-
Notifications
You must be signed in to change notification settings - Fork 20
/
test_rolemanager.py
137 lines (104 loc) · 4.6 KB
/
test_rolemanager.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
import unittest
def _makeRootAndUser():
from Acquisition import Explicit
from Acquisition import Implicit
from AccessControl.rolemanager import RoleManager
class DummyContext(Implicit, RoleManager):
__roles__ = ('Manager',)
class DummyUser(Explicit):
def getRoles(self):
return ('Manager',)
def getRolesInContext(self, context):
return ('Manager',)
def has_permission(self, permission, context):
return True
class DummyAclUsers(Explicit):
def getUser(self, user_id):
user = DummyUser()
return user.__of__(self)
def absolute_url(self, relative=0):
return 'acl_users'
class DummyRoot(Explicit):
acl_users = DummyAclUsers()
root = DummyRoot()
root.acl_users = DummyAclUsers()
root.context1 = DummyContext()
root.context2 = DummyContext()
user = DummyUser().__of__(root.acl_users)
return root, user
class TestRoleManager(unittest.TestCase):
def tearDown(self):
from AccessControl.SecurityManagement import noSecurityManager
noSecurityManager()
def test_interfaces(self):
from zope.interface.verify import verifyClass
from AccessControl.interfaces import IRoleManager
from AccessControl.rolemanager import RoleManager
verifyClass(IRoleManager, RoleManager)
def test_manage_getUserRolesAndPermissions(self):
from AccessControl.ImplPython import verifyAcquisitionContext
from AccessControl.SecurityManagement import getSecurityManager
from AccessControl.SecurityManagement import newSecurityManager
root, user = _makeRootAndUser()
newSecurityManager(None, user)
root.context1.manage_getUserRolesAndPermissions('dummy_user')
user = getSecurityManager().getUser()
self.assertTrue(verifyAcquisitionContext(user, root.context2, ()))
def test_has_local_roles(self):
root, user = _makeRootAndUser()
self.assertFalse(root.context1.has_local_roles())
def test_get_local_roles(self):
root, user = _makeRootAndUser()
root.context1.__ac_local_roles__ = {'user1': ['Role1']}
roles = root.context1.get_local_roles()
self.assertEqual(roles, (
('user1', ('Role1',)),
))
def test_manage_addLocalRoles(self):
root, user = _makeRootAndUser()
root.context1.manage_addLocalRoles('user1', ['Role1'])
roles = root.context1.get_local_roles_for_userid('user1')
self.assertEqual(roles, ('Role1',))
def test_manage_setLocalRoles(self):
root, user = _makeRootAndUser()
root.context1.__ac_local_roles__ = {'user1': ('Role1',)}
root.context1.manage_setLocalRoles('user1', ['Role2'])
roles = root.context1.get_local_roles_for_userid('user1')
self.assertEqual(roles, ('Role2',))
def test_manage_delLocalRoles(self):
root, user = _makeRootAndUser()
root.context1.__ac_local_roles__ = {'user1': ('Role1',)}
root.context1.manage_delLocalRoles(['user1'])
roles = root.context1.get_local_roles_for_userid('user1')
self.assertEqual(roles, ())
def test_valid_roles(self):
from AccessControl.rolemanager import RoleManager
root, user = _makeRootAndUser()
# default case, __ac_roles__ not overridden
self.assertEqual(set(root.context1.valid_roles()),
set(RoleManager.__ac_roles__))
# forcing our own roles
root.context1.__ac_roles__ = ('Role2', 'Role1')
roles = root.context1.valid_roles()
self.assertEqual(roles, ('Role1', 'Role2'))
def test_validate_roles(self):
from AccessControl.rolemanager import RoleManager
root, user = _makeRootAndUser()
# default case, __ac_roles__ not overridden
self.assertTrue(root.context1.validate_roles(RoleManager.__ac_roles__))
self.assertFalse(root.context1.validate_roles(('Role1', 'Role2')))
# forcing our own roles
root.context1.__ac_roles__ = ('Role2', 'Role1')
validator = root.context1.validate_roles
self.assertFalse(validator(RoleManager.__ac_roles__))
self.assertTrue(validator(('Role1', 'Role2')))
def test_userdefined_roles(self):
root, user = _makeRootAndUser()
# default case, __ac_roles__ not overridden
self.assertEqual(root.context1.userdefined_roles(), ())
# forcing our own roles
root.context1.__ac_roles__ = ('Role2', 'Role1')
self.assertEqual(
('Role2', 'Role1'),
root.context1.userdefined_roles(),
)