Commit 618f7fac authored by Tres Seaver's avatar Tres Seaver

- Merge bindings test, python script fix from 2.6 branch.

parent e4f59104
......@@ -13,12 +13,14 @@
##############################################################################
"""Test Bindings
$Id: testBindings.py,v 1.4 2004/01/27 18:37:24 Brian Exp $
$Id: testBindings.py,v 1.5 2004/01/27 19:37:29 tseaver Exp $
"""
import unittest
import ZODB
from Acquisition import Implicit
from AccessControl import ClassSecurityInfo
from Globals import InitializeClass
from OFS.ObjectManager import ObjectManager
from OFS.Folder import Folder
......@@ -73,9 +75,20 @@ class FauxRoot(ObjectManager):
return '<FauxRoot>'
class FauxFolder(Folder):
security = ClassSecurityInfo()
security.declareObjectPrivate()
security.declarePrivate('__repr__')
def __repr__(self):
return '<FauxFolder: %s>' % self.getId()
security.declarePublic('methodWithRoles')
def methodWithRoles(self):
return 'method called'
InitializeClass(FauxFolder)
class TestBindings(unittest.TestCase):
def setUp(self):
......@@ -130,12 +143,23 @@ class TestBindings(unittest.TestCase):
bound_used_context_ps = self._newPS('return context.id')
guarded._setOb('bound_used_context_ps', bound_used_context_ps)
bound_used_context_methodWithRoles_ps = self._newPS(
'return context.methodWithRoles()')
guarded._setOb('bound_used_context_methodWithRoles_ps',
bound_used_context_methodWithRoles_ps)
container_ps = self._newPS('return container')
guarded._setOb('container_ps', container_ps)
container_str_ps = self._newPS('return str(container)')
guarded._setOb('container_str_ps', container_str_ps)
context_ps = self._newPS('return context')
guarded._setOb('context_ps', context_ps)
context_str_ps = self._newPS('return str(context)')
guarded._setOb('context_str_ps', context_str_ps)
return root
def _newPS(self, txt, bind=None):
......@@ -165,9 +189,32 @@ class TestBindings(unittest.TestCase):
newSecurityManager(None, UnderprivilegedUser())
root = self._makeTree()
guarded = root._getOb('guarded')
ps = guarded._getOb('bound_used_container_ps')
self.assertRaises(Unauthorized, ps)
ps = guarded._getOb('container_str_ps')
self.assertRaises(Unauthorized, ps)
ps = guarded._getOb('container_ps')
container = ps()
self.assertRaises(Unauthorized, container)
self.assertRaises(Unauthorized, container.index_html)
try:
str(container)
except Unauthorized:
pass
else:
self.fail("str(container) didn't raise Unauthorized!")
ps = guarded._getOb('bound_used_container_ps')
ps._proxy_roles = ( 'Manager', )
ps()
ps = guarded._getOb('container_str_ps')
ps._proxy_roles = ( 'Manager', )
ps()
def test_bound_used_container_allowed(self):
from AccessControl.SecurityManagement import newSecurityManager
newSecurityManager(None, UnderprivilegedUser())
......@@ -191,9 +238,32 @@ class TestBindings(unittest.TestCase):
newSecurityManager(None, UnderprivilegedUser())
root = self._makeTree()
guarded = root._getOb('guarded')
ps = guarded._getOb('bound_used_context_ps')
self.assertRaises(Unauthorized, ps)
ps = guarded._getOb('context_str_ps')
self.assertRaises(Unauthorized, ps)
ps = guarded._getOb('context_ps')
context = ps()
self.assertRaises(Unauthorized, context)
self.assertRaises(Unauthorized, context.index_html)
try:
str(context)
except Unauthorized:
pass
else:
self.fail("str(context) didn't raise Unauthorized!")
ps = guarded._getOb('bound_used_context_ps')
ps._proxy_roles = ( 'Manager', )
ps()
ps = guarded._getOb('context_str_ps')
ps._proxy_roles = ( 'Manager', )
ps()
def test_bound_used_context_allowed(self):
from AccessControl.SecurityManagement import newSecurityManager
newSecurityManager(None, UnderprivilegedUser())
......@@ -221,6 +291,20 @@ class TestBindings(unittest.TestCase):
'name_subpath': ''})
self.assertEqual(boundless_ps(), 42)
def test_bound_used_context_method_w_roles(self):
from AccessControl.SecurityManagement import newSecurityManager
from AccessControl import Unauthorized
newSecurityManager(None, UnderprivilegedUser())
root = self._makeTree()
guarded = root._getOb('guarded')
# Assert that we can call a protected method, even though we have
# no access to the context directly.
ps = guarded._getOb('bound_used_context_ps')
self.assertRaises(Unauthorized, ps)
ps = guarded._getOb('bound_used_context_methodWithRoles_ps')
self.assertEqual(ps(), 'method called')
def test_suite():
suite = unittest.TestSuite()
......
......@@ -17,7 +17,7 @@ This product provides support for Script objects containing restricted
Python code.
"""
__version__='$Revision: 1.53 $'[11:-2]
__version__='$Revision: 1.54 $'[11:-2]
import sys, os, traceback, re, marshal, new
from Globals import DTMLFile, MessageDialog, package_home
......@@ -315,17 +315,11 @@ class PythonScript(Script, Historical, Cacheable):
PythonScriptTracebackSupplement, self, -1)
f = new.function(fcode, g, None, fadefs)
# Execute the function in a new security context.
security=getSecurityManager()
security.addContext(self)
try:
result = f(*args, **kw)
if keyset is not None:
# Store the result in the cache.
self.ZCacheable_set(result, keywords=keyset)
return result
finally:
security.removeContext(self)
def manage_haveProxy(self,r): return r in self._proxy_roles
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment