def makeObjects(self):
checker = NamesChecker(["__getitem__"])
defineChecker(SiteManagerStub, checker)
self.futurama = futurama = SampleSite()
directlyProvides(futurama, IContainmentRoot)
planetexpress = SampleContainer()
robotfactory = SampleContainer()
nimbus = SampleContainer()
omicronpersei = SampleSite()
bender = SampleContent()
fry = SampleContent()
leela = SampleContent()
mom = SampleContent()
zapp = SampleContent()
kif = SampleContent()
setitem(futurama, futurama.__setitem__, "planetexpress", planetexpress)
setitem(futurama, futurama.__setitem__, "robotfactory", robotfactory)
setitem(futurama, futurama.__setitem__, "nimbus", nimbus)
setitem(futurama, futurama.__setitem__, "omicronpersei", omicronpersei)
setitem(planetexpress, planetexpress.__setitem__, "bender", bender)
setitem(planetexpress, planetexpress.__setitem__, "fry", fry)
setitem(planetexpress, planetexpress.__setitem__, "leela", leela)
setitem(robotfactory, robotfactory.__setitem__, "mom", mom)
setitem(nimbus, nimbus.__setitem__, "zapp", zapp)
setitem(nimbus, nimbus.__setitem__, "kif", kif)
def setUp(self):
super(AuthZopePublicationTests, self).setUp()
principalRegistry.defineDefaultPrincipal('anonymous', '')
root = self.db.open().root()
app = root[ZopePublication.root_name]
app['f1'] = rootFolder()
f1 = app['f1']
f1['f2'] = Folder()
if not ISite.providedBy(f1):
f1.setSiteManager(LocalSiteManager(f1))
sm1 = f1.getSiteManager()
addUtility(sm1, '', IAuthentication, AuthUtility1())
f2 = f1['f2']
if not ISite.providedBy(f2):
f2.setSiteManager(LocalSiteManager(f2))
sm2 = f2.getSiteManager()
addUtility(sm2, '', IAuthentication, AuthUtility2())
transaction.commit()
from zope.container.interfaces import ISimpleReadContainer
from zope.container.traversal import ContainerTraverser
component.provideAdapter(ContainerTraverser,
(ISimpleReadContainer, IRequest),
IPublishTraverse,
name='')
from zope.site.interfaces import IFolder
from zope.security.checker import defineChecker, InterfaceChecker
defineChecker(Folder, InterfaceChecker(IFolder))
def protectLikeUnto(class_, like_unto):
"""Use the protections from like_unto for class_"""
unto_checker = getCheckerForInstancesOf(like_unto)
if unto_checker is None:
return
# We know a dictionary was used because we set it
# Note however, that if a checker was created manually
# and the caller used say NamesChecker or MultiChecker,
# then set_permissions may be None here as Checker
# defaults a missing set_permissions parameter to None.
# Jim says this doensn't happens with the C version of the
# checkers because they use a 'shared dummy dict'.
unto_get_protections = unto_checker.get_permissions
unto_set_protections = unto_checker.set_permissions
checker = getCheckerForInstancesOf(class_)
if checker is None:
checker = Checker({}, {})
defineChecker(class_, checker)
get_protections = checker.get_permissions
for name in unto_get_protections:
get_protections[name] = unto_get_protections[name]
set_protections = checker.set_permissions
for name in unto_set_protections:
set_protections[name] = unto_set_protections[name]
def ttwElementDirective(
_context, name, title, for_ = interface.Interface,
description=u'', layer = IDefaultBrowserLayer, template=u''):
# register pageelement
pageelementDirective(
_context, name, for_=for_,
title=title, description=description, layer=layer, template=template)
# Make sure that the template exists
template = os.path.abspath(str(_context.path(template)))
if not os.path.isfile(template):
raise ConfigurationError("No such file", template)
# Build a new class that we can use different permission settings if we
# use the class more then once.
cdict = {}
cdict['name'] = name
cdict['title'] = title
cdict['description'] = description
cdict['template'] = template
newclass = type(
str('<TTWResourceFactory %s>'%name), (TTWPageElementFactory,), cdict)
# Set up permission mapping for various accessible attributes
required = {}
for iname in ITTWPageElementFactory:
required[iname] = CheckerPublic
# security checker
defineChecker(newclass, Checker(required))
# register the page element
adapter(_context, (newclass,), ITTWItemFactory, (for_, layer), name=name)
def ttwResourceDirective(
_context, name, title, for_ = interface.Interface,
layer = IDefaultBrowserLayer, type = '', file = None, description=u'', **kwargs):
rname = u'simplettw.%s'%name
# register resource
resourceDirective(
_context, rname, file, layer, permission='zope.Public', type='')
# Build a new class that we can use different permission settings if we
# use the class more then once.
cdict = {}
cdict['name'] = name
cdict['title'] = title
cdict['description'] = description
cdict['file'] = os.path.abspath(str(_context.path(file)))
cdict['contentType'] = type
newclass = Type(
str('<TTWResourceFactory %s>'%name), (TTWResourceFactory,), cdict)
# Set up permission mapping for various accessible attributes
required = dict([(iname, CheckerPublic) for iname in ITTWResourceFactory])
defineChecker(newclass, Checker(required))
# register the resource element
adapter(_context, (newclass,), ITTWItemFactory, (ISimpleTTW, layer), name=name)
# register IStaticResource adapter
adapter(_context, (StaticResource(rname),),
IStaticResource, (layer,), name=name)
def _testBaseTags(self, url, expected):
# Make sure I1 and O1 are visible in the module namespace
# so that the classes can be pickled.
import transaction
pub = BrowserPublication(self.db)
ztapi.browserView(I1, 'view', DummyView)
ztapi.setDefaultViewName(I1, 'view')
ztapi.browserViewProviding(None, TestTraverser, IBrowserPublisher)
ob = O1()
## the following is for running the tests standalone
principalRegistry.defineDefaultPrincipal('tim', 'timbot',
'ai at its best')
# now place our object inside the application
connection = self.db.open()
app = connection.root()['Application']
app.somepath = ob
transaction.commit()
connection.close()
defineChecker(app.__class__, NamesChecker(somepath='xxx'))
req = self._createRequest(url, pub)
response = req.response
publish(req, handle_errors=0)
self.assertEqual(response.getBase(), expected)
def EditViewFactory(name, schema, label, permission, layer,
template, default_template, bases, for_, fields,
fulledit_path=None, fulledit_label=None):
class_ = SimpleViewClass(template, used_for=schema, bases=bases, name=name)
class_.schema = schema
class_.label = label
class_.fieldNames = fields
class_.fulledit_path = fulledit_path
if fulledit_path and (fulledit_label is None):
fulledit_label = "Full edit"
class_.fulledit_label = fulledit_label
class_.generated_form = ViewPageTemplateFile(default_template)
defineChecker(class_,
NamesChecker(("__call__", "__getitem__",
"browserDefault", "publishTraverse"),
permission))
if layer is None:
layer = IDefaultBrowserLayer
s = zapi.getGlobalSiteManager()
s.provideAdapter((for_, layer), Interface, name, class_)
def register(self, context, name, factory, module_info, templates):
# Try to set up permissions (copied from the View grokker)
permissions = grok.util.class_annotation(factory, 'grok.require', [])
if not permissions:
checker = NamesChecker(['render'])
elif len(permissions) > 1:
raise GrokError(
'grok.require was called multiple times in viewlet '
'%r. It may only be called once.' % factory, factory)
elif permissions[0] == 'zope.Public':
checker = NamesChecker(['render'])
else:
perm = permissions[0]
if component.queryUtility(IPermission, name=perm) is None:
raise GrokError(
'Undefined permission %r in view %r. Use '
'grok.define_permission first.' % (perm, factory), factory)
checker = NamesChecker(['render'], permissions[0])
defineChecker(factory, checker)
manager = factory.viewlet_manager
component.provideAdapter(
factory,
adapts=(
None, # TODO: Make configurable
IDefaultBrowserLayer, # TODO: Make configurable
IBrowserView,
manager),
provides=IViewlet,
name=name)
def test_ProxyFactory(self):
class SomeClass(object):
pass
import zope.security
checker = NamesChecker()
specific_checker = NamesChecker()
checker_as_magic_attr = NamesChecker()
obj = SomeClass()
proxy = ProxyFactory(obj)
self.assert_(type(proxy) is Proxy)
from zope.security.checker import _defaultChecker
self.assert_(getChecker(proxy) is _defaultChecker)
defineChecker(SomeClass, checker)
proxy = ProxyFactory(obj)
self.assert_(type(proxy) is Proxy)
self.assert_(getChecker(proxy) is checker)
obj.__Security_checker__ = checker_as_magic_attr
proxy = ProxyFactory(obj)
self.assert_(type(proxy) is Proxy)
self.assert_(getChecker(proxy) is checker_as_magic_attr)
proxy = ProxyFactory(obj, specific_checker)
self.assert_(type(proxy) is Proxy)
self.assert_(getChecker(proxy) is specific_checker)
def test_both_wrapper_and_object_have_checkers_not_security_proxied(self):
from zope.proxy import ProxyBase
from zope.security.checker import CombinedChecker
from zope.security.checker import NamesChecker
from zope.security.checker import defineChecker
from zope.security.interfaces import ForbiddenAttribute
class Foo(object):
a = 'a'
fooChecker = NamesChecker(['a']) # a is public
defineChecker(Foo, fooChecker)
foo = Foo()
fooChecker.check(foo, 'a') # no raise
self.assertRaises(ForbiddenAttribute,
fooChecker.check, foo, 'b')
class Wrapper(ProxyBase):
b = 'b'
__Security_checker__ = self._makeOne()
wrapperChecker = NamesChecker(['b']) # b is public
defineChecker(Wrapper, wrapperChecker)
wrapper = Wrapper(foo)
self.assertRaises(ForbiddenAttribute,
wrapperChecker.check, foo, 'a')
wrapperChecker.check(foo, 'b') # no raise
checker = wrapper.__Security_checker__
self.assertTrue(isinstance(checker, CombinedChecker))
checker.check(wrapper, 'a') # no raise
checker.check(wrapper, 'b') # no raise
def DisplayViewFactory(name,
schema,
label,
permission,
layer,
template,
default_template,
bases,
for_,
fields,
fulledit_path=None,
fulledit_label=None):
class_ = SimpleViewClass(template, used_for=schema, bases=bases, name=name)
class_.schema = schema
class_.label = label
class_.fieldNames = fields
class_.fulledit_path = fulledit_path
if fulledit_path and (fulledit_label is None):
fulledit_label = "Full display"
class_.fulledit_label = fulledit_label
class_.generated_form = ViewPageTemplateFile(default_template)
defineChecker(
class_,
NamesChecker(("__call__", "__getitem__", "browserDefault"),
permission))
if layer is None:
layer = IDefaultBrowserLayer
sm = zope.component.getGlobalSiteManager()
sm.registerAdapter(class_, (for_, layer), Interface, name)
def test_both_wrapper_and_object_have_checkers_security_proxied(self):
from zope.proxy import ProxyBase
from zope.security.checker import CombinedChecker
from zope.security.checker import NamesChecker
from zope.security.checker import defineChecker
from zope.security.proxy import ProxyFactory
class Foo(object):
a = 'a'
fooChecker = NamesChecker(['a']) # a is public
defineChecker(Foo, fooChecker)
foo = Foo()
f_sec = ProxyFactory(foo)
class Wrapper(ProxyBase):
b = 'b'
__Security_checker__ = self._makeOne()
wrapperChecker = NamesChecker(['b']) # b is public
defineChecker(Wrapper, wrapperChecker)
w_sec = Wrapper(f_sec)
checker = w_sec.__Security_checker__
self.assertTrue(isinstance(checker, CombinedChecker))
checker.check(w_sec, 'a') # no raise
checker.check(w_sec, 'b') # no raise
def test_both_wrapper_and_object_have_checkers_not_security_proxied(self):
from zope.proxy import ProxyBase
from zope.security.checker import CombinedChecker
from zope.security.checker import NamesChecker
from zope.security.checker import defineChecker
from zope.security.interfaces import ForbiddenAttribute
class Foo(object):
a = 'a'
fooChecker = NamesChecker(['a']) # a is public
defineChecker(Foo, fooChecker)
foo = Foo()
fooChecker.check(foo, 'a') # no raise
self.assertRaises(ForbiddenAttribute, fooChecker.check, foo, 'b')
class Wrapper(ProxyBase):
b = 'b'
__Security_checker__ = self._makeOne()
wrapperChecker = NamesChecker(['b']) # b is public
defineChecker(Wrapper, wrapperChecker)
wrapper = Wrapper(foo)
self.assertRaises(ForbiddenAttribute, wrapperChecker.check, foo, 'a')
wrapperChecker.check(foo, 'b') # no raise
checker = wrapper.__Security_checker__
self.assertTrue(isinstance(checker, CombinedChecker))
checker.check(wrapper, 'a') # no raise
checker.check(wrapper, 'b') # no raise
def test_both_wrapper_and_object_have_checkers_security_proxied(self):
from zope.proxy import ProxyBase
from zope.security.checker import CombinedChecker
from zope.security.checker import NamesChecker
from zope.security.checker import defineChecker
from zope.security.proxy import ProxyFactory
class Foo(object):
a = 'a'
fooChecker = NamesChecker(['a']) # a is public
defineChecker(Foo, fooChecker)
foo = Foo()
f_sec = ProxyFactory(foo)
class Wrapper(ProxyBase):
b = 'b'
__Security_checker__ = self._makeOne()
wrapperChecker = NamesChecker(['b']) # b is public
defineChecker(Wrapper, wrapperChecker)
w_sec = Wrapper(f_sec)
checker = w_sec.__Security_checker__
self.assertTrue(isinstance(checker, CombinedChecker))
checker.check(w_sec, 'a') # no raise
checker.check(w_sec, 'b') # no raise
def test_template_context_wrapping(self):
class AU(BrowserView):
def __str__(self):
name = self.context.__name__
if name is None:
return 'None'
return name
defineChecker(AU, NamesChecker(['__str__']))
from zope.traversing.namespace import view
from zope.traversing.interfaces import ITraversable
provideAdapter(view, (None,), ITraversable, name="view")
provideAdapter(view, (None, None), ITraversable, name="view")
provideAdapter(
AU, (IZopachePageTemplate, TestRequest), Interface, name='name')
page = ZopachePageTemplate()
page.setSource(
u'<p tal:replace="template/@@name" />'
)
page = contained(page, None, name='zpt')
request = TestRequest()
self.assertEquals(page.render(request), u'zpt')
def setUp(self):
super(AuthZopePublicationTests, self).setUp()
principalRegistry.defineDefaultPrincipal('anonymous', '')
root = self.db.open().root()
app = root[ZopePublication.root_name]
app['f1'] = rootFolder()
f1 = app['f1']
f1['f2'] = Folder()
if not ISite.providedBy(f1):
f1.setSiteManager(LocalSiteManager(f1))
sm1 = f1.getSiteManager()
addUtility(sm1, '', IAuthentication, AuthUtility1())
f2 = f1['f2']
if not ISite.providedBy(f2):
f2.setSiteManager(LocalSiteManager(f2))
sm2 = f2.getSiteManager()
addUtility(sm2, '', IAuthentication, AuthUtility2())
transaction.commit()
from zope.container.interfaces import ISimpleReadContainer
from zope.container.traversal import ContainerTraverser
component.provideAdapter(ContainerTraverser,
(ISimpleReadContainer, IRequest),
IPublishTraverse, name='')
from zope.site.interfaces import IFolder
from zope.security.checker import defineChecker, InterfaceChecker
defineChecker(Folder, InterfaceChecker(IFolder))
def _testBaseTags(self, url, expected):
# Make sure I1 and O1 are visible in the module namespace
# so that the classes can be pickled.
import transaction
pub = BrowserPublication(self.db)
ztapi.browserView(I1, 'view', DummyView)
ztapi.setDefaultViewName(I1, 'view')
ztapi.browserViewProviding(None, TestTraverser, IBrowserPublisher)
ob = O1()
## the following is for running the tests standalone
principalRegistry.defineDefaultPrincipal(
'tim', 'timbot', 'ai at its best')
# now place our object inside the application
connection = self.db.open()
app = connection.root()['Application']
app.somepath = ob
transaction.commit()
connection.close()
defineChecker(app.__class__, NamesChecker(somepath='xxx'))
req = self._createRequest(url, pub)
response = req.response
publish(req, handle_errors=0)
self.assertEqual(response.getBase(), expected)
def test_ProxyFactory(self):
class SomeClass(object):
pass
import zope.security
checker = NamesChecker()
specific_checker = NamesChecker()
checker_as_magic_attr = NamesChecker()
obj = SomeClass()
proxy = ProxyFactory(obj)
self.assert_(type(proxy) is Proxy)
from zope.security.checker import _defaultChecker
self.assert_(getChecker(proxy) is _defaultChecker)
defineChecker(SomeClass, checker)
proxy = ProxyFactory(obj)
self.assert_(type(proxy) is Proxy)
self.assert_(getChecker(proxy) is checker)
obj.__Security_checker__ = checker_as_magic_attr
proxy = ProxyFactory(obj)
self.assert_(type(proxy) is Proxy)
self.assert_(getChecker(proxy) is checker_as_magic_attr)
proxy = ProxyFactory(obj, specific_checker)
self.assert_(type(proxy) is Proxy)
self.assert_(getChecker(proxy) is specific_checker)
def execute(self, factory, config, permissions, **kw):
if not permissions:
return False
if get_config().getboolean('auth', 'enforce_attribute_rights_definition'):
perms = {}
else:
perms = AuditingPermissionDictionary()
# mandatory, otherwise zope's default Checker impl will be used
# which doesn't play well with Twisted.
defineChecker(factory, Checker(perms, perms))
# TODO: supply the 'inherit' option to the class somehow
# to facilitate optional inheritance of all permissions
for class_inheritance_level in permissions:
for name, permission in class_inheritance_level.items():
if isinstance(permission, tuple):
read_perm, write_perm = permission
config.action(discriminator=('protectNameSet', factory, name),
callable=grokcore.security.util.protect_setattr,
args=(factory, name, write_perm))
else:
read_perm = permission
config.action(discriminator=('protectName', factory, name),
callable=grokcore.security.util.protect_getattr,
args=(factory, name, read_perm))
return True
def makeObjects(self):
checker = NamesChecker(['__getitem__'])
defineChecker(SiteManagerStub, checker)
self.futurama = futurama = SampleSite()
directlyProvides(futurama, IContainmentRoot)
planetexpress = SampleContainer()
robotfactory = SampleContainer()
nimbus = SampleContainer()
omicronpersei = SampleSite()
bender = SampleContent()
fry = SampleContent()
leela = SampleContent()
mom = SampleContent()
zapp = SampleContent()
kif = SampleContent()
setitem(futurama, futurama.__setitem__, 'planetexpress', planetexpress)
setitem(futurama, futurama.__setitem__, 'robotfactory', robotfactory)
setitem(futurama, futurama.__setitem__, 'nimbus', nimbus)
setitem(futurama, futurama.__setitem__, 'omicronpersei', omicronpersei)
setitem(planetexpress, planetexpress.__setitem__, 'bender', bender)
setitem(planetexpress, planetexpress.__setitem__, 'fry', fry)
setitem(planetexpress, planetexpress.__setitem__, 'leela', leela)
setitem(robotfactory, robotfactory.__setitem__, 'mom', mom)
setitem(nimbus, nimbus.__setitem__, 'zapp', zapp)
setitem(nimbus, nimbus.__setitem__, 'kif', kif)
def portletManagerDirective(
_context, name, title, for_=None, description=u'',
class_=None, schema=None, layer=IDefaultBrowserLayer,
provides=(), portlettype=IPortlet, **kw):
# Build a new class
ManagerClass = PortletManager(
name, class_, provides, title, description, schema, portlettype, **kw)
# Set up permission mapping for various accessible attributes
required = {'__call__': CheckerPublic,
'browserDefault': CheckerPublic,
'publishTraverse': CheckerPublic}
for iname in IPortletManager:
required[iname] = CheckerPublic
# security checker
defineChecker(ManagerClass, Checker(required))
# security for schema fields
for iface in (IPortletManagerConfiguration, schema):
if iface is None:
continue
for f_id in iface:
field = iface[f_id]
if IField.providedBy(field) and not field.readonly:
protectSetAttribute(ManagerClass, f_id, 'zojax.ManagePortlets')
protectName(ManagerClass, f_id, 'zope.Public')
# register the portlet manager
adapter(_context, (ManagerClass,),
IPortletManager, (for_, layer, None), name=name)
def execute(self, factory, config, permissions, **kw):
if not permissions:
return False
if get_config().getboolean('auth',
'enforce_attribute_rights_definition'):
perms = {}
else:
perms = AuditingPermissionDictionary()
# mandatory, otherwise zope's default Checker impl will be used
# which doesn't play well with Twisted.
defineChecker(factory, Checker(perms, perms))
# TODO: supply the 'inherit' option to the class somehow
# to facilitate optional inheritance of all permissions
for class_inheritance_level in permissions:
for name, permission in class_inheritance_level.items():
if isinstance(permission, tuple):
read_perm, write_perm = permission
config.action(
discriminator=('protectNameSet', factory, name),
callable=grokcore.security.util.protect_setattr,
args=(factory, name, write_perm))
else:
read_perm = permission
config.action(discriminator=('protectName', factory, name),
callable=grokcore.security.util.protect_getattr,
args=(factory, name, read_perm))
return True
def AddViewFactory(name, schema, label, permission, layer,
template, default_template, bases, for_,
fields, content_factory, arguments,
keyword_arguments, set_before_add, set_after_add):
class_ = SimpleViewClass(
template, used_for=schema, bases=bases, name=name)
class_.schema = schema
class_.label = label
class_.fieldNames = fields
class_._factory_or_id = content_factory
class_._factory = property(_getFactory, _setFactory)
class_._arguments = arguments
class_._keyword_arguments = keyword_arguments
class_._set_before_add = set_before_add
class_._set_after_add = set_after_add
class_.generated_form = ViewPageTemplateFile(default_template)
defineChecker(class_,
NamesChecker(
("__call__", "__getitem__",
"browserDefault", "publishTraverse"),
permission,
)
)
if layer is None:
layer = IDefaultBrowserLayer
s = zope.component.getGlobalSiteManager()
s.registerAdapter(class_, (for_, layer), Interface, name)
def protectLikeUnto(class_, like_unto):
"""Use the protections from like_unto for class_"""
unto_checker = getCheckerForInstancesOf(like_unto)
if unto_checker is None:
return
# We know a dictionary was used because we set it
# Note however, that if a checker was created manually
# and the caller used say NamesChecker or MultiChecker,
# then set_permissions may be None here as Checker
# defaults a missing set_permissions parameter to None.
# Jim says this doensn't happens with the C version of the
# checkers because they use a 'shared dummy dict'.
unto_get_protections = unto_checker.get_permissions
unto_set_protections = unto_checker.set_permissions
checker = getCheckerForInstancesOf(class_)
if checker is None:
checker = Checker({}, {})
defineChecker(class_, checker)
get_protections = checker.get_permissions
for name in unto_get_protections:
get_protections[name] = unto_get_protections[name]
set_protections = checker.set_permissions
for name in unto_set_protections:
set_protections[name] = unto_set_protections[name]
def setUp(self):
super(ZPTPageTests, self).setUp()
ztapi.provideAdapter(None, ITraverser, Traverser)
ztapi.provideAdapter(None, ITraversable, DefaultTraversable)
ztapi.provideAdapter(None, IPhysicallyLocatable,
LocationPhysicallyLocatable)
ztapi.provideAdapter(IContainmentRoot, IPhysicallyLocatable,
RootPhysicallyLocatable)
defineChecker(Data, NamesChecker(['URL', 'name']))
def handle_security(class_, permission, interfaces, attributes):
required = set(attributes)
for ifc in interfaces:
required.update(set(ifc))
if permission == 'zope.Public':
permission = CheckerPublic
defineChecker(class_, Checker(dict.fromkeys(required, permission)))
def handle_security(class_, permission, interfaces, attributes):
required = set(attributes)
for ifc in interfaces:
required.update(set(ifc))
if permission == 'zope.Public':
permission = CheckerPublic
defineChecker(class_, Checker(dict.fromkeys(required, permission)))
def setUp(self):
super(ZopachePageTemplateTests, self).setUp()
provideAdapter(Traverser, (None,), ITraverser)
provideAdapter(DefaultTraversable, (None,), ITraversable)
provideAdapter(
LocationPhysicallyLocatable, (None,), IPhysicallyLocatable)
provideAdapter(
RootPhysicallyLocatable, (IContainmentRoot,), IPhysicallyLocatable)
defineChecker(Data, NamesChecker(['URL', 'name']))
def setUp(self):
super(ZPTPageTests, self).setUp()
ztapi.provideAdapter(None, ITraverser, Traverser)
ztapi.provideAdapter(None, ITraversable, DefaultTraversable)
ztapi.provideAdapter(
None, IPhysicallyLocatable, LocationPhysicallyLocatable)
ztapi.provideAdapter(
IContainmentRoot, IPhysicallyLocatable, RootPhysicallyLocatable)
defineChecker(Data, NamesChecker(['URL', 'name']))
def testAllAllowed(self):
defineChecker(C, Checker({'folder': CheckerPublic,
'item': CheckerPublic,
}))
tr = Traverser(ProxyFactory(self.root))
item = self.item
self.assertEquals(tr.traverse(('', 'folder', 'item')), item)
self.assertEquals(tr.traverse(('folder', 'item')), item)
def make_checker(factory, view_factory, permission, method_names=None):
if method_names is None:
method_names = ['__call__']
if permission is not None:
check_permission(factory, permission)
if permission is None or permission == 'zope.Public':
checker = NamesChecker(method_names)
else:
checker = NamesChecker(method_names, permission)
defineChecker(view_factory, checker)
def test_resources(self):
browserResource('quux', Resource)
# Only register the checker once, so that multiple test runs pass.
if Resource not in _checkers:
defineChecker(Resource, NamesChecker(['__call__']))
self.addPage('/foo/bar/pt',
u'<span tal:replace="context/++resource++quux" />')
self.verify('/foo/bar/pt', 'http://localhost/@@/quux')
self.verify('/foo/++vh++https:localhost:443/fake/folders/++/bar/pt',
'https://localhost/fake/folders/@@/quux')
def test_resources(self):
browserResource('quux', Resource)
# Only register the checker once, so that multiple test runs pass.
if Resource not in _checkers:
defineChecker(Resource, NamesChecker(['__call__']))
self.addPage(u'/foo/bar/pt',
u'context/++resource++quux')
self.verify(u'/foo/bar/pt', u'http://localhost/@@/quux')
self.verify(u'/foo/++vh++https:localhost:443/fake/folders/++/bar/pt',
u'https://localhost/fake/folders/@@/quux')
def make_checker(factory, view_factory, permission, method_names=None):
if method_names is None:
method_names = ['__call__']
if permission is not None:
check_permission(factory, permission)
if permission is None or permission == 'zope.Public':
checker = NamesChecker(method_names)
else:
checker = NamesChecker(method_names, permission)
defineChecker(view_factory, checker)
def whitelist_module(module, classes=[], definitions=[]):
# For python scripts and zope
allow_module(module)
for klass in classes:
allow_class(klass)
if definitions:
ModuleSecurityInfo(module).declarePublic(*definitions)
# for zope.untrustedpython
defineChecker(imodule, NamesChecker([meth for meth in dir(imodule) if meth[0] != "_"]))
def testAllAllowed(self):
defineChecker(
C, Checker({
'folder': CheckerPublic,
'item': CheckerPublic,
}))
tr = Traverser(ProxyFactory(self.root))
item = self.item
self.assertEqual(tr.traverse(('', 'folder', 'item')), item)
self.assertEqual(tr.traverse(('folder', 'item')), item)
def execute(self, factory, config, permission, **kw):
# mandatory, otherwise zope's default Checker impl will be used
# which doesn't play well in async frameworks like twisted.
defineChecker(factory, Checker({}, {}))
for method_name in [i for i in dir(factory) if i.startswith('render')]:
config.action(discriminator=('protectName', factory, method_name),
callable=protect_getattr,
args=(factory, method_name, permission))
return True
def testItemDenied(self):
endInteraction()
newInteraction(ParticipationStub('no one'))
defineChecker(C, Checker({'item': 'Waaaa', 'folder': CheckerPublic}))
tr = Traverser(ProxyFactory(self.root))
folder = self.folder
self.assertRaises(Unauthorized, tr.traverse, ('', 'folder', 'item'))
self.assertRaises(Unauthorized, tr.traverse, ('folder', 'item'))
self.assertEqual(tr.traverse(('', 'folder')), folder)
self.assertEqual(tr.traverse(('folder', '..', 'folder')), folder)
self.assertEqual(tr.traverse(('folder', )), folder)
def test_define_and_undefineChecker(self):
class SomeClass(object):
pass
obj = SomeClass()
checker = NamesChecker()
from zope.security.checker import _defaultChecker, selectChecker
self.assert_(selectChecker(obj) is _defaultChecker)
defineChecker(SomeClass, checker)
self.assert_(selectChecker(obj) is checker)
undefineChecker(SomeClass)
self.assert_(selectChecker(obj) is _defaultChecker)
def make_checker(factory, view_factory, permission):
"""Make a checker for a view_factory associated with factory.
These could be one and the same for normal views, or different
in case we make method-based views such as for JSON and XMLRPC.
"""
if permission is not None:
check_permission(factory, permission)
if permission is None or permission == 'zope.Public':
checker = NamesChecker(['__call__'])
else:
checker = NamesChecker(['__call__'], permission)
defineChecker(view_factory, checker)
def test_define_and_undefineChecker(self):
class SomeClass(object):
pass
obj = SomeClass()
checker = NamesChecker()
from zope.security.checker import _defaultChecker, selectChecker
self.assert_(selectChecker(obj) is _defaultChecker)
defineChecker(SomeClass, checker)
self.assert_(selectChecker(obj) is checker)
undefineChecker(SomeClass)
self.assert_(selectChecker(obj) is _defaultChecker)
def test_w_existing_like_unto_checker_wo_existing_checker(self):
from zope.security.checker import Checker
from zope.security.checker import CheckerPublic
from zope.security.checker import defineChecker
from zope.security.checker import _checkers
permission = object()
foo_checker = Checker({'bar': CheckerPublic}, {'bar': permission})
defineChecker(Foo, foo_checker)
self._callFUT(Bar, Foo)
bar_checker = _checkers[Bar]
self.assertEqual(bar_checker.get_permissions,
foo_checker.get_permissions)
self.assertEqual(bar_checker.set_permissions,
foo_checker.set_permissions)
def test_w_existing_like_unto_checker_wo_existing_checker(self):
from zope.security.checker import Checker
from zope.security.checker import CheckerPublic
from zope.security.checker import defineChecker
from zope.security.checker import _checkers
permission = object()
foo_checker = Checker({'bar': CheckerPublic}, {'bar': permission})
defineChecker(Foo, foo_checker)
self._callFUT(Bar, Foo)
bar_checker = _checkers[Bar]
self.assertEqual(bar_checker.get_permissions,
foo_checker.get_permissions)
self.assertEqual(bar_checker.set_permissions,
foo_checker.set_permissions)
def protectName(class_, name, permission):
"""Set a permission on a particular name."""
checker = getCheckerForInstancesOf(class_)
if checker is None:
checker = Checker({}, {})
defineChecker(class_, checker)
if permission == 'zope.Public':
# Translate public permission to CheckerPublic
permission = CheckerPublic
# We know a dictionary was used because we set it
protections = checker.get_permissions
protections[name] = permission
def testItemDenied(self):
endInteraction()
newInteraction(ParticipationStub('no one'))
defineChecker(C, Checker({'item': 'Waaaa', 'folder': CheckerPublic}))
tr = Traverser(ProxyFactory(self.root))
folder = self.folder
self.assertRaises(Unauthorized, tr.traverse,
('', 'folder', 'item'))
self.assertRaises(Unauthorized, tr.traverse,
('folder', 'item'))
self.assertEquals(tr.traverse(('', 'folder')), folder)
self.assertEquals(tr.traverse(('folder', '..', 'folder')),
folder)
self.assertEquals(tr.traverse(('folder',)), folder)
def setUp(self):
super(ZopeViewReplacementFixture, self).setUp()
if self.replacement is None:
raise ValueError('replacement is not set')
self.gsm.adapters.register(
(self.context_interface, self.request_interface), Interface,
self.name, self.replacement)
# The same checker should be sufficient. If it ever isn't, we
# can add more flexibility then.
defineChecker(self.replacement, self.checker)
self.addCleanup(undefineChecker, self.replacement)
self.addCleanup(self.gsm.adapters.register,
(self.context_interface, self.request_interface),
Interface, self.name, self.original)
def protectName(class_, name, permission):
"""Set a permission on a particular name."""
checker = getCheckerForInstancesOf(class_)
if checker is None:
checker = Checker({}, {})
defineChecker(class_, checker)
if permission == 'zope.Public':
# Translate public permission to CheckerPublic
permission = CheckerPublic
# We know a dictionary was used because we set it
protections = checker.get_permissions
protections[name] = permission
def make_checker(factory, view_factory, permission, method_names=None):
"""Make a checker for a view_factory associated with factory.
These could be one and the same for normal views, or different
in case we make method-based views such as for JSON and XMLRPC.
"""
if method_names is None:
method_names = ['__call__']
if permission is not None:
check_permission(factory, permission)
if permission is None or permission == 'zope.Public':
checker = NamesChecker(method_names)
else:
checker = NamesChecker(method_names, permission)
defineChecker(view_factory, checker)
def test_locationproxy_security(self):
from zope.security.checker import defineChecker
from zope.security.checker import NamesChecker
from zope.security.proxy import ProxyFactory
class Unlocated(object):
a = 'a'
unlocated = Unlocated()
located = LocationProxy(unlocated)
# define a checker for the unlocated object, which will also be
# used by the security proxy as the LocationProxy defines
# __Security_checker__:
unlocatedChecker = NamesChecker(['a'])
defineChecker(Unlocated, unlocatedChecker)
secure_located = ProxyFactory(located)
self.assertEqual(secure_located.a, 'a')
def test_neither_wrapper_nor_object_has_checker(self):
from zope.proxy import ProxyBase
from zope.security.checker import NoProxy
from zope.security.checker import defineChecker
class Foo(object):
a = 'a'
defineChecker(Foo, NoProxy)
foo = Foo()
class Wrapper(ProxyBase):
b = 'b'
__Security_checker__ = self._makeOne()
defineChecker(Wrapper, NoProxy)
wrapper = Wrapper(foo)
self.assertRaises(AttributeError,
getattr, wrapper, '__Security_checker__')
def testPlacefulAuth(self):
setup.setUpTraversal()
setup.setUpSiteManagerLookup()
principalRegistry.defineDefaultPrincipal('anonymous', '')
root = self.db.open().root()
app = root[ZopePublication.root_name]
app['f1'] = rootFolder()
f1 = app['f1']
f1['f2'] = Folder()
sm1 = setup.createSiteManager(f1)
setup.addUtility(sm1, '', IAuthenticationUtility, AuthUtility1())
f2 = f1['f2']
sm2 = setup.createSiteManager(f2)
setup.addUtility(sm2, '', IAuthenticationUtility, AuthUtility2())
transaction.commit()
from zope.app.container.interfaces import ISimpleReadContainer
from zope.app.container.traversal import ContainerTraverser
ztapi.provideView(ISimpleReadContainer, IRequest, IPublishTraverse, '',
ContainerTraverser)
from zope.app.folder.interfaces import IFolder
from zope.security.checker import defineChecker, InterfaceChecker
defineChecker(Folder, InterfaceChecker(IFolder))
self.publication.beforeTraversal(self.request)
self.assertEqual(list(queryInteraction().participations),
[self.request])
self.assertEqual(self.request.principal.id, 'anonymous')
root = self.publication.getApplication(self.request)
self.publication.callTraversalHooks(self.request, root)
self.assertEqual(self.request.principal.id, 'anonymous')
ob = self.publication.traverseName(self.request, root, 'f1')
self.publication.callTraversalHooks(self.request, ob)
self.assertEqual(self.request.principal.id, 'test.anonymous')
ob = self.publication.traverseName(self.request, ob, 'f2')
self.publication.afterTraversal(self.request, ob)
self.assertEqual(self.request.principal.id, 'test.bob')
self.assertEqual(list(queryInteraction().participations),
[self.request])
self.publication.endRequest(self.request, ob)
self.assertEqual(queryInteraction(), None)
def testPlacefulAuth(self):
setup.setUpTraversal()
setup.setUpSiteManagerLookup()
principalRegistry.defineDefaultPrincipal('anonymous', '')
root = self.db.open().root()
app = root[ZopePublication.root_name]
app['f1'] = rootFolder()
f1 = app['f1']
f1['f2'] = Folder()
sm1 = setup.createSiteManager(f1)
setup.addUtility(sm1, '', IAuthenticationUtility, AuthUtility1())
f2 = f1['f2']
sm2 = setup.createSiteManager(f2)
setup.addUtility(sm2, '', IAuthenticationUtility, AuthUtility2())
transaction.commit()
from zope.app.container.interfaces import ISimpleReadContainer
from zope.app.container.traversal import ContainerTraverser
ztapi.provideView(ISimpleReadContainer, IRequest, IPublishTraverse,
'', ContainerTraverser)
from zope.app.folder.interfaces import IFolder
from zope.security.checker import defineChecker, InterfaceChecker
defineChecker(Folder, InterfaceChecker(IFolder))
self.publication.beforeTraversal(self.request)
self.assertEqual(list(queryInteraction().participations),
[self.request])
self.assertEqual(self.request.principal.id, 'anonymous')
root = self.publication.getApplication(self.request)
self.publication.callTraversalHooks(self.request, root)
self.assertEqual(self.request.principal.id, 'anonymous')
ob = self.publication.traverseName(self.request, root, 'f1')
self.publication.callTraversalHooks(self.request, ob)
self.assertEqual(self.request.principal.id, 'test.anonymous')
ob = self.publication.traverseName(self.request, ob, 'f2')
self.publication.afterTraversal(self.request, ob)
self.assertEqual(self.request.principal.id, 'test.bob')
self.assertEqual(list(queryInteraction().participations),
[self.request])
self.publication.endRequest(self.request, ob)
self.assertEqual(queryInteraction(), None)
def protectModule(module, name, permission):
"""Set up a module checker to require a permission to access a name
If there isn't a checker for the module, create one.
"""
checker = moduleChecker(module)
if checker is None:
checker = Checker({}, {})
defineChecker(module, checker)
if permission == 'zope.Public':
# Translate public permission to CheckerPublic
permission = CheckerPublic
# We know a dictionary get method was used because we set it
protections = checker.get_permissions
protections[name] = permission
def register_help_folder(context, folder, name):
"""Create a help folder subclass and register it with the ZCA."""
help_folder = type(str('%s for %s' % (name, folder)), (HelpFolder, ), {
'folder': folder,
'__name__': name
})
defineChecker(
help_folder,
NamesChecker(list(IBrowserPublisher.names(True)) + ['__call__']))
context.action(
discriminator=('view', (ILaunchpadApplication, IBrowserRequest), name),
callable=handler,
args=('registerAdapter', help_folder, (ILaunchpadApplication,
IBrowserRequest), Interface,
name, context.info),
)
def test_neither_wrapper_nor_object_has_checker(self):
from zope.proxy import ProxyBase
from zope.security.checker import NoProxy
from zope.security.checker import defineChecker
class Foo(object):
a = 'a'
defineChecker(Foo, NoProxy)
foo = Foo()
class Wrapper(ProxyBase):
b = 'b'
__Security_checker__ = self._makeOne()
defineChecker(Wrapper, NoProxy)
wrapper = Wrapper(foo)
self.assertRaises(AttributeError, getattr, wrapper,
'__Security_checker__')
def test_template_context_wrapping(self):
class AU(BrowserView):
def __str__(self):
name = self.context.__name__
if name is None:
return 'None'
return name
defineChecker(AU, NamesChecker(['__str__']))
from zope.traversing.namespace import view
ztapi.provideNamespaceHandler('view', view)
ztapi.browserView(IZPTPage, 'name', AU)
page = ZPTPage()
page.setSource(u'<p tal:replace="template/@@name" />')
page = contained(page, None, name='zpt')
request = TestRequest()
self.assertEquals(page.render(request), u'zpt')
def test_locationproxy_security(self):
from zope.security.checker import defineChecker
from zope.security.checker import NamesChecker
from zope.security.proxy import ProxyFactory
class Unlocated(object):
a = 'a'
unlocated = Unlocated()
located = LocationProxy(unlocated)
# define a checker for the unlocated object, which will also be
# used by the security proxy as the LocationProxy defines
# __Security_checker__:
unlocatedChecker = NamesChecker(['a'])
defineChecker(Unlocated, unlocatedChecker)
secure_located = ProxyFactory(located)
self.assertEqual(secure_located.a, 'a')
def protectSetAttribute(class_, name, permission):
"""Set a permission on a particular name."""
checker = getCheckerForInstancesOf(class_)
if checker is None:
checker = Checker({}, {})
defineChecker(class_, checker)
if permission == zope_Public:
# Translate public permission to CheckerPublic
permission = CheckerPublic
# We know a dictionary was used because we set it
# Note however, that if a checker was created manually
# and the caller used say NamesChecker or MultiChecker,
# then set_permissions may be None here as Checker
# defaults a missing set_permissions parameter to None.
# Jim says this doensn't happens with the C version of the
# checkers because they use a 'shared dummy dict'.
protections = checker.set_permissions
protections[name] = permission
