Commit 7bf5a9ce authored by Tres Seaver's avatar Tres Seaver

Collector #1182: BBB Forward port fix from 2.7 branch (19 months ago!).

This change reverts 'guarded_getitem' to pass the 'index' argument as
the name to 'validate'.  This change will *not* be propagated to the
trunk, because the resolution of #1182 specifies that the reverted
behavior (i.e., passing None for item accces) is to become the standard
implementation as of 2.9.
parent 3f0e6aee
...@@ -26,6 +26,13 @@ Zope Changes ...@@ -26,6 +26,13 @@ Zope Changes
Bugs Fixed Bugs Fixed
- Collector #1182: BBB Forward port fix from 2.7 branch (19 months
ago!), reverting 'guarded_getitem' to pass the 'index' argument as
the name to 'validate'. This change is *not* propagated to the
trunk, because the resolution of #1182 specifies that the reverted
behavior (i.e., passing None for item accces) is to become the
standard implementation as of 2.9.
- Collector #1877: skel/Products/README.txt inappropriately copied - Collector #1877: skel/Products/README.txt inappropriately copied
from CMF. from CMF.
......
...@@ -68,7 +68,7 @@ def guarded_getitem(object, index): ...@@ -68,7 +68,7 @@ def guarded_getitem(object, index):
if Containers(type(object)) and Containers(type(v)): if Containers(type(object)) and Containers(type(v)):
# Simple type. Short circuit. # Simple type. Short circuit.
return v return v
if getSecurityManager().validate(object, object, None, v): if getSecurityManager().validate(object, object, index, v):
return v return v
raise Unauthorized, 'unauthorized access to element %s' % `i` raise Unauthorized, 'unauthorized access to element %s' % `i`
......
...@@ -119,6 +119,30 @@ class TestGuardedGetattr(GuardTestCase): ...@@ -119,6 +119,30 @@ class TestGuardedGetattr(GuardTestCase):
finally: finally:
ContainerAssertions[_dict] = old ContainerAssertions[_dict] = old
class TestGuardedGetitem(GuardTestCase):
def setUp(self):
self.sm = SecurityManager()
self.old = self.setSecurityManager(self.sm)
def tearDown(self):
self.setSecurityManager(self.old)
def test_guarded_getitem_passes_index_to_validate(self):
# BBB: collector #1182 specifies that guarded_getitem should be
# passing the 'index' to validate, rather than 'None',
# until Zope 2.9.
from UserDict import UserDict
from AccessControl.ZopeGuards import guarded_getitem
foo = []
protected = UserDict(foo=foo)
value = guarded_getitem(protected, 'foo')
self.failUnless(value is foo)
self.assertEqual(len(self.sm.calls), 1)
self.assertEqual(self.sm.calls[0],
('validate', (protected, protected, 'foo', foo)))
class TestDictGuards(GuardTestCase): class TestDictGuards(GuardTestCase):
...@@ -650,6 +674,7 @@ print foo(**kw) ...@@ -650,6 +674,7 @@ print foo(**kw)
def test_suite(): def test_suite():
suite = unittest.TestSuite() suite = unittest.TestSuite()
for cls in (TestGuardedGetattr, for cls in (TestGuardedGetattr,
TestGuardedGetitem,
TestDictGuards, TestDictGuards,
TestBuiltinFunctionGuards, TestBuiltinFunctionGuards,
TestListGuards, TestListGuards,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment