Exemplo n.º 1
0
    def test_ProxyFactory(self):
        class SomeClass(object):
            pass

        import zope.security
        checker = NamesChecker()
        specific_checker = NamesChecker()
        checker_as_magic_attr = NamesChecker()

        obj = SomeClass()

        proxy = ProxyFactory(obj)
        self.assert_(type(proxy) is Proxy)
        from zope.security.checker import _defaultChecker
        self.assert_(getChecker(proxy) is _defaultChecker)

        defineChecker(SomeClass, checker)

        proxy = ProxyFactory(obj)
        self.assert_(type(proxy) is Proxy)
        self.assert_(getChecker(proxy) is checker)

        obj.__Security_checker__ = checker_as_magic_attr

        proxy = ProxyFactory(obj)
        self.assert_(type(proxy) is Proxy)
        self.assert_(getChecker(proxy) is checker_as_magic_attr)

        proxy = ProxyFactory(obj, specific_checker)
        self.assert_(type(proxy) is Proxy)
        self.assert_(getChecker(proxy) is specific_checker)
Exemplo n.º 2
0
    def test_both_wrapper_and_object_have_checkers_security_proxied(self):
        from zope.proxy import ProxyBase
        from zope.security.checker import CombinedChecker
        from zope.security.checker import NamesChecker
        from zope.security.checker import defineChecker
        from zope.security.proxy import ProxyFactory

        class Foo(object):
            a = 'a'

        fooChecker = NamesChecker(['a'])  # a is public
        defineChecker(Foo, fooChecker)
        foo = Foo()
        f_sec = ProxyFactory(foo)

        class Wrapper(ProxyBase):
            b = 'b'
            __Security_checker__ = self._makeOne()

        wrapperChecker = NamesChecker(['b'])  # b is public
        defineChecker(Wrapper, wrapperChecker)
        w_sec = Wrapper(f_sec)

        checker = w_sec.__Security_checker__
        self.assertTrue(isinstance(checker, CombinedChecker))
        checker.check(w_sec, 'a')  # no raise
        checker.check(w_sec, 'b')  # no raise
Exemplo n.º 3
0
    def register(self, context, name, factory, module_info, templates):
        # Try to set up permissions (copied from the View grokker)
        permissions = grok.util.class_annotation(factory, 'grok.require', [])
        if not permissions:
            checker = NamesChecker(['render'])
        elif len(permissions) > 1:
            raise GrokError(
                'grok.require was called multiple times in viewlet '
                '%r. It may only be called once.' % factory, factory)
        elif permissions[0] == 'zope.Public':
            checker = NamesChecker(['render'])
        else:
            perm = permissions[0]
            if component.queryUtility(IPermission, name=perm) is None:
                raise GrokError(
                    'Undefined permission %r in view %r. Use '
                    'grok.define_permission first.' % (perm, factory), factory)
            checker = NamesChecker(['render'], permissions[0])

        defineChecker(factory, checker)

        manager = factory.viewlet_manager
        component.provideAdapter(
            factory,
            adapts=(
                None,  # TODO: Make configurable
                IDefaultBrowserLayer,  # TODO: Make configurable
                IBrowserView,
                manager),
            provides=IViewlet,
            name=name)
Exemplo n.º 4
0
def make_checker(factory, view_factory, permission, method_names=None):
    if method_names is None:
        method_names = ['__call__']
    if permission is not None:
        check_permission(factory, permission)
    if permission is None or permission == 'zope.Public':
        checker = NamesChecker(method_names)
    else:
        checker = NamesChecker(method_names, permission)
    defineChecker(view_factory, checker)
Exemplo n.º 5
0
def make_checker(factory, view_factory, permission):
    """Make a checker for a view_factory associated with factory.

    These could be one and the same for normal views, or different
    in case we make method-based views such as for JSON and XMLRPC.
    """
    if permission is not None:
        check_permission(factory, permission)
    if permission is None or permission == 'zope.Public':
        checker = NamesChecker(['__call__'])
    else:
        checker = NamesChecker(['__call__'], permission)
    defineChecker(view_factory, checker)
Exemplo n.º 6
0
    def test_typesAcceptedByDefineChecker(self):
        class ClassicClass:
            __metaclass__ = types.ClassType

        class NewStyleClass:
            __metaclass__ = type

        import zope.security
        not_a_type = object()
        defineChecker(ClassicClass, NamesChecker())
        defineChecker(NewStyleClass, NamesChecker())
        defineChecker(zope.security, NamesChecker())
        self.assertRaises(TypeError, defineChecker, not_a_type, NamesChecker())
Exemplo n.º 7
0
    def test_both_wrapper_and_object_have_checkers_not_security_proxied(self):
        from zope.proxy import ProxyBase
        from zope.security.checker import CombinedChecker
        from zope.security.checker import NamesChecker
        from zope.security.checker import defineChecker
        from zope.security.interfaces import ForbiddenAttribute

        class Foo(object):
            a = 'a'

        fooChecker = NamesChecker(['a'])  # a is public
        defineChecker(Foo, fooChecker)
        foo = Foo()
        fooChecker.check(foo, 'a')  # no raise
        self.assertRaises(ForbiddenAttribute, fooChecker.check, foo, 'b')

        class Wrapper(ProxyBase):
            b = 'b'
            __Security_checker__ = self._makeOne()

        wrapperChecker = NamesChecker(['b'])  # b is public
        defineChecker(Wrapper, wrapperChecker)
        wrapper = Wrapper(foo)
        self.assertRaises(ForbiddenAttribute, wrapperChecker.check, foo, 'a')
        wrapperChecker.check(foo, 'b')  # no raise

        checker = wrapper.__Security_checker__
        self.assertTrue(isinstance(checker, CombinedChecker))
        checker.check(wrapper, 'a')  # no raise
        checker.check(wrapper, 'b')  # no raise
Exemplo n.º 8
0
    def makeObjects(self):
        checker = NamesChecker(['__getitem__'])
        defineChecker(SiteManagerStub, checker)
        self.futurama = futurama = SampleSite()
        directlyProvides(futurama, IContainmentRoot)
        planetexpress = SampleContainer()
        robotfactory = SampleContainer()
        nimbus = SampleContainer()
        omicronpersei = SampleSite()

        bender = SampleContent()
        fry = SampleContent()
        leela = SampleContent()
        mom = SampleContent()
        zapp = SampleContent()
        kif = SampleContent()

        setitem(futurama, futurama.__setitem__, 'planetexpress', planetexpress)
        setitem(futurama, futurama.__setitem__, 'robotfactory', robotfactory)
        setitem(futurama, futurama.__setitem__, 'nimbus', nimbus)
        setitem(futurama, futurama.__setitem__, 'omicronpersei', omicronpersei)

        setitem(planetexpress, planetexpress.__setitem__, 'bender', bender)
        setitem(planetexpress, planetexpress.__setitem__, 'fry', fry)
        setitem(planetexpress, planetexpress.__setitem__, 'leela', leela)
        setitem(robotfactory, robotfactory.__setitem__, 'mom', mom)
        setitem(nimbus, nimbus.__setitem__, 'zapp', zapp)
        setitem(nimbus, nimbus.__setitem__, 'kif', kif)
Exemplo n.º 9
0
def setUp(test):
    cleanup.setUp()
    data_dir = os.path.join(os.path.dirname(__file__), 'testfiles')

    test.globs['testFilePath'] = os.path.join(data_dir, 'test.txt')
    test.globs['nullChecker'] = NamesChecker()
    test.globs['TestRequest'] = TestRequest
Exemplo n.º 10
0
 def testAlwaysAvailable(self):
     from zope.security.checker import NamesChecker
     checker = NamesChecker(())
     class C(object): pass
     self.assertEqual(checker.check(C, '__hash__'), None)
     self.assertEqual(checker.check(C, '__nonzero__'), None)
     self.assertEqual(checker.check(C, '__class__'), None)
     self.assertEqual(checker.check(C, '__implements__'), None)
     self.assertEqual(checker.check(C, '__lt__'), None)
     self.assertEqual(checker.check(C, '__le__'), None)
     self.assertEqual(checker.check(C, '__gt__'), None)
     self.assertEqual(checker.check(C, '__ge__'), None)
     self.assertEqual(checker.check(C, '__eq__'), None)
     self.assertEqual(checker.check(C, '__ne__'), None)
     self.assertEqual(checker.check(C, '__name__'), None)
     self.assertEqual(checker.check(C, '__parent__'), None)
Exemplo n.º 11
0
def AddViewFactory(name, schema, label, permission, layer,
                   template, default_template, bases, for_,
                   fields, content_factory, arguments,
                   keyword_arguments, set_before_add, set_after_add):

    class_  = SimpleViewClass(
        template, used_for=schema, bases=bases, name=name)

    class_.schema = schema
    class_.label = label
    class_.fieldNames = fields
    class_._factory_or_id = content_factory
    class_._factory = property(_getFactory, _setFactory)
    class_._arguments = arguments
    class_._keyword_arguments = keyword_arguments
    class_._set_before_add = set_before_add
    class_._set_after_add = set_after_add

    class_.generated_form = ViewPageTemplateFile(default_template)

    defineChecker(class_,
                  NamesChecker(
                    ("__call__", "__getitem__",
                     "browserDefault", "publishTraverse"),
                    permission,
                    )
                  )
    if layer is None:
        layer = IDefaultBrowserLayer
    
    s = zope.component.getGlobalSiteManager()
    s.registerAdapter(class_, (for_, layer), Interface, name)
Exemplo n.º 12
0
    def setUp(self):
        cleanup.setUp()
        data_dir = os.path.join(os.path.dirname(__file__), 'testfiles')

        self.testFilePath = os.path.join(data_dir, 'test.txt')
        self.nullChecker = NamesChecker()
        provideAdapter(MyETag)
Exemplo n.º 13
0
    def _testBaseTags(self, url, expected):
        # Make sure I1 and O1 are visible in the module namespace
        # so that the classes can be pickled.
        import transaction

        pub = BrowserPublication(self.db)

        ztapi.browserView(I1, 'view', DummyView)
        ztapi.setDefaultViewName(I1, 'view')
        ztapi.browserViewProviding(None, TestTraverser, IBrowserPublisher)

        ob = O1()

        ## the following is for running the tests standalone
        principalRegistry.defineDefaultPrincipal('tim', 'timbot',
                                                 'ai at its best')

        # now place our object inside the application

        connection = self.db.open()
        app = connection.root()['Application']
        app.somepath = ob
        transaction.commit()
        connection.close()

        defineChecker(app.__class__, NamesChecker(somepath='xxx'))

        req = self._createRequest(url, pub)
        response = req.response

        publish(req, handle_errors=0)

        self.assertEqual(response.getBase(), expected)
Exemplo n.º 14
0
class CloseDbResult:

    # This is machinery, not content.  We specify our security checker here
    # directly for clarity.
    __Security_checker__ = NamesChecker(['next', '__iter__'])

    def __iter__(self):
        try:
            # Reset the session.
            LaunchpadLayer.resetSessionDb()
            # Yield control to asyncore for a second, just to be a
            # little bit nice.  We could be even nicer by moving this
            # whole teardown/setup dance to a thread and waiting for
            # it to be done, but there's not a (known) compelling need
            # for that right now, and doing it this way is slightly
            # simpler.
            yield ''
            DatabaseLayer.testSetUp()
            yield ''
            # Reset the librarian.
            LibrarianLayer.testTearDown()
            yield ''
            # Reset the database.
            DatabaseLayer.testTearDown()
            yield ''
            LibrarianLayer.testSetUp()
        except (SystemExit, KeyboardInterrupt):
            raise
        except:
            print "Hm, serious error when trying to clean up the test."
            traceback.print_exc()
        # We're done, so we can yield the body.
        yield '\n'
Exemplo n.º 15
0
def DisplayViewFactory(name,
                       schema,
                       label,
                       permission,
                       layer,
                       template,
                       default_template,
                       bases,
                       for_,
                       fields,
                       fulledit_path=None,
                       fulledit_label=None):
    class_ = SimpleViewClass(template, used_for=schema, bases=bases, name=name)
    class_.schema = schema
    class_.label = label
    class_.fieldNames = fields
    class_.fulledit_path = fulledit_path
    if fulledit_path and (fulledit_label is None):
        fulledit_label = "Full display"
    class_.fulledit_label = fulledit_label
    class_.generated_form = ViewPageTemplateFile(default_template)
    defineChecker(
        class_,
        NamesChecker(("__call__", "__getitem__", "browserDefault"),
                     permission))

    if layer is None:
        layer = IDefaultBrowserLayer

    sm = zope.component.getGlobalSiteManager()
    sm.registerAdapter(class_, (for_, layer), Interface, name)
Exemplo n.º 16
0
    def grok(self, name, factory, module_info, config, *kws):
        factory.module_info = module_info
        factory_name = factory.__name__.lower()

        # we need a path to the file containing the resource
        directory_name = util.class_annotation(factory, 'mars.resource.directory', '')
        directory = os.path.join(os.path.dirname(module_info.path), directory_name)

        if not os.path.isdir(directory):
            raise GrokError("No directory found for %s using path %s."
                            " Please use mars.resource.directory"
                            " to define path to the directory."
                            % (factory.__name__, directory_name),
                            factory)

        view_layer = determine_class_directive('grok.layer',
                                               factory, module_info,
                                               default=IDefaultBrowserLayer)
        view_name = util.class_annotation(factory, 'grok.name', factory_name)

        checker = NamesChecker(allowed_names)
        factory = DirectoryResourceFactory(directory, checker, view_name)

        adapts = (view_layer, )

        config.action( 
            discriminator=('adapter', adapts, IBrowserRequest, view_name),
            callable=zope.component.provideAdapter,
            args=(factory, adapts, IBrowserRequest, view_name),
            )
        return True
Exemplo n.º 17
0
def RowClassFactory(columns):
    """Creates a Row object"""
    klass_namespace = {}
    klass_namespace['__Security_checker__'] = InstanceOnlyDescriptor(
        NamesChecker(columns))
    klass_namespace['__slots__'] = tuple(columns)

    return type('GeneratedRowClass', (Row, ), klass_namespace)
Exemplo n.º 18
0
 def setUp(self):
     super(ZPTPageTests, self).setUp()
     ztapi.provideAdapter(None, ITraverser, Traverser)
     ztapi.provideAdapter(None, ITraversable, DefaultTraversable)
     ztapi.provideAdapter(None, IPhysicallyLocatable,
                          LocationPhysicallyLocatable)
     ztapi.provideAdapter(IContainmentRoot, IPhysicallyLocatable,
                          RootPhysicallyLocatable)
     defineChecker(Data, NamesChecker(['URL', 'name']))
Exemplo n.º 19
0
 def test_resources(self):
     browserResource('quux', Resource)
     # Only register the checker once, so that multiple test runs pass.
     if Resource not in _checkers:
         defineChecker(Resource, NamesChecker(['__call__']))
     self.addPage(u'/foo/bar/pt',
                  u'context/++resource++quux')
     self.verify(u'/foo/bar/pt', u'http://localhost/@@/quux')
     self.verify(u'/foo/++vh++https:localhost:443/fake/folders/++/bar/pt',
                 u'https://localhost/fake/folders/@@/quux')
Exemplo n.º 20
0
    def grok(self, name, factory, module_info, config, *kws):
        factory.module_info = module_info
        factory_name = factory.__name__.lower()

        # we need a path to the file containing the resource
        file_name = util.class_annotation(factory, 'mars.resource.file', '')
        image_name = util.class_annotation(factory, 'mars.resource.image', '')
        if file_name == '' and image_name == '':
            raise GrokError("Either mars.resource.file or mars.resource.image"
                            " must be defined for %s."
                            % (factory.__name__),
                            factory)

        file = image = None
        if image_name != '':
            file_name = image_name
            image = filepath = os.path.join(os.path.dirname(module_info.path), file_name)
        else:
            file = filepath = os.path.join(os.path.dirname(module_info.path), file_name)

        if not os.path.exists(filepath):
            filepath = None
            # allow for absolute path to resource
            if os.path.exists(file_name):
                filepath = file_name
        if filepath is None:
            raise GrokError("No resource found for %s using path %s."
                            " Please use mars.resource.file or"
                            " mars.resource.image to define path to the"
                            " file containing the resource"
                            % (factory.__name__, file_name),
                            factory)

        view_layer = determine_class_directive('grok.layer',
                                               factory, module_info,
                                               default=IDefaultBrowserLayer)
        view_name = util.class_annotation(factory, 'grok.name', '')

        checker = NamesChecker(allowed_names)
        if file:
            factory = FileResourceFactory(file, checker, view_name)
        elif image:
            factory = ImageResourceFactory(image, checker, view_name)

        adapts = (view_layer, )

        config.action(
            discriminator=('adapter', adapts,
                            IBrowserRequest, view_name),
            callable=zope.component.provideAdapter,
            args=(factory, adapts, 
                            IBrowserRequest, view_name),
            )

        return True
Exemplo n.º 21
0
    def test_both_wrapper_and_object_have_checkers_not_security_proxied(self):
        from zope.proxy import ProxyBase
        from zope.security.checker import CombinedChecker
        from zope.security.checker import NamesChecker
        from zope.security.checker import defineChecker
        from zope.security.interfaces import ForbiddenAttribute

        class Foo(object):
            a = 'a'
        fooChecker = NamesChecker(['a']) # a is public
        defineChecker(Foo, fooChecker)
        foo = Foo()
        fooChecker.check(foo, 'a') # no raise
        self.assertRaises(ForbiddenAttribute,
                          fooChecker.check, foo, 'b')

        class Wrapper(ProxyBase):
            b = 'b'
            __Security_checker__ = self._makeOne()
        wrapperChecker = NamesChecker(['b']) # b is public
        defineChecker(Wrapper, wrapperChecker)
        wrapper = Wrapper(foo)
        self.assertRaises(ForbiddenAttribute,
                          wrapperChecker.check, foo, 'a')
        wrapperChecker.check(foo, 'b') # no raise

        checker = wrapper.__Security_checker__
        self.assertTrue(isinstance(checker, CombinedChecker))
        checker.check(wrapper, 'a') # no raise
        checker.check(wrapper, 'b') # no raise
Exemplo n.º 22
0
    def test_define_and_undefineChecker(self):
        class SomeClass(object):
            pass

        obj = SomeClass()

        checker = NamesChecker()
        from zope.security.checker import _defaultChecker, selectChecker
        self.assert_(selectChecker(obj) is _defaultChecker)
        defineChecker(SomeClass, checker)
        self.assert_(selectChecker(obj) is checker)
        undefineChecker(SomeClass)
        self.assert_(selectChecker(obj) is _defaultChecker)
Exemplo n.º 23
0
    def __init__(self, _context, name, require=(),
                 layer=IDefaultBrowserLayer, permission='zope.Public'):
        self.name =  name
        self.layer = layer

        if permission == 'zope.Public':
            permission = CheckerPublic
        self.checker = NamesChecker(allowed_names, permission)

        # make note of the library in a global registry
        self.old_library_info = library_info.get(name)
        library_info[name] = LibraryInfo()
        library_info[name].required.extend(require)
Exemplo n.º 24
0
    def test_proxy(self):
        checker = NamesChecker(())

        from zope.security.checker import BasicTypes_examples
        rocks = tuple(BasicTypes_examples.values())
        for rock in rocks:
            proxy = checker.proxy(rock)
            self.failUnless(proxy is rock, (rock, type(proxy)))

        for class_ in OldInst, NewInst:
            inst = class_()

            for ob in inst, class_:
                proxy = checker.proxy(ob)
                self.failUnless(removeSecurityProxy(proxy) is ob)
                checker = getChecker(proxy)
                if ob is inst:
                    self.assertEqual(checker.permission_id('__str__'),
                                     None)
                else:
                    self.assertEqual(checker.permission_id('__str__'),
                                     CheckerPublic)
Exemplo n.º 25
0
class TestMixinDecoratedChecker(TestCase):
    def decoratedSetUp(self):
        self.policy = RecordedSecurityPolicy
        self._oldpolicy = setSecurityPolicy(self.policy)
        newInteraction()
        self.interaction = getInteraction()
        self.obj = object()

    def decoratedTearDown(self):
        endInteraction()
        setSecurityPolicy(self._oldpolicy)

    def check_checking_impl(self, checker):
        o = self.obj
        checker.check_getattr(o, 'both_get_set')
        self.assert_(self.interaction.checkChecked(['dc_get_permission']))
        checker.check_getattr(o, 'c_only')
        self.assert_(self.interaction.checkChecked(['get_permission']))
        checker.check_getattr(o, 'd_only')
        self.assert_(self.interaction.checkChecked(['dc_get_permission']))
        self.assertRaises(ForbiddenAttribute, checker.check_getattr, o,
                          'completely_different_attr')
        self.assert_(self.interaction.checkChecked([]))
        checker.check(o, '__str__')
        self.assert_(self.interaction.checkChecked(['get_permission']))

        checker.check_setattr(o, 'both_get_set')
        self.assert_(self.interaction.checkChecked(['dc_set_permission']))
        self.assertRaises(ForbiddenAttribute, checker.check_setattr, o,
                          'c_only')
        self.assert_(self.interaction.checkChecked([]))
        self.assertRaises(ForbiddenAttribute, checker.check_setattr, o,
                          'd_only')
        self.assert_(self.interaction.checkChecked([]))

    originalChecker = NamesChecker(['both_get_set', 'c_only', '__str__'],
                                   'get_permission')

    decorationSetMap = {'both_get_set': 'dc_set_permission'}

    decorationGetMap = {
        'both_get_set': 'dc_get_permission',
        'd_only': 'dc_get_permission'
    }

    overridingChecker = Checker(decorationGetMap, decorationSetMap)
Exemplo n.º 26
0
    def test_ProxyFactory_using_proxy(self):
        class SomeClass(object):
            pass

        obj = SomeClass()
        checker = NamesChecker()
        proxy1 = ProxyFactory(obj)

        proxy2 = ProxyFactory(proxy1)
        self.assert_(proxy1 is proxy2)

        # Trying to change the checker on a proxy.
        self.assertRaises(TypeError, ProxyFactory, proxy1, checker)

        # Setting exactly the same checker as the proxy already has.
        proxy1 = ProxyFactory(obj, checker)
        proxy2 = ProxyFactory(proxy1, checker)
        self.assert_(proxy1 is proxy2)
Exemplo n.º 27
0
def register_help_folder(context, folder, name):
    """Create a help folder subclass and register it with the ZCA."""

    help_folder = type(str('%s for %s' % (name, folder)), (HelpFolder, ), {
        'folder': folder,
        '__name__': name
    })

    defineChecker(
        help_folder,
        NamesChecker(list(IBrowserPublisher.names(True)) + ['__call__']))

    context.action(
        discriminator=('view', (ILaunchpadApplication, IBrowserRequest), name),
        callable=handler,
        args=('registerAdapter', help_folder, (ILaunchpadApplication,
                                               IBrowserRequest), Interface,
              name, context.info),
    )
Exemplo n.º 28
0
    def test_locationproxy_security(self):
        from zope.security.checker import defineChecker
        from zope.security.checker import NamesChecker
        from zope.security.proxy import ProxyFactory

        class Unlocated(object):
            a = 'a'

        unlocated = Unlocated()
        located = LocationProxy(unlocated)

        # define a checker for the unlocated object, which will also be
        # used by the security proxy as the LocationProxy defines
        # __Security_checker__:
        unlocatedChecker = NamesChecker(['a'])
        defineChecker(Unlocated, unlocatedChecker)

        secure_located = ProxyFactory(located)
        self.assertEqual(secure_located.a, 'a')
Exemplo n.º 29
0
    def test_template_context_wrapping(self):
        class AU(BrowserView):
            def __str__(self):
                name = self.context.__name__
                if name is None:
                    return 'None'
                return name

        defineChecker(AU, NamesChecker(['__str__']))

        from zope.traversing.namespace import view
        ztapi.provideNamespaceHandler('view', view)
        ztapi.browserView(IZPTPage, 'name', AU)

        page = ZPTPage()
        page.setSource(u'<p tal:replace="template/@@name" />')
        page = contained(page, None, name='zpt')
        request = TestRequest()
        self.assertEquals(page.render(request), u'zpt')
Exemplo n.º 30
0
    def test_only_wrapper_has_checker(self):
        from zope.proxy import ProxyBase
        from zope.security.checker import NamesChecker
        from zope.security.checker import NoProxy
        from zope.security.checker import defineChecker

        class Foo(object):
            a = 'a'

        foo = Foo()
        defineChecker(Foo, NoProxy)

        class Wrapper(ProxyBase):
            b = 'b'
            __Security_checker__ = self._makeOne()

        wrapperChecker = NamesChecker(['b'])  # b is public
        defineChecker(Wrapper, wrapperChecker)
        wrapper = Wrapper(foo)
        self.assertTrue(wrapper.__Security_checker__ is wrapperChecker)
Exemplo n.º 31
0
def resourceDirectory(_context,
                      name,
                      directory,
                      layer=IDefaultBrowserLayer,
                      permission='zope.Public'):
    if permission == 'zope.Public':
        permission = CheckerPublic

    checker = NamesChecker(allowed_names + ('__getitem__', 'get'), permission)

    if not os.path.isdir(directory):
        raise ConfigurationError("Directory %s does not exist" % directory)

    factory = DirectoryResourceFactory(directory, checker, name)
    _context.action(
        discriminator=('resource', name, IBrowserRequest, layer),
        callable=handler,
        args=('registerAdapter', factory, (layer, ), Interface, name,
              _context.info),
    )
Exemplo n.º 32
0
def resource(_context,
             name,
             layer=IDefaultBrowserLayer,
             permission='zope.Public',
             factory=None,
             file=None,
             image=None,
             template=None):

    if permission == 'zope.Public':
        permission = CheckerPublic

    checker = NamesChecker(allowed_names, permission)

    if (factory and (file or image or template)) or \
       (file and (factory or image or template)) or \
       (image and (factory or file or template)) or \
       (template and (factory or file or image)):
        raise ConfigurationError(
            "Must use exactly one of factory or file or image or template"
            " attributes for resource directives")

    if image or template:
        import warnings
        warnings.warn_explicit(
            'The "template" and "image" attributes of resource '
            'directive are deprecated in favor of pluggable '
            'file resource factories based on file extensions. '
            'Use the "file" attribute instead.', DeprecationWarning,
            _context.info.file, _context.info.line)
        if image:
            file = image
        elif template:
            file = template

    _context.action(
        discriminator=('resource', name, IBrowserRequest, layer),
        callable=resourceHandler,
        args=(name, layer, checker, factory, file, _context.info),
    )
Exemplo n.º 33
0
def resource(_context,
             name,
             layer=IDefaultBrowserLayer,
             permission='zope.Public',
             factory=None,
             file=None,
             image=None,
             template=None):

    if permission == 'zope.Public':
        permission = CheckerPublic

    checker = NamesChecker(allowed_names, permission)

    if (factory and (file or image or template)) or \
       (file and (factory or image or template)) or \
       (image and (factory or file or template)) or \
       (template and (factory or file or image)):
        raise ConfigurationError(
            "Must use exactly one of factory or file or image or template"
            " attributes for resource directives")

    if factory is not None:
        factory = ResourceFactoryWrapper(factory, checker, name)
    elif file:
        factory = FileResourceFactory(file, checker, name)
    elif image:
        factory = ImageResourceFactory(image, checker, name)
    else:
        factory = PageTemplateResourceFactory(template, checker, name)

    _context.action(
        discriminator=('resource', name, IBrowserRequest, layer),
        callable=handler,
        args=('registerAdapter', factory, (layer, ), Interface, name,
              _context.info),
    )
Exemplo n.º 34
0
    def test_check_getattr(self):

        oldinst = OldInst()
        oldinst.d = OldInst()

        newinst = NewInst()
        newinst.d = NewInst()

        for inst in oldinst, newinst:
            checker = NamesChecker(['a', 'b', 'c', '__getitem__'], 'perm')

            self.assertRaises(Unauthorized, checker.check_getattr, inst, 'a')
            self.assertRaises(Unauthorized, checker.check_getattr, inst, 'b')
            self.assertRaises(Unauthorized, checker.check_getattr, inst, 'c')
            self.assertRaises(Unauthorized, checker.check, inst, '__getitem__')
            self.assertRaises(Forbidden, checker.check, inst, '__setitem__')
            self.assertRaises(Forbidden, checker.check_getattr, inst, 'd')
            self.assertRaises(Forbidden, checker.check_getattr, inst, 'e')
            self.assertRaises(Forbidden, checker.check_getattr, inst, 'f')

            checker = NamesChecker(['a', 'b', 'c', '__getitem__'],
                                   'test_allowed')

            checker.check_getattr(inst, 'a')
            checker.check_getattr(inst, 'b')
            checker.check_getattr(inst, 'c')
            checker.check(inst, '__getitem__')
            self.assertRaises(Forbidden, checker.check, inst, '__setitem__')
            self.assertRaises(Forbidden, checker.check_getattr, inst, 'd')
            self.assertRaises(Forbidden, checker.check_getattr, inst, 'e')
            self.assertRaises(Forbidden, checker.check_getattr, inst, 'f')

            checker = NamesChecker(['a', 'b', 'c', '__getitem__'],
                                   CheckerPublic)

            checker.check_getattr(inst, 'a')
            checker.check_getattr(inst, 'b')
            checker.check_getattr(inst, 'c')
            checker.check(inst, '__getitem__')
            self.assertRaises(Forbidden, checker.check, inst, '__setitem__')
            self.assertRaises(Forbidden, checker.check_getattr, inst, 'd')
            self.assertRaises(Forbidden, checker.check_getattr, inst, 'e')
            self.assertRaises(Forbidden, checker.check_getattr, inst, 'f')