def test__extractUserIds_masquerading_disabled(self):
request = self.app.REQUEST
request._auth = 'Basic %s' % pastc.mkauth('fred/wilma', 'r0ck')
masquerading(False)
uids = self.pas._extractUserIds(request, self.pas.plugins)
self.assertEqual(len(uids), 0)
def afterSetUp(self):
self.pas = self.folder.acl_users
# Create a masquerading user (Manager)
self.pas.users.addUser('fred_id', 'fred', 'r0ck')
self.pas.roles.assignRoleToPrincipal('Manager', 'fred_id')
# Create a masqueraded user
self.pas.users.addUser('wilma_id', 'wilma', 'geheim')
self.pas.roles.assignRoleToPrincipal(pastc.user_role, 'wilma_id')
# Create a protected document
self.folder.manage_addDTMLMethod('doc', file='the document')
self.doc = self.folder.doc
self.doc.manage_permission(View, [pastc.user_role], acquire=False)
# Enable masquerading
masquerading(True)
def test_validate_masquerading_disabled(self):
request = self.app.REQUEST
request._auth = 'Basic %s' % pastc.mkauth('fred/wilma', 'r0ck')
masquerading(False)
user = self.pas.validate(request)
self.assertEqual(user, None)
user = getSecurityManager().getUser()
self.failIfEqual(user, None)
self.assertEqual(user.getId(), None)
self.assertEqual(user.getUserName(), 'Anonymous User')
self.assertEqual(user.getRoles(), ('Anonymous', ))
def afterSetUp(self):
self.pas = self.folder.acl_users
# Create a masquerading user (Manager)
self.pas.users.addUser('fred_id', 'fred', 'r0ck')
self.pas.roles.assignRoleToPrincipal('Manager', 'fred_id')
# Create a masquerading user (Masquerader)
self.pas.users.addUser('barney_id', 'barney', 'p4per')
self.pas.roles.addRole('Masquerader')
self.pas.roles.assignRoleToPrincipal('Masquerader', 'barney_id')
# Create a masquerading user (Masquerader via group)
self.pas.users.addUser('pebbles_id', 'pebbles', 'sci55ors')
self.pas.groups.addGroup('flintstone_id', 'flintstone')
self.pas.groups.addPrincipalToGroup('pebbles_id', 'flintstone_id')
self.pas.roles.assignRoleToPrincipal('Masquerader', 'flintstone_id')
# Create a masqueraded user
self.pas.users.addUser('wilma_id', 'wilma', 'geheim')
self.pas.roles.assignRoleToPrincipal(pastc.user_role, 'wilma_id')
# Create a protected document
self.folder.manage_addDTMLMethod('doc', file='the document')
self.doc = self.folder.doc
self.doc.manage_permission(View, [pastc.user_role], acquire=False)
# Rig the request so it looks like we traversed to doc
request = self.app.REQUEST
request['PUBLISHED'] = self.doc
request['PARENTS'] = [self.folder, self.app]
request.steps = list(self.doc.getPhysicalPath())
# Start out as Anonymous User
self.logout()
# Enable masquerading
masquerading(True)
def afterClear(self):
# Disable masquerading
masquerading(False)