def setup_globs(self):
ZopeSuiteFactory.setup_globs(self)
globs = self._kw.setdefault('globs', {})
globs['http'] = http
globs['getRootFolder'] = getRootFolder
globs['sync'] = sync
globs['user_auth'] = basic_auth_encode(user_name, user_password)
def setUp(self):
self.portal = self.layer['portal']
self.request = self.layer['request']
self.uf = self.portal.acl_users
self.basic = basic_auth_encode(TEST_USER_NAME, TEST_USER_PASSWORD)
_createMemberarea(self.portal, TEST_USER_ID)
self.folder = self.portal.portal_membership.getHomeFolder(TEST_USER_ID)
# Set up a published object accessible to the default user
self.folder.addDTMLMethod('doc', file='')
self.folder.doc.manage_permission('View', [user_role], acquire=0)
# Rig the REQUEST so it looks like we traversed to 'doc'
self.request.set('PUBLISHED', self.folder['doc'])
self.request.set('PARENTS', [self.folder, self.portal])
folder_path = list(self.folder.getPhysicalPath())
self.request.steps = folder_path + ['doc']
if 'auto_group' in self.uf:
self.uf.manage_delObjects(['auto_group'])
# Nuke Administators and Reviewers groups added in 2.1a2 migrations
# (and any other migrated-in groups) to avoid test confusion
self.portal.portal_groups.removeGroups(
self.portal.portal_groups.listGroupIds())
login(self.portal, TEST_USER_NAME)
setRoles(self.portal, TEST_USER_ID, [
user_role,
])
def setup_globs(self):
ZopeSuiteFactory.setup_globs(self)
globs = self._kw.setdefault('globs', {})
globs['http'] = http
globs['getRootFolder'] = getRootFolder
globs['sync'] = sync
globs['user_auth'] = basic_auth_encode(user_name, user_password)
def auth_header(header):
match = basicre.match(header)
if match:
u, p = match.group(1, 2)
if u is None:
u = ''
if p is None:
p = ''
return basic_auth_encode(u, p)
return header
def authHeader(header):
match = BASIC_RE.match(header)
if match:
u, p = match.group(1, 2)
if u is None:
u = ''
if p is None:
p = ''
return basic_auth_encode(u, p)
return header
def test__authUserPW_simple(self):
user_id = 'user'
password = '******'
auth_header = basic_auth_encode(user_id, password)
environ = {'HTTP_AUTHORIZATION': auth_header}
request = self._makeOne(environ=environ)
user_id_x, password_x = request._authUserPW()
self.assertEqual(user_id_x, user_id)
self.assertEqual(password_x, password)
def test__authUserPW_simple(self):
user_id = 'user'
password = '******'
auth_header = basic_auth_encode(user_id, password)
environ = {'HTTP_AUTHORIZATION': auth_header}
request = self._makeOne(environ=environ)
user_id_x, password_x = request._authUserPW()
self.assertEqual(user_id_x, user_id)
self.assertEqual(password_x, password)
def test__authUserPW_with_embedded_colon(self):
# http://www.zope.org/Collectors/Zope/2039
user_id = 'user'
password = '******'
auth_header = basic_auth_encode(user_id, password)
environ = {'HTTP_AUTHORIZATION': auth_header}
request = self._makeOne(environ=environ)
user_id_x, password_x = request._authUserPW()
self.assertEqual(user_id_x, user_id)
self.assertEqual(password_x, password)
def test__authUserPW_with_embedded_colon(self):
# http://www.zope.org/Collectors/Zope/2039
user_id = 'user'
password = '******'
auth_header = basic_auth_encode(user_id, password)
environ = {'HTTP_AUTHORIZATION': auth_header}
request = self._makeOne(environ=environ)
user_id_x, password_x = request._authUserPW()
self.assertEqual(user_id_x, user_id)
self.assertEqual(password_x, password)
def afterSetUp(self):
# Set up roles and a user
self.uf = self.folder.acl_users
self.folder._addRole('role1')
self.folder.manage_role('role1', [View])
self.uf.roles.addRole('role1')
self.folder._addRole('role2')
self.folder.manage_role('role2', [View])
self.uf.roles.addRole('role2')
self.uf._doAddUser('user1', 'secret', ['role1'], [])
# Set up a published object accessible to user
self.folder.addDTMLMethod('doc', file='the document')
self.doc = self.folder.doc
self.doc.manage_permission(View, ['role1'], acquire=0)
# Rig the REQUEST so it looks like we traversed to doc
self.app.REQUEST['PUBLISHED'] = self.doc
self.app.REQUEST['PARENTS'] = [self.app, self.folder]
self.app.REQUEST.steps = list(self.doc.getPhysicalPath())
self.basic = basic_auth_encode('user1', 'secret')
# Make sure we are not logged in
self.logout()
def publish(self, path, basic=None, env=None, extra=None,
request_method='GET', stdin=None, handle_errors=True):
'''Publishes the object at 'path' returning a response object.'''
from io import BytesIO
from ZPublisher.HTTPRequest import WSGIRequest as Request
from ZPublisher.HTTPResponse import WSGIResponse
from ZPublisher.WSGIPublisher import publish_module
# Commit the sandbox for good measure
transaction.commit()
if env is None:
env = {}
if extra is None:
extra = {}
request = self.app.REQUEST
env['SERVER_NAME'] = request['SERVER_NAME']
env['SERVER_PORT'] = request['SERVER_PORT']
env['SERVER_PROTOCOL'] = 'HTTP/1.1'
env['REQUEST_METHOD'] = request_method
p = path.split('?')
if len(p) == 1:
env['PATH_INFO'] = p[0]
elif len(p) == 2:
[env['PATH_INFO'], env['QUERY_STRING']] = p
else:
raise TypeError('')
if basic:
env['HTTP_AUTHORIZATION'] = basic_auth_encode(basic)
if not handle_errors:
# Tell the publisher to skip exception views
env['x-wsgiorg.throw_errors'] = True
if stdin is None:
stdin = BytesIO()
outstream = BytesIO()
response = WSGIResponse(stdout=outstream, stderr=sys.stderr)
request = Request(stdin, env, response)
for k, v in extra.items():
request[k] = v
wsgi_headers = BytesIO()
def start_response(status, headers):
# Keep the fake response in-sync with the actual values
# from the WSGI start_response call.
response.setStatus(status.split()[0])
for key, value in headers:
response.setHeader(key, value)
wsgi_headers.write(
b'HTTP/1.1 ' + status.encode('ascii') + b'\r\n')
headers = b'\r\n'.join([
(k + ': ' + v).encode('ascii') for k, v in headers])
wsgi_headers.write(headers)
wsgi_headers.write(b'\r\n\r\n')
publish = partial(publish_module, _request=request, _response=response)
if handle_errors:
publish = HTTPExceptionHandler(publish)
wsgi_result = publish(env, start_response)
return ResponseWrapper(response, outstream, path,
wsgi_result, wsgi_headers)
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
from Testing import ZopeTestCase
from Testing.ZopeTestCase import user_name
from Testing.ZopeTestCase import user_password
from Testing.ZopeTestCase import user_role
from ZPublisher.utils import basic_auth_encode
from Products.PluggableAuthService.interfaces.plugins import \
IAuthenticationPlugin, IUserEnumerationPlugin, IRolesPlugin, \
IRoleEnumerationPlugin, IRoleAssignerPlugin, \
IChallengePlugin, IExtractionPlugin, IUserAdderPlugin
user_auth = basic_auth_encode(user_name, user_password)
ZopeTestCase.installProduct('PluginRegistry')
ZopeTestCase.installProduct('PluggableAuthService')
ZopeTestCase.installProduct('StandardCacheManagers')
ZopeTestCase.installProduct('GenericSetup')
class PASTestCase(ZopeTestCase.ZopeTestCase):
"""ZopeTestCase with a PAS instead of the default user folder
"""
def _setupUserFolder(self):
"""Creates a Pluggable Auth Service."""
factory = self.folder.manage_addProduct['PluggableAuthService']
factory.addPluggableAuthService()
pas = self.folder.acl_users
factory = pas.manage_addProduct['PluggableAuthService']
def _makeBasicAuthToken(self, creds='user1:secret'):
return basic_auth_encode(creds)
def _makeBasicAuthToken(self, creds='user1:secret'):
return basic_auth_encode(creds)
