diff options
| author | Chris McDonough <chrism@agendaless.com> | 2008-09-21 00:44:37 +0000 |
|---|---|---|
| committer | Chris McDonough <chrism@agendaless.com> | 2008-09-21 00:44:37 +0000 |
| commit | 64ea2e288d7e6f47075269994319b9331dd09391 (patch) | |
| tree | 54b43683deffe41d40e83e3a7a160c7559c857fe /repoze/bfg/tests/test_security.py | |
| parent | 3a99b193e9324c516227e2358bf41c2b6bc5a537 (diff) | |
| download | pyramid-64ea2e288d7e6f47075269994319b9331dd09391.tar.gz pyramid-64ea2e288d7e6f47075269994319b9331dd09391.tar.bz2 pyramid-64ea2e288d7e6f47075269994319b9331dd09391.zip | |
- Add ``principals_allowed_by_permission`` API to security module.
Diffstat (limited to 'repoze/bfg/tests/test_security.py')
| -rw-r--r-- | repoze/bfg/tests/test_security.py | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/repoze/bfg/tests/test_security.py b/repoze/bfg/tests/test_security.py index 9797ebce5..98750c728 100644 --- a/repoze/bfg/tests/test_security.py +++ b/repoze/bfg/tests/test_security.py @@ -304,6 +304,38 @@ class TestACLSecurityPolicy(unittest.TestCase, PlacelessSetup): self.assertEqual(authorizer_factory.permission, 'view') self.assertEqual(authorizer_factory.context, context) + def test_principals_allowed_by_permission_direct(self): + from repoze.bfg.security import Allow + context = DummyContext() + acl = [ (Allow, 'chrism', ('read', 'write')), + (Allow, 'other', ('read',)) ] + context.__acl__ = acl + logger = DummyLogger() + policy = self._makeOne(logger, lambda *arg: None) + result = policy.principals_allowed_by_permission(context, 'read') + self.assertEqual(result, ['chrism', 'other']) + + def test_principals_allowed_by_permission_acquired(self): + from repoze.bfg.security import Allow + context = DummyContext() + acl = [ (Allow, 'chrism', ('read', 'write')), + (Allow, 'other', ('read',)) ] + context.__acl__ = acl + context.__parent__ = None + context.__name__ = 'context' + inter = DummyContext() + inter.__name__ = None + inter.__parent__ = context + logger = DummyLogger() + policy = self._makeOne(logger, lambda *arg: None) + result = policy.principals_allowed_by_permission(inter, 'read') + self.assertEqual(result, ['chrism', 'other']) + + def test_principals_allowed_by_permission_no_acls(self): + logger = DummyLogger() + policy = self._makeOne(logger, lambda *arg: None) + result = policy.principals_allowed_by_permission(None, 'read') + self.assertEqual(result, []) class TestRemoteUserACLSecurityPolicy(unittest.TestCase, PlacelessSetup): def _getTargetClass(self): @@ -434,6 +466,19 @@ class TestAPIFunctions(unittest.TestCase, PlacelessSetup): request = DummyRequest({}) self.assertEqual(effective_principals(request), []) + def test_principals_allowed_by_permission_not_registered(self): + from repoze.bfg.security import principals_allowed_by_permission + from repoze.bfg.security import Everyone + self.assertEqual(principals_allowed_by_permission(None, None), + [Everyone]) + + def test_principals_allowed_by_permission_registered(self): + secpol = DummySecurityPolicy(False) + self._registerSecurityPolicy(secpol) + from repoze.bfg.security import principals_allowed_by_permission + self.assertEqual(principals_allowed_by_permission(None, None), + ['fred', 'bob']) + class TestViewPermission(unittest.TestCase): def _getTargetClass(self): from repoze.bfg.security import ViewPermission @@ -491,6 +536,9 @@ class DummySecurityPolicy: def effective_principals(self, request): return ['fred', 'bob'] + def principals_allowed_by_permission(self, context, permission): + return ['fred', 'bob'] + class DummyLogger: def __init__(self): self.messages = [] |