Commit a3639de7 authored by Hanno Schlichting's avatar Hanno Schlichting

Backport `rolesForPermissionOn` fix from standalone AccessControl project

parent 12632a55
...@@ -8,6 +8,9 @@ http://docs.zope.org/zope2/releases/. ...@@ -8,6 +8,9 @@ http://docs.zope.org/zope2/releases/.
2.12.24 (unreleased) 2.12.24 (unreleased)
-------------------- --------------------
- Fix a bug in ZopeSecurityPolicy.py. Global variable `rolesForPermissionOn`
could be overridden if `__role__` had custom rolesForPermissionOn.
- Updated distributions: - Updated distributions:
- zdaemon = 2.0.7 - zdaemon = 2.0.7
......
...@@ -53,8 +53,9 @@ def getRoles(container, name, value, default): ...@@ -53,8 +53,9 @@ def getRoles(container, name, value, default):
if roles is None or isinstance(roles, tuple_or_list): if roles is None or isinstance(roles, tuple_or_list):
return roles return roles
rolesForPermissionOn = getattr(roles, 'rolesForPermissionOn', None) # Do not override global variable `rolesForPermissionOn`.
if rolesForPermissionOn is not None: roles_rolesForPermissionOn = getattr(roles, 'rolesForPermissionOn', None)
roles = rolesForPermissionOn(value) if roles_rolesForPermissionOn is not None:
roles = roles_rolesForPermissionOn(value)
return roles return roles
...@@ -10,13 +10,11 @@ ...@@ -10,13 +10,11 @@
# FOR A PARTICULAR PURPOSE # FOR A PARTICULAR PURPOSE
# #
############################################################################## ##############################################################################
"""Tests of ZopeSecurityPolicy
"""
__rcs_id__='$Id$' import os
__version__='$Revision: 1.10 $'[11:-2] import sys
import thread
import os, sys, unittest import unittest
import ZODB import ZODB
try: try:
...@@ -576,11 +574,61 @@ def test_zsp_gets_right_roles_for_methods(): ...@@ -576,11 +574,61 @@ def test_zsp_gets_right_roles_for_methods():
from doctest import DocTestSuite from doctest import DocTestSuite
class GetRolesWithMultiThreadTest(unittest.TestCase):
def setUp(self):
self._original_check_interval = sys.getcheckinterval()
sys.setcheckinterval(1)
def tearDown(self):
sys.setcheckinterval(self._original_check_interval)
def testGetRolesWithMultiThread(self):
from AccessControl.ZopeSecurityPolicy import getRoles
class C(object):
pass
class V1(object):
class __roles__(object):
@staticmethod
def rolesForPermissionOn(ob):
return ['Member']
class V2(object):
class __roles__(object):
@staticmethod
def rolesForPermissionOn(ob):
return ['User']
c = C()
c.v1 = V1()
c.v2 = V2()
self.assertEqual(getRoles(c, None, c.v1, 42), ['Member'])
self.assertEqual(getRoles(c, None, c.v2, 42), ['User'])
mark = []
def loop():
while 1:
getRoles(c, None, c.v2, 42)
if len(mark) > 0:
return
thread.start_new_thread(loop, ())
try:
for i in range(1000):
self.assertEqual(getRoles(c, None, c.v1, 42), ['Member'])
finally:
mark.append(None)
def test_suite(): def test_suite():
suite = unittest.TestSuite() suite = unittest.TestSuite()
suite.addTest(unittest.makeSuite(Python_ZSPTests, 'test')) suite.addTest(unittest.makeSuite(Python_ZSPTests, 'test'))
suite.addTest(unittest.makeSuite(C_ZSPTests, 'test')) suite.addTest(unittest.makeSuite(C_ZSPTests, 'test'))
suite.addTest(DocTestSuite()) suite.addTest(DocTestSuite())
suite.addTest(unittest.makeSuite(GetRolesWithMultiThreadTest))
return suite return suite
def main(): def main():
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment