Merge authchanges branch to trunk.

1 files changed, 36 insertions, 49 deletions

diff --git a/repoze/bfg/testing.py b/repoze/bfg/testing.py
index d4ff6fe4d..bd3104a9d 100644
--- a/repoze/bfg/testing.py
+++ b/repoze/bfg/testing.py
@@ -8,22 +8,23 @@ from repoze.bfg.interfaces import IRequest
 _marker = []
 
 def registerDummySecurityPolicy(userid=None, groupids=(), permissive=True):
-    """ Registers a dummy ``repoze.bfg`` security policy using the
-    userid ``userid`` and the group ids ``groupids``.  If
-    ``permissive`` is true, a 'permissive' security policy is
-    registered; this policy allows all access.  If ``permissive`` is
-    false, a nonpermissive security policy is registered; this policy
-    denies all access.  This function is most useful when testing code
-    that uses the ``repoze.bfg.security`` APIs named
-    ``has_permission``, ``authenticated_userid``,
-    ``effective_principals``, and ``principals_allowed_by_permission``.
+    """ Registers a dummy ``repoze.bfg`` security policy (actually, a
+    pair of policies: an authorization policy and an authentication
+    policy) using the userid ``userid`` and the group ids
+    ``groupids``.  If ``permissive`` is true, a 'permissive' security
+    policy is registered; this policy allows all access.  If
+    ``permissive`` is false, a nonpermissive security policy is
+    registered; this policy denies all access.  This function is most
+    useful when testing code that uses the ``repoze.bfg.security``
+    APIs named ``has_permission``, ``authenticated_userid``,
+    ``effective_principals``, ``principals_allowed_by_permission``,
+    and so on.
     """
-    if permissive:
-        policy = DummyAllowingSecurityPolicy(userid, groupids)
-    else:
-        policy = DummyDenyingSecurityPolicy(userid, groupids)
-    from repoze.bfg.interfaces import ISecurityPolicy
-    return registerUtility(policy, ISecurityPolicy)
+    policy = DummySecurityPolicy(userid, groupids, permissive)
+    from repoze.bfg.interfaces import IAuthorizationPolicy
+    from repoze.bfg.interfaces import IAuthenticationPolicy
+    registerUtility(policy, IAuthorizationPolicy)
+    registerUtility(policy, IAuthenticationPolicy)
 
 def registerModels(models):
     """ Registers a dictionary of models.  This is most useful for
@@ -76,7 +77,9 @@ def registerView(name, result='', view=None, for_=(Interface, Interface)):
     with code that wants to call,
     e.g. ``repoze.bfg.view.render_view_to_response``."""
     if view is None:
-        view = make_view(result)
+        def view(context, request):
+            from webob import Response
+            return Response(result)
     from repoze.bfg.interfaces import IView
     return registerAdapter(view, for_, IView, name)
 
@@ -101,7 +104,8 @@ def registerViewPermission(name, result=True, viewpermission=None,
     else:
         result = Denied('message')
     if viewpermission is None:
-        viewpermission = make_view_permission(result)
+        def viewpermission(context, request):
+            return result
     from repoze.bfg.interfaces import IViewPermission
     return registerAdapter(viewpermission, for_, IViewPermission, name)
 
@@ -165,15 +169,17 @@ def registerTraverserFactory(traverser, for_=Interface):
     from repoze.bfg.interfaces import ITraverserFactory
     return registerAdapter(traverser, for_, ITraverserFactory)
 
-class _DummySecurityPolicy:
-    def __init__(self, userid=None, groupids=()):
+class DummySecurityPolicy:
+    """ A standin for both an IAuthentication and IAuthorization policy """
+    def __init__(self, userid=None, groupids=(), permissive=True):
         self.userid = userid
         self.groupids = groupids
+        self.permissive = permissive
 
-    def authenticated_userid(self, request):
+    def authenticated_userid(self, context, request):
         return self.userid
 
-    def effective_principals(self, request):
+    def effective_principals(self, context, request):
         from repoze.bfg.security import Everyone
         from repoze.bfg.security import Authenticated
         effective_principals = [Everyone]
@@ -183,19 +189,17 @@ class _DummySecurityPolicy:
             effective_principals.extend(self.groupids)
         return effective_principals
 
-class DummyAllowingSecurityPolicy(_DummySecurityPolicy):
-    def permits(self, context, request, permission):
-        return True
+    def remember(self, context, request, principal, **kw):
+        return []
 
-    def principals_allowed_by_permission(self, context, permission):
-        return self.effective_principals(None)
+    def forget(self, context, request):
+        return []
 
-class DummyDenyingSecurityPolicy(_DummySecurityPolicy):
-    def permits(self, context, request, permission):
-        return False
+    def permits(self, context, principals, permission):
+        return self.permissive
 
     def principals_allowed_by_permission(self, context, permission):
-        return []
+        return self.effective_principals(None, None)
 
 def make_traverser_factory(root):
     class DummyTraverserFactory:
@@ -258,23 +262,6 @@ class DummyTemplateRenderer:
                     v, k, myval))
         return True
 
-def make_view(result):
-    def dummy_view(context, request):
-        from webob import Response
-        return Response(result)
-    return dummy_view
-
-def make_view_permission(result):
-    class DummyViewPermission:
-        def __init__(self, context, request):
-            self.context = context
-            self.request = request
-
-        def __call__(self, secpol):
-            return result
-
-    return DummyViewPermission
-        
 class DummyModel:
     """ A dummy :mod:`repoze.bfg` model object.  The value of ``name``
     to the constructor will be used as the ``__name__`` attribute of
@@ -432,8 +419,8 @@ def cleanUp():
 from zope.component.globalregistry import base
 from zope.configuration.xmlconfig import _clearContext
 from repoze.bfg.registry import original_getSiteManager
-from repoze.bfg.registry import registry_manager
+from repoze.bfg.threadlocal import manager
 addCleanUp(original_getSiteManager.reset)
-addCleanUp(registry_manager.clear)
+addCleanUp(manager.clear)
 addCleanUp(lambda: base.__init__('base'))
 addCleanUp(_clearContext)