From 86ed4016ea6a681d4f579ace62cea032a679544d Mon Sep 17 00:00:00 2001 From: Chris McDonough Date: Sun, 24 May 2009 23:12:59 +0000 Subject: Features -------- - It is now possible to write a custom security policy that returns a customized ``Forbidden`` WSGI application when BFG cannot authorize an invocation of a view. To this end, ISecurityPolicy objects must now have a ``forbidden`` method. This method should return a WSGI application. The returned WSGI application should generate a response which is appropriate when access to a view resource was forbidden by the security policy (e.g. perhaps a login page). ``repoze.bfg`` is willing to operate with a custom security policy that does not have a ``forbidden`` method, but it will issue a warning; eventually security policies without a ``forbidden`` method will cease to work under ``repoze.bfg``. Note that the ``forbidden`` WSGI application returned by the security policy is not used if a developer has registered an IForbiddenAppFactory (see the "Hooks" narrative chapter); the explicitly registered IForbiddenAppFactory will be preferred over the (more general) security policy forbidden app factory. - All default security policies now have a ``forbidden`` callable attached to them. This particular callable returns a WSGI application which generates a ``401 Unauthorized`` response for backwards compatibility (had backwards compatibility not been an issue, this callable would have returned a WSGI app that generated a ``403 Forbidden`` response). Backwards Incompatibilities --------------------------- - Custom NotFound and Forbidden (nee' Unauthorized) WSGI applications (registered a a utility for INotFoundAppFactory and IUnauthorizedAppFactory) could rely on an environment key named ``message`` describing the circumstance of the response. This key has been renamed to ``repoze.bfg.message`` (as per the WSGI spec, which requires environment extensions to contain dots). Deprecations ------------ - The ``repoze.bfg.interfaces.IUnauthorizedAppFactory`` interface has been renamed to ``repoze.bfg.interfaces.IForbiddenAppFactory``. --- repoze/bfg/tests/test_security.py | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) (limited to 'repoze/bfg/tests/test_security.py') diff --git a/repoze/bfg/tests/test_security.py b/repoze/bfg/tests/test_security.py index 03a466e7c..b596a1547 100644 --- a/repoze/bfg/tests/test_security.py +++ b/repoze/bfg/tests/test_security.py @@ -243,6 +243,18 @@ class TestACLSecurityPolicy(unittest.TestCase): result = policy.principals_allowed_by_permission(None, 'read') self.assertEqual(result, []) + def test_forbidden(self): + policy = self._makeOne(lambda *arg: None) + forbidden_app = policy.forbidden() + environ = {} + result = [] + def start_response(status, headers): + result.append((status, headers)) + response = forbidden_app(environ, start_response) + self.assertEqual(result[0][0], '401 Unauthorized') + self.failUnless(len(result[0][1]), 2) # headers + + class TestInheritingACLSecurityPolicy(unittest.TestCase): def setUp(self): cleanUp() @@ -430,6 +442,17 @@ class TestInheritingACLSecurityPolicy(unittest.TestCase): result = policy.authenticated_userid(request) self.assertEqual(result, None) + def test_forbidden(self): + policy = self._makeOne(lambda *arg: None) + forbidden_app = policy.forbidden() + environ = {} + result = [] + def start_response(status, headers): + result.append((status, headers)) + response = forbidden_app(environ, start_response) + self.assertEqual(result[0][0], '401 Unauthorized') + self.failUnless(len(result[0][1]), 2) # headers + class TestAllPermissionsList(unittest.TestCase): def setUp(self): cleanUp() -- cgit v1.2.3