def testDot(self): ob = Content() from zope.traversing.publicationtraverse import PublicationTraverser t = PublicationTraverser() request = TestRequest() self.assertEqual(ob, t.traverseName(request, ob, "."))
def testDirectTraversal(self): request = TestRequest() ob = DummyPublishTraverse(Content(), request) t = PublicationTraverser() proxy = t.traverseName(request, ob, 'foo') view = removeSecurityProxy(proxy) self.assertTrue(proxy is not view) self.assertEqual(view.__class__, View) self.assertEqual(view.name, 'foo')
def testViewFound(self): provideAdapter(DummyViewTraverser, (Interface, Interface), ITraversable, name='view') ob = Content() t = PublicationTraverser() request = TestRequest() proxy = t.traverseName(request, ob, '@@foo') view = removeSecurityProxy(proxy) self.assertTrue(proxy is not view) self.assertEqual(view.__class__, View) self.assertEqual(view.name, 'foo')
def testPathFound(self): provideAdapter(DummyPublishTraverse, (Interface, Interface), IPublishTraverse) ob = Content() t = PublicationTraverser() request = TestRequest() proxy = t.traversePath(request, ob, 'foo/bar') view = removeSecurityProxy(proxy) self.assertTrue(proxy is not view) self.assertEqual(view.__class__, View) self.assertEqual(view.name, 'bar')
def testComplexPath(self): provideAdapter(DummyPublishTraverse, (Interface, Interface), IPublishTraverse) ob = Content() from zope.traversing.publicationtraverse import PublicationTraverser t = PublicationTraverser() request = TestRequest() proxy = t.traversePath(request, ob, 'foo/../alpha//beta/./bar') view = removeSecurityProxy(proxy) self.assertTrue(proxy is not view) self.assertEqual(view.__class__, View) self.assertEqual(view.name, 'bar')
def testNameFound(self): provideAdapter(DummyPublishTraverse, (Interface, Interface), IPublishTraverse) ob = Content() from zope.traversing.publicationtraverse import PublicationTraverser t = PublicationTraverser() request = TestRequest() proxy = t.traverseName(request, ob, 'foo') view = removeSecurityProxy(proxy) self.assertTrue(proxy is not view) self.assertEqual(view.__class__, View) self.assertEqual(view.name, 'foo')
def testNameFound(self): provideAdapter(DummyPublishTraverse, (Interface, Interface), IPublishTraverse) ob = Content() from zope.traversing.publicationtraverse import PublicationTraverser t = PublicationTraverser() request = TestRequest() proxy = t.traverseName(request, ob, "foo") view = removeSecurityProxy(proxy) self.assertTrue(proxy is not view) self.assertEqual(view.__class__, View) self.assertEqual(view.name, "foo")
def testComplexPath(self): provideAdapter(DummyPublishTraverse, (Interface, Interface), IPublishTraverse) ob = Content() from zope.traversing.publicationtraverse import PublicationTraverser t = PublicationTraverser() request = TestRequest() proxy = t.traversePath(request, ob, "foo/../alpha//beta/./bar") view = removeSecurityProxy(proxy) self.assertTrue(proxy is not view) self.assertEqual(view.__class__, View) self.assertEqual(view.name, "bar")
def testTraverseRelativeURL(self): provideAdapter(DummyPublishTraverse, (Interface, Interface), IPublishTraverse) provideAdapter(DummyBrowserPublisher, (Interface,), IBrowserPublisher) ob = Content() from zope.traversing.publicationtraverse import PublicationTraverser t = PublicationTraverser() request = TestRequest() proxy = t.traverseRelativeURL(request, ob, "foo/bar") view = removeSecurityProxy(proxy) self.assertTrue(proxy is not view) self.assertEqual(view.__class__, View) self.assertEqual(view.name, "more")
def testTraverseRelativeURL(self): provideAdapter(DummyPublishTraverse, (Interface, Interface), IPublishTraverse) provideAdapter(DummyBrowserPublisher, (Interface, ), IBrowserPublisher) ob = Content() from zope.traversing.publicationtraverse import PublicationTraverser t = PublicationTraverser() request = TestRequest() proxy = t.traverseRelativeURL(request, ob, 'foo/bar') view = removeSecurityProxy(proxy) self.assertTrue(proxy is not view) self.assertEqual(view.__class__, View) self.assertEqual(view.name, 'more')
def testMissingSkin(self): ob = Content() from zope.traversing.publicationtraverse import PublicationTraverser t = PublicationTraverser() request = TestRequest() self.assertRaises(NotFound, t.traversePath, request, ob, '/++skin++missingskin')
def available(self): # Make sure we have the permission needed to access the menu's action if self.permission is not None: # If we have an explicit permission, check that we # can access it. if not checkPermission(self.permission, self.context): return False elif self.action != _u(''): # Otherwise, test access by attempting access path = self.action l = self.action.find('?') if l >= 0: path = self.action[:l] traverser = PublicationTraverser() try: view = traverser.traverseRelativeURL(self.request, self.context, path) except (Unauthorized, Forbidden, LookupError): return False else: # we're assuming that view pages are callable # this is a pretty sound assumption if not canAccess(view, '__call__'): return False # Make sure that we really want to see this menu item if self.filter is not None: try: include = self.filter( Engine.getContext( context=self.context, nothing=None, request=self.request, modules=sys.modules, )) except Unauthorized: return False else: if not include: return False return True
def available(self): # Make sure we have the permission needed to access the menu's action if self.permission is not None: # If we have an explicit permission, check that we # can access it. if not checkPermission(self.permission, self.context): return False elif self.action != u'': # Otherwise, test access by attempting access path = self.action l = self.action.find('?') if l >= 0: path = self.action[:l] traverser = PublicationTraverser() try: view = traverser.traverseRelativeURL( self.request, self.context, path) except (Unauthorized, Forbidden, LookupError): return False else: # we're assuming that view pages are callable # this is a pretty sound assumption if not canAccess(view, '__call__'): return False # pragma: no cover # Make sure that we really want to see this menu item if self.filter is not None: try: include = self.filter(Engine.getContext( context=self.context, nothing=None, request=self.request, modules=sys.modules, )) except Unauthorized: return False else: if not include: return False return True
class MinimalisticPublisher(object): implements(IPublication) def __init__(self, root_name): self.root_name = root_name self.traverser = PublicationTraverser() def getApplication(self, request): #Yep, we think we know implementation details here #but whole package is big optimisation hack return request.annotations[ZODB_ANNOTATION_KEY] def proxy(self, ob): """Security-proxy an object Subclasses may override this to use a different proxy (or checker) implementation or to not proxy at all. """ return ProxyFactory(ob) def getDefaultTraversal(self, request, ob): if IBrowserPublisher.providedBy(ob): # ob is already proxied, so the result of calling a method will be return ob.browserDefault(request) else: adapter = queryMultiAdapter((ob, request), IBrowserPublisher) if adapter is not None: ob, path = adapter.browserDefault(request) ob = self.proxy(ob) return ob, path else: # ob is already proxied return ob, None def publish(self, request): request.processInputs() self.beforeTraversal(request) obj = self.getApplication(request) obj = request.traverse(obj) self.afterTraversal(request, obj) result = self.callObject(request, obj) response = request.response if result is not response: response.setResult(result) self.afterCall(request, obj) def callObject(self, request, ob): # Exception handling, dont try to call request.method orig = ob #if not IHTTPException.providedBy(ob): # ob = getattr(ob, request.method, None) # if ob is None: # raise MethodNotAllowed(orig, request) return mapply(ob, request.getPositionalArguments(), request) def afterCall(self, request, obj): if request.method == 'HEAD': request.response.setResult('') notify(AfterCallEvent(request, obj)) endInteraction() def traverseName(self, request, obj, name): return self.traverser.traverseName(request, obj, name) def beforeTraversal(self, request): self.authenticate(request, getGlobalSiteManager(), fallback=True) newInteraction(request) def callTraversalHooks(self, request, ob): # Call __before_publishing_traverse__ hooks notify(BeforeTraverseEvent(ob, request)) # This is also a handy place to try and authenticate. self._maybePlacefullyAuthenticate(request, ob) def afterTraversal(self, request, ob): self._maybePlacefullyAuthenticate(request, ob) def _maybePlacefullyAuthenticate(self, request, ob): if not IUnauthenticatedPrincipal.providedBy(request.principal): # We've already got an authenticated user. There's nothing to do. # Note that beforeTraversal guarentees that user is not None. return if not ISite.providedBy(ob): # We won't find an authentication utility here, so give up. return sm = removeSecurityProxy(ob).getSiteManager() self.authenticate(request, sm) def authenticate(self, request, sm, fallback=False): principal = None auth = sm.queryUtility(IAuthentication) if auth is not None: # Try to authenticate against the auth utility principal = auth.authenticate(request) if principal is None: principal = auth.unauthenticatedPrincipal() if principal is None: # nothing to do here if not fallback: return principal = getUtility(IFallbackUnauthenticatedPrincipal) request.setPrincipal(principal)
def testDot(self): ob = Content() t = PublicationTraverser() request = TestRequest() self.assertEqual(ob, t.traverseName(request, ob, '.'))
def testNameNotFound(self): ob = Content() t = PublicationTraverser() request = TestRequest() self.assertRaises(NotFound, t.traverseName, request, ob, 'foo')
def testPathNotFound(self): ob = Content() from zope.traversing.publicationtraverse import PublicationTraverser t = PublicationTraverser() request = TestRequest() self.assertRaises(NotFound, t.traversePath, request, ob, 'foo/bar')
def testPathNotFound(self): ob = Content() t = PublicationTraverser() request = TestRequest() self.assertRaises(NotFound, t.traversePath, request, ob, 'foo/bar')
def testDot(self): ob = Content() from zope.traversing.publicationtraverse import PublicationTraverser t = PublicationTraverser() request = TestRequest() self.assertEqual(ob, t.traverseName(request, ob, '.'))
def testViewNotFound(self): ob = Content() from zope.traversing.publicationtraverse import PublicationTraverser t = PublicationTraverser() request = TestRequest() self.assertRaises(NotFound, t.traverseName, request, ob, '@@foo')
def __init__(self, root_name): self.root_name = root_name self.traverser = PublicationTraverser()