruf.userFolderAddUser(
00546             name = "created_user",
00547             password = "secret",
00548             groups = ["g2", ],
00549             roles = (),
00550             domains = (),
00551             )
00552         self.gruf.userAddGroup(
00553             "created_user",
00554             "g1",
00555             )
00556         self.compareGroups("created_user", ["g1", "g2", ], )
00557 
00558     def test_userRemoveGroup(self):
00559         """Remove the group of a user atom
00560         """
00561         self.gruf.userFolderAddUser(
00562             name = "created_user",
00563             password = "secret",
00564             groups = ["g2", "g1", ],
00565             domains = (),
00566             roles = (),
00567             )
00568         self.gruf.userRemoveGroup("created_user", "g1", )
00569         self.compareGroups("created_user", ["g2", ], )
00570 
00571     # Searching
00572 
00573     def test_searchUsersByAttribute(self,):
00574         # Not suitable for regular UFs
00575         self.failUnlessRaises(
00576             NotImplementedError,
00577             self.gruf.searchUsersByAttribute,
00578             "a",
00579             "b",
00580             )
00581 
00582     def test_searchUsersByName(self,):
00583         # Simple match
00584         self.failUnlessEqual(
00585             self.gruf.searchUsersByName("u3"),
00586             ["u3",],
00587             )
00588 
00589         # Different case matching
00590         self.failUnlessEqual(
00591             self.gruf.searchUsersByName("U3"),
00592             ["u3",],
00593             )
00594 
00595         # Multiple (different case) matching
00596         s = self.gruf.searchUsersByName("U")
00597         s.sort()
00598         self.failUnlessEqual(
00599             s,
00600             ['u1', 'u10', 'u11', 'u2', 'u3', 'u4', 'u5', 'u6', 'u7', 'u8', 'u9', ],
00601             )
00602 
00603     def test_searchUsersById(self,):
00604         # Simple match
00605         self.failUnlessEqual(
00606             self.gruf.searchUsersById("u3"),
00607             ["u3",],
00608             )
00609 
00610         # Different case matching
00611         self.failUnlessEqual(
00612             self.gruf.searchUsersById("U3"),
00613             ["u3",],
00614             )
00615 
00616         # Multiple (different case) matching
00617         s = self.gruf.searchUsersById("U")
00618         s.sort()
00619         self.failUnlessEqual(
00620             s,
00621             ['u1', 'u10', 'u11', 'u2', 'u3', 'u4', 'u5', 'u6', 'u7', 'u8', 'u9', ],
00622             )
00623 
00624     def test_searchGroupsByAttribute(self,):
00625         # Not suitable for regular UFs
00626         self.failUnlessRaises(
00627             NotImplementedError,
00628             self.gruf.searchGroupsByAttribute,
00629             "a",
00630             "b",
00631             )
00632 
00633     def test_searchGroupsByName(self,):
00634         # Simple match
00635         lst = self.gruf.searchGroupsByName("g3")
00636         lst.sort()
00637         self.failUnlessEqual(
00638             lst,
00639             ["group_g3", "group_ng3", ],
00640             )
00641 
00642         # Different case matching
00643         lst = self.gruf.searchGroupsByName("g3")
00644         lst.sort()
00645         self.failUnlessEqual(
00646             lst,
00647             ["group_g3", "group_ng3", ],
00648             )
00649 
00650         # Multiple (different case) matching
00651         s = self.gruf.searchGroupsByName("1")
00652         s.sort()
00653         self.failUnlessEqual(
00654             s,
00655             ["group_g1", "group_ng1", ]
00656             )
00657 
00658     def test_searchGroupsById(self,):
00659         # Simple match
00660         self.failUnlessEqual(
00661             self.gruf.searchGroupsById("g5"),
00662             ["group_ng5",],
00663             )
00664 
00665         # Different case matching
00666         self.failUnlessEqual(
00667             self.gruf.searchGroupsById("G5"),
00668             ["group_ng5",],
00669             )
00670 
00671         # Multiple (different case) matching
00672         s = self.gruf.searchGroupsById("G1")
00673         s.sort()
00674         self.failUnlessEqual(
00675             s,
00676             ["group_g1", "group_ng1", ]
00677             )
00678 
00679     # Security management
00680 
00681     def test_setRolesOnUsers(self):
00682         """Set a common set of roles for a bunch of user atoms.
00683         """
00684         self.gruf.setRolesOnUsers(["r1", "r2", "r3", ], ["u1", "u2", ])
00685         self.compareRoles(None, "u1", ["r1", "r2", "r3", ])
00686         self.compareRoles(None, "u2", ["r1", "r2", "r3", ])
00687         self.gruf.setRolesOnUsers([], ["u2", ])
00688         self.compareRoles(None, "u1", ["r1", "r2", "r3", ])
00689         self.compareRoles(None, "u2", [])
00690 
00691     def test_setRolesOnGroups(self,):
00692         """Same as test_setRolesOnUsers but with groups"""
00693         self.gruf.setRolesOnUsers(["r1", "r2", "r3", ], ["g1", "g2", ])
00694         self.compareRoles(None, "g1", ["r1", "r2", "r3", ])
00695         self.compareRoles(None, "g2", ["r1", "r2", "r3", ])
00696 
00697     def test_getUsersOfRole(self):
00698         should_be = [
00699             'group_ng2','group_ng3',
00700             'group_ng4',
00701             'group_ng5',
00702             'u9',
00703             'u5',
00704             'u4',
00705             'u7',
00706             'u6',
00707             'u11',
00708             'u10',
00709             'group_g3',
00710             'group_g4',
00711             ]
00712         should_be.sort()
00713         users = list(self.gruf.getUsersOfRole("r2"))
00714         users.sort()
00715         self.failUnless(users == should_be, (should_be, users, ))
00716 
00717     def test_getRolesOfUser(self):
00718         self.failUnless("r1" in self.gruf.getRolesOfUser("u3"), self.gruf.getRolesOfUser("u3"), )
00719 
00720     def test_userFolderGetRoles(self,):
00721         """
00722         Test existing roles
00723         """
00724         should_be =  [
00725             'Anonymous',
00726             'Authenticated',
00727             'Manager',
00728             'Owner',
00729             'r1',
00730             'r2',
00731             'r3',
00732             'test_role_1_',
00733             ]
00734         should_be.sort()
00735         roles = list(self.gruf.userFolderGetRoles())
00736         roles.sort()
00737         self.failUnless(roles == should_be)
00738 
00739     def test_userFolderAddRole(self):
00740         self.gruf.userFolderAddRole("r9")
00741         self.failUnless(
00742             "r9" in self.gruf.userFolderGetRoles(),
00743             )
00744 
00745     def test_userFolderDelRoles(self):
00746         """Delete roles.
00747         The removed roles will be removed from the UserFolder's users and groups as well,
00748         so this method can be very time consuming with a large number of users.
00749         """
00750         # Add a role and set it to a few groups
00751         self.gruf.userFolderAddRole("r9")
00752         self.failUnless(
00753             "r9" in self.gruf.userFolderGetRoles(),
00754             )
00755         self.gruf.userAddRole("g2", "r9")
00756         self.gruf.userAddRole("u1", "r9")
00757         self.failUnless(
00758             "r9" in self.gruf.getRolesOfUser("u1")
00759             )
00760         self.failUnless(
00761             "r9" in self.gruf.getRolesOfUser("u4")
00762             )
00763 
00764         # Now, remove it
00765         self.gruf.userFolderDelRoles(['r9', ])
00766         self.failUnless(
00767             "r9" not in self.gruf.getRolesOfUser("u1")
00768             )
00769         self.failUnless(
00770             "r9" not in self.gruf.getRolesOfUser("u4")
00771             )
00772 
00773     # Groups support
00774 
00775     def test_getMemberIds(self,):
00776         should_be = [
00777             'group_ng2',
00778             'group_ng3',
00779             'group_ng4',
00780             'group_ng5',
00781             'u9',
00782             'u5',
00783             'u4',
00784             'u6',
00785             'u11',
00786             'u10',
00787             ]
00788         should_be.sort()
00789         users = list(self.gruf.getMemberIds("g3"))
00790         users.sort()
00791         self.failUnless(users == should_be, (users, should_be))
00792 
00793     def test_getUserMemberIds(self,):
00794         """This tests nested groups"""
00795         should_be = [
00796             'u9',
00797             'u5',
00798             'u4',
00799             'u6',
00800             'u11',
00801             'u10',
00802             ]
00803         should_be.sort()
00804         users = list(self.gruf.getUserMemberIds("g3"))
00805         users.sort()
00806         self.failUnless(users == should_be, (users, should_be, ))
00807         
00808     def test_getGroupMemberIds(self,):
00809         should_be = [
00810             'group_ng2',
00811             'group_ng3',
00812             'group_ng4',
00813             'group_ng5',
00814             ]
00815         should_be.sort()
00816         users = list(self.gruf.getGroupMemberIds("g3"))
00817         users.sort()
00818         self.failUnless(users == should_be, (users, should_be, ))
00819 
00820     def test_addMember(self):
00821         """Add a member to a group
00822         """
00823         self.failUnless("u1" not in self.gruf.getMemberIds("ng3"))
00824         self.gruf.addMember("ng3", "u1")
00825         self.failUnless("u1" in self.gruf.getMemberIds("ng3"))
00826 
00827     def test_removeMember(self):
00828         """Remove a member from a group
00829         """
00830         self.failUnless("u1" not in self.gruf.getMemberIds("ng3"))
00831         self.gruf.addMember("ng3", "u1")
00832         self.failUnless("u1" in self.gruf.getMemberIds("ng3"))
00833         self.gruf.removeMember("ng3", "u1")
00834         self.failUnless("u1" not in self.gruf.getMemberIds("ng3"))
00835 
00836     def test_setMembers(self):
00837         """Set the members of the group
00838         """
00839         member_ids = self.gruf.getMemberIds("ng3")
00840         self.gruf.addMember("ng3", "u1")
00841         self.gruf.addMember("ng3", "u2")
00842         self.failIf("u1" not in self.gruf.getMemberIds("ng3"))
00843         self.failIf("u2" not in self.gruf.getMemberIds("ng3"))
00844         self.failIf("u3" in self.gruf.getMemberIds("ng3"))
00845 
00846         self.gruf.setMembers("ng3", (member_ids + ["u2", "u3"]))
00847 
00848         self.failIf("u1" in self.gruf.getMemberIds("ng3"))
00849         self.failIf("u2" not in self.gruf.getMemberIds("ng3"))
00850         self.failIf("u3" not in self.gruf.getMemberIds("ng3"))
00851 
00852     def test_hasMember(self,):
00853         self.failUnless(not self.gruf.hasMember("ng3", "u1"))
00854         self.failUnless(not self.gruf.hasMember("group_ng3", "u1"))
00855         self.gruf.addMember("ng3", "u1")
00856         self.failUnless(self.gruf.hasMember("ng3", "u1"))
00857         self.failUnless(self.gruf.hasMember("group_ng3", "u1"))
00858         self.gruf.removeMember("ng3", "u1")
00859         self.failUnless(not self.gruf.hasMember("ng3", "u1"))
00860         self.failUnless(not self.gruf.hasMember("group_ng3", "u1"))
00861 
00862     # Misc
00863     def test_getRealId(self,):
00864         """Test group id without group prefix"""
00865         g = self.gruf.getUser("group_ng2")
00866         self.failUnless(g.getRealId() == "ng2")
00867         u = self.gruf.getUser("u1")
00868         self.failUnless(u.getRealId() == "u1")
00869 
00870     # Local roles management
00871     def test_acquireLocalRoles(self,):
00872         """
00873         We block LR acquisition on sublr2.
00874         See GRUFTestCase to understand what happens (basically, roles in brackets
00875         will be removed from sublr2).
00876         """
00877         # Initial check
00878         self.failUnless(self.compareRoles(self.sublr2, "u2", ("r3", )))
00879         self.failUnless(self.compareRoles(self.sublr2, "u3", ("r1", "r2", "r3", )))
00880         self.failUnless(self.compareRoles(self.sublr2, "u6", ("r1", "r2", "r3", )))
00881         self.failUnless(self.compareRoles(self.subsublr2, "u2", ("r3", )))
00882         self.failUnless(self.compareRoles(self.subsublr2, "u3", ("r1", "r2", "r3", )))
00883         self.failUnless(self.compareRoles(self.subsublr2, "u6", ("r1", "r2", "r3", )))
00884         
00885         # Disable LR acquisition on sublr2 and test the stuff
00886         self.gruf._acquireLocalRoles(self.sublr2, 0)
00887         self.failUnless(self.compareRoles(self.sublr2, "u2", ()))
00888         self.failUnless(self.compareRoles(self.sublr2, "u3", ("r1", "r2", )))
00889         self.failUnless(self.compareRoles(self.sublr2, "u6", ("r1", "r2", )))
00890         self.failUnless(self.compareRoles(self.subsublr2, "u2", ()))
00891         self.failUnless(self.compareRoles(self.subsublr2, "u3", ("r1", "r2", )))
00892         self.failUnless(self.compareRoles(self.subsublr2, "u6", ("r1", "r2", )))
00893 
00894     def test_isLocalRoleAcquired(self,):
00895         self.gruf._acquireLocalRoles(self.sublr2, 0)
00896         self.failUnless(not self.gruf.isLocalRoleAcquired(self.sublr2))
00897         self.failUnless(self.gruf.isLocalRoleAcquired(self.subsublr2))
00898         self.gruf._acquireLocalRoles(self.subsublr2, 0)
00899         self.failUnless(not self.gruf.isLocalRoleAcquired(self.sublr2))
00900         self.failUnless(not self.gruf.isLocalRoleAcquired(self.subsublr2))
00901         self.gruf._acquireLocalRoles(self.sublr2, 1)
00902         self.failUnless(self.gruf.isLocalRoleAcquired(self.sublr2))
00903         self.failUnless(not self.gruf.isLocalRoleAcquired(self.subsublr2))
00904         self.gruf._acquireLocalRoles(self.subsublr2, 1)
00905         self.failUnless(self.gruf.isLocalRoleAcquired(self.sublr2))
00906         self.failUnless(self.gruf.isLocalRoleAcquired(self.subsublr2))
00907 
00908     # Audit checks
00909 
00910     def test_getAllLocalRoles(self):
00911         # Allowed patterns
00912         normal_allowed = {
00913             'group_g1': ['r3', ],
00914             'u6': ['r2', 'r3', ],
00915             'test_user_1_': ['Owner', ],
00916             'u3': ['r2', 'r3', ],
00917             }
00918         blocked_allowed = {
00919             'u6': ['r2', ],
00920             'test_user_1_': ['Owner', ],
00921             'u3': ['r2', ],
00922             }
00923 
00924         # Normal behaviour
00925         ob = self.sublr2
00926         allowed = self.gruf._getAllLocalRoles(ob)
00927         self.failUnlessEqual(allowed, normal_allowed)
00928 
00929         # LR-blocking behaviour
00930         ob = self.sublr2
00931         self.gruf._acquireLocalRoles(ob, 0)
00932         allowed = self.gruf._getAllLocalRoles(ob)
00933         self.failUnlessEqual(allowed, blocked_allowed)
00934 
00935 
00936 if __name__ == '__main__':
00937     framework(descriptions=1, verbosity=1)
00938 else:
00939     import unittest
00940     def test_suite():
00941         suite = unittest.TestSuite()
00942         suite.addTest(unittest.makeSuite(TestGroupUserFolderAPI))
00943         return suite
00944