def test_ProxyFactory(self): class SomeClass(object): pass import zope.security checker = NamesChecker() specific_checker = NamesChecker() checker_as_magic_attr = NamesChecker() obj = SomeClass() proxy = ProxyFactory(obj) self.assert_(type(proxy) is Proxy) from zope.security.checker import _defaultChecker self.assert_(getChecker(proxy) is _defaultChecker) defineChecker(SomeClass, checker) proxy = ProxyFactory(obj) self.assert_(type(proxy) is Proxy) self.assert_(getChecker(proxy) is checker) obj.__Security_checker__ = checker_as_magic_attr proxy = ProxyFactory(obj) self.assert_(type(proxy) is Proxy) self.assert_(getChecker(proxy) is checker_as_magic_attr) proxy = ProxyFactory(obj, specific_checker) self.assert_(type(proxy) is Proxy) self.assert_(getChecker(proxy) is specific_checker)
def test_both_wrapper_and_object_have_checkers_not_security_proxied(self): from zope.proxy import ProxyBase from zope.security.checker import CombinedChecker from zope.security.checker import NamesChecker from zope.security.checker import defineChecker from zope.security.interfaces import ForbiddenAttribute class Foo(object): a = 'a' fooChecker = NamesChecker(['a']) # a is public defineChecker(Foo, fooChecker) foo = Foo() fooChecker.check(foo, 'a') # no raise self.assertRaises(ForbiddenAttribute, fooChecker.check, foo, 'b') class Wrapper(ProxyBase): b = 'b' __Security_checker__ = self._makeOne() wrapperChecker = NamesChecker(['b']) # b is public defineChecker(Wrapper, wrapperChecker) wrapper = Wrapper(foo) self.assertRaises(ForbiddenAttribute, wrapperChecker.check, foo, 'a') wrapperChecker.check(foo, 'b') # no raise checker = wrapper.__Security_checker__ self.assertTrue(isinstance(checker, CombinedChecker)) checker.check(wrapper, 'a') # no raise checker.check(wrapper, 'b') # no raise
def test_both_wrapper_and_object_have_checkers_security_proxied(self): from zope.proxy import ProxyBase from zope.security.checker import CombinedChecker from zope.security.checker import NamesChecker from zope.security.checker import defineChecker from zope.security.proxy import ProxyFactory class Foo(object): a = 'a' fooChecker = NamesChecker(['a']) # a is public defineChecker(Foo, fooChecker) foo = Foo() f_sec = ProxyFactory(foo) class Wrapper(ProxyBase): b = 'b' __Security_checker__ = self._makeOne() wrapperChecker = NamesChecker(['b']) # b is public defineChecker(Wrapper, wrapperChecker) w_sec = Wrapper(f_sec) checker = w_sec.__Security_checker__ self.assertTrue(isinstance(checker, CombinedChecker)) checker.check(w_sec, 'a') # no raise checker.check(w_sec, 'b') # no raise
def register(self, context, name, factory, module_info, templates): # Try to set up permissions (copied from the View grokker) permissions = grok.util.class_annotation(factory, 'grok.require', []) if not permissions: checker = NamesChecker(['render']) elif len(permissions) > 1: raise GrokError( 'grok.require was called multiple times in viewlet ' '%r. It may only be called once.' % factory, factory) elif permissions[0] == 'zope.Public': checker = NamesChecker(['render']) else: perm = permissions[0] if component.queryUtility(IPermission, name=perm) is None: raise GrokError( 'Undefined permission %r in view %r. Use ' 'grok.define_permission first.' % (perm, factory), factory) checker = NamesChecker(['render'], permissions[0]) defineChecker(factory, checker) manager = factory.viewlet_manager component.provideAdapter( factory, adapts=( None, # TODO: Make configurable IDefaultBrowserLayer, # TODO: Make configurable IBrowserView, manager), provides=IViewlet, name=name)
def make_checker(factory, view_factory, permission, method_names=None): if method_names is None: method_names = ['__call__'] if permission is not None: check_permission(factory, permission) if permission is None or permission == 'zope.Public': checker = NamesChecker(method_names) else: checker = NamesChecker(method_names, permission) defineChecker(view_factory, checker)
def make_checker(factory, view_factory, permission): """Make a checker for a view_factory associated with factory. These could be one and the same for normal views, or different in case we make method-based views such as for JSON and XMLRPC. """ if permission is not None: check_permission(factory, permission) if permission is None or permission == 'zope.Public': checker = NamesChecker(['__call__']) else: checker = NamesChecker(['__call__'], permission) defineChecker(view_factory, checker)
def test_typesAcceptedByDefineChecker(self): class ClassicClass: __metaclass__ = types.ClassType class NewStyleClass: __metaclass__ = type import zope.security not_a_type = object() defineChecker(ClassicClass, NamesChecker()) defineChecker(NewStyleClass, NamesChecker()) defineChecker(zope.security, NamesChecker()) self.assertRaises(TypeError, defineChecker, not_a_type, NamesChecker())
def grok(self, name, factory, module_info, config, *kws): factory.module_info = module_info factory_name = factory.__name__.lower() # we need a path to the file containing the resource directory_name = util.class_annotation(factory, 'mars.resource.directory', '') directory = os.path.join(os.path.dirname(module_info.path), directory_name) if not os.path.isdir(directory): raise GrokError("No directory found for %s using path %s." " Please use mars.resource.directory" " to define path to the directory." % (factory.__name__, directory_name), factory) view_layer = determine_class_directive('grok.layer', factory, module_info, default=IDefaultBrowserLayer) view_name = util.class_annotation(factory, 'grok.name', factory_name) checker = NamesChecker(allowed_names) factory = DirectoryResourceFactory(directory, checker, view_name) adapts = (view_layer, ) config.action( discriminator=('adapter', adapts, IBrowserRequest, view_name), callable=zope.component.provideAdapter, args=(factory, adapts, IBrowserRequest, view_name), ) return True
def AddViewFactory(name, schema, label, permission, layer, template, default_template, bases, for_, fields, content_factory, arguments, keyword_arguments, set_before_add, set_after_add): class_ = SimpleViewClass( template, used_for=schema, bases=bases, name=name) class_.schema = schema class_.label = label class_.fieldNames = fields class_._factory_or_id = content_factory class_._factory = property(_getFactory, _setFactory) class_._arguments = arguments class_._keyword_arguments = keyword_arguments class_._set_before_add = set_before_add class_._set_after_add = set_after_add class_.generated_form = ViewPageTemplateFile(default_template) defineChecker(class_, NamesChecker( ("__call__", "__getitem__", "browserDefault", "publishTraverse"), permission, ) ) if layer is None: layer = IDefaultBrowserLayer s = zope.component.getGlobalSiteManager() s.registerAdapter(class_, (for_, layer), Interface, name)
def setUp(self): cleanup.setUp() data_dir = os.path.join(os.path.dirname(__file__), 'testfiles') self.testFilePath = os.path.join(data_dir, 'test.txt') self.nullChecker = NamesChecker() provideAdapter(MyETag)
def _testBaseTags(self, url, expected): # Make sure I1 and O1 are visible in the module namespace # so that the classes can be pickled. import transaction pub = BrowserPublication(self.db) ztapi.browserView(I1, 'view', DummyView) ztapi.setDefaultViewName(I1, 'view') ztapi.browserViewProviding(None, TestTraverser, IBrowserPublisher) ob = O1() ## the following is for running the tests standalone principalRegistry.defineDefaultPrincipal('tim', 'timbot', 'ai at its best') # now place our object inside the application connection = self.db.open() app = connection.root()['Application'] app.somepath = ob transaction.commit() connection.close() defineChecker(app.__class__, NamesChecker(somepath='xxx')) req = self._createRequest(url, pub) response = req.response publish(req, handle_errors=0) self.assertEqual(response.getBase(), expected)
def makeObjects(self): checker = NamesChecker(['__getitem__']) defineChecker(SiteManagerStub, checker) self.futurama = futurama = SampleSite() directlyProvides(futurama, IContainmentRoot) planetexpress = SampleContainer() robotfactory = SampleContainer() nimbus = SampleContainer() omicronpersei = SampleSite() bender = SampleContent() fry = SampleContent() leela = SampleContent() mom = SampleContent() zapp = SampleContent() kif = SampleContent() setitem(futurama, futurama.__setitem__, 'planetexpress', planetexpress) setitem(futurama, futurama.__setitem__, 'robotfactory', robotfactory) setitem(futurama, futurama.__setitem__, 'nimbus', nimbus) setitem(futurama, futurama.__setitem__, 'omicronpersei', omicronpersei) setitem(planetexpress, planetexpress.__setitem__, 'bender', bender) setitem(planetexpress, planetexpress.__setitem__, 'fry', fry) setitem(planetexpress, planetexpress.__setitem__, 'leela', leela) setitem(robotfactory, robotfactory.__setitem__, 'mom', mom) setitem(nimbus, nimbus.__setitem__, 'zapp', zapp) setitem(nimbus, nimbus.__setitem__, 'kif', kif)
class CloseDbResult: # This is machinery, not content. We specify our security checker here # directly for clarity. __Security_checker__ = NamesChecker(['next', '__iter__']) def __iter__(self): try: # Reset the session. LaunchpadLayer.resetSessionDb() # Yield control to asyncore for a second, just to be a # little bit nice. We could be even nicer by moving this # whole teardown/setup dance to a thread and waiting for # it to be done, but there's not a (known) compelling need # for that right now, and doing it this way is slightly # simpler. yield '' DatabaseLayer.testSetUp() yield '' # Reset the librarian. LibrarianLayer.testTearDown() yield '' # Reset the database. DatabaseLayer.testTearDown() yield '' LibrarianLayer.testSetUp() except (SystemExit, KeyboardInterrupt): raise except: print "Hm, serious error when trying to clean up the test." traceback.print_exc() # We're done, so we can yield the body. yield '\n'
def DisplayViewFactory(name, schema, label, permission, layer, template, default_template, bases, for_, fields, fulledit_path=None, fulledit_label=None): class_ = SimpleViewClass(template, used_for=schema, bases=bases, name=name) class_.schema = schema class_.label = label class_.fieldNames = fields class_.fulledit_path = fulledit_path if fulledit_path and (fulledit_label is None): fulledit_label = "Full display" class_.fulledit_label = fulledit_label class_.generated_form = ViewPageTemplateFile(default_template) defineChecker( class_, NamesChecker(("__call__", "__getitem__", "browserDefault"), permission)) if layer is None: layer = IDefaultBrowserLayer sm = zope.component.getGlobalSiteManager() sm.registerAdapter(class_, (for_, layer), Interface, name)
def setUp(test): cleanup.setUp() data_dir = os.path.join(os.path.dirname(__file__), 'testfiles') test.globs['testFilePath'] = os.path.join(data_dir, 'test.txt') test.globs['nullChecker'] = NamesChecker() test.globs['TestRequest'] = TestRequest
def RowClassFactory(columns): """Creates a Row object""" klass_namespace = {} klass_namespace['__Security_checker__'] = InstanceOnlyDescriptor( NamesChecker(columns)) klass_namespace['__slots__'] = tuple(columns) return type('GeneratedRowClass', (Row, ), klass_namespace)
def setUp(self): super(ZPTPageTests, self).setUp() ztapi.provideAdapter(None, ITraverser, Traverser) ztapi.provideAdapter(None, ITraversable, DefaultTraversable) ztapi.provideAdapter(None, IPhysicallyLocatable, LocationPhysicallyLocatable) ztapi.provideAdapter(IContainmentRoot, IPhysicallyLocatable, RootPhysicallyLocatable) defineChecker(Data, NamesChecker(['URL', 'name']))
def test_check_getattr(self): oldinst = OldInst() oldinst.d = OldInst() newinst = NewInst() newinst.d = NewInst() for inst in oldinst, newinst: checker = NamesChecker(['a', 'b', 'c', '__getitem__'], 'perm') self.assertRaises(Unauthorized, checker.check_getattr, inst, 'a') self.assertRaises(Unauthorized, checker.check_getattr, inst, 'b') self.assertRaises(Unauthorized, checker.check_getattr, inst, 'c') self.assertRaises(Unauthorized, checker.check, inst, '__getitem__') self.assertRaises(Forbidden, checker.check, inst, '__setitem__') self.assertRaises(Forbidden, checker.check_getattr, inst, 'd') self.assertRaises(Forbidden, checker.check_getattr, inst, 'e') self.assertRaises(Forbidden, checker.check_getattr, inst, 'f') checker = NamesChecker(['a', 'b', 'c', '__getitem__'], 'test_allowed') checker.check_getattr(inst, 'a') checker.check_getattr(inst, 'b') checker.check_getattr(inst, 'c') checker.check(inst, '__getitem__') self.assertRaises(Forbidden, checker.check, inst, '__setitem__') self.assertRaises(Forbidden, checker.check_getattr, inst, 'd') self.assertRaises(Forbidden, checker.check_getattr, inst, 'e') self.assertRaises(Forbidden, checker.check_getattr, inst, 'f') checker = NamesChecker(['a', 'b', 'c', '__getitem__'], CheckerPublic) checker.check_getattr(inst, 'a') checker.check_getattr(inst, 'b') checker.check_getattr(inst, 'c') checker.check(inst, '__getitem__') self.assertRaises(Forbidden, checker.check, inst, '__setitem__') self.assertRaises(Forbidden, checker.check_getattr, inst, 'd') self.assertRaises(Forbidden, checker.check_getattr, inst, 'e') self.assertRaises(Forbidden, checker.check_getattr, inst, 'f')
def test_resources(self): browserResource('quux', Resource) # Only register the checker once, so that multiple test runs pass. if Resource not in _checkers: defineChecker(Resource, NamesChecker(['__call__'])) self.addPage(u'/foo/bar/pt', u'context/++resource++quux') self.verify(u'/foo/bar/pt', u'http://localhost/@@/quux') self.verify(u'/foo/++vh++https:localhost:443/fake/folders/++/bar/pt', u'https://localhost/fake/folders/@@/quux')
def grok(self, name, factory, module_info, config, *kws): factory.module_info = module_info factory_name = factory.__name__.lower() # we need a path to the file containing the resource file_name = util.class_annotation(factory, 'mars.resource.file', '') image_name = util.class_annotation(factory, 'mars.resource.image', '') if file_name == '' and image_name == '': raise GrokError("Either mars.resource.file or mars.resource.image" " must be defined for %s." % (factory.__name__), factory) file = image = None if image_name != '': file_name = image_name image = filepath = os.path.join(os.path.dirname(module_info.path), file_name) else: file = filepath = os.path.join(os.path.dirname(module_info.path), file_name) if not os.path.exists(filepath): filepath = None # allow for absolute path to resource if os.path.exists(file_name): filepath = file_name if filepath is None: raise GrokError("No resource found for %s using path %s." " Please use mars.resource.file or" " mars.resource.image to define path to the" " file containing the resource" % (factory.__name__, file_name), factory) view_layer = determine_class_directive('grok.layer', factory, module_info, default=IDefaultBrowserLayer) view_name = util.class_annotation(factory, 'grok.name', '') checker = NamesChecker(allowed_names) if file: factory = FileResourceFactory(file, checker, view_name) elif image: factory = ImageResourceFactory(image, checker, view_name) adapts = (view_layer, ) config.action( discriminator=('adapter', adapts, IBrowserRequest, view_name), callable=zope.component.provideAdapter, args=(factory, adapts, IBrowserRequest, view_name), ) return True
def __init__(self, _context, name, require=(), layer=IDefaultBrowserLayer, permission='zope.Public'): self.name = name self.layer = layer if permission == 'zope.Public': permission = CheckerPublic self.checker = NamesChecker(allowed_names, permission) # make note of the library in a global registry self.old_library_info = library_info.get(name) library_info[name] = LibraryInfo() library_info[name].required.extend(require)
def test_define_and_undefineChecker(self): class SomeClass(object): pass obj = SomeClass() checker = NamesChecker() from zope.security.checker import _defaultChecker, selectChecker self.assert_(selectChecker(obj) is _defaultChecker) defineChecker(SomeClass, checker) self.assert_(selectChecker(obj) is checker) undefineChecker(SomeClass) self.assert_(selectChecker(obj) is _defaultChecker)
class TestMixinDecoratedChecker(TestCase): def decoratedSetUp(self): self.policy = RecordedSecurityPolicy self._oldpolicy = setSecurityPolicy(self.policy) newInteraction() self.interaction = getInteraction() self.obj = object() def decoratedTearDown(self): endInteraction() setSecurityPolicy(self._oldpolicy) def check_checking_impl(self, checker): o = self.obj checker.check_getattr(o, 'both_get_set') self.assert_(self.interaction.checkChecked(['dc_get_permission'])) checker.check_getattr(o, 'c_only') self.assert_(self.interaction.checkChecked(['get_permission'])) checker.check_getattr(o, 'd_only') self.assert_(self.interaction.checkChecked(['dc_get_permission'])) self.assertRaises(ForbiddenAttribute, checker.check_getattr, o, 'completely_different_attr') self.assert_(self.interaction.checkChecked([])) checker.check(o, '__str__') self.assert_(self.interaction.checkChecked(['get_permission'])) checker.check_setattr(o, 'both_get_set') self.assert_(self.interaction.checkChecked(['dc_set_permission'])) self.assertRaises(ForbiddenAttribute, checker.check_setattr, o, 'c_only') self.assert_(self.interaction.checkChecked([])) self.assertRaises(ForbiddenAttribute, checker.check_setattr, o, 'd_only') self.assert_(self.interaction.checkChecked([])) originalChecker = NamesChecker(['both_get_set', 'c_only', '__str__'], 'get_permission') decorationSetMap = {'both_get_set': 'dc_set_permission'} decorationGetMap = { 'both_get_set': 'dc_get_permission', 'd_only': 'dc_get_permission' } overridingChecker = Checker(decorationGetMap, decorationSetMap)
def test_ProxyFactory_using_proxy(self): class SomeClass(object): pass obj = SomeClass() checker = NamesChecker() proxy1 = ProxyFactory(obj) proxy2 = ProxyFactory(proxy1) self.assert_(proxy1 is proxy2) # Trying to change the checker on a proxy. self.assertRaises(TypeError, ProxyFactory, proxy1, checker) # Setting exactly the same checker as the proxy already has. proxy1 = ProxyFactory(obj, checker) proxy2 = ProxyFactory(proxy1, checker) self.assert_(proxy1 is proxy2)
def register_help_folder(context, folder, name): """Create a help folder subclass and register it with the ZCA.""" help_folder = type(str('%s for %s' % (name, folder)), (HelpFolder, ), { 'folder': folder, '__name__': name }) defineChecker( help_folder, NamesChecker(list(IBrowserPublisher.names(True)) + ['__call__'])) context.action( discriminator=('view', (ILaunchpadApplication, IBrowserRequest), name), callable=handler, args=('registerAdapter', help_folder, (ILaunchpadApplication, IBrowserRequest), Interface, name, context.info), )
def testAlwaysAvailable(self): from zope.security.checker import NamesChecker checker = NamesChecker(()) class C(object): pass self.assertEqual(checker.check(C, '__hash__'), None) self.assertEqual(checker.check(C, '__nonzero__'), None) self.assertEqual(checker.check(C, '__class__'), None) self.assertEqual(checker.check(C, '__implements__'), None) self.assertEqual(checker.check(C, '__lt__'), None) self.assertEqual(checker.check(C, '__le__'), None) self.assertEqual(checker.check(C, '__gt__'), None) self.assertEqual(checker.check(C, '__ge__'), None) self.assertEqual(checker.check(C, '__eq__'), None) self.assertEqual(checker.check(C, '__ne__'), None) self.assertEqual(checker.check(C, '__name__'), None) self.assertEqual(checker.check(C, '__parent__'), None)
def test_locationproxy_security(self): from zope.security.checker import defineChecker from zope.security.checker import NamesChecker from zope.security.proxy import ProxyFactory class Unlocated(object): a = 'a' unlocated = Unlocated() located = LocationProxy(unlocated) # define a checker for the unlocated object, which will also be # used by the security proxy as the LocationProxy defines # __Security_checker__: unlocatedChecker = NamesChecker(['a']) defineChecker(Unlocated, unlocatedChecker) secure_located = ProxyFactory(located) self.assertEqual(secure_located.a, 'a')
def test_template_context_wrapping(self): class AU(BrowserView): def __str__(self): name = self.context.__name__ if name is None: return 'None' return name defineChecker(AU, NamesChecker(['__str__'])) from zope.traversing.namespace import view ztapi.provideNamespaceHandler('view', view) ztapi.browserView(IZPTPage, 'name', AU) page = ZPTPage() page.setSource(u'<p tal:replace="template/@@name" />') page = contained(page, None, name='zpt') request = TestRequest() self.assertEquals(page.render(request), u'zpt')
def test_only_wrapper_has_checker(self): from zope.proxy import ProxyBase from zope.security.checker import NamesChecker from zope.security.checker import NoProxy from zope.security.checker import defineChecker class Foo(object): a = 'a' foo = Foo() defineChecker(Foo, NoProxy) class Wrapper(ProxyBase): b = 'b' __Security_checker__ = self._makeOne() wrapperChecker = NamesChecker(['b']) # b is public defineChecker(Wrapper, wrapperChecker) wrapper = Wrapper(foo) self.assertTrue(wrapper.__Security_checker__ is wrapperChecker)
def resourceDirectory(_context, name, directory, layer=IDefaultBrowserLayer, permission='zope.Public'): if permission == 'zope.Public': permission = CheckerPublic checker = NamesChecker(allowed_names + ('__getitem__', 'get'), permission) if not os.path.isdir(directory): raise ConfigurationError("Directory %s does not exist" % directory) factory = DirectoryResourceFactory(directory, checker, name) _context.action( discriminator=('resource', name, IBrowserRequest, layer), callable=handler, args=('registerAdapter', factory, (layer, ), Interface, name, _context.info), )