1 files changed, 47 insertions, 3 deletions

diff --git a/tests/test_integration.py b/tests/test_integration.py
index e6dccbb5b..331542d7d 100644
--- a/tests/test_integration.py
+++ b/tests/test_integration.py
@@ -521,6 +521,48 @@ class TestExceptionViewsApp(IntegrationBase, unittest.TestCase):
         self.assertTrue(b'caught' in res.body)
 
 
+class TestSecurityApp(IntegrationBase, unittest.TestCase):
+    package = 'tests.pkgs.securityapp'
+
+    def test_public(self):
+        res = self.testapp.get('/public', status=200)
+        self.assertEqual(res.body, b'Hello')
+
+    def test_private_denied(self):
+        self.testapp.get('/private', status=403)
+
+    def test_private_allowed(self):
+        self.testapp.extra_environ = {'REMOTE_USER': 'bob'}
+        res = self.testapp.get('/private', status=200)
+        self.assertEqual(res.body, b'Secret')
+
+    def test_inaccessible(self):
+        self.testapp.get('/inaccessible', status=403)
+        self.testapp.extra_environ = {'REMOTE_USER': 'bob'}
+        self.testapp.get('/inaccessible', status=403)
+
+
+class TestLegacySecurityApp(IntegrationBase, unittest.TestCase):
+    package = 'tests.pkgs.legacysecurityapp'
+
+    def test_public(self):
+        res = self.testapp.get('/public', status=200)
+        self.assertEqual(res.body, b'Hello')
+
+    def test_private_denied(self):
+        self.testapp.get('/private', status=403)
+
+    def test_private_allowed(self):
+        self.testapp.extra_environ = {'REMOTE_USER': 'bob'}
+        res = self.testapp.get('/private', status=200)
+        self.assertEqual(res.body, b'Secret')
+
+    def test_inaccessible(self):
+        self.testapp.get('/inaccessible', status=403)
+        self.testapp.extra_environ = {'REMOTE_USER': 'bob'}
+        self.testapp.get('/inaccessible', status=403)
+
+
 class TestConflictApp(unittest.TestCase):
     package = 'tests.pkgs.conflictapp'
 
@@ -581,10 +623,12 @@ class TestConflictApp(unittest.TestCase):
     def test_overridden_authorization_policy(self):
         config = self._makeConfig()
         config.include(self.package)
-        from pyramid.testing import DummySecurityPolicy
 
-        config.set_authorization_policy(DummySecurityPolicy('fred'))
-        config.set_authentication_policy(DummySecurityPolicy(permissive=True))
+        class DummySecurityPolicy:
+            def permits(self, context, principals, permission):
+                return True
+
+        config.set_authorization_policy(DummySecurityPolicy())
         app = config.make_wsgi_app()
         self.testapp = TestApp(app)
         res = self.testapp.get('/protected', status=200)