Beispiel #1
0
    def test_define_and_undefineChecker(self):
        class SomeClass(object):
            pass
        obj = SomeClass()

        checker = NamesChecker()
        from zope.security.checker import _defaultChecker, selectChecker
        self.assert_(selectChecker(obj) is _defaultChecker)
        defineChecker(SomeClass, checker)
        self.assert_(selectChecker(obj) is checker)
        undefineChecker(SomeClass)
        self.assert_(selectChecker(obj) is _defaultChecker)
    def test_define_and_undefineChecker(self):
        class SomeClass(object):
            pass

        obj = SomeClass()

        checker = NamesChecker()
        from zope.security.checker import _defaultChecker, selectChecker
        self.assert_(selectChecker(obj) is _defaultChecker)
        defineChecker(SomeClass, checker)
        self.assert_(selectChecker(obj) is checker)
        undefineChecker(SomeClass)
        self.assert_(selectChecker(obj) is _defaultChecker)
Beispiel #3
0
    def __get__(self, inst, cls=None):
        if inst is None: # pragma: no cover (Not sure how we can get here)
            return self

        proxied_object = getProxiedObject(inst)
        checker = getattr(proxied_object, '__Security_checker__', None)
        if checker is None:
            checker = selectChecker(proxied_object)
        wrapper_checker = selectChecker(inst)
        if wrapper_checker is None: # pragma: no cover
            return checker
        if checker is None:
            return wrapper_checker
        return CombinedChecker(wrapper_checker, checker)
Beispiel #4
0
    def __get__(self, inst, cls=None):
        if inst is None:  # pragma: no cover (Not sure how we can get here)
            return self

        proxied_object = getProxiedObject(inst)
        checker = getattr(proxied_object, '__Security_checker__', None)
        if checker is None:
            checker = selectChecker(proxied_object)
        wrapper_checker = selectChecker(inst)
        if wrapper_checker is None:  # pragma: no cover
            return checker
        if checker is None:
            return wrapper_checker
        return CombinedChecker(wrapper_checker, checker)
 def __get__(self, inst, cls=None):
     if inst is None:
         return self
     else:
         proxied_object = getProxiedObject(inst)
         checker = getattr(proxied_object, '__Security_checker__', None)
         if checker is None:
             checker = selectChecker(proxied_object)
         wrapper_checker = selectChecker(inst)
         if wrapper_checker is None:
             return checker
         elif checker is None:
             return wrapper_checker
         else:
             return CombinedChecker(wrapper_checker, checker)
 def __get__(self, inst, cls=None):
     if inst is None:
         return self
     else:
         proxied_object = getProxiedObject(inst)
         checker = getattr(proxied_object, '__Security_checker__', None)
         if checker is None:
             checker = selectChecker(proxied_object)
         wrapper_checker = selectChecker(inst)
         if wrapper_checker is None:
             return checker
         elif checker is None:
             return wrapper_checker
         else:
             return CombinedChecker(wrapper_checker, checker)
    def test_multiple_set_schema(self):
        from zope.component.interface import queryInterface
        from zope.security.checker import selectChecker
        from zope.security.tests import module
        self.assertEqual(queryInterface(_pfx("S")), None)
        self.assertEqual(queryInterface(_pfx("S2")), None)

        declaration = ('''<class class="%s">
                            <require
                                permission="%s"
                                set_schema="%s %s"/>
                          </class>''' %
                       (_pfx("test_class"), P1, _pfx("S"), _pfx("S2")))
        apply_declaration(module.template_bracket % declaration)

        self.assertEqual(queryInterface(_pfx("S")), module.S)
        self.assertEqual(queryInterface(_pfx("S2")), module.S2)

        checker = selectChecker(module.test_instance)
        self.assertEqual(checker.setattr_permission_id('m1'), None)
        self.assertEqual(checker.setattr_permission_id('m2'), None)
        self.assertEqual(checker.setattr_permission_id('m3'), None)
        self.assertEqual(checker.setattr_permission_id('foo'), P1)
        self.assertEqual(checker.setattr_permission_id('bar'), P1)
        self.assertEqual(checker.setattr_permission_id('foo2'), P1)
        self.assertEqual(checker.setattr_permission_id('bar2'), P1)
        self.assertEqual(checker.setattr_permission_id('baro'), None)
Beispiel #8
0
    def assertState(self, m1P=NOTSET, m2P=NOTSET, m3P=NOTSET):
        "Verify that class, instance, and methods have expected permissions."

        checker = selectChecker(module.test_instance)
        self.assertEqual(checker.permission_id('m1'), (m1P or None))
        self.assertEqual(checker.permission_id('m2'), (m2P or None))
        self.assertEqual(checker.permission_id('m3'), (m3P or None))
    def test_multiple_set_schema(self):
        from zope.component.interface import queryInterface
        from zope.security.checker import selectChecker
        from zope.security.tests import module
        self.assertEqual(queryInterface(_pfx("S")), None)
        self.assertEqual(queryInterface(_pfx("S2")), None)

        declaration = ('''<class class="%s">
                            <require
                                permission="%s"
                                set_schema="%s %s"/>
                          </class>'''
                       % (_pfx("test_class"), P1, _pfx("S"), _pfx("S2")))
        apply_declaration(module.template_bracket % declaration)

        self.assertEqual(queryInterface(_pfx("S")), module.S)
        self.assertEqual(queryInterface(_pfx("S2")), module.S2)


        checker = selectChecker(module.test_instance)
        self.assertEqual(checker.setattr_permission_id('m1'), None)
        self.assertEqual(checker.setattr_permission_id('m2'), None)
        self.assertEqual(checker.setattr_permission_id('m3'), None)
        self.assertEqual(checker.setattr_permission_id('foo'), P1)
        self.assertEqual(checker.setattr_permission_id('bar'), P1)
        self.assertEqual(checker.setattr_permission_id('foo2'), P1)
        self.assertEqual(checker.setattr_permission_id('bar2'), P1)
        self.assertEqual(checker.setattr_permission_id('baro'), None)
Beispiel #10
0
    def test_multiple_set_schema(self):

        self.assertEqual(queryInterface(PREFIX + "S"), None)
        self.assertEqual(queryInterface(PREFIX + "S2"), None)

        declaration = """<class class="%s">
                            <require
                                permission="%s"
                                set_schema="%s %s"/>
                          </class>""" % (
            PREFIX + "test_class",
            P1,
            PREFIX + "S",
            PREFIX + "S2",
        )
        apply_declaration(module.template_bracket % declaration)

        self.assertEqual(queryInterface(PREFIX + "S"), module.S)
        self.assertEqual(queryInterface(PREFIX + "S2"), module.S2)

        checker = selectChecker(module.test_instance)
        self.assertEqual(checker.setattr_permission_id("m1"), None)
        self.assertEqual(checker.setattr_permission_id("m2"), None)
        self.assertEqual(checker.setattr_permission_id("m3"), None)
        self.assertEqual(checker.setattr_permission_id("foo"), P1)
        self.assertEqual(checker.setattr_permission_id("bar"), P1)
        self.assertEqual(checker.setattr_permission_id("foo2"), P1)
        self.assertEqual(checker.setattr_permission_id("bar2"), P1)
        self.assertEqual(checker.setattr_permission_id("baro"), None)
Beispiel #11
0
 def __get__(self, inst, cls=None):
     if inst is None:
         return selectChecker(cls)
     else:
         # This is *VERY* tricky. There is a possibility that
         # the object was loaded, but not active by the time
         # __proxied__ needs to be accessed, which results
         # in an AttributeError here, which is swallowed
         # somewere inside the security machinery,
         # and then the object ends up using _defaultChecker
         #
         # Added the same code below, in ClassDescriptor,
         # though I'm not sure it is really needed there.
         if inst._p_state == GHOST:
             inst._p_activate()
         return selectChecker(inst.__proxied__)
Beispiel #12
0
    def test_multiple_set_schema(self):

        self.assertEqual(queryInterface(PREFIX + "S"), None)
        self.assertEqual(queryInterface(PREFIX + "S2"), None)

        declaration = (
            '''<class class="%s">
                            <require
                                permission="%s"
                                set_schema="%s %s"/>
                          </class>''' %
            (PREFIX + "test_class", P1, PREFIX + "S", PREFIX + "S2"))
        apply_declaration(module.template_bracket % declaration)

        self.assertEqual(queryInterface(PREFIX + "S"), module.S)
        self.assertEqual(queryInterface(PREFIX + "S2"), module.S2)

        checker = selectChecker(module.test_instance)
        self.assertEqual(checker.setattr_permission_id('m1'), None)
        self.assertEqual(checker.setattr_permission_id('m2'), None)
        self.assertEqual(checker.setattr_permission_id('m3'), None)
        self.assertEqual(checker.setattr_permission_id('foo'), P1)
        self.assertEqual(checker.setattr_permission_id('bar'), P1)
        self.assertEqual(checker.setattr_permission_id('foo2'), P1)
        self.assertEqual(checker.setattr_permission_id('bar2'), P1)
        self.assertEqual(checker.setattr_permission_id('baro'), None)
    def test_multiple_set_schema(self):

        self.assertEqual(queryInterface(PREFIX+"S"), None)
        self.assertEqual(queryInterface(PREFIX+"S2"), None)

        declaration = ('''<class class="%s">
                            <require
                                permission="%s"
                                set_schema="%s %s"/>
                          </class>'''
                       % (PREFIX+"test_class", P1, PREFIX+"S", PREFIX+"S2"))
        apply_declaration(module.template_bracket % declaration)

        self.assertEqual(queryInterface(PREFIX+"S"), module.S)
        self.assertEqual(queryInterface(PREFIX+"S2"), module.S2)


        checker = selectChecker(module.test_instance)
        self.assertEqual(checker.setattr_permission_id('m1'), None)
        self.assertEqual(checker.setattr_permission_id('m2'), None)
        self.assertEqual(checker.setattr_permission_id('m3'), None)
        self.assertEqual(checker.setattr_permission_id('foo'), P1)
        self.assertEqual(checker.setattr_permission_id('bar'), P1)
        self.assertEqual(checker.setattr_permission_id('foo2'), P1)
        self.assertEqual(checker.setattr_permission_id('bar2'), P1)
        self.assertEqual(checker.setattr_permission_id('baro'), None)
Beispiel #14
0
    def assertState(self, m1P=NOTSET, m2P=NOTSET, m3P=NOTSET):
        "Verify that class, instance, and methods have expected permissions."

        checker = selectChecker(module.test_instance)
        self.assertEqual(checker.permission_id("m1"), (m1P or None))
        self.assertEqual(checker.permission_id("m2"), (m2P or None))
        self.assertEqual(checker.permission_id("m3"), (m3P or None))
 def GreenerPastures(agent):
     """ where do they want to go today """
     import random
     _homes = sandbox._homes
     possible_homes = _homes.keys()
     possible_homes.remove(agent.getHome().getId())
     new_home =  _homes.get(random.choice(possible_homes))
     return checker.selectChecker(new_home).proxy(new_home)
 def assertState(self, m1P=NOTSET, m2P=NOTSET, m3P=NOTSET):
     #Verify that class, instance, and methods have expected permissions
     from zope.security.checker import selectChecker
     from zope.security.tests import module
     checker = selectChecker(module.test_instance)
     self.assertEqual(checker.permission_id('m1'), (m1P or None))
     self.assertEqual(checker.permission_id('m2'), (m2P or None))
     self.assertEqual(checker.permission_id('m3'), (m3P or None))
 def assertSetattrState(self, m1P=NOTSET, m2P=NOTSET, m3P=NOTSET):
     # Verify that class, instance, and methods have expected permissions
     from zope.security.checker import selectChecker
     from zope.security.tests import module
     checker = selectChecker(module.test_instance)
     self.assertEqual(checker.setattr_permission_id('m1'), (m1P or None))
     self.assertEqual(checker.setattr_permission_id('m2'), (m2P or None))
     self.assertEqual(checker.setattr_permission_id('m3'), (m3P or None))
Beispiel #18
0
 def GreenerPastures(agent):
     """ where do they want to go today """
     import random
     _homes = sandbox._homes
     possible_homes = _homes.keys()
     possible_homes.remove(agent.getHome().getId())
     new_home = _homes.get(random.choice(possible_homes))
     return checker.selectChecker(new_home).proxy(new_home)
 def addAgent(self, agent):
     if not self._agents.has_key(agent.getId()) \
        and sandbox.IAgent.providedBy(agent):
         self._agents[agent.getId()]=agent
         agentChecker = checker.selectChecker(self)
         wrapped_home = agentChecker.proxy(self)
         agent.setHome(wrapped_home)
     else:
         raise sandbox.SandboxError("couldn't add agent %s" %agent)
Beispiel #20
0
 def addAgent(self, agent):
     if not self._agents.has_key(agent.getId()) \
        and sandbox.IAgent.providedBy(agent):
         self._agents[agent.getId()] = agent
         agentChecker = checker.selectChecker(self)
         wrapped_home = agentChecker.proxy(self)
         agent.setHome(wrapped_home)
     else:
         raise sandbox.SandboxError("couldn't add agent %s" % agent)
Beispiel #21
0
 def test_set_attributes(self):
     declaration = ('''<class class="%s">
                         <require
                             permission="%s"
                             set_attributes="m1 m3"/>
                       </class>''' % (PREFIX + "test_class", P1))
     apply_declaration(module.template_bracket % declaration)
     checker = selectChecker(module.test_instance)
     self.assertEqual(checker.setattr_permission_id('m1'), P1)
     self.assertEqual(checker.setattr_permission_id('m2'), None)
     self.assertEqual(checker.setattr_permission_id('m3'), P1)
 def test_set_attributes(self):
     declaration = ('''<class class="%s">
                         <require
                             permission="%s"
                             set_attributes="m1 m3"/>
                       </class>'''
                    % (PREFIX+"test_class", P1))
     apply_declaration(module.template_bracket % declaration)
     checker = selectChecker(module.test_instance)
     self.assertEqual(checker.setattr_permission_id('m1'), P1)
     self.assertEqual(checker.setattr_permission_id('m2'), None)
     self.assertEqual(checker.setattr_permission_id('m3'), P1)
Beispiel #23
0
 def callObject(self, request, ob):
     orig = ob
     if not IHTTPException.providedBy(ob):
         ob = component.queryMultiAdapter((ob, request),
                                         name=request.method)
         checker = selectChecker(ob)
         if checker is not None:
             checker.check(ob, '__call__')
         ob = getattr(ob, request.method, None)
         if ob is None:
             raise GrokMethodNotAllowed(orig, request)
     return mapply(ob, request.getPositionalArguments(), request)
Beispiel #24
0
 def __get__(self, inst, cls=None):
     if inst is None:
         return self
     else:
         proxied_object = getProxiedObject(inst)
         if type(proxied_object) is Proxy:
             checker = getChecker(proxied_object)
         else:
             checker = getattr(proxied_object, '__Security_checker__', None)
             if checker is None:
                 checker = selectChecker(proxied_object)
         wrapper_checker = selectChecker(inst)
         if wrapper_checker is None and checker is None:
             raise AttributeError("%r has no attribute %r" %
                                  (proxied_object.__class__.__name__,
                                   '__Security_checker__'))
         elif wrapper_checker is None:
             return checker
         elif checker is None:
             return wrapper_checker
         else:
             return CombinedChecker(wrapper_checker, checker)
 def test_set_attributes(self):
     from zope.security.checker import selectChecker
     from zope.security.tests import module
     declaration = ('''<class class="%s">
                         <require
                             permission="%s"
                             set_attributes="m1 m3"/>
                       </class>''' % (_pfx("test_class"), P1))
     apply_declaration(module.template_bracket % declaration)
     checker = selectChecker(module.test_instance)
     self.assertEqual(checker.setattr_permission_id('m1'), P1)
     self.assertEqual(checker.setattr_permission_id('m2'), None)
     self.assertEqual(checker.setattr_permission_id('m3'), P1)
 def test_set_attributes(self):
     from zope.security.checker import selectChecker
     from zope.security.tests import module
     declaration = ('''<class class="%s">
                         <require
                             permission="%s"
                             set_attributes="m1 m3"/>
                       </class>'''
                    % (_pfx("test_class"), P1))
     apply_declaration(module.template_bracket % declaration)
     checker = selectChecker(module.test_instance)
     self.assertEqual(checker.setattr_permission_id('m1'), P1)
     self.assertEqual(checker.setattr_permission_id('m2'), None)
     self.assertEqual(checker.setattr_permission_id('m3'), P1)
    def testInherited(self):

        class B1(object):
            def g(self): return 'B1.g'

        class B2(object):
            def h(self): return 'B2.h'

        class S(B1, B2):
            pass

        component.provideUtility(Permission('B1', ''), IPermission, 'B1')
        component.provideUtility(Permission('S', ''), IPermission, 'S')
        protectName(B1, 'g', 'B1')
        protectName(S, 'g', 'S')
        protectName(S, 'h', 'S')

        self.assertEqual(selectChecker(B1()).permission_id('g'), 'B1')
        self.assertEqual(selectChecker(B2()).permission_id('h'), None)
        self.assertEqual(selectChecker(S()).permission_id('g'), 'S')
        self.assertEqual(selectChecker(S()).permission_id('h'), 'S')

        self.assertEqual(S().g(), 'B1.g')
        self.assertEqual(S().h(), 'B2.h')
Beispiel #28
0
    def callObject(self, request, ob):
        if getattr(ob, 'context', None) is None:
            return super(SkinnedBrowserPublication,
                         self).callObject(request, ob)

        checker = selectChecker(ob)
        if checker is not None:
            checker.check(ob, '__call__')

        managers = dict(
            zope.component.getAdapters((ob.context, request, ob),
                                       zope.interface.Interface))
        for manager in managers.values():
            manager.update()

        # TODO: make template configurable (pick up from layer?)
        template = PageTemplateFile('main_template.pt')
        return template.pt_render({'managers': managers})
 def test_featured_projects_view_requires_edit(self):
     view = create_view(self.root, '+featuredprojects')
     checker = selectChecker(view)
     self.assertEquals('launchpad.Edit', checker.permission_id('__call__'))
def _proxied(*args):
    return Proxy(args, selectChecker(args))
def _proxied(*args):
    return Proxy(args, selectChecker(args))
 def assertSetattrState(self, m1P=NOTSET, m2P=NOTSET, m3P=NOTSET):
     "Verify that class, instance, and methods have expected permissions."
     checker = selectChecker(TestModule.test_instance)
     self.assertEqual(checker.setattr_permission_id('m1'), (m1P or None))
     self.assertEqual(checker.setattr_permission_id('m2'), (m2P or None))
     self.assertEqual(checker.setattr_permission_id('m3'), (m3P or None))
Beispiel #33
0
 def callObject(self, request, ob):
     checker = selectChecker(ob)
     if checker is not None:
         checker.check(ob, '__call__')
     return super(ZopePublicationSansProxy, self).callObject(request, ob)
Beispiel #34
0
 def callObject(self, request, ob):
     checker = selectChecker(ob)
     if checker is not None:
         checker.check(ob, '__call__')
     return super(ZopePublicationSansProxy, self).callObject(request, ob)
 def test_featured_projects_view_requires_edit(self):
     view = create_view(self.root, '+featuredprojects')
     checker = selectChecker(view)
     self.assertEqual('launchpad.Edit', checker.permission_id('__call__'))