From c4c56cc48776dfc079a8f225a0fd38bd740661be Mon Sep 17 00:00:00 2001 From: Gerhard Schmidt Date: Sun, 11 Nov 2018 13:14:03 +0100 Subject: principals_allowed_by_permission returned all principals regardless if permissiv is true or false. It should return a empty list if permissive is False. --- src/pyramid/testing.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/pyramid/testing.py b/src/pyramid/testing.py index f700b5a4e..23392772c 100644 --- a/src/pyramid/testing.py +++ b/src/pyramid/testing.py @@ -91,7 +91,10 @@ class DummySecurityPolicy(object): return self.permissive def principals_allowed_by_permission(self, context, permission): - return self.effective_principals(None) + if self.permissive: + return self.effective_principals(None) + else: + return None class DummyTemplateRenderer(object): -- cgit v1.2.3 From 42e2a54dff7f879a270f7746afb1e180b387bd3a Mon Sep 17 00:00:00 2001 From: Gerhard Schmidt Date: Wed, 26 Dec 2018 09:42:32 +0100 Subject: principals_allowed_by_permission is described to always return a sequence. Most of the time the result is used with something like Everyone in principals_allowed_by_permission or iterated over. So even if no prinicpal is authorised it should be a sequence regardless. --- src/pyramid/testing.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/pyramid/testing.py b/src/pyramid/testing.py index 23392772c..6f64e1def 100644 --- a/src/pyramid/testing.py +++ b/src/pyramid/testing.py @@ -94,7 +94,7 @@ class DummySecurityPolicy(object): if self.permissive: return self.effective_principals(None) else: - return None + return [] class DummyTemplateRenderer(object): -- cgit v1.2.3 From 2d091dccd5b0b19a966983e4b54609b474548a69 Mon Sep 17 00:00:00 2001 From: Gerhard Schmidt Date: Wed, 26 Dec 2018 09:51:20 +0100 Subject: added unittest for the not permissive part --- tests/test_testing.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tests/test_testing.py b/tests/test_testing.py index 5e11c2487..5b3ad0f22 100644 --- a/tests/test_testing.py +++ b/tests/test_testing.py @@ -63,6 +63,13 @@ class TestDummySecurityPolicy(unittest.TestCase): result = policy.principals_allowed_by_permission(None, None) self.assertEqual(result, [Everyone, Authenticated, 'user', 'group1']) + def test_principals_allowed_by_permission_not_permissive(self): + policy = self._makeOne('user', ('group1',)) + policy.permissive = False + + result = policy.principals_allowed_by_permission(None, None) + self.assertEqual(result, []) + def test_forget(self): policy = self._makeOne() self.assertEqual(policy.forget(None), []) -- cgit v1.2.3