Пример #1
0
    def test_generateEXML_unacquired_perm(self):

        ACI = 'Access contents information'
        ROLES = ['Manager', 'Owner', 'ZZZ']

        site = Folder(id='site').__of__(self.app)
        existing_roles = list(getattr(site, '__ac_roles__', []))[:]
        existing_roles.append('ZZZ')
        site.__ac_roles__ = existing_roles
        site.manage_permission(ACI, ROLES)
        configurator = self._makeOne(site).__of__(site)

        self._compareDOM(configurator.generateXML(), _COMBINED_EXPORT)
Пример #2
0
    def test_generateEXML_unacquired_perm( self ):

        ACI = 'Access contents information'
        ROLES = [ 'Manager', 'Owner', 'ZZZ' ]

        site = Folder(id='site').__of__(self.app)
        existing_roles = list( getattr( site, '__ac_roles__', [] ) )[:]
        existing_roles.append( 'ZZZ' )
        site.__ac_roles__ = existing_roles
        site.manage_permission( ACI, ROLES )
        configurator = self._makeOne( site ).__of__( site )

        self._compareDOM( configurator.generateXML(), _COMBINED_EXPORT )
Пример #3
0
    def test_security_attributes(self):
        conn = self.db.open()
        try:
            app = conn.root()['Application']
            f = Folder()
            f.id = 'Holidays'
            app._setObject(f.id, f, set_owner=0)
            f = app.Holidays
            u = UserFolder()
            u.id = 'acl_users'
            f._setObject(u.id, u, set_owner=0)
            u._doAddUser('shane', 'abcdefg', ('Elder',), ())

            f._owner = (['Holidays', 'acl_users'], 'shane')
            f.__ac_roles__ = ['Elder', 'Manager', 'Missionary']
            f.__ac_local_roles__ = {'shane': ['Missionary']}
            f._proxy_roles = ['Manager']
            f._View_Permission = ('Owner', 'Elder')
            f._Add_Folders_Permission = ['Elder']

            transaction.commit()

            conn2 = self.db.open()
            try:
                # Verify that loading works
                app = conn2.root()['Application']
                f2 = app.Holidays
                user = f2.getOwner()
                self.assertEqual(user.getUserName(), 'shane')
                self.assert_('Elder' in user.getRoles())
                self.assertEqual(
                    list(f2.__ac_roles__), ['Elder', 'Manager', 'Missionary'])

                roles = {}
                for role in list(user.getRolesInContext(f2)):
                    if role != 'Authenticated' and role != 'Anonymous':
                        roles[role] = 1
                self.assertEqual(roles, {'Elder':1, 'Missionary':1})
                self.assertEqual(tuple(f2._proxy_roles), ('Manager',))

                self.assert_(isinstance(f2._View_Permission, TupleType),
                             "View permission should not be acquired")
                self.assert_(isinstance(f2._Add_Folders_Permission, ListType),
                             "Add Folders permission should be acquired")
                roles = {}
                for role in list(f2._View_Permission):
                    roles[role] = 1
                self.assertEqual(roles, {'Elder':1, 'Owner':1})

                # Write some changes to verify that changes work
                f2._owner = None
                del f2._proxy_roles
                f2.__ac_roles__ += ('Teacher',)
                transaction.commit()
            finally:
                conn2.close()

            # Make sure the changes are seen
            conn.sync()
            self.assert_(f.getOwner() is None, f.getOwner())
            self.assert_(not hasattr(f, '_proxy_roles'))
            self.assertEqual(
                list(f.__ac_roles__),
                ['Elder', 'Manager', 'Missionary', 'Teacher'])
        finally:
            conn.close()
Пример #4
0
    def test_security_attributes(self):
        conn = self.db.open()
        try:
            app = conn.root()['Application']
            f = Folder()
            f.id = 'Holidays'
            app._setObject(f.id, f, set_owner=0)
            f = app.Holidays
            u = UserFolder()
            u.id = 'acl_users'
            f._setObject(u.id, u, set_owner=0)
            u._doAddUser('shane', 'abcdefg', ('Elder', ), ())

            f._owner = (['Holidays', 'acl_users'], 'shane')
            f.__ac_roles__ = ['Elder', 'Manager', 'Missionary']
            f.__ac_local_roles__ = {'shane': ['Missionary']}
            f._proxy_roles = ['Manager']
            f._View_Permission = ('Owner', 'Elder')
            f._Add_Folders_Permission = ['Elder']

            transaction.commit()

            conn2 = self.db.open()
            try:
                # Verify that loading works
                app = conn2.root()['Application']
                f2 = app.Holidays
                user = f2.getOwner()
                self.assertEqual(user.getUserName(), 'shane')
                self.assert_('Elder' in user.getRoles())
                self.assertEqual(list(f2.__ac_roles__),
                                 ['Elder', 'Manager', 'Missionary'])

                roles = {}
                for role in list(user.getRolesInContext(f2)):
                    if role != 'Authenticated' and role != 'Anonymous':
                        roles[role] = 1
                self.assertEqual(roles, {'Elder': 1, 'Missionary': 1})
                self.assertEqual(tuple(f2._proxy_roles), ('Manager', ))

                self.assert_(isinstance(f2._View_Permission, TupleType),
                             "View permission should not be acquired")
                self.assert_(isinstance(f2._Add_Folders_Permission, ListType),
                             "Add Folders permission should be acquired")
                roles = {}
                for role in list(f2._View_Permission):
                    roles[role] = 1
                self.assertEqual(roles, {'Elder': 1, 'Owner': 1})

                # Write some changes to verify that changes work
                f2._owner = None
                del f2._proxy_roles
                f2.__ac_roles__ += ('Teacher', )
                transaction.commit()
            finally:
                conn2.close()

            # Make sure the changes are seen
            conn.sync()
            self.assert_(f.getOwner() is None, f.getOwner())
            self.assert_(not hasattr(f, '_proxy_roles'))
            self.assertEqual(list(f.__ac_roles__),
                             ['Elder', 'Manager', 'Missionary', 'Teacher'])
        finally:
            conn.close()