From a1a9fb7128c935848b17c0ce6586991098a17f07 Mon Sep 17 00:00:00 2001 From: Chris McDonough Date: Wed, 27 May 2009 04:52:51 +0000 Subject: Merge authchanges branch to trunk. --- repoze/bfg/testing.py | 85 ++++++++++++++++++++++----------------------------- 1 file changed, 36 insertions(+), 49 deletions(-) (limited to 'repoze/bfg/testing.py') diff --git a/repoze/bfg/testing.py b/repoze/bfg/testing.py index d4ff6fe4d..bd3104a9d 100644 --- a/repoze/bfg/testing.py +++ b/repoze/bfg/testing.py @@ -8,22 +8,23 @@ from repoze.bfg.interfaces import IRequest _marker = [] def registerDummySecurityPolicy(userid=None, groupids=(), permissive=True): - """ Registers a dummy ``repoze.bfg`` security policy using the - userid ``userid`` and the group ids ``groupids``. If - ``permissive`` is true, a 'permissive' security policy is - registered; this policy allows all access. If ``permissive`` is - false, a nonpermissive security policy is registered; this policy - denies all access. This function is most useful when testing code - that uses the ``repoze.bfg.security`` APIs named - ``has_permission``, ``authenticated_userid``, - ``effective_principals``, and ``principals_allowed_by_permission``. + """ Registers a dummy ``repoze.bfg`` security policy (actually, a + pair of policies: an authorization policy and an authentication + policy) using the userid ``userid`` and the group ids + ``groupids``. If ``permissive`` is true, a 'permissive' security + policy is registered; this policy allows all access. If + ``permissive`` is false, a nonpermissive security policy is + registered; this policy denies all access. This function is most + useful when testing code that uses the ``repoze.bfg.security`` + APIs named ``has_permission``, ``authenticated_userid``, + ``effective_principals``, ``principals_allowed_by_permission``, + and so on. """ - if permissive: - policy = DummyAllowingSecurityPolicy(userid, groupids) - else: - policy = DummyDenyingSecurityPolicy(userid, groupids) - from repoze.bfg.interfaces import ISecurityPolicy - return registerUtility(policy, ISecurityPolicy) + policy = DummySecurityPolicy(userid, groupids, permissive) + from repoze.bfg.interfaces import IAuthorizationPolicy + from repoze.bfg.interfaces import IAuthenticationPolicy + registerUtility(policy, IAuthorizationPolicy) + registerUtility(policy, IAuthenticationPolicy) def registerModels(models): """ Registers a dictionary of models. This is most useful for @@ -76,7 +77,9 @@ def registerView(name, result='', view=None, for_=(Interface, Interface)): with code that wants to call, e.g. ``repoze.bfg.view.render_view_to_response``.""" if view is None: - view = make_view(result) + def view(context, request): + from webob import Response + return Response(result) from repoze.bfg.interfaces import IView return registerAdapter(view, for_, IView, name) @@ -101,7 +104,8 @@ def registerViewPermission(name, result=True, viewpermission=None, else: result = Denied('message') if viewpermission is None: - viewpermission = make_view_permission(result) + def viewpermission(context, request): + return result from repoze.bfg.interfaces import IViewPermission return registerAdapter(viewpermission, for_, IViewPermission, name) @@ -165,15 +169,17 @@ def registerTraverserFactory(traverser, for_=Interface): from repoze.bfg.interfaces import ITraverserFactory return registerAdapter(traverser, for_, ITraverserFactory) -class _DummySecurityPolicy: - def __init__(self, userid=None, groupids=()): +class DummySecurityPolicy: + """ A standin for both an IAuthentication and IAuthorization policy """ + def __init__(self, userid=None, groupids=(), permissive=True): self.userid = userid self.groupids = groupids + self.permissive = permissive - def authenticated_userid(self, request): + def authenticated_userid(self, context, request): return self.userid - def effective_principals(self, request): + def effective_principals(self, context, request): from repoze.bfg.security import Everyone from repoze.bfg.security import Authenticated effective_principals = [Everyone] @@ -183,19 +189,17 @@ class _DummySecurityPolicy: effective_principals.extend(self.groupids) return effective_principals -class DummyAllowingSecurityPolicy(_DummySecurityPolicy): - def permits(self, context, request, permission): - return True + def remember(self, context, request, principal, **kw): + return [] - def principals_allowed_by_permission(self, context, permission): - return self.effective_principals(None) + def forget(self, context, request): + return [] -class DummyDenyingSecurityPolicy(_DummySecurityPolicy): - def permits(self, context, request, permission): - return False + def permits(self, context, principals, permission): + return self.permissive def principals_allowed_by_permission(self, context, permission): - return [] + return self.effective_principals(None, None) def make_traverser_factory(root): class DummyTraverserFactory: @@ -258,23 +262,6 @@ class DummyTemplateRenderer: v, k, myval)) return True -def make_view(result): - def dummy_view(context, request): - from webob import Response - return Response(result) - return dummy_view - -def make_view_permission(result): - class DummyViewPermission: - def __init__(self, context, request): - self.context = context - self.request = request - - def __call__(self, secpol): - return result - - return DummyViewPermission - class DummyModel: """ A dummy :mod:`repoze.bfg` model object. The value of ``name`` to the constructor will be used as the ``__name__`` attribute of @@ -432,8 +419,8 @@ def cleanUp(): from zope.component.globalregistry import base from zope.configuration.xmlconfig import _clearContext from repoze.bfg.registry import original_getSiteManager -from repoze.bfg.registry import registry_manager +from repoze.bfg.threadlocal import manager addCleanUp(original_getSiteManager.reset) -addCleanUp(registry_manager.clear) +addCleanUp(manager.clear) addCleanUp(lambda: base.__init__('base')) addCleanUp(_clearContext) -- cgit v1.2.3