def test_contentPasteAllowedTypes(self): # # _verifyObjectPaste() should honor allowed content types # ttool = self.site._setObject( 'portal_types', TypesTool() ) fti = FTIDATA_DUMMY[0].copy() ttool._setObject( 'Dummy Content', FTI(**fti) ) ttool._setObject( 'Folder', FTI(**fti) ) sub1 = self._makeOne('sub1') sub1._setObject( 'dummy', DummyContent( 'dummy' ) ) sub2 = self._makeOne('sub2') sub2.all_meta_types = extra_meta_types() # Allow adding of Dummy Content ttool.Folder.manage_changeProperties(filter_content_types=False) # Copy/paste should work fine cookie = sub1.manage_copyObjects( ids = ['dummy'] ) sub2.manage_pasteObjects( cookie ) # Disallow adding of Dummy Content ttool.Folder.manage_changeProperties(filter_content_types=True) # Now copy/paste should raise a ValueError cookie = sub1.manage_copyObjects( ids = ( 'dummy', ) ) self.assertRaises( ValueError, sub2.manage_pasteObjects, cookie )
def test_manageAddFolder(self): # # Does MKDIR/MKCOL intercept work? # from Products.CMFCore.PortalFolder import PortalFolder from Products.CMFCore.PortalFolder import PortalFolderFactory acl_users = self.site._setObject('acl_users', DummyUserFolder()) newSecurityManager(None, acl_users.all_powerful_Oz) test = self._makeOne('test') ttool = TypesTool() ttool._setObject( 'Folder', FTI(id='Folder', title='Folder or Directory', meta_type=PortalFolder.meta_type, factory='cmf.folder', filter_content_types=0)) ttool._setObject( 'Grabbed', FTI('Grabbed', title='Grabbed Content', meta_type=PortalFolder.meta_type, factory='cmf.folder')) sm = getSiteManager() sm.registerUtility(ttool, ITypesTool) sm.registerUtility(PortalFolderFactory, IFactory, 'cmf.folder') # First, test default behavior test.manage_addFolder(id='simple', title='Simple') self.assertEqual(test.simple.getPortalTypeName(), 'Folder') self.assertEqual(test.simple.Type(), 'Folder or Directory') self.assertEqual(test.simple.getId(), 'simple') self.assertEqual(test.simple.Title(), 'Simple') # Now, test overridden behavior ttool.Folder.setMethodAliases({'mkdir': 'grabbed'}) class Grabbed: _grabbed_with = None def __init__(self, context): self._context = context def __call__(self, id): self._grabbed_with = id self._context._setOb(id, PortalFolder(id)) self._context._getOb(id)._setPortalTypeName('Grabbed') self.app.grabbed = Grabbed(test) test.manage_addFolder(id='indirect', title='Indirect') self.assertEqual(test.indirect.getPortalTypeName(), 'Grabbed') self.assertEqual(test.indirect.Type(), 'Grabbed Content') self.assertEqual(test.indirect.getId(), 'indirect') self.assertEqual(test.indirect.Title(), 'Indirect')
def test_manageAddFolder(self): # # Does MKDIR/MKCOL intercept work? # from Products.CMFCore.PortalFolder import PortalFolder test = self.root.test test._setPortalTypeName('Folder') self.root.reindexObject = lambda: 0 self.root._setObject('portal_types', TypesTool()) types_tool = self.root.portal_types types_tool._setObject( 'Folder', FTI(id='Folder', title='Folder or Directory', meta_type=PortalFolder.meta_type, product='CMFCore', factory='manage_addPortalFolder', filter_content_types=0)) types_tool._setObject( 'Grabbed', FTI('Grabbed', title='Grabbed Content', meta_type=PortalFolder.meta_type, product='CMFCore', factory='manage_addPortalFolder')) # First, test default behavior test.manage_addFolder(id='simple', title='Simple') self.assertEqual(test.simple.getPortalTypeName(), 'Folder') self.assertEqual(test.simple.Type(), 'Folder or Directory') self.assertEqual(test.simple.getId(), 'simple') self.assertEqual(test.simple.Title(), 'Simple') # Now, test overridden behavior types_tool.Folder.setMethodAliases({'mkdir': 'grabbed'}) class Grabbed: _grabbed_with = None def __init__(self, context): self._context = context def __call__(self, id): self._grabbed_with = id self._context._setOb(id, PortalFolder(id)) self._context._getOb(id)._setPortalTypeName('Grabbed') self.root.grabbed = Grabbed(test) test.manage_addFolder(id='indirect', title='Indirect') self.assertEqual(test.indirect.getPortalTypeName(), 'Grabbed') self.assertEqual(test.indirect.Type(), 'Grabbed Content') self.assertEqual(test.indirect.getId(), 'indirect') self.assertEqual(test.indirect.Title(), 'Indirect')
def test_manageAddFolder(self): # # Does MKDIR/MKCOL intercept work? # test = self.root.test test._setPortalTypeName('Folder') self.root.reindexObject = lambda: 0 self.root._setObject('portal_types', TypesTool()) types_tool = self.root.portal_types types_tool._setObject( 'Folder', FTI(id='Folder', meta_type=PortalFolder.meta_type, product='CMFCore', factory='manage_addPortalFolder', filter_content_types=0)) types_tool._setObject( 'Grabbed', FTI('Grabbed', meta_type=PortalFolder.meta_type, product='CMFCore', factory='manage_addPortalFolder')) # First, test default behavior test.manage_addFolder(id='simple', title='Simple') self.assertEqual(test.simple.Type(), 'Folder') self.assertEqual(test.simple.getId(), 'simple') self.assertEqual(test.simple.Title(), 'Simple') # Now, test overridden behavior types_tool.Folder.addAction(id='mkdir', name='MKDIR handler', action='grabbed', permission='', category='folder', visible=0) class Grabbed: _grabbed_with = None def __init__(self, context): self._context = context def __call__(self, id): self._grabbed_with = id self._context._setOb(id, PortalFolder(id)) self._context._getOb(id)._setPortalTypeName('Grabbed') self.root.grabbed = Grabbed(test) test.manage_addFolder(id='indirect', title='Indirect') self.assertEqual(test.indirect.Type(), 'Grabbed') self.assertEqual(test.indirect.getId(), 'indirect') self.assertEqual(test.indirect.Title(), 'Indirect')
def setUp(self): SecurityTest.setUp(self) self.root._setObject('portal_types', TypesTool()) types_tool = self.root.portal_types types_tool._setObject( 'Folder', FTI(id='Folder', title='Folder or Directory', meta_type=PortalFolder.meta_type, product='CMFCore', factory='manage_addPortalFolder', filter_content_types=0)) fti = FTIDATA_DUMMY[0].copy() types_tool._setObject('Dummy Content', FTI(**fti))
def setUp(self): SecurityTest.setUp(self) self.site = DummySite('site').__of__(self.root) self.acl_users = self.site._setObject('acl_users', DummyUserFolder()) self.ttool = self.site._setObject('portal_types', TypesTool()) fti = FTIDATA_DUMMY[0].copy() self.ttool._setObject('Dummy Content', FTI(**fti))
def _makeStuff(self, prefix=''): from Products.CMFCore.TypesTool import FactoryTypeInformation as FTI ti = FTI('Foo', product='FooProduct', factory='addFoo') folder = DummyFolder(fake_product=1, prefix=prefix) return ti, folder
def setUp(self): from Products.CMFCore.TypesTool import FactoryTypeInformation as FTI from Products.CMFCore.tests.base.dummy import DummySite from Products.CMFCore.tests.base.dummy import DummyUserFolder from Products.CMFCore.tests.base.tidata import FTIDATA_DUMMY SecurityTest.setUp(self) self.site = DummySite('site').__of__(self.root) self.acl_users = self.site._setObject('acl_users', DummyUserFolder()) self.ttool = self.site._setObject('portal_types', self._makeOne()) fti = FTIDATA_DUMMY[0].copy() self.ttool._setObject('Dummy Content', FTI(**fti)) # setup workflow tool # to test 'Instance creation conditions' of workflows from Products.CMFCore.WorkflowTool import WorkflowTool self.site._setObject('portal_workflow', WorkflowTool()) wftool = self.site.portal_workflow from Products.DCWorkflow.DCWorkflow import DCWorkflowDefinition wftool._setObject('wf', DCWorkflowDefinition('wf')) wftool.setDefaultChain('wf') wf = wftool.wf wf.states.addState('initial') wf.states.setInitialState('initial') from Products.DCWorkflow.Guard import Guard g = Guard() wf.creation_guard = g
def test_policy(self): dtool = self.dtool ttool = self.ttool test = self._makeDummyContent('test') self.assertRaises(DiscussionNotAllowed, dtool.getDiscussionFor, test) self.assertTrue(getattr(test, 'talkback', None) is None) test.allow_discussion = 1 self.assertTrue(dtool.getDiscussionFor(test)) self.assertTrue(test.talkback) del test.talkback del test.allow_discussion fti = FTIDATA_DUMMY[0].copy() ttool._setObject('Dummy Content', FTI(**fti)) self.assertRaises(DiscussionNotAllowed, dtool.getDiscussionFor, test) self.assertTrue(getattr(test, 'talkback', None) is None) ti = getattr(ttool, 'Dummy Content') ti.allow_discussion = 1 self.assertTrue(dtool.getDiscussionFor(test)) self.assertTrue(test.talkback) del test.talkback ti.allow_discussion = 0 self.assertRaises(DiscussionNotAllowed, dtool.getDiscussionFor, test) self.assertTrue(getattr(test, 'talkback', None) is None) test.allow_discussion = 1 self.assertTrue(dtool.getDiscussionFor(test)) self.assertTrue(test.talkback)
def test_Nested(self): self.site._setObject('portal_types', TypesTool()) self.site.portal_types._setObject( 'Topic', FTI(id='Topic', product='CMFTopic', factory='addTopic')) topic = self._makeOne('top') topic._setPortalTypeName('Topic') topic.addCriterion('foo', 'String Criterion') topic.getCriterion('foo').edit('bar') topic.addSubtopic('qux') subtopic = topic.qux subtopic.addCriterion('baz', 'String Criterion') subtopic.getCriterion('baz').edit('bam') query = subtopic.buildQuery() self.assertEqual(len(query), 2) self.assertEqual(query['foo'], 'bar') self.assertEqual(query['baz'], 'bam') subtopic.acquireCriteria = 0 query = subtopic.buildQuery() self.assertEqual(len(query), 1) self.assertEqual(query['baz'], 'bam')
def setUp(self): self.site = DummySite('site') self.site._setObject( 'portal_types', TypesTool() ) fti = FTIDATA_CMF15[0].copy() self.site.portal_types._setObject( 'Dummy Content 15', FTI(**fti) ) self.site._setObject( 'foo', DummyContent() ) dummy_view = self.site._setObject( 'dummy_view', DummyObject() )
def test_policy(self): dtool = self.site.portal_discussion ttool = self.site.portal_types test = self._makeDummyContent('test') self.assertRaises(DiscussionNotAllowed, dtool.getDiscussionFor, test) assert getattr(test, 'talkback', None) is None test.allow_discussion = 1 assert dtool.getDiscussionFor(test) assert test.talkback del test.talkback del test.allow_discussion fti = FTIDATA_DUMMY[0].copy() ttool._setObject('Dummy Content', FTI(**fti)) self.assertRaises(DiscussionNotAllowed, dtool.getDiscussionFor, test) assert getattr(test, 'talkback', None) is None ti = getattr(ttool, 'Dummy Content') ti.allow_discussion = 1 assert dtool.getDiscussionFor(test) assert test.talkback del test.talkback ti.allow_discussion = 0 self.assertRaises(DiscussionNotAllowed, dtool.getDiscussionFor, test) assert getattr(test, 'talkback', None) is None test.allow_discussion = 1 assert dtool.getDiscussionFor(test) assert test.talkback
def test_constructContent_FTI_w_wftool_w_workflow_w_guard_denies(self): from AccessControl import Unauthorized from AccessControl.SecurityManagement import newSecurityManager from AccessControl.SecurityManager import setSecurityPolicy from Products.CMFCore.TypesTool import FactoryTypeInformation as FTI from Products.CMFCore.tests.base.dummy import DummyFolder from Products.CMFCore.tests.base.tidata import FTIDATA_DUMMY site = self._makeSite().__of__(self.app) acl_users = site.acl_users setSecurityPolicy(self._oldPolicy) newSecurityManager(None, acl_users.all_powerful_Oz) tool = self._makeOne().__of__(site) fti = FTIDATA_DUMMY[0].copy() tool._setObject('Dummy Content', FTI(**fti)) folder = DummyFolder(id='folder', fake_product=1).__of__(site) tool.portal_workflow = DummyWorkflowTool(DummyWorkflow(False)) getSiteManager().registerUtility(tool.portal_workflow, IWorkflowTool) self.assertRaises(Unauthorized, tool.constructContent, 'Dummy Content', container=folder, id='page1') getSiteManager().unregisterUtility(provided=IWorkflowTool)
def test_Nested( self ): self.site._setObject( 'portal_types', TypesTool() ) fti = FTIDATA_TOPIC[0].copy() self.site.portal_types._setObject( 'Topic', FTI(**fti) ) topic = self._makeOne('top') topic._setPortalTypeName('Topic') topic.addCriterion( 'foo', 'String Criterion' ) topic.getCriterion( 'foo' ).edit( 'bar' ) topic.addSubtopic( 'qux' ) subtopic = topic.qux subtopic.addCriterion( 'baz', 'String Criterion' ) subtopic.getCriterion( 'baz' ).edit( 'bam' ) query = subtopic.buildQuery() self.assertEqual( len( query ), 2 ) self.assertEqual( query['foo'], 'bar' ) self.assertEqual( query['baz'], 'bam' ) subtopic.acquireCriteria = 0 query = subtopic.buildQuery() self.assertEqual( len( query ), 1 ) self.assertEqual( query['baz'], 'bam' )
def test_contents_methods(self): ttool = self.site._setObject( 'portal_types', TypesTool() ) f = self._makeOne('foo') self.assertEqual( f.objectValues(), [] ) self.assertEqual( f.contentIds(), [] ) self.assertEqual( f.contentItems(), [] ) self.assertEqual( f.contentValues(), [] ) self.assertEqual( f.listFolderContents(), [] ) self.assertEqual( f.listDAVObjects(), [] ) f._setObject('sub1', DummyContent('sub1') ) self.assertEqual( f.objectValues(), [f.sub1] ) self.assertEqual( f.contentIds(), [] ) self.assertEqual( f.contentItems(), [] ) self.assertEqual( f.contentValues(), [] ) self.assertEqual( f.listFolderContents(), [] ) self.assertEqual( f.listDAVObjects(), [f.sub1] ) fti = FTIDATA_DUMMY[0].copy() ttool._setObject( 'Dummy Content', FTI(**fti) ) self.assertEqual( f.objectValues(), [f.sub1] ) self.assertEqual( f.contentIds(), ['sub1'] ) self.assertEqual( f.contentItems(), [ ('sub1', f.sub1) ] ) self.assertEqual( f.contentValues(), [f.sub1] ) self.assertEqual( f.listFolderContents(), [f.sub1] ) self.assertEqual( f.listDAVObjects(), [f.sub1] ) f._setObject('hidden_sub2', DummyContent('hidden_sub2') ) self.assertEqual( f.objectValues(), [f.sub1, f.hidden_sub2] ) self.assertEqual( f.contentIds(), ['sub1', 'hidden_sub2'] ) self.assertEqual( f.contentItems(), [ ('sub1', f.sub1), ('hidden_sub2', f.hidden_sub2) ] ) self.assertEqual( f.contentValues(), [f.sub1, f.hidden_sub2] ) self.assertEqual( f.listFolderContents(), [f.sub1] ) self.assertEqual( f.listDAVObjects(), [f.sub1, f.hidden_sub2] )
def test_paste_with_restricted_container_content_type(self): # Test from CMF Collector #216 (Plone #2186), for the case # in which the container does not allow adding items of the # type being pasted. from Products.CMFCore.PortalFolder import PortalFolder RESTRICTED_TYPE = 'Restricted Container' UNRESTRICTED_TYPE = 'Unrestricted Item' folder1, folder2 = self._initFolders() folder1.portal_type = RESTRICTED_TYPE folder2.portal_type = UNRESTRICTED_TYPE sm = getSiteManager() self._initPolicyAndUser() # ensure that sec. machinery allows paste self.app._setObject( 'portal_types', TypesTool() ) types_tool = self.app.portal_types sm.registerUtility(types_tool, ITypesTool) types_tool._setObject( RESTRICTED_TYPE , FTI( id=RESTRICTED_TYPE , title=RESTRICTED_TYPE , meta_type=PortalFolder.meta_type , product='CMFCore' , factory='manage_addPortalFolder' , filter_content_types=1 , allowed_content_types=() ) ) types_tool._setObject( UNRESTRICTED_TYPE , FTI( id=UNRESTRICTED_TYPE , title=UNRESTRICTED_TYPE , meta_type=PortalFolder.meta_type , product='CMFCore' , factory='manage_addPortalFolder' , global_allow=1 ) ) # copy and pasting the object into the folder should raise # an exception copy_cookie = self.app.manage_copyObjects( ids=[ 'folder2' ] ) self.assertRaises( ValueError , folder1.manage_pasteObjects , copy_cookie )
def test_contentPaste(self): # # Does copy / paste work? # sm = getSiteManager(self.site) ctool = self.site._setObject( 'portal_catalog', CatalogTool() ) sm.registerUtility(ctool, ICatalogTool) ttool = self.site._setObject( 'portal_types', TypesTool() ) sm.registerUtility(ttool, ITypesTool) fti = FTIDATA_DUMMY[0].copy() ttool._setObject( 'Dummy Content', FTI(**fti) ) sub1 = self._makeOne('sub1') sub2 = self._makeOne('sub2') sub3 = self._makeOne('sub3') self.assertEqual( len(ctool), 0 ) sub1._setObject( 'dummy', DummyContent( 'dummy', catalog=1 ) ) self.failUnless( 'dummy' in sub1.objectIds() ) self.failUnless( 'dummy' in sub1.contentIds() ) self.failIf( 'dummy' in sub2.objectIds() ) self.failIf( 'dummy' in sub2.contentIds() ) self.failIf( 'dummy' in sub3.objectIds() ) self.failIf( 'dummy' in sub3.contentIds() ) self.failUnless( has_path(ctool._catalog, '/bar/site/sub1/dummy') ) self.failIf( has_path(ctool._catalog, '/bar/site/sub2/dummy') ) self.failIf( has_path(ctool._catalog, '/bar/site/sub3/dummy') ) cookie = sub1.manage_copyObjects( ids = ( 'dummy', ) ) # Waaa! force sub2 to allow paste of Dummy object. sub2.all_meta_types = [] sub2.all_meta_types.extend( sub2.all_meta_types ) sub2.all_meta_types.extend( extra_meta_types() ) sub2.manage_pasteObjects( cookie ) self.failUnless( 'dummy' in sub1.objectIds() ) self.failUnless( 'dummy' in sub1.contentIds() ) self.failUnless( 'dummy' in sub2.objectIds() ) self.failUnless( 'dummy' in sub2.contentIds() ) self.failIf( 'dummy' in sub3.objectIds() ) self.failIf( 'dummy' in sub3.contentIds() ) self.failUnless( has_path(ctool._catalog, '/bar/site/sub1/dummy') ) self.failUnless( has_path(ctool._catalog, '/bar/site/sub2/dummy') ) self.failIf( has_path(ctool._catalog, '/bar/site/sub3/dummy') ) transaction.savepoint(optimistic=True) cookie = sub1.manage_cutObjects( ids = ('dummy',) ) # Waaa! force sub2 to allow paste of Dummy object. sub3.all_meta_types = [] sub3.all_meta_types.extend(sub3.all_meta_types) sub3.all_meta_types.extend( extra_meta_types() ) sub3.manage_pasteObjects(cookie) self.failIf( 'dummy' in sub1.objectIds() ) self.failIf( 'dummy' in sub1.contentIds() ) self.failUnless( 'dummy' in sub2.objectIds() ) self.failUnless( 'dummy' in sub2.contentIds() ) self.failUnless( 'dummy' in sub3.objectIds() ) self.failUnless( 'dummy' in sub3.contentIds() ) self.failIf( has_path(ctool._catalog, '/bar/site/sub1/dummy') ) self.failUnless( has_path(ctool._catalog, '/bar/site/sub2/dummy') ) self.failUnless( has_path(ctool._catalog, '/bar/site/sub3/dummy') )
def setUp(self): self.site = DummySite('site') ttool = TypesTool() getSiteManager().registerUtility(ttool, ITypesTool) fti = FTIDATA_CMF[0].copy() ttool._setObject('Dummy Content 15', FTI(**fti)) self.site._setObject('foo', DummyContent()) dummy_view = self.site._setObject('dummy_view', DummyObject())
def setUp(self): sm = getSiteManager() self.site = DummySite('site') self.site._setObject( 'portal_types', TypesTool() ) sm.registerUtility(self.site.portal_types, ITypesTool) fti = FTIDATA_CMF15[0].copy() self.site.portal_types._setObject( 'Dummy Content 15', FTI(**fti) ) self.site._setObject( 'foo', DummyContent() )
def test_paste_with_restricted_item_content_type_allowed(self): # Test from CMF Collector #216 (Plone #2186), for the case # in which the item being pasted *does8 allow adding such # objects to containers which *do* explicitly grant access. from Products.CMFCore.PortalFolder import PortalFolder RESTRICTED_TYPE = 'Restricted Item' UNRESTRICTED_TYPE = 'Unrestricted Container' folder1, folder2 = self._initFolders() folder1.portal_type = UNRESTRICTED_TYPE folder2.portal_type = RESTRICTED_TYPE sm = getSiteManager() self._initPolicyAndUser() # ensure that sec. machinery allows paste self.app._setObject( 'portal_types', TypesTool() ) types_tool = self.app.portal_types sm.registerUtility(types_tool, ITypesTool) types_tool._setObject( RESTRICTED_TYPE , FTI( id=RESTRICTED_TYPE , title=RESTRICTED_TYPE , meta_type=PortalFolder.meta_type , product='CMFCore' , factory='manage_addPortalFolder' , global_allow=0 ) ) types_tool._setObject( UNRESTRICTED_TYPE , FTI( id=UNRESTRICTED_TYPE , title=UNRESTRICTED_TYPE , meta_type=PortalFolder.meta_type , product='CMFCore' , factory='manage_addPortalFolder' , filter_content_types=1 , allowed_content_types=[ RESTRICTED_TYPE ] ) ) # copy and pasting the object into the folder should *not* raise # an exception, because the folder's type allows it. copy_cookie = self.app.manage_copyObjects( ids=[ 'folder2' ] ) folder1.manage_pasteObjects( copy_cookie ) self.failUnless( 'folder2' in folder1.objectIds() )
def _makeStuff( self, prefix='' ): ti = FTI( 'Foo' , product='FooProduct' , factory='addFoo' ) folder = DummyFolder( fake_product=1,prefix=prefix ) return ti, folder
def setUp( self ): SecurityTest.setUp(self) filterwarnings('ignore', category=DeprecationWarning) self.site = DummySite('site').__of__(self.root) self.acl_users = self.site._setObject( 'acl_users', DummyUserFolder() ) self.ttool = self.site._setObject( 'portal_types', TypesTool() ) fti = FTIDATA_DUMMY[0].copy() self.ttool._setObject( 'Dummy Content', FTI(**fti) )
def setUp(self): from Products.CMFCore.TypesTool import FactoryTypeInformation as FTI SecurityTest.setUp(self) self.site = DummySite('site').__of__(self.root) self.acl_users = self.site._setObject( 'acl_users', DummyUserFolder() ) self.ttool = self.site._setObject( 'portal_types', self._makeOne() ) fti = FTIDATA_DUMMY[0].copy() self.ttool._setObject( 'Dummy Content', FTI(**fti) )
def test__checkId_MethodAlias(self): test = self._makeOne('test') test._setPortalTypeName('Dummy Content 15') ttool = self.site._setObject('portal_types', TypesTool()) ttool._setObject('Dummy Content 15', FTI(**FTIDATA_CMF[0])) acl_users = self.site._setObject('acl_users', DummyUserFolder()) test._checkId('view.html') newSecurityManager(None, acl_users.user_foo) self.assertRaises(BadRequest, test._checkId, 'view.html')
def setUp(self): SecurityRequestTest.setUp(self) self.site = DummySite('site').__of__(self.root) self.site._setObject('portal_membership', DummyTool()) self.site._setObject('portal_types', TypesTool()) self.site._setObject('portal_url', DummyTool()) fti = FTIDATA_CMF15[0].copy() self.site.portal_types._setObject('Dummy Content 15', FTI(**fti)) self.site._setObject('foo', DummyContent())
def test_paste_with_restricted_item_content_type_not_allowed(self): # Test from CMF Collector #216 (Plone #2186), for the case # in which the item being pasted does not allow adding such # objects to containers which do not explicitly grant access. from Products.CMFCore.PortalFolder import PortalFolder RESTRICTED_TYPE = 'Restricted Item' UNRESTRICTED_TYPE = 'Unrestricted Container' folder1, folder2 = self._initFolders() folder1.portal_type = UNRESTRICTED_TYPE folder2.portal_type = RESTRICTED_TYPE self._initPolicyAndUser() # ensure that sec. machinery allows paste self.app._setObject( 'portal_types', TypesTool() ) types_tool = self.app.portal_types types_tool._setObject( RESTRICTED_TYPE , FTI( id=RESTRICTED_TYPE , title=RESTRICTED_TYPE , meta_type=PortalFolder.meta_type , product='CMFCore' , factory='manage_addPortalFolder' , global_allow=0 ) ) types_tool._setObject( UNRESTRICTED_TYPE , FTI( id=UNRESTRICTED_TYPE , title=UNRESTRICTED_TYPE , meta_type=PortalFolder.meta_type , product='CMFCore' , factory='manage_addPortalFolder' , filter_content_types=0 ) ) # copy and pasting the object into the folder should raise # an exception copy_cookie = self.app.manage_copyObjects( ids=[ 'folder2' ] ) self.assertRaises( ValueError , folder1.manage_pasteObjects , copy_cookie )
def setUp(self): self.site = DummySite('site') self.site._setObject( 'portal_types', TypesTool() ) fti = FTIDATA_CMF15[0].copy() self.site.portal_types._setObject( 'Dummy Content 15', FTI(**fti) ) self.site._setObject( 'foo', DummyContent() ) dummy_view = self.site._setObject( 'dummy_view', DummyObject() ) zope.component.provideAdapter(FiveTraversable, (None,), ITraversable) zope.component.provideAdapter(Traverser, (None,), ITraverser)
def test_contentPasteFollowsWorkflowGuards(self): # # Copy/Paste should obey workflow guards # acl_users = self.site._setObject('acl_users', DummyUserFolder()) newSecurityManager(None, acl_users.all_powerful_Oz) ttool = TypesTool() fti = FTIDATA_DUMMY[0].copy() ttool._setObject('Dummy Content', FTI(**fti)) ttool._setObject('Folder', FTI(**fti)) folder = self._makeOne('folder', 'Folder') content = self._makeOne('content') folder._setObject('content', content) sm = getSiteManager() sm.registerUtility(ttool, ITypesTool) # Allow adding of Dummy Content ttool.Folder.manage_changeProperties(filter_content_types=False) # Copy/paste verification should work fine folder._verifyObjectPaste(content) # Add a workflow with a blocking guard # Based on TypesTools tests class DummyWorkflow: _allow = False def allowCreate(self, container, type_id): return self._allow class DummyWorkflowTool: def __init__(self): self._workflows = [DummyWorkflow()] def getWorkflowsFor(self, type_id): return self._workflows # Now copy/paste verification should raise a ValueError sm.registerUtility(DummyWorkflowTool(), IWorkflowTool) self.assertRaises(ValueError, folder._verifyObjectPaste, content)
def setUp(self): SecurityTest.setUp(self) self.site = DummySite('site').__of__(self.app) ttool = TypesTool() fti = FTIDATA_CMF[0].copy() ttool._setObject('Dummy Content 15', FTI(**fti)) self.site._setObject('foo', DummyContent()) sm = getSiteManager() sm.registerUtility(DummyTool(), IMembershipTool) sm.registerUtility(DummyTool().__of__(self.site), IURLTool) sm.registerUtility(ttool, ITypesTool)
def test__checkId_MethodAlias(self): acl_users = self.site._setObject('acl_users', DummyUserFolder()) newSecurityManager(None, acl_users.all_powerful_Oz) test = self._makeOne('test') test._setPortalTypeName('Dummy Content 15') ttool = TypesTool() ttool._setObject('Dummy Content 15', FTI(**FTIDATA_CMF[0])) getSiteManager().registerUtility(ttool, ITypesTool) acl_users = self.site._setObject('acl_users', DummyUserFolder()) test._checkId('view') newSecurityManager(None, acl_users.user_foo) self.assertRaises(BadRequest, test._checkId, 'view')