Merge c1eea90 into 9936469

zopefoundation · Feb 22, 2022 · 9449eab · 9449eab
2 parents 9936469 + c1eea90
commit 9449eab
Show file tree

Hide file tree

Showing 9 changed files with 37 additions and 17 deletions.
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
@@ -92,6 +92,7 @@ jobs:
     # with `test`, and `docs` must use a subset.
     runs-on: ${{ matrix.os }}
     strategy:
+      fail-fast: false
       matrix:
         python-version:
           - 2.7
@@ -171,6 +172,7 @@ jobs:
     needs: build-package
     runs-on: ${{ matrix.os }}
     strategy:
+      fail-fast: false
       matrix:
         python-version:
           - 2.7
@@ -229,11 +231,9 @@ jobs:
         if: ${{ !startsWith(matrix.python-version, 'pypy') }}
         run: |
           python -m coverage run -p -m zope.testrunner --test-path=src --auto-color --auto-progress
-# This is not supported
-#      - name: Run tests without C extensions
-#        run:
-#          # coverage makes PyPy run about 3x slower!
-#          PURE_PYTHON=1 python -m coverage run -p -m zope.testrunner --test-path=src --auto-color --auto-progress
+      - name: Run tests without C extensions
+        run: |
+          PURE_PYTHON=1 python -m coverage run -p -m zope.testrunner --test-path=src --auto-color --auto-progress
       - name: Report Coverage
         run: |
           coverage combine

diff --git a/CHANGES.rst b/CHANGES.rst
@@ -8,6 +8,8 @@ For changes before version 3.0, see ``HISTORY.rst``.
 
 - Provide ``AccessControl.get_safe_globals`` to facilitate safe use.
 
+- Honor ``PURE_PYTHON`` environment variable to enable python implementation
+  during runtime.
 
 
 5.2 (2021-07-30)

diff --git a/buildout.cfg b/buildout.cfg
@@ -7,7 +7,6 @@ parts = interpreter test coverage
 
 [versions]
 AccessControl =
-RestrictedPython =
 
 [interpreter]
 recipe = zc.recipe.egg

diff --git a/src/AccessControl/ImplPython.py b/src/AccessControl/ImplPython.py
@@ -26,13 +26,12 @@
 from ExtensionClass import Base
 from zope.interface import implementer
 
-# This is used when a permission maps explicitly to no permission.  We
-# try and get this from cAccessControl first to make sure that if both
-# security implementations exist, we can switch between them later.
-try:
-    from AccessControl.cAccessControl import _what_not_even_god_should_do
-except ImportError:
+PURE_PYTHON = int(os.environ.get('PURE_PYTHON', '0'))
+if PURE_PYTHON:
+    # We need our own to not depend on the C implementation:
     _what_not_even_god_should_do = []
+else:
+    from AccessControl.cAccessControl import _what_not_even_god_should_do
 
 from AccessControl.interfaces import ISecurityManager
 from AccessControl.interfaces import ISecurityPolicy
@@ -42,6 +41,8 @@
 from AccessControl.SimpleObjectPolicies import _noroles
 from AccessControl.unauthorized import Unauthorized
 from AccessControl.ZopeGuards import guarded_getitem  # NOQA
+
+
 # AccessControl.ZopeSecurityPolicy
 # --------------------------------
 #
@@ -76,8 +77,8 @@ def rolesForPermissionOn(perm, object, default=_default_roles, n=None):
             roles = getattr(object, n)
             if roles is None:
                 if _embed_permission_in_roles:
-                    return ('Anonymous', n)
-                return 'Anonymous'
+                    return (('Anonymous',), n)
+                return ('Anonymous',)
 
             t = type(roles)
             if t is tuple:

diff --git a/src/AccessControl/Implementation.py b/src/AccessControl/Implementation.py
@@ -26,6 +26,12 @@
 """
 from __future__ import absolute_import
 
+import os
+
+
+PURE_PYTHON = int(os.environ.get('PURE_PYTHON', '0'))
+CAPI = not PURE_PYTHON
+
 
 def getImplementationName():
     """Return the name of the implementation currently being used."""
@@ -96,7 +102,11 @@ def setImplementation(name):
                                          ),
 }
 
-setImplementation(_default_implementation)
+
+if CAPI:
+    setImplementation(_default_implementation)
+else:
+    setImplementation('PYTHON')
 
 # allow the implementation to change from the default
 _implementation_set = 0
diff --git a/src/AccessControl/tests/testSecurityManager.py b/src/AccessControl/tests/testSecurityManager.py
@@ -14,6 +14,7 @@
 """Tests for the SecurityManager implementations
 """
 
+import os
 import unittest
 
 
@@ -250,6 +251,7 @@ def _getTargetClass(self):
         return SecurityManager
 
 
+@unittest.skipIf(os.environ.get('PURE_PYTHON'), reason="Test expects C impl.")
 class C_SecurityManagerTests(SecurityManagerTestBase,
                              ISecurityManagerConformance,
                              unittest.TestCase):

diff --git a/src/AccessControl/tests/testZopeGuards.py b/src/AccessControl/tests/testZopeGuards.py
@@ -167,9 +167,11 @@ class TestGuardedHasattr(GuardTestCase):
     def setUp(self):
         self.__sm = SecurityManager()
         self.__old = self.setSecurityManager(self.__sm)
+        gc.disable()
 
     def tearDown(self):
         self.setSecurityManager(self.__old)
+        gc.enable()
 
     def test_miss(self):
         from AccessControl.ZopeGuards import guarded_hasattr

diff --git a/src/AccessControl/tests/testZopeSecurityPolicy.py b/src/AccessControl/tests/testZopeSecurityPolicy.py
@@ -11,6 +11,7 @@
 #
 ##############################################################################
 
+import os
 import sys
 import unittest
 from doctest import DocTestSuite
@@ -775,9 +776,10 @@ def loop():
 def test_suite():
     suite = unittest.TestSuite()
     suite.addTest(unittest.makeSuite(Python_ZSPTests))
-    suite.addTest(unittest.makeSuite(C_ZSPTests))
     suite.addTest(unittest.makeSuite(Python_SMTests))
-    suite.addTest(unittest.makeSuite(C_SMTests))
+    if not os.environ.get('PURE_PYTHON'):
+        suite.addTest(unittest.makeSuite(C_ZSPTests))
+        suite.addTest(unittest.makeSuite(C_SMTests))
     suite.addTest(DocTestSuite())
     suite.addTest(unittest.makeSuite(GetRolesWithMultiThreadTest))
     return suite
diff --git a/tox.ini b/tox.ini
@@ -19,6 +19,8 @@ deps =
     setuptools < 52
     zc.buildout
 skip_install = true
+setenv =
+    PURE_PYTHON=1
 
 [testenv:coverage]
 basepython = python3