def testPrincipalPermission(self):
        manager = AnnotationPrincipalPermissionManager(Manageable())
        provideUtility(Permission('APerm', 'title'), IPermission, 'APerm')
        permission = 'APerm'
        principal = self._make_principal()

        # check that an allow permission is saved correctly
        manager.grantPermissionToPrincipal(permission, principal)
        self.assertEqual(manager.getPrincipalsForPermission(permission),
                         [(principal, Allow)])
        self.assertEqual(manager.getPermissionsForPrincipal(principal),
                         [(permission, Allow)])

        # check that the allow permission is removed.
        manager.unsetPermissionForPrincipal(permission, principal)
        self.assertEqual(manager.getPrincipalsForPermission(permission), [])
        self.assertEqual(manager.getPermissionsForPrincipal(principal), [])

        # now put a deny in there, check it's set.
        manager.denyPermissionToPrincipal(permission, principal)
        self.assertEqual(manager.getPrincipalsForPermission(permission),
                         [(principal, Deny)])
        self.assertEqual(manager.getPermissionsForPrincipal(principal),
                         [(permission, Deny)])

        # test for deny followed by allow . The latter should override.
        manager.grantPermissionToPrincipal(permission, principal)
        self.assertEqual(manager.getPrincipalsForPermission(permission),
                         [(principal, Allow)])
        self.assertEqual(manager.getPermissionsForPrincipal(principal),
                         [(permission, Allow)])

        # check that allow followed by allow is just a single allow.
        manager.grantPermissionToPrincipal(permission, principal)
        self.assertEqual(manager.getPrincipalsForPermission(permission),
                         [(principal, Allow)])
        self.assertEqual(manager.getPermissionsForPrincipal(principal),
                         [(permission, Allow)])

        # check that two unsets in a row quietly ignores the second one.
        manager.unsetPermissionForPrincipal(permission, principal)
        manager.unsetPermissionForPrincipal(permission, principal)
        self.assertEqual(manager.getPrincipalsForPermission(permission), [])
        self.assertEqual(manager.getPermissionsForPrincipal(principal), [])

        # check the result of getSetting() when it's empty.
        self.assertEqual(manager.getSetting(permission, principal), Unset)

        # check the result of getSetting() when it's allowed.
        manager.grantPermissionToPrincipal(permission, principal)
        self.assertEqual(manager.getSetting(permission, principal), Allow)

        # check the result of getSetting() when it's denied.
        manager.denyPermissionToPrincipal(permission, principal)
        self.assertEqual(manager.getSetting(permission, principal), Deny)
 def testManyPrincipalsOnePermission(self):
     manager = AnnotationPrincipalPermissionManager(Manageable())
     provideUtility(Permission('Perm One', 'title'), IPermission,
                    'Perm One')
     perm1 = 'Perm One'
     prin1 = self._make_principal()
     prin2 = self._make_principal('Principal 2', 'Principal Two')
     manager.grantPermissionToPrincipal(perm1, prin1)
     manager.denyPermissionToPrincipal(perm1, prin2)
     principals = manager.getPrincipalsForPermission(perm1)
     self.assertEqual(len(principals), 2)
     self.assertTrue((prin1, Allow) in principals)
     self.assertTrue((prin2, Deny) in principals)
コード例 #3
0
 def testManyPermissionsOnePrincipal(self):
     manager = AnnotationPrincipalPermissionManager(Manageable())
     provideUtility(Permission('Perm One', 'title'), IPermission,
                    'Perm One')
     perm1 = 'Perm One' 
     provideUtility(Permission('Perm Two', 'title'), IPermission,
                    'Perm Two')
     perm2 = 'Perm Two'
     prin1 = self._make_principal()
     manager.grantPermissionToPrincipal(perm1, prin1)
     manager.grantPermissionToPrincipal(perm2, prin1)
     perms = manager.getPermissionsForPrincipal(prin1)
     self.assertEqual(len(perms), 2)
     self.failUnless((perm1, Allow) in perms)
     self.failUnless((perm2, Allow) in perms)
     manager.denyPermissionToPrincipal(perm2, prin1)
     perms = manager.getPermissionsForPrincipal(prin1)
     self.assertEqual(len(perms), 2)
     self.failUnless((perm1, Allow) in perms)
     self.failUnless((perm2, Deny) in perms)