def _makeSite(self): import base64 from cStringIO import StringIO import urllib try: from OFS.userfolder import UserFolder except ImportError: # BBB for Zope < 2.13 from AccessControl.User import UserFolder from OFS.Folder import Folder from OFS.DTMLMethod import DTMLMethod root = Folder() root.isTopLevelPrincipiaApplicationObject = 1 # User folder needs this root.getPhysicalPath = lambda: () # hack root._View_Permission = ('Anonymous',) users = UserFolder() users._setId('acl_users') users._doAddUser('abraham', 'pass-w', ('Patriarch',), ()) users._doAddUser('isaac', 'pass-w', ('Son',), ()) root._setObject(users.id, users) cc = self._makeOne() cc.id = self._CC_ID root._setObject(cc.id, cc) index = DTMLMethod() index.munge('This is the default view') index._setId('index_html') root._setObject(index.getId(), index) login = DTMLMethod() login.munge('Please log in first.') login._setId('login_form') root._setObject(login.getId(), login) protected = DTMLMethod() protected._View_Permission = ('Manager',) protected.munge('This is the protected view') protected._setId('protected') root._setObject(protected.getId(), protected) req = makerequest(root, StringIO()) self._finally = req.close credentials = urllib.quote( base64.encodestring('abraham:pass-w').rstrip()) return root, cc, req, credentials
def _makeSite(self): import base64 from cStringIO import StringIO import urllib try: from OFS.userfolder import UserFolder except ImportError: # BBB for Zope < 2.13 from AccessControl.User import UserFolder from OFS.Folder import Folder from OFS.DTMLMethod import DTMLMethod root = Folder() root.isTopLevelPrincipiaApplicationObject = 1 # User folder needs this root.getPhysicalPath = lambda: () # hack root._View_Permission = ('Anonymous', ) users = UserFolder() users._setId('acl_users') users._doAddUser('abraham', 'pass-w', ('Patriarch', ), ()) users._doAddUser('isaac', 'pass-w', ('Son', ), ()) root._setObject(users.id, users) cc = self._makeOne() cc.id = self._CC_ID root._setObject(cc.id, cc) index = DTMLMethod() index.munge('This is the default view') index._setId('index_html') root._setObject(index.getId(), index) login = DTMLMethod() login.munge('Please log in first.') login._setId('login_form') root._setObject(login.getId(), login) protected = DTMLMethod() protected._View_Permission = ('Manager', ) protected.munge('This is the protected view') protected._setId('protected') root._setObject(protected.getId(), protected) req = makerequest(root, StringIO()) self._finally = req.close credentials = urllib.quote( base64.encodestring('abraham:pass-w').rstrip()) return root, cc, req, credentials
def setUp(self): CookieCrumblerTests.setUp(self) root = Folder() self.root = root root.isTopLevelPrincipiaApplicationObject = 1 # User folder needs this root.getPhysicalPath = lambda: () # hack root._View_Permission = ('Anonymous', ) users = UserFolder() users._setId('acl_users') users._doAddUser('abraham', 'pass-w', ('Patriarch', ), ()) users._doAddUser('isaac', 'pass-w', ('Son', ), ()) users._doAddUser( 'abrahammmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm', 'pass-wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww', ('Son', ), ()) root._setObject(users.id, users) cc = CookieCrumbler() cc.id = 'cookie_authentication' root._setObject(cc.id, cc) self.cc = getattr(root, cc.id) index = DTMLMethod() index.munge('This is the default view') index._setId('index_html') root._setObject(index.getId(), index) login = DTMLMethod() login.munge('Please log in first.') login._setId('login_form') root._setObject(login.getId(), login) protected = DTMLMethod() protected._View_Permission = ('Manager', ) protected.munge('This is the protected view') protected._setId('protected') root._setObject(protected.getId(), protected) self.responseOut = StringIO() self.req = makerequest(root, self.responseOut) self.credentials = urllib.quote( base64.encodestring('abraham:pass-w').replace('\012', ''))
def setUp(self): CookieCrumblerTests.setUp(self) root = Folder() self.root = root root.isTopLevelPrincipiaApplicationObject = 1 # User folder needs this root.getPhysicalPath = lambda: () # hack root._View_Permission = ('Anonymous',) users = UserFolder() users._setId('acl_users') users._doAddUser('abraham', 'pass-w', ('Patriarch',), ()) users._doAddUser('isaac', 'pass-w', ('Son',), ()) users._doAddUser('abrahammmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm', 'pass-wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww', ('Son',), ()) root._setObject(users.id, users) cc = CookieCrumbler() cc.id = 'cookie_authentication' root._setObject(cc.id, cc) self.cc = getattr(root, cc.id) index = DTMLMethod() index.munge('This is the default view') index._setId('index_html') root._setObject(index.getId(), index) login = DTMLMethod() login.munge('Please log in first.') login._setId('login_form') root._setObject(login.getId(), login) protected = DTMLMethod() protected._View_Permission = ('Manager',) protected.munge('This is the protected view') protected._setId('protected') root._setObject(protected.getId(), protected) self.responseOut = StringIO() self.req = makerequest(root, self.responseOut) self.credentials = urllib.quote( base64.encodestring('abraham:pass-w').replace('\012', ''))
def test_security_attributes(self): conn = self.db.open() try: app = conn.root()['Application'] f = Folder() f.id = 'Holidays' app._setObject(f.id, f, set_owner=0) f = app.Holidays u = UserFolder() u.id = 'acl_users' f._setObject(u.id, u, set_owner=0) u._doAddUser('shane', 'abcdefg', ('Elder',), ()) f._owner = (['Holidays', 'acl_users'], 'shane') f.__ac_roles__ = ['Elder', 'Manager', 'Missionary'] f.__ac_local_roles__ = {'shane': ['Missionary']} f._proxy_roles = ['Manager'] f._View_Permission = ('Owner', 'Elder') f._Add_Folders_Permission = ['Elder'] transaction.commit() conn2 = self.db.open() try: # Verify that loading works app = conn2.root()['Application'] f2 = app.Holidays user = f2.getOwner() self.assertEqual(user.getUserName(), 'shane') self.assert_('Elder' in user.getRoles()) self.assertEqual( list(f2.__ac_roles__), ['Elder', 'Manager', 'Missionary']) roles = {} for role in list(user.getRolesInContext(f2)): if role != 'Authenticated' and role != 'Anonymous': roles[role] = 1 self.assertEqual(roles, {'Elder':1, 'Missionary':1}) self.assertEqual(tuple(f2._proxy_roles), ('Manager',)) self.assert_(isinstance(f2._View_Permission, TupleType), "View permission should not be acquired") self.assert_(isinstance(f2._Add_Folders_Permission, ListType), "Add Folders permission should be acquired") roles = {} for role in list(f2._View_Permission): roles[role] = 1 self.assertEqual(roles, {'Elder':1, 'Owner':1}) # Write some changes to verify that changes work f2._owner = None del f2._proxy_roles f2.__ac_roles__ += ('Teacher',) transaction.commit() finally: conn2.close() # Make sure the changes are seen conn.sync() self.assert_(f.getOwner() is None, f.getOwner()) self.assert_(not hasattr(f, '_proxy_roles')) self.assertEqual( list(f.__ac_roles__), ['Elder', 'Manager', 'Missionary', 'Teacher']) finally: conn.close()
def test_security_attributes(self): conn = self.db.open() try: app = conn.root()['Application'] f = Folder() f.id = 'Holidays' app._setObject(f.id, f, set_owner=0) f = app.Holidays u = UserFolder() u.id = 'acl_users' f._setObject(u.id, u, set_owner=0) u._doAddUser('shane', 'abcdefg', ('Elder', ), ()) f._owner = (['Holidays', 'acl_users'], 'shane') f.__ac_roles__ = ['Elder', 'Manager', 'Missionary'] f.__ac_local_roles__ = {'shane': ['Missionary']} f._proxy_roles = ['Manager'] f._View_Permission = ('Owner', 'Elder') f._Add_Folders_Permission = ['Elder'] transaction.commit() conn2 = self.db.open() try: # Verify that loading works app = conn2.root()['Application'] f2 = app.Holidays user = f2.getOwner() self.assertEqual(user.getUserName(), 'shane') self.assert_('Elder' in user.getRoles()) self.assertEqual(list(f2.__ac_roles__), ['Elder', 'Manager', 'Missionary']) roles = {} for role in list(user.getRolesInContext(f2)): if role != 'Authenticated' and role != 'Anonymous': roles[role] = 1 self.assertEqual(roles, {'Elder': 1, 'Missionary': 1}) self.assertEqual(tuple(f2._proxy_roles), ('Manager', )) self.assert_(isinstance(f2._View_Permission, TupleType), "View permission should not be acquired") self.assert_(isinstance(f2._Add_Folders_Permission, ListType), "Add Folders permission should be acquired") roles = {} for role in list(f2._View_Permission): roles[role] = 1 self.assertEqual(roles, {'Elder': 1, 'Owner': 1}) # Write some changes to verify that changes work f2._owner = None del f2._proxy_roles f2.__ac_roles__ += ('Teacher', ) transaction.commit() finally: conn2.close() # Make sure the changes are seen conn.sync() self.assert_(f.getOwner() is None, f.getOwner()) self.assert_(not hasattr(f, '_proxy_roles')) self.assertEqual(list(f.__ac_roles__), ['Elder', 'Manager', 'Missionary', 'Teacher']) finally: conn.close()