Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Z
Zope
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
Zope
Commits
7b17b903
Commit
7b17b903
authored
Jul 10, 2010
by
Hanno Schlichting
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Move all tests depending on PythonScripts into its own module
parent
f12f5b49
Changes
6
Show whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
187 additions
and
156 deletions
+187
-156
src/Products/Five/browser/tests/pages.txt
src/Products/Five/browser/tests/pages.txt
+0
-50
src/Products/Five/browser/tests/resource.txt
src/Products/Five/browser/tests/resource.txt
+0
-47
src/Products/Five/browser/tests/test_pages.py
src/Products/Five/browser/tests/test_pages.py
+0
-4
src/Products/Five/browser/tests/test_resource.py
src/Products/Five/browser/tests/test_resource.py
+0
-4
src/Products/Five/browser/tests/test_scriptsecurity.py
src/Products/Five/browser/tests/test_scriptsecurity.py
+187
-0
src/Products/Five/tests/testing/restricted.py
src/Products/Five/tests/testing/restricted.py
+0
-51
No files found.
src/Products/Five/browser/tests/pages.txt
View file @
7b17b903
...
...
@@ -275,56 +275,6 @@ The same applies to a view registered with <browser:view /> instead of
>>> aq_parent(aq_inner(context))
<Folder at /test_folder_1_>
High-level security
-------------------
>>> protected_view_names = [
... 'eagle.txt', 'falcon.html', 'owl.html', 'flamingo.html',
... 'condor.html', 'permission_view']
>>>
>>> public_view_names = [
... 'public_attribute_page',
... 'public_template_page',
... 'public_template_class_page',
... 'nodoc-method', 'nodoc-function', 'nodoc-object',
... 'dirpage1', 'dirpage2']
>>> from Products.Five.tests.testing.restricted import checkRestricted
>>> from Products.Five.tests.testing.restricted import checkUnauthorized
As long as we're not authenticated, we should get Unauthorized for
protected views, but we should be able to view the public ones:
>>> self.logout()
>>> for view_name in protected_view_names:
... checkUnauthorized(
... self.folder,
... 'context.restrictedTraverse("testoid/%s")()' % view_name)
>>> for view_name in public_view_names:
... checkRestricted(
... self.folder,
... 'context.restrictedTraverse("testoid/%s")()' % view_name)
>>> self.login('manager')
Being logged in as a manager again, we find that the protected pages
are accessible to us:
>>> for view_name in protected_view_names:
... checkRestricted(
... self.folder,
... 'context.restrictedTraverse("testoid/%s")()' % view_name)
>>> checkRestricted(
... self.folder,
... 'context.restrictedTraverse("testoid/eagle.method").eagle()')
Even when logged in though the private methods should not be accessible:
>>> checkUnauthorized( self.folder,
... 'context.restrictedTraverse("testoid/eagle.method").mouse()')
Other
-----
...
...
src/Products/Five/browser/tests/resource.txt
View file @
7b17b903
...
...
@@ -69,53 +69,6 @@ PageTemplateResource's __call__ renders the template
... if not isinstance(resource, PageTemplateResource):
... self.assertEquals(resource(), base_url % r)
Security
--------
>>> from Products.Five.tests.testing.restricted import checkRestricted
>>> from Products.Five.tests.testing.restricted import checkUnauthorized
>>> resource_names = ['cockatiel.html', 'style.css', 'pattern.png']
We should get Unauthorized as long as we're unauthenticated:
>>> for resource in resource_names:
... checkUnauthorized(
... self.folder,
... 'context.restrictedTraverse("testoid/++resource++%s")()' % resource)
>>> base = 'testoid/++resource++fivetest_resources/%s'
>>> for resource in dir_resource_names:
... path = base % resource
... checkUnauthorized(self.folder, 'context.restrictedTraverse("%s")' % path)
Now let's create a manager user account and log in:
>>> uf = self.folder.acl_users
>>> uf._doAddUser('manager', 'r00t', ['Manager'], [])
>>> self.login('manager')
We can now view them all:
>>> for resource in resource_names:
... checkRestricted(
... self.folder,
... 'context.restrictedTraverse("testoid/++resource++%s")()' % resource)
>>> base = 'testoid/++resource++fivetest_resources/%s'
>>> for resource in dir_resource_names:
... path = base % resource
... checkRestricted(self.folder, 'context.restrictedTraverse("%s")' % path)
Let's make sure restrictedTraverse() works directly, too. It used to get
tripped up on subdirectories due to missing security declarations.
>>> self.folder.restrictedTraverse('++resource++fivetest_resources/resource.txt') is not None
True
>>> self.folder.restrictedTraverse('++resource++fivetest_resources/resource_subdir/resource.txt') is not None
True
Clean up
--------
...
...
src/Products/Five/browser/tests/test_pages.py
View file @
7b17b903
...
...
@@ -12,8 +12,6 @@
#
##############################################################################
"""Test browser pages
$Id$
"""
import
unittest
...
...
@@ -69,8 +67,6 @@ def test_suite():
from
Testing.ZopeTestCase
import
FunctionalDocFileSuite
from
Testing.ZopeTestCase
import
ZopeDocFileSuite
from
Testing.ZopeTestCase
import
ZopeDocTestSuite
from
Testing.ZopeTestCase
import
installProduct
installProduct
(
'PythonScripts'
)
return
unittest
.
TestSuite
((
ZopeDocTestSuite
(),
ZopeDocFileSuite
(
'pages.txt'
,
package
=
'Products.Five.browser.tests'
),
...
...
src/Products/Five/browser/tests/test_resource.py
View file @
7b17b903
...
...
@@ -12,16 +12,12 @@
#
##############################################################################
"""Test browser resources
$Id$
"""
import
unittest
def
test_suite
():
from
Testing.ZopeTestCase
import
FunctionalDocFileSuite
from
Testing.ZopeTestCase
import
ZopeDocFileSuite
from
Testing.ZopeTestCase
import
installProduct
installProduct
(
'PythonScripts'
)
return
unittest
.
TestSuite
((
ZopeDocFileSuite
(
'resource.txt'
,
package
=
'Products.Five.browser.tests'
),
...
...
src/Products/Five/browser/tests/test_scriptsecurity.py
0 → 100644
View file @
7b17b903
import
unittest
from
AccessControl
import
Unauthorized
from
Products.PythonScripts.PythonScript
import
manage_addPythonScript
def
addPythonScript
(
folder
,
id
,
params
=
''
,
body
=
''
):
"""Add a PythonScript to folder."""
# clean up any 'ps' that's already here..
if
id
in
folder
:
del
folder
[
id
]
manage_addPythonScript
(
folder
,
id
)
folder
[
id
].
ZPythonScript_edit
(
params
,
body
)
def
checkRestricted
(
folder
,
psbody
):
"""Perform a check by running restricted Python code."""
addPythonScript
(
folder
,
'ps'
,
body
=
psbody
)
try
:
folder
.
ps
()
except
Unauthorized
,
e
:
raise
AssertionError
(
e
)
def
checkUnauthorized
(
folder
,
psbody
):
"""Perform a check by running restricted Python code. Expect to
encounter an Unauthorized exception."""
addPythonScript
(
folder
,
'ps'
,
body
=
psbody
)
try
:
folder
.
ps
()
except
Unauthorized
:
pass
else
:
raise
AssertionError
(
"Authorized but shouldn't be"
)
def
test_resource_restricted_code
():
"""
Set up the test fixtures:
>>> import Products.Five.browser.tests
>>> from Zope2.App import zcml
>>> zcml.load_config("configure.zcml", Products.Five)
>>> zcml.load_config('resource.zcml', package=Products.Five.browser.tests)
>>> from Products.Five.tests.testing import manage_addFiveTraversableFolder
>>> manage_addFiveTraversableFolder(self.folder, 'testoid', 'Testoid')
>>> import os, glob
>>> _prefix = os.path.dirname(Products.Five.browser.tests.__file__)
>>> dir_resource_names = [os.path.basename(r) for r in (
... glob.glob('%s/*.png' % _prefix) +
... glob.glob('%s/*.pt' % _prefix) +
... glob.glob('%s/[a-z]*.py' % _prefix) +
... glob.glob('%s/*.css' % _prefix))]
>>> from Products.Five.browser.tests.test_scriptsecurity import checkRestricted
>>> from Products.Five.browser.tests.test_scriptsecurity import checkUnauthorized
>>> resource_names = ['cockatiel.html', 'style.css', 'pattern.png']
We should get Unauthorized as long as we're unauthenticated:
>>> for resource in resource_names:
... checkUnauthorized(
... self.folder,
... 'context.restrictedTraverse("testoid/++resource++%s")()' % resource)
>>> base = 'testoid/++resource++fivetest_resources/%s'
>>> for resource in dir_resource_names:
... path = base % resource
... checkUnauthorized(self.folder, 'context.restrictedTraverse("%s")' % path)
Now let's create a manager user account and log in:
>>> uf = self.folder.acl_users
>>> uf._doAddUser('manager', 'r00t', ['Manager'], [])
>>> self.login('manager')
We can now view them all:
>>> for resource in resource_names:
... checkRestricted(
... self.folder,
... 'context.restrictedTraverse("testoid/++resource++%s")()' % resource)
>>> base = 'testoid/++resource++fivetest_resources/%s'
>>> for resource in dir_resource_names:
... path = base % resource
... checkRestricted(self.folder, 'context.restrictedTraverse("%s")' % path)
Let's make sure restrictedTraverse() works directly, too. It used to get
tripped up on subdirectories due to missing security declarations.
>>> self.folder.restrictedTraverse('++resource++fivetest_resources/resource.txt') is not None
True
>>> self.folder.restrictedTraverse('++resource++fivetest_resources/resource_subdir/resource.txt') is not None
True
Clean up
>>> from zope.component.testing import tearDown
>>> tearDown()
"""
def
test_view_restricted_code
():
"""
Let's register a quite large amount of test pages:
>>> import Products.Five.browser.tests
>>> from Zope2.App import zcml
>>> zcml.load_config("configure.zcml", Products.Five)
>>> zcml.load_config('pages.zcml', package=Products.Five.browser.tests)
Let's add a test object that we view most of the pages off of:
>>> from Products.Five.tests.testing.simplecontent import manage_addSimpleContent
>>> manage_addSimpleContent(self.folder, 'testoid', 'Testoid')
We also need to create a stub user account and login; otherwise we
wouldn't have all the rights to do traversal etc.:
>>> uf = self.folder.acl_users
>>> uf._doAddUser('manager', 'r00t', ['Manager'], [])
>>> self.login('manager')
>>> protected_view_names = [
... 'eagle.txt', 'falcon.html', 'owl.html', 'flamingo.html',
... 'condor.html', 'permission_view']
>>>
>>> public_view_names = [
... 'public_attribute_page',
... 'public_template_page',
... 'public_template_class_page',
... 'nodoc-method', 'nodoc-function', 'nodoc-object',
... 'dirpage1', 'dirpage2']
>>> from Products.Five.browser.tests.test_scriptsecurity import checkRestricted
>>> from Products.Five.browser.tests.test_scriptsecurity import checkUnauthorized
As long as we're not authenticated, we should get Unauthorized for
protected views, but we should be able to view the public ones:
>>> self.logout()
>>> for view_name in protected_view_names:
... checkUnauthorized(
... self.folder,
... 'context.restrictedTraverse("testoid/%s")()' % view_name)
>>> for view_name in public_view_names:
... checkRestricted(
... self.folder,
... 'context.restrictedTraverse("testoid/%s")()' % view_name)
>>> self.login('manager')
Being logged in as a manager again, we find that the protected pages
are accessible to us:
>>> for view_name in protected_view_names:
... checkRestricted(
... self.folder,
... 'context.restrictedTraverse("testoid/%s")()' % view_name)
>>> checkRestricted(
... self.folder,
... 'context.restrictedTraverse("testoid/eagle.method").eagle()')
Even when logged in though the private methods should not be accessible:
>>> checkUnauthorized( self.folder,
... 'context.restrictedTraverse("testoid/eagle.method").mouse()')
Cleanup:
>>> from zope.component.testing import tearDown
>>> tearDown()
"""
def
test_suite
():
from
Testing.ZopeTestCase
import
ZopeDocTestSuite
from
Testing.ZopeTestCase
import
installProduct
installProduct
(
'PythonScripts'
)
return
unittest
.
TestSuite
((
ZopeDocTestSuite
(),
))
src/Products/Five/tests/testing/restricted.py
deleted
100644 → 0
View file @
f12f5b49
##############################################################################
#
# Copyright (c) 2004, 2005 Zope Foundation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""Restricted python test helpers
Based on Plone's RestrictedPythonTestCase, with kind permission by the
Plone developers.
"""
from
AccessControl
import
Unauthorized
from
Products.PythonScripts.PythonScript
import
manage_addPythonScript
def
addPythonScript
(
folder
,
id
,
params
=
''
,
body
=
''
):
"""Add a PythonScript to folder."""
# clean up any 'ps' that's already here..
if
id
in
folder
:
del
folder
[
id
]
manage_addPythonScript
(
folder
,
id
)
folder
[
id
].
ZPythonScript_edit
(
params
,
body
)
def
checkRestricted
(
folder
,
psbody
):
"""Perform a check by running restricted Python code."""
addPythonScript
(
folder
,
'ps'
,
body
=
psbody
)
try
:
folder
.
ps
()
except
Unauthorized
,
e
:
raise
AssertionError
(
e
)
def
checkUnauthorized
(
folder
,
psbody
):
"""Perform a check by running restricted Python code. Expect to
encounter an Unauthorized exception."""
addPythonScript
(
folder
,
'ps'
,
body
=
psbody
)
try
:
folder
.
ps
()
except
Unauthorized
:
pass
else
:
raise
AssertionError
(
"Authorized but shouldn't be"
)
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment