def traverseName(self, request, ob, name):
nm = name # the name to look up the object with
if name and name[:1] in '@+':
# Process URI segment parameters.
ns, nm = nsParse(name)
if ns:
try:
ob2 = namespaceLookup(ns, nm, ob, request)
except TraversalError:
raise NotFound(ob, name)
return ProxyFactory(ob2)
if nm == '.':
return ob
if IPublishTraverse.providedBy(ob):
ob2 = ob.publishTraverse(request, nm)
else:
# self is marker
adapter = queryMultiAdapter((ob, request), IPublishTraverse,
default=self)
if adapter is not self:
ob2 = adapter.publishTraverse(request, nm)
else:
raise NotFound(ob, name, request)
return ProxyFactory(ob2)
def test_ProxyFactory(self):
class SomeClass(object):
pass
import zope.security
checker = NamesChecker()
specific_checker = NamesChecker()
checker_as_magic_attr = NamesChecker()
obj = SomeClass()
proxy = ProxyFactory(obj)
self.assert_(type(proxy) is Proxy)
from zope.security.checker import _defaultChecker
self.assert_(getChecker(proxy) is _defaultChecker)
defineChecker(SomeClass, checker)
proxy = ProxyFactory(obj)
self.assert_(type(proxy) is Proxy)
self.assert_(getChecker(proxy) is checker)
obj.__Security_checker__ = checker_as_magic_attr
proxy = ProxyFactory(obj)
self.assert_(type(proxy) is Proxy)
self.assert_(getChecker(proxy) is checker_as_magic_attr)
proxy = ProxyFactory(obj, specific_checker)
self.assert_(type(proxy) is Proxy)
self.assert_(getChecker(proxy) is specific_checker)
def testResource(self):
self.assertEqual(
component.queryMultiAdapter((ob, request), name='zmi_icon'), None)
import zope.app.publisher.browser.tests as p
path = os.path.dirname(p.__file__)
path = os.path.join(path, 'testfiles', 'test.gif')
xmlconfig(
StringIO(template % ('''
<browser:resource name="zmi_icon_res"
image="%s" />
<browser:icon name="zmi_icon"
for="zope.app.component.tests.views.IC"
resource="zmi_icon_res" />
''' % path)))
view = component.getMultiAdapter((ob, request), name='zmi_icon')
rname = "zmi_icon_res"
self.assertEqual(
view(), '<img src="http://127.0.0.1/@@/%s" alt="IC" width="16" '
'height="16" border="0" />' % rname)
resource = ProxyFactory(component.getAdapter(request, name=rname))
self.assertRaises(Forbidden, getattr, resource, '_testData')
resource = removeSecurityProxy(resource)
self.assertEqual(resource._testData(), open(path, 'rb').read())
def getApplication(self, request):
# If the first name is '++etc++process', then we should
# get it rather than look in the database!
stack = request.getTraversalStack()
if '++etc++process' in stack:
return applicationControllerRoot
# Open the database.
conn = self.db.open()
cleanup = Cleanup(conn.close)
request.hold(cleanup) # Close the connection on request.close()
request.annotations['ZODB.interfaces.IConnection'] = conn
self.openedConnection(conn)
#conn.setDebugInfo(getattr(request, 'environ', None), request.other)
root = conn.root()
app = root.get(self.root_name, None)
if app is None:
raise SystemError("Zope Application Not Found")
return ProxyFactory(app)
def proxy(self, ob):
"""Security-proxy an object
Subclasses may override this to use a different proxy (or
checker) implementation or to not proxy at all.
"""
return ProxyFactory(ob)
def testProxy(self):
path = os.path.join(test_directory, 'testfiles')
request = TestRequest()
factory = DirectoryResourceFactory(path, checker, 'testfiles')
resource = factory(request)
file = ProxyFactory(resource['test.txt'])
self.assertTrue(isProxy(file))
def test(self):
self.assertEqual(
component.queryMultiAdapter((ob, request), name='zmi_icon'), None)
import zope.app.publisher.browser.tests as p
path = os.path.dirname(p.__file__)
path = os.path.join(path, 'testfiles', 'test.gif')
# Configure the icon and make sure we can render the resulting view:
xmlconfig(
StringIO(template % ('''
<browser:icon name="zmi_icon"
for="zope.app.component.tests.views.IC"
file="%s" />
''' % path)))
view = component.getMultiAdapter((ob, request), name='zmi_icon')
rname = 'zope-app-component-tests-views-IC-zmi_icon.gif'
self.assertEqual(
view(), '<img src="http://127.0.0.1/@@/%s" alt="IC" '
'width="16" height="16" border="0" />' % rname)
# Make sure that the title attribute works
xmlconfig(
StringIO(template % ('''
<browser:icon name="zmi_icon_w_title"
for="zope.app.component.tests.views.IC"
file="%s" title="click this!" />
''' % path)))
view = component.getMultiAdapter((ob, request),
name='zmi_icon_w_title')
rname = 'zope-app-component-tests-views-IC-zmi_icon_w_title.gif'
self.assertEqual(
view(), '<img src="http://127.0.0.1/@@/%s" alt="click this!" '
'width="16" height="16" border="0" />' % rname)
# Make sure that the width and height attributes work
xmlconfig(
StringIO(template % ('''
<browser:icon name="zmi_icon_w_width_and_height"
for="zope.app.component.tests.views.IC"
file="%s"
width="20" height="12" />
''' % path)))
view = component.getMultiAdapter((ob, request),
name='zmi_icon_w_width_and_height')
rname = ('zope-app-component-tests-views-IC-'
'zmi_icon_w_width_and_height.gif')
self.assertEqual(
view(), '<img src="http://127.0.0.1/@@/%s" alt="IC" '
'width="20" height="12" border="0" />' % rname)
# Make sure that the image was installed as a resource:
resource = ProxyFactory(component.getAdapter(request, name=rname))
self.assertRaises(Forbidden, getattr, resource, '_testData')
resource = removeSecurityProxy(resource)
self.assertEqual(resource._testData(), open(path, 'rb').read())
def test_getObjectType(self):
self.assertEqual(
getObjectType(NonpersistentStub()),
"<class 'zodbbrowser.tests.test_browser.NonpersistentStub'>")
self.assertEqual(
getObjectType(ProxyFactory(NonpersistentStub())),
str(Proxy) + " - " +
"<class 'zodbbrowser.tests.test_browser.NonpersistentStub'>")
def authorized(self, result):
obj = result.object()
defaultview = getDefaultViewName(obj, self.request)
try:
view = queryMultiAdapter((ProxyFactory(obj), self.request), name=defaultview)
return True
except Unauthorized:
print False
def test_ProxyFactory_using_proxy(self):
class SomeClass(object):
pass
obj = SomeClass()
checker = NamesChecker()
proxy1 = ProxyFactory(obj)
proxy2 = ProxyFactory(proxy1)
self.assert_(proxy1 is proxy2)
# Trying to change the checker on a proxy.
self.assertRaises(TypeError, ProxyFactory, proxy1, checker)
# Setting exactly the same checker as the proxy already has.
proxy1 = ProxyFactory(obj, checker)
proxy2 = ProxyFactory(proxy1, checker)
self.assert_(proxy1 is proxy2)
def traverseName(self, request, ob, name, check_auth=1):
# Fake the virtual host
if name == "vh":
return ProxyFactory(ob)
return super(HookPublication,
self).traverseName(request,
removeSecurityProxy(ob),
name,
check_auth=1)
def __call__(self, *args):
for arg in args:
if removeSecurityProxy(arg) is not arg:
args = [removeSecurityProxy(x) for x in args]
adapter = self.factory(*args)
adapter = self._customizeProtected(adapter, args[0])
return ProxyFactory(adapter)
adapter = self.factory(*args)
adapter = self._customizeUnprotected(adapter, args[0])
return adapter
def testAllAllowed(self):
defineChecker(
C, Checker({
'folder': CheckerPublic,
'item': CheckerPublic,
}))
tr = Traverser(ProxyFactory(self.root))
item = self.item
self.assertEqual(tr.traverse(('', 'folder', 'item')), item)
self.assertEqual(tr.traverse(('folder', 'item')), item)
def testItemDenied(self):
endInteraction()
newInteraction(ParticipationStub('no one'))
defineChecker(C, Checker({'item': 'Waaaa', 'folder': CheckerPublic}))
tr = Traverser(ProxyFactory(self.root))
folder = self.folder
self.assertRaises(Unauthorized, tr.traverse, ('', 'folder', 'item'))
self.assertRaises(Unauthorized, tr.traverse, ('folder', 'item'))
self.assertEqual(tr.traverse(('', 'folder')), folder)
self.assertEqual(tr.traverse(('folder', '..', 'folder')), folder)
self.assertEqual(tr.traverse(('folder', )), folder)
def test_proxied(self):
from zope.security.checker import ProxyFactory
@representation.WithRepr
class Foo(object):
pass
r = repr(ProxyFactory(Foo()))
assert_that(
r,
contains_string(
'<nti.externalization.tests.test_representation.Foo at'))
assert_that(r, contains_string('{}'))
def traverseRelativeURL(self, request, ob, path):
ob = self.traversePath(request, ob, path)
while True:
adapter = IBrowserPublisher(ob, None)
if adapter is None:
return ob
ob, path = adapter.browserDefault(request)
ob = ProxyFactory(ob)
if not path:
return ob
ob = self.traversePath(request, ob, path)
def getDefaultTraversal(self, request, ob):
if IBrowserPublisher.providedBy(ob):
# ob is already proxied, so the result of calling a method will be
return ob.browserDefault(request)
else:
adapter = queryMultiAdapter((ob, request), IBrowserPublisher)
if adapter is not None:
ob, path = adapter.browserDefault(request)
ob = ProxyFactory(ob)
return ob, path
else:
# ob is already proxied
return ob, None
def beginRequest(self, params=None):
# XXX: move begin/end requests to runTransaction level
if params is None:
params = self.request_params
request = RemoteReportRequest(task=self)
if params is not None:
request.initParams(params)
# XXX:
from schooltool.app.security import Principal
from zope.security.checker import ProxyFactory
principal = Principal(self.creator.__name__,
'XXX:title',
person=ProxyFactory(self.creator))
for group in self.creator.groups:
principal.groups.append("sb.group." + group.__name__)
request.principal = principal
zope.security.management.endInteraction()
zope.security.management.newInteraction(request)
def renderSETUP(self):
data = {}
fixtures = self.get_fixtures()
try:
for fixture_name in self.fixtures:
__traceback_info__ = (fixture_name, data)
fixtures[fixture_name](self.request, data)
except EXPLOSIVE_ERRORS:
raise
except:
self.request.response.setStatus(500)
result = ''.join(format_exception(*sys.exc_info()))
else:
self.request.response.setHeader('Content-Type', 'application/json')
# We use the ProxyFactory so that the restful
# redaction code is always used.
result = simplejson.dumps(ProxyFactory(data),
cls=ResourceJSONEncoder)
return result
def getApplication(self, request):
"""Returns the object where traversal should commence.
"""
# Look for a defined 'snap.skin' variable defined in the
# request environment by the 'config' wsgi-filter and if
# found, switch the skin to that.
skin = request.get('snap.skin')
if skin is not None:
stack = request.getTraversalStack()
# Check if a skin is not already setup.
if not filter(None, ['++skin++' in part for part in stack]):
skin = component.queryUtility(ISkin, skin, default=None)
if skin is not None:
applySkin(request, skin)
proxies = request.get('snap.security.proxies', None)
if proxies in ('off', 'disable', 'false'):
return app
return ProxyFactory(app)
def setUp(self):
PlacelessSetup.setUp(self)
zope.component.provideAdapter(DefaultTraversable, (None, ),
ITraversable)
zope.component.provideAdapter(LocationPhysicallyLocatable, (None, ),
ILocationInfo)
zope.component.provideAdapter(RootPhysicallyLocatable, (IRoot, ),
ILocationInfo)
self.root = root = C('root')
directlyProvides(root, IRoot)
self.folder = folder = contained(C('folder'), root, 'folder')
self.item = item = contained(C('item'), folder, 'item')
root.folder = folder
folder.item = item
self.tr = Traverser(ProxyFactory(root))
def getPrincipal(self, id):
"""Get principal meta-data.
Returns principals for groups and persons.
"""
app = ISchoolToolApplication(None)
if id.startswith(self.person_prefix):
username = id[len(self.person_prefix):]
if username in app['persons']:
person = app['persons'][username]
principal = Principal(id, person.title,
person=ProxyFactory(person))
for group in person.groups:
group_principal_id = self.group_prefix + group.__name__
principal.groups.append(group_principal_id)
authenticated = queryUtility(IAuthenticatedGroup)
if authenticated:
principal.groups.append(authenticated.id)
everyone = queryUtility(IEveryoneGroup)
if everyone:
principal.groups.append(everyone.id)
return principal
return None
def authorized(self, result):
obj = result.object()
defaultview = getDefaultViewName(obj, self.request)
view = queryMultiAdapter((ProxyFactory(obj), self.request),
name=defaultview)
return canAccess(view, "__call__")
def proxy(self, ob):
return ProxyFactory(ob)
def test_getObjectTypeShort(self):
self.assertEqual(getObjectTypeShort(NonpersistentStub()),
'NonpersistentStub')
self.assertEqual(getObjectTypeShort(ProxyFactory(NonpersistentStub())),
Proxy.__name__ + ' - NonpersistentStub')
def handleException(self, object, request, exc_info, retry_allowed=True):
# This transaction had an exception that reached the publisher.
# It must definitely be aborted.
transaction.abort()
# Reraise Retry exceptions for the publisher to deal with.
if retry_allowed and isinstance(exc_info[1], Retry):
raise
# Convert ConflictErrors to Retry exceptions.
if retry_allowed and isinstance(exc_info[1], ConflictError):
tryToLogWarning(
'ZopePublication',
'Competing writes/reads at %s: %s' % (
request.get('PATH_INFO', '???'),
exc_info[1],
),
)
raise Retry(exc_info)
# Are there any reasons why we'd want to let application-level error
# handling determine whether a retry is allowed or not?
# Assume not for now.
# Record the error with the ErrorReportingUtility
self._logErrorWithErrorReportingUtility(object, request, exc_info)
response = request.response
response.reset()
exception = None
legacy_exception = not isinstance(exc_info[1], Exception)
if legacy_exception:
response.handleException(exc_info)
if isinstance(exc_info[1], str):
tryToLogWarning(
'Publisher received a legacy string exception: %s.'
' This will be handled by the request.' % exc_info[1])
else:
tryToLogWarning(
'Publisher received a legacy classic class exception: %s.'
' This will be handled by the request.' %
exc_info[1].__class__)
else:
# We definitely have an Exception
# Set the request body, and abort the current transaction.
self.beginErrorHandlingTransaction(request, object,
'application error-handling')
view = None
try:
# We need to get a location, because some template content of
# the exception view might require one.
#
# The object might not have a parent, because it might be a
# method. If we don't have a `__parent__` attribute but have
# an im_self or a __self__, use it.
loc = object
if not hasattr(object, '__parent__'):
loc = removeSecurityProxy(object)
# Try to get an object, since we apparently have a method
# Note: We are guaranteed that an object has a location,
# so just getting the instance the method belongs to is
# sufficient.
loc = getattr(loc, 'im_self', loc)
loc = getattr(loc, '__self__', loc)
# Protect the location with a security proxy
loc = ProxyFactory(loc)
# Give the exception instance its location and look up the
# view.
exception = LocationProxy(exc_info[1], loc, '')
name = queryDefaultViewName(exception, request)
if name is not None:
view = zope.component.queryMultiAdapter(
(exception, request), name=name)
except:
# Problem getting a view for this exception. Log an error.
tryToLogException('Exception while getting view on exception')
if view is not None:
try:
# We use mapply instead of self.callObject here
# because we don't want to pass positional
# arguments. The positional arguments were meant
# for the published object, not an exception view.
body = mapply(view, (), request)
response.setResult(body)
transaction.commit()
if (ISystemErrorView.providedBy(view)
and view.isSystemError()):
# Got a system error, want to log the error
# Lame hack to get around logging missfeature
# that is fixed in Python 2.4
try:
raise exc_info[0], exc_info[1], exc_info[2]
except:
logging.getLogger('SiteError').exception(
str(request.URL), )
except:
# Problem rendering the view for this exception.
# Log an error.
tryToLogException(
'Exception while rendering view on exception')
# Record the error with the ErrorReportingUtility
self._logErrorWithErrorReportingUtility(
object, request, sys.exc_info())
view = None
if view is None:
# Either the view was not found, or view was set to None
# because the view couldn't be rendered. In either case,
# we let the request handle it.
response.handleException(exc_info)
transaction.abort()
# See if there's an IExceptionSideEffects adapter for the
# exception
try:
adapter = IExceptionSideEffects(exception, None)
except:
tryToLogException(
'Exception while getting IExceptionSideEffects adapter')
adapter = None
if adapter is not None:
self.beginErrorHandlingTransaction(
request, object, 'application error-handling side-effect')
try:
# Although request is passed in here, it should be
# considered read-only.
adapter(object, request, exc_info)
transaction.commit()
except:
tryToLogException('Exception while calling'
' IExceptionSideEffects adapter')
transaction.abort()
def test_that_CheckerPublic_identity_works_even_when_proxied(self):
self.assert_(ProxyFactory(CheckerPublic) is CheckerPublic)
request = get_current_browser_request()
assert isinstance(request, WebServiceClientRequest)
# Zope wrongly encodes any form element that doesn't look like a file,
# so re-fetch the file content if it has been encoded.
if request and request.form.has_key(field_name) and isinstance(
request.form[field_name], unicode):
request._environ['wsgi.input'].seek(0)
fs = FieldStorage(fp=request._body_instream, environ=request._environ)
return fs[field_name].value
class RootObject:
implements(ILaunchpadApplication, ILaunchpadRoot)
rootObject = ProxyFactory(RootObject(), NamesChecker(["__class__"]))
class LaunchpadContainer:
implements(ILaunchpadContainer)
def __init__(self, context):
self.context = context
def isWithin(self, scope):
"""Is this object within the given scope?
By default all objects are only within itself. More specific adapters
must override this and implement the logic they want.
"""
return self.context == scope