def test_listActionInformationActions(self):
# Check that listFilteredActionsFor works for objects that return
# ActionInformation objects
tool = self.tool
tool._actions = (
ActionInformation(id='folderContents',
title='Folder contents',
action=Expression(text='string:'
'${folder_url}/folder_contents'),
icon_expr=Expression(text='string:'
'${folder_url}/icon.gif'),
condition=Expression(text='python: '
'folder is not object'),
permissions=('List folder contents',),
category='folder',
link_target='_top',
visible=1),)
newSecurityManager(None, OmnipotentUser().__of__(self.app.acl_users))
self.assertEqual(tool.listFilteredActionsFor(self.app.foo),
{'workflow': [],
'user': [],
'object': [],
'folder': [{'id': 'folderContents',
'url': 'http://nohost/folder_contents',
'icon': 'http://nohost/icon.gif',
'title': 'Folder contents',
'description': '',
'visible': True,
'available': True,
'allowed': True,
'category': 'folder',
'link_target': '_top'}],
'global': []})
def setUp(self):
import Products.DCWorkflow
SecurityRequestTest.setUp(self)
setUpEvents()
setUpTraversing()
setUpGenericSetup()
zcml.load_config('permissions.zcml', Products.Five)
zcml.load_config('configure.zcml', Products.Five.browser)
zcml.load_config('configure.zcml', Products.CMFCore)
zcml.load_config('configure.zcml', Products.CMFDefault)
zcml.load_config('configure.zcml', Products.DCWorkflow)
try:
factory = self.root.manage_addProduct[
'CMFDefault'].addConfiguredSite
factory('cmf', 'Products.CMFDefault:default', snapshot=False)
self.site = self.root.cmf
newSecurityManager(None, OmnipotentUser().__of__(self.site))
self.site.invokeFactory('File', id='file')
self.site.portal_workflow.doActionFor(self.site.file, 'publish')
self.site.invokeFactory('Image', id='image')
self.site.portal_workflow.doActionFor(self.site.image, 'publish')
self.site.invokeFactory('Folder', id='subfolder')
self.subfolder = self.site.subfolder
self.workflow = self.site.portal_workflow
transaction.savepoint(optimistic=True) # Make sure we have _p_jars
except:
self.tearDown()
raise
def setup(app, path):
_policy = PermissiveSecurityPolicy()
_oldpolicy = setSecurityPolicy(_policy)
newSecurityManager(None, OmnipotentUser().__of__(app.acl_users))
site = app.unrestrictedTraverse(path)
populateFolder(site, 'Folder', 'Document')
return site
def spoofRequest(app):
user = app.acl_users.getUserById("admin")
if not user:
user = OmnipotentUser().__of__(app.acl_users)
_policy = PermissiveSecurityPolicy()
setSecurityPolicy(_policy)
newSecurityManager(None, user)
return makerequest(app, environ=os.environ)
def spoofRequest(app):
"""
Make REQUEST variable to be available on the Zope application server.
This allows acquisition to work properly
"""
_policy = PermissiveSecurityPolicy()
_oldpolicy = setSecurityPolicy(_policy)
newSecurityManager(None, OmnipotentUser().__of__(app.acl_users))
return makerequest(app)
def setUp(self):
SecurityTest.setUp(self)
self.root._setObject('site', DummySite('site'))
self.site = self.root._getOb('site')
self.site._setObject('portal_types', DummyTool())
self.site._setObject('portal_workflow', WorkflowTool())
self._constructDummyWorkflow()
transaction.savepoint(optimistic=True)
newSecurityManager(None, OmnipotentUser().__of__(self.site))
def main():
global app
attr_storage = AttributeStorage()
fss_storage = FileSystemStorage()
app = makerequest(app)
_policy = PermissiveSecurityPolicy()
_oldpolicy = setSecurityPolicy(_policy)
newSecurityManager(None, OmnipotentUser().__of__(app.acl_users))
global portal, ct
portal = app[ploneid]
setSite(portal)
# Initialization
log('Initialized at', datetime.now().isoformat())
ct = getToolByName(portal, 'portal_catalog')
fssfiles = ct.searchResults({'portal_type': pt})
for fssfile in fssfiles:
log('Migrating: [%s] %s in %s ... ' %
(fssfile.portal_type, fssfile.id, fssfile.getPath()))
obj = portal.restrictedTraverse(fssfile.getPath())
try:
f_tp = 'image'
field = obj.Schema()[f_tp]
except KeyError, e:
f_tp = 'file'
field = obj.Schema()[f_tp]
fieldstorage = field.storage
try:
mimetype = field.getContentType(obj)
except:
mimetype = obj.getContentType()
content = StringIO(str(fss_storage.get(f_tp, obj)))
# Cleaning the storage
fss_storage.unset(f_tp, obj)
field.set(obj, content)
field.setContentType(obj, mimetype)
field.setFilename(obj, obj.id)
log('Transaction commit and Data.fs synchronism.')
transaction.commit()
app._p_jar.sync()
def setUp(self):
SecurityTest.setUp(self)
self.app._setObject('site', DummySite('site'))
self.site = self.app._getOb('site')
self.wtool = self.site._setObject('portal_workflow', WorkflowTool())
self._constructDummyWorkflow()
transaction.savepoint(optimistic=True)
newSecurityManager(None, OmnipotentUser().__of__(self.site))
sm = getSiteManager()
sm.registerUtility(self.wtool, IWorkflowTool)
sm.registerUtility(DummyTool(), ITypesTool)
def __init__(self):
"""
"""
app = makerequest(app)
_policy = PermissiveSecurityPolicy()
_oldpolicy = setSecurityPolicy(_policy)
self.site = app[ploneid]
setSite(self.site)
newSecurityManager(None, OmnipotentUser().__of__(app.acl_users))
self.catalog = getToolByName(site, 'portal_catalog')
self.searchfiles = self.catalog.searchResults(portal_type='File')
def _makeContext(self, obj_id, filename):
newSecurityManager(None, OmnipotentUser().__of__(self.app.acl_users))
stool = Folder('portal_skins')
getSiteManager().registerUtility(stool, ISkinsTool)
stool._setObject('custom', Folder('custom'))
custom = stool.custom
stool._setObject('fsdir', Folder('fsdir'))
fsdir = stool.fsdir
fsdir._setObject(obj_id, self._makeOne(obj_id, filename))
return stool, custom, fsdir, fsdir[obj_id]
def spoofRequest(app):
"""
Make REQUEST variable to be available on the Zope application server.
This allows acquisition to work properly
"""
_policy = PermissiveSecurityPolicy()
_oldpolicy = setSecurityPolicy(_policy)
newSecurityManager(None, OmnipotentUser().__of__(app.acl_users))
info = {
'SERVER_NAME': 'isaw4.atlantides.org',
'SERVER_PORT': '8083',
'REQUEST_METHOD': 'GET'
}
return makerequest(app, environ=info)
def updateRoleMetadata(self):
"""Update the metadata with the new roles"""
# since _writeMetadata changes the target module's contents, and the button is pushed
# by someone who may not have any editing permission on the object (in a personal Workspace, say)
# we have to increase permission level in order to allow this.
# FIXME: We shouldn't be doing this. It would be better if no change on the target was needed...
# store old security manager, create a new powerful one
oldmgr = getSecurityManager()
user = OmnipotentUser() #.__of__(self.portal_url.getPortalObject())
newSecurityManager(self.REQUEST, user)
# change the metadata section of the CNXML to reflect current roles
self._writeMetadata()
# restore old, normal, security manager
setSecurityManager(oldmgr)
def loginManager(self):
user = OmnipotentUser().__of__(self.root)
newSecurityManager(None, user)
def test_isConstructionAllowed_for_Omnipotent(self):
ti, folder = self._makeStuff()
newSecurityManager(None, OmnipotentUser().__of__(folder))
self.failUnless(ti.isConstructionAllowed(folder))
def spoofRequest(app):
_policy = PermissiveSecurityPolicy()
_oldpolicy = setSecurityPolicy(_policy)
newSecurityManager(None, OmnipotentUser().__of__(app.acl_users))
return makerequest(app)
def loginManager(self):
from AccessControl.SecurityManagement import newSecurityManager
from Products.CMFCore.tests.base.security import OmnipotentUser
user = OmnipotentUser().__of__(self.app)
newSecurityManager(None, user)
def test_isConstructionAllowed_for_Omnipotent(self):
newSecurityManager(None, OmnipotentUser().__of__(self.f))
self.failUnless(self.ti.isConstructionAllowed(self.f))
from Products.CMFCore.tests.base.security import OmnipotentUser
from Products.CMFCore.utils import getToolByName
from zope.app.component.hooks import setSite
from Acquisition import aq_base
from datetime import datetime
from AccessControl.SecurityManagement import noSecurityManager
attr_storage = AttributeStorage()
ploneid = 'essintra'
pt = ('File', )
app = makerequest(app)
_policy = PermissiveSecurityPolicy()
_oldpolicy = setSecurityPolicy(_policy)
newSecurityManager(None, OmnipotentUser().__of__(app.acl_users))
portal = app[ploneid]
setSite(portal)
print 'Iniciado as ',
print datetime.now().isoformat()
ct = getToolByName(portal, 'portal_catalog')
arquivos = ct.searchResults({'portal_type': pt})
for arq in arquivos:
print 'Populando: %s em %s ... ' % (arq.id, arq.getPath()),
obj = portal.restrictedTraverse(arq.getPath())
f_tp = 'file'
def getRoles(self):
return OmnipotentUser.getRoles(self) + ('Owner',)
def __init__(self):
setattr( self, 'user_foo', DummyUser(id='user_foo') )
setattr( self, 'user_bar', DummyUser(id='user_bar') )
setattr( self, 'all_powerful_Oz', OmnipotentUser() )
def getRolesInContext(self, obj):
return OmnipotentUser.getRolesInContext(self, obj) + ('Owner',)
def test_isConstructionAllowed_for_Omnipotent(self):
from AccessControl.SecurityManagement import newSecurityManager
from Products.CMFCore.tests.base.security import OmnipotentUser
newSecurityManager(None, OmnipotentUser().__of__(self.f))
self.failUnless(self.ti.isConstructionAllowed(self.f))
