def su(self, username=None):
"""Change to named user. Return to permissive security
policy if no username is given.
"""
if username is None:
self._make_permissive()
print "PermissiveSecurityPolicy put back in place"
return
user = (self.portal.acl_users.getUser(username)
or self.app.acl_users.getUser(username))
if not user:
print "Can't find %s in %s" % (username, self.portal.acl_users)
return
from AccessControl.ZopeSecurityPolicy import ZopeSecurityPolicy
from AccessControl.SecurityManagement import newSecurityManager
from AccessControl.SecurityManagement import getSecurityManager
from AccessControl.SecurityManager import setSecurityPolicy
_policy = ZopeSecurityPolicy()
self.oldpolicy = setSecurityPolicy(_policy)
wrapped_user = user.__of__(self.portal.acl_users)
newSecurityManager(None, wrapped_user)
print 'User changed.'
return getSecurityManager().getUser()
def _initPolicyAndManager(self, manager=None):
from AccessControl.SecurityManagement import get_ident
from AccessControl.SecurityManagement import _managers
from AccessControl.SecurityManagement import newSecurityManager
from AccessControl.SecurityManager import setSecurityPolicy
from AccessControl.ZopeSecurityPolicy import ZopeSecurityPolicy
class UnderprivilegedUser:
""" Anonymous USer for unit testing purposes.
"""
def getId(self):
return 'Underprivileged User'
getUserName = getId
def allowed(self, object, object_roles=None):
return 0
def getRoles(self):
return ()
self._policy = ZopeSecurityPolicy()
self._old_policy = setSecurityPolicy(self._policy)
if manager is None:
thread_id = get_ident()
self._old_mgr = manager = _managers.get(thread_id, self._marker)
newSecurityManager(None, UnderprivilegedUser())
else:
self._old_mgr = self.setSecurityManager(manager)