def testDot(self):
ob = Content()
from zope.traversing.publicationtraverse import PublicationTraverser
t = PublicationTraverser()
request = TestRequest()
self.assertEqual(ob, t.traverseName(request, ob, "."))
def testDirectTraversal(self):
request = TestRequest()
ob = DummyPublishTraverse(Content(), request)
t = PublicationTraverser()
proxy = t.traverseName(request, ob, 'foo')
view = removeSecurityProxy(proxy)
self.assertTrue(proxy is not view)
self.assertEqual(view.__class__, View)
self.assertEqual(view.name, 'foo')
def testDirectTraversal(self):
request = TestRequest()
ob = DummyPublishTraverse(Content(), request)
t = PublicationTraverser()
proxy = t.traverseName(request, ob, 'foo')
view = removeSecurityProxy(proxy)
self.assertTrue(proxy is not view)
self.assertEqual(view.__class__, View)
self.assertEqual(view.name, 'foo')
def testViewFound(self):
provideAdapter(DummyViewTraverser, (Interface, Interface),
ITraversable, name='view')
ob = Content()
t = PublicationTraverser()
request = TestRequest()
proxy = t.traverseName(request, ob, '@@foo')
view = removeSecurityProxy(proxy)
self.assertTrue(proxy is not view)
self.assertEqual(view.__class__, View)
self.assertEqual(view.name, 'foo')
def testPathFound(self):
provideAdapter(DummyPublishTraverse, (Interface, Interface),
IPublishTraverse)
ob = Content()
t = PublicationTraverser()
request = TestRequest()
proxy = t.traversePath(request, ob, 'foo/bar')
view = removeSecurityProxy(proxy)
self.assertTrue(proxy is not view)
self.assertEqual(view.__class__, View)
self.assertEqual(view.name, 'bar')
def testPathFound(self):
provideAdapter(DummyPublishTraverse, (Interface, Interface),
IPublishTraverse)
ob = Content()
t = PublicationTraverser()
request = TestRequest()
proxy = t.traversePath(request, ob, 'foo/bar')
view = removeSecurityProxy(proxy)
self.assertTrue(proxy is not view)
self.assertEqual(view.__class__, View)
self.assertEqual(view.name, 'bar')
def testComplexPath(self):
provideAdapter(DummyPublishTraverse, (Interface, Interface),
IPublishTraverse)
ob = Content()
from zope.traversing.publicationtraverse import PublicationTraverser
t = PublicationTraverser()
request = TestRequest()
proxy = t.traversePath(request, ob, 'foo/../alpha//beta/./bar')
view = removeSecurityProxy(proxy)
self.assertTrue(proxy is not view)
self.assertEqual(view.__class__, View)
self.assertEqual(view.name, 'bar')
def testNameFound(self):
provideAdapter(DummyPublishTraverse, (Interface, Interface),
IPublishTraverse)
ob = Content()
from zope.traversing.publicationtraverse import PublicationTraverser
t = PublicationTraverser()
request = TestRequest()
proxy = t.traverseName(request, ob, 'foo')
view = removeSecurityProxy(proxy)
self.assertTrue(proxy is not view)
self.assertEqual(view.__class__, View)
self.assertEqual(view.name, 'foo')
def testViewFound(self):
provideAdapter(DummyViewTraverser, (Interface, Interface),
ITraversable,
name='view')
ob = Content()
t = PublicationTraverser()
request = TestRequest()
proxy = t.traverseName(request, ob, '@@foo')
view = removeSecurityProxy(proxy)
self.assertTrue(proxy is not view)
self.assertEqual(view.__class__, View)
self.assertEqual(view.name, 'foo')
def testNameFound(self):
provideAdapter(DummyPublishTraverse, (Interface, Interface), IPublishTraverse)
ob = Content()
from zope.traversing.publicationtraverse import PublicationTraverser
t = PublicationTraverser()
request = TestRequest()
proxy = t.traverseName(request, ob, "foo")
view = removeSecurityProxy(proxy)
self.assertTrue(proxy is not view)
self.assertEqual(view.__class__, View)
self.assertEqual(view.name, "foo")
def testComplexPath(self):
provideAdapter(DummyPublishTraverse, (Interface, Interface), IPublishTraverse)
ob = Content()
from zope.traversing.publicationtraverse import PublicationTraverser
t = PublicationTraverser()
request = TestRequest()
proxy = t.traversePath(request, ob, "foo/../alpha//beta/./bar")
view = removeSecurityProxy(proxy)
self.assertTrue(proxy is not view)
self.assertEqual(view.__class__, View)
self.assertEqual(view.name, "bar")
def testTraverseRelativeURL(self):
provideAdapter(DummyPublishTraverse, (Interface, Interface), IPublishTraverse)
provideAdapter(DummyBrowserPublisher, (Interface,), IBrowserPublisher)
ob = Content()
from zope.traversing.publicationtraverse import PublicationTraverser
t = PublicationTraverser()
request = TestRequest()
proxy = t.traverseRelativeURL(request, ob, "foo/bar")
view = removeSecurityProxy(proxy)
self.assertTrue(proxy is not view)
self.assertEqual(view.__class__, View)
self.assertEqual(view.name, "more")
def testTraverseRelativeURL(self):
provideAdapter(DummyPublishTraverse, (Interface, Interface),
IPublishTraverse)
provideAdapter(DummyBrowserPublisher, (Interface, ), IBrowserPublisher)
ob = Content()
from zope.traversing.publicationtraverse import PublicationTraverser
t = PublicationTraverser()
request = TestRequest()
proxy = t.traverseRelativeURL(request, ob, 'foo/bar')
view = removeSecurityProxy(proxy)
self.assertTrue(proxy is not view)
self.assertEqual(view.__class__, View)
self.assertEqual(view.name, 'more')
def testMissingSkin(self):
ob = Content()
from zope.traversing.publicationtraverse import PublicationTraverser
t = PublicationTraverser()
request = TestRequest()
self.assertRaises(NotFound, t.traversePath, request, ob,
'/++skin++missingskin')
def available(self):
# Make sure we have the permission needed to access the menu's action
if self.permission is not None:
# If we have an explicit permission, check that we
# can access it.
if not checkPermission(self.permission, self.context):
return False
elif self.action != _u(''):
# Otherwise, test access by attempting access
path = self.action
l = self.action.find('?')
if l >= 0:
path = self.action[:l]
traverser = PublicationTraverser()
try:
view = traverser.traverseRelativeURL(self.request,
self.context, path)
except (Unauthorized, Forbidden, LookupError):
return False
else:
# we're assuming that view pages are callable
# this is a pretty sound assumption
if not canAccess(view, '__call__'):
return False
# Make sure that we really want to see this menu item
if self.filter is not None:
try:
include = self.filter(
Engine.getContext(
context=self.context,
nothing=None,
request=self.request,
modules=sys.modules,
))
except Unauthorized:
return False
else:
if not include:
return False
return True
def available(self):
# Make sure we have the permission needed to access the menu's action
if self.permission is not None:
# If we have an explicit permission, check that we
# can access it.
if not checkPermission(self.permission, self.context):
return False
elif self.action != u'':
# Otherwise, test access by attempting access
path = self.action
l = self.action.find('?')
if l >= 0:
path = self.action[:l]
traverser = PublicationTraverser()
try:
view = traverser.traverseRelativeURL(
self.request, self.context, path)
except (Unauthorized, Forbidden, LookupError):
return False
else:
# we're assuming that view pages are callable
# this is a pretty sound assumption
if not canAccess(view, '__call__'):
return False # pragma: no cover
# Make sure that we really want to see this menu item
if self.filter is not None:
try:
include = self.filter(Engine.getContext(
context=self.context,
nothing=None,
request=self.request,
modules=sys.modules,
))
except Unauthorized:
return False
else:
if not include:
return False
return True
class MinimalisticPublisher(object):
implements(IPublication)
def __init__(self, root_name):
self.root_name = root_name
self.traverser = PublicationTraverser()
def getApplication(self, request):
#Yep, we think we know implementation details here
#but whole package is big optimisation hack
return request.annotations[ZODB_ANNOTATION_KEY]
def proxy(self, ob):
"""Security-proxy an object
Subclasses may override this to use a different proxy (or
checker) implementation or to not proxy at all.
"""
return ProxyFactory(ob)
def getDefaultTraversal(self, request, ob):
if IBrowserPublisher.providedBy(ob):
# ob is already proxied, so the result of calling a method will be
return ob.browserDefault(request)
else:
adapter = queryMultiAdapter((ob, request), IBrowserPublisher)
if adapter is not None:
ob, path = adapter.browserDefault(request)
ob = self.proxy(ob)
return ob, path
else:
# ob is already proxied
return ob, None
def publish(self, request):
request.processInputs()
self.beforeTraversal(request)
obj = self.getApplication(request)
obj = request.traverse(obj)
self.afterTraversal(request, obj)
result = self.callObject(request, obj)
response = request.response
if result is not response:
response.setResult(result)
self.afterCall(request, obj)
def callObject(self, request, ob):
# Exception handling, dont try to call request.method
orig = ob
#if not IHTTPException.providedBy(ob):
# ob = getattr(ob, request.method, None)
# if ob is None:
# raise MethodNotAllowed(orig, request)
return mapply(ob, request.getPositionalArguments(), request)
def afterCall(self, request, obj):
if request.method == 'HEAD':
request.response.setResult('')
notify(AfterCallEvent(request, obj))
endInteraction()
def traverseName(self, request, obj, name):
return self.traverser.traverseName(request, obj, name)
def beforeTraversal(self, request):
self.authenticate(request, getGlobalSiteManager(), fallback=True)
newInteraction(request)
def callTraversalHooks(self, request, ob):
# Call __before_publishing_traverse__ hooks
notify(BeforeTraverseEvent(ob, request))
# This is also a handy place to try and authenticate.
self._maybePlacefullyAuthenticate(request, ob)
def afterTraversal(self, request, ob):
self._maybePlacefullyAuthenticate(request, ob)
def _maybePlacefullyAuthenticate(self, request, ob):
if not IUnauthenticatedPrincipal.providedBy(request.principal):
# We've already got an authenticated user. There's nothing to do.
# Note that beforeTraversal guarentees that user is not None.
return
if not ISite.providedBy(ob):
# We won't find an authentication utility here, so give up.
return
sm = removeSecurityProxy(ob).getSiteManager()
self.authenticate(request, sm)
def authenticate(self, request, sm, fallback=False):
principal = None
auth = sm.queryUtility(IAuthentication)
if auth is not None:
# Try to authenticate against the auth utility
principal = auth.authenticate(request)
if principal is None:
principal = auth.unauthenticatedPrincipal()
if principal is None:
# nothing to do here
if not fallback:
return
principal = getUtility(IFallbackUnauthenticatedPrincipal)
request.setPrincipal(principal)
def testDot(self):
ob = Content()
t = PublicationTraverser()
request = TestRequest()
self.assertEqual(ob, t.traverseName(request, ob, '.'))
def testNameNotFound(self):
ob = Content()
t = PublicationTraverser()
request = TestRequest()
self.assertRaises(NotFound, t.traverseName, request, ob, 'foo')
def testDot(self):
ob = Content()
t = PublicationTraverser()
request = TestRequest()
self.assertEqual(ob, t.traverseName(request, ob, '.'))
def testPathNotFound(self):
ob = Content()
from zope.traversing.publicationtraverse import PublicationTraverser
t = PublicationTraverser()
request = TestRequest()
self.assertRaises(NotFound, t.traversePath, request, ob, 'foo/bar')
def testPathNotFound(self):
ob = Content()
t = PublicationTraverser()
request = TestRequest()
self.assertRaises(NotFound, t.traversePath, request, ob, 'foo/bar')
def testDot(self):
ob = Content()
from zope.traversing.publicationtraverse import PublicationTraverser
t = PublicationTraverser()
request = TestRequest()
self.assertEqual(ob, t.traverseName(request, ob, '.'))
def testViewNotFound(self):
ob = Content()
from zope.traversing.publicationtraverse import PublicationTraverser
t = PublicationTraverser()
request = TestRequest()
self.assertRaises(NotFound, t.traverseName, request, ob, '@@foo')
def __init__(self, root_name):
self.root_name = root_name
self.traverser = PublicationTraverser()
