def su(self, username=None): """Change to named user. Return to permissive security policy if no username is given. """ if username is None: self._make_permissive() print "PermissiveSecurityPolicy put back in place" return user = (self.portal.acl_users.getUser(username) or self.app.acl_users.getUser(username)) if not user: print "Can't find %s in %s" % (username, self.portal.acl_users) return from AccessControl.ZopeSecurityPolicy import ZopeSecurityPolicy from AccessControl.SecurityManagement import newSecurityManager from AccessControl.SecurityManagement import getSecurityManager from AccessControl.SecurityManager import setSecurityPolicy _policy = ZopeSecurityPolicy() self.oldpolicy = setSecurityPolicy(_policy) wrapped_user = user.__of__(self.portal.acl_users) newSecurityManager(None, wrapped_user) print 'User changed.' return getSecurityManager().getUser()
def _initPolicyAndManager(self, manager=None): from AccessControl.SecurityManagement import get_ident from AccessControl.SecurityManagement import _managers from AccessControl.SecurityManagement import newSecurityManager from AccessControl.SecurityManager import setSecurityPolicy from AccessControl.ZopeSecurityPolicy import ZopeSecurityPolicy class UnderprivilegedUser: """ Anonymous USer for unit testing purposes. """ def getId(self): return 'Underprivileged User' getUserName = getId def allowed(self, object, object_roles=None): return 0 def getRoles(self): return () self._policy = ZopeSecurityPolicy() self._old_policy = setSecurityPolicy(self._policy) if manager is None: thread_id = get_ident() self._old_mgr = manager = _managers.get(thread_id, self._marker) newSecurityManager(None, UnderprivilegedUser()) else: self._old_mgr = self.setSecurityManager(manager)