- New API module: ``repoze.bfg.view``. This module contains the functions

    named ``render_view_to_response``, ``render_view_to_iterable`` and
    ``is_response``, which are documented in the API docs.  These features
    aid programmatic (non-request-driven) view execution.

2 files changed, 288 insertions, 12 deletions

diff --git a/repoze/bfg/tests/test_router.py b/repoze/bfg/tests/test_router.py
index ed08710f1..a1c2b0cfb 100644
--- a/repoze/bfg/tests/test_router.py
+++ b/repoze/bfg/tests/test_router.py
@@ -154,7 +154,6 @@ class RouterTests(unittest.TestCase, PlacelessSetup):
         environ = self._makeEnviron()
         self._registerTraverserFactory(traversalfactory, '', None)
         self._registerView(view, '', IContext, IRequest)
-        app_context = make_appcontext()
         router = self._makeOne(rootpolicy, None)
         start_response = DummyStartResponse()
         result = router(environ, start_response)
@@ -178,7 +177,6 @@ class RouterTests(unittest.TestCase, PlacelessSetup):
         self._registerView(view, '', IContext, IRequest)
         secpol = DummySecurityPolicy()
         self._registerSecurityPolicy(secpol)
-        app_context = make_appcontext()
         router = self._makeOne(rootpolicy, None)
         start_response = DummyStartResponse()
         result = router(environ, start_response)
@@ -203,7 +201,6 @@ class RouterTests(unittest.TestCase, PlacelessSetup):
         self._registerView(view, '', IContext, IRequest)
         self._registerSecurityPolicy(secpol)
         self._registerPermission(permissionfactory, '', IContext, IRequest)
-        app_context = make_appcontext()
         router = self._makeOne(rootpolicy, None)
         start_response = DummyStartResponse()
         result = router(environ, start_response)
@@ -223,13 +220,15 @@ class RouterTests(unittest.TestCase, PlacelessSetup):
         response = DummyResponse()
         view = make_view(response)
         secpol = DummySecurityPolicy()
-        permissionfactory = make_permission_factory(False)
+        from repoze.bfg.security import Denied
+        permissionfactory = make_permission_factory(
+            Denied('ace', 'acl', 'permission', ['principals'], context)
+            )
         environ = self._makeEnviron()
         self._registerTraverserFactory(traversalfactory, '', None)
         self._registerView(view, '', IContext, IRequest)
         self._registerSecurityPolicy(secpol)
         self._registerPermission(permissionfactory, '', IContext, IRequest)
-        app_context = make_appcontext()
         router = self._makeOne(rootpolicy, None)
         start_response = DummyStartResponse()
         result = router(environ, start_response)
@@ -364,13 +363,6 @@ def make_rootpolicy(root):
         return root
     return rootpolicy
 
-def make_appcontext():
-    from zope.configuration.interfaces import IConfigurationContext
-    from zope.interface import directlyProvides
-    app_context = DummyContext()
-    directlyProvides(app_context, IConfigurationContext)
-    return app_context
-
 class DummyStartResponse:
     status = ()
     headers = ()
diff --git a/repoze/bfg/tests/test_view.py b/repoze/bfg/tests/test_view.py
new file mode 100644
index 000000000..3b776b14f
--- /dev/null
+++ b/repoze/bfg/tests/test_view.py
@@ -0,0 +1,284 @@
+import unittest
+
+from zope.component.testing import PlacelessSetup
+
+class BaseTest(PlacelessSetup):
+    def setUp(self):
+        PlacelessSetup.setUp(self)
+
+    def tearDown(self):
+        PlacelessSetup.tearDown(self)
+
+    def _registerView(self, app, name, *for_):
+        import zope.component
+        gsm = zope.component.getGlobalSiteManager()
+        from repoze.bfg.interfaces import IView
+        gsm.registerAdapter(app, for_, IView, name)
+
+    def _registerPermission(self, permission, name, *for_):
+        import zope.component
+        gsm = zope.component.getGlobalSiteManager()
+        from repoze.bfg.interfaces import IViewPermission
+        gsm.registerAdapter(permission, for_, IViewPermission, name)
+
+    def _registerSecurityPolicy(self, secpol):
+        import zope.component
+        gsm = zope.component.getGlobalSiteManager()
+        from repoze.bfg.interfaces import ISecurityPolicy
+        gsm.registerUtility(secpol, ISecurityPolicy)
+
+    def _makeEnviron(self, **extras):
+        environ = {
+            'wsgi.url_scheme':'http',
+            'SERVER_NAME':'localhost',
+            'SERVER_PORT':'8080',
+            'REQUEST_METHOD':'GET',
+            }
+        environ.update(extras)
+        return environ
+
+class RenderViewToResponseTests(unittest.TestCase, BaseTest):
+    def _getFUT(self):
+        from repoze.bfg.view import render_view_to_response
+        return render_view_to_response
+    
+    def test_call_no_view_registered(self):
+        environ = self._makeEnviron()
+        from webob import Request
+        request = Request(environ)
+        context = DummyContext()
+        renderer = self._getFUT()
+        result = renderer(context, request, name='notregistered')
+        self.assertEqual(result, None)
+
+    def test_call_view_registered_secure_permission_disallows(self):
+        context = DummyContext()
+        from zope.interface import Interface
+        from zope.interface import directlyProvides
+        from repoze.bfg.interfaces import IRequest
+        class IContext(Interface):
+            pass
+        directlyProvides(context, IContext)
+        response = DummyResponse()
+        secpol = DummySecurityPolicy()
+        permissionfactory = make_permission_factory(False)
+        view = make_view(response)
+        self._registerView(view, 'registered', IContext, IRequest)
+        self._registerSecurityPolicy(secpol)
+        self._registerPermission(permissionfactory, 'registered', IContext,
+                                 IRequest)
+        environ = self._makeEnviron()
+        from webob import Request
+        request = Request(environ)
+        directlyProvides(request, IRequest)
+        renderer = self._getFUT()
+        from repoze.bfg.security import Unauthorized
+        self.assertRaises(Unauthorized, renderer, context, request,
+                          name='registered', secure=True)
+
+    def test_call_view_registered_secure_permission_allows(self):
+        context = DummyContext()
+        from zope.interface import Interface
+        from zope.interface import directlyProvides
+        from repoze.bfg.interfaces import IRequest
+        class IContext(Interface):
+            pass
+        directlyProvides(context, IContext)
+        response = DummyResponse()
+        secpol = DummySecurityPolicy()
+        permissionfactory = make_permission_factory(True)
+        view = make_view(response)
+        self._registerView(view, 'registered', IContext, IRequest)
+        self._registerSecurityPolicy(secpol)
+        self._registerPermission(permissionfactory, 'registered', IContext,
+                                 IRequest)
+        environ = self._makeEnviron()
+        from webob import Request
+        request = Request(environ)
+        directlyProvides(request, IRequest)
+        renderer = self._getFUT()
+        response = renderer(context, request, name='registered', secure=True)
+        self.assertEqual(response.status, '200 OK')
+
+    def test_call_view_registered_insecure_permission_disallows(self):
+        context = DummyContext()
+        from zope.interface import Interface
+        from zope.interface import directlyProvides
+        from repoze.bfg.interfaces import IRequest
+        class IContext(Interface):
+            pass
+        directlyProvides(context, IContext)
+        response = DummyResponse()
+        secpol = DummySecurityPolicy()
+        permissionfactory = make_permission_factory(False)
+        view = make_view(response)
+        self._registerView(view, 'registered', IContext, IRequest)
+        self._registerSecurityPolicy(secpol)
+        self._registerPermission(permissionfactory, 'registered', IContext,
+                                 IRequest)
+        environ = self._makeEnviron()
+        from webob import Request
+        request = Request(environ)
+        directlyProvides(request, IRequest)
+        renderer = self._getFUT()
+        response = renderer(context, request, name='registered', secure=False)
+        self.assertEqual(response.status, '200 OK')
+
+class RenderViewToIterableTests(unittest.TestCase, BaseTest):
+    def _getFUT(self):
+        from repoze.bfg.view import render_view_to_iterable
+        return render_view_to_iterable
+    
+    def test_call_no_view_registered(self):
+        environ = self._makeEnviron()
+        from webob import Request
+        request = Request(environ)
+        context = DummyContext()
+        renderer = self._getFUT()
+        result = renderer(context, request, name='notregistered')
+        self.assertEqual(result, None)
+
+    def test_call_view_registered_secure_permission_disallows(self):
+        context = DummyContext()
+        from zope.interface import Interface
+        from zope.interface import directlyProvides
+        from repoze.bfg.interfaces import IRequest
+        class IContext(Interface):
+            pass
+        directlyProvides(context, IContext)
+        response = DummyResponse()
+        secpol = DummySecurityPolicy()
+        permissionfactory = make_permission_factory(False)
+        view = make_view(response)
+        self._registerView(view, 'registered', IContext, IRequest)
+        self._registerSecurityPolicy(secpol)
+        self._registerPermission(permissionfactory, 'registered', IContext,
+                                 IRequest)
+        environ = self._makeEnviron()
+        from webob import Request
+        request = Request(environ)
+        directlyProvides(request, IRequest)
+        renderer = self._getFUT()
+        from repoze.bfg.security import Unauthorized
+        self.assertRaises(Unauthorized, renderer, context, request,
+                          name='registered', secure=True)
+
+    def test_call_view_registered_secure_permission_allows(self):
+        context = DummyContext()
+        from zope.interface import Interface
+        from zope.interface import directlyProvides
+        from repoze.bfg.interfaces import IRequest
+        class IContext(Interface):
+            pass
+        directlyProvides(context, IContext)
+        response = DummyResponse()
+        secpol = DummySecurityPolicy()
+        permissionfactory = make_permission_factory(True)
+        view = make_view(response)
+        self._registerView(view, 'registered', IContext, IRequest)
+        self._registerSecurityPolicy(secpol)
+        self._registerPermission(permissionfactory, 'registered', IContext,
+                                 IRequest)
+        environ = self._makeEnviron()
+        from webob import Request
+        request = Request(environ)
+        directlyProvides(request, IRequest)
+        renderer = self._getFUT()
+        iterable = renderer(context, request, name='registered', secure=True)
+        self.assertEqual(iterable, ())
+
+    def test_call_view_registered_insecure_permission_disallows(self):
+        context = DummyContext()
+        from zope.interface import Interface
+        from zope.interface import directlyProvides
+        from repoze.bfg.interfaces import IRequest
+        class IContext(Interface):
+            pass
+        directlyProvides(context, IContext)
+        response = DummyResponse()
+        secpol = DummySecurityPolicy()
+        permissionfactory = make_permission_factory(False)
+        view = make_view(response)
+        self._registerView(view, 'registered', IContext, IRequest)
+        self._registerSecurityPolicy(secpol)
+        self._registerPermission(permissionfactory, 'registered', IContext,
+                                 IRequest)
+        environ = self._makeEnviron()
+        from webob import Request
+        request = Request(environ)
+        directlyProvides(request, IRequest)
+        renderer = self._getFUT()
+        iterable = renderer(context, request, name='registered', secure=False)
+        self.assertEqual(iterable, ())
+
+    def test_call_view_response_doesnt_implement_IResponse(self):
+        context = DummyContext()
+        from zope.interface import Interface
+        from zope.interface import directlyProvides
+        from repoze.bfg.interfaces import IRequest
+        class IContext(Interface):
+            pass
+        directlyProvides(context, IContext)
+        response = 'abc'
+        view = make_view(response)
+        self._registerView(view, 'registered', IContext, IRequest)
+        environ = self._makeEnviron()
+        from webob import Request
+        request = Request(environ)
+        directlyProvides(request, IRequest)
+        renderer = self._getFUT()
+        self.assertRaises(ValueError, renderer, context, request,
+                          name='registered', secure=False)
+
+class TestIsResponse(unittest.TestCase):
+    def _getFUT(self):
+        from repoze.bfg.view import is_response
+        return is_response
+
+    def test_is(self):
+        response = DummyResponse()
+        f = self._getFUT()
+        self.assertEqual(f(response), True)
+
+    def test_isnt(self):
+        response = None
+        f = self._getFUT()
+        self.assertEqual(f(response), False)
+
+class DummyContext:
+    pass
+
+def make_view(response):
+    def view(context, request):
+        return response
+    return view
+
+def make_permission_factory(result):
+    class DummyPermissionFactory:
+        def __init__(self, context, request):
+            self.context = context
+            self.request = request
+
+        def __call__(self, secpol):
+            self.__class__.checked_with = secpol
+            return result
+
+        def __repr__(self):
+            return 'permission'
+    return DummyPermissionFactory
+
+def make_appcontext():
+    from zope.configuration.interfaces import IConfigurationContext
+    from zope.interface import directlyProvides
+    app_context = DummyContext()
+    directlyProvides(app_context, IConfigurationContext)
+    return app_context
+
+class DummyResponse:
+    status = '200 OK'
+    headerlist = ()
+    app_iter = ()
+    
+class DummySecurityPolicy:
+    pass
+