def testAuthenticatedCustom(self): self.request['_authenticator'] = createToken('some-value') def func(REQUEST=self.request): return True self.assertEquals( protect(CustomCheckAuthenticator('some-value'))(func)(), True)
def setUp(self): self.request = HTTPRequest(sys.stdin, dict(SERVER_URL="dummy"), None) KeyringTestCase.setUp(self) def func(REQUEST=None): return 1 self.func = protect(check)(func)
def testNoRequestParameter(self): def func(): pass self.assertRaises(ValueError, protect(check), func)
# -*- coding: utf-8 -*- from plone.protect import protect, CheckAuthenticator # apply csrf-protection decorator to the given callable patch = protect(CheckAuthenticator) def applyPatches(): """ apply csrf-protection decorator to all relevant methods """ from Products.CMFPlone.PloneTool import PloneTool as PT PT.setMemberProperties = patch(PT.setMemberProperties) PT.changeOwnershipOf = patch(PT.changeOwnershipOf) PT.acquireLocalRoles = patch(PT.acquireLocalRoles) PT.deleteObjectsByPaths = patch(PT.deleteObjectsByPaths) PT.transitionObjectsByPaths = patch(PT.transitionObjectsByPaths) PT.renameObjectsByPaths = patch(PT.renameObjectsByPaths) from Products.CMFCore.MembershipTool import MembershipTool as MT from Products.PlonePAS.tools.membership import MembershipTool as PMT MT.setPassword = patch(MT.setPassword) PMT.setPassword = patch(PMT.setPassword) MT.setRoleMapping = patch(MT.setRoleMapping) MT.deleteMemberArea = patch(MT.deleteMemberArea) MT.setLocalRoles = patch(MT.setLocalRoles) MT.deleteLocalRoles = patch(MT.deleteLocalRoles) MT.deleteMembers = patch(MT.deleteMembers) try: # XXX CMF 2.3 compatibility, but does it still make sense? from Products.CMFCore.MemberDataTool import MemberAdapter as MD