Log message for revision 112351: Fix testcase filename. Changed: A Zope/trunk/src/AccessControl/tests/testUser.py D Zope/trunk/src/AccessControl/tests/testUserFolder.py
-=- Copied: Zope/trunk/src/AccessControl/tests/testUser.py (from rev 112350, Zope/trunk/src/AccessControl/tests/testUserFolder.py) =================================================================== --- Zope/trunk/src/AccessControl/tests/testUser.py (rev 0) +++ Zope/trunk/src/AccessControl/tests/testUser.py 2010-05-16 15:10:03 UTC (rev 112351) @@ -0,0 +1,301 @@ +############################################################################## +# +# Copyright (c) 2002 Zope Foundation and Contributors. +# +# This software is subject to the provisions of the Zope Public License, +# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution. +# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED +# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS +# FOR A PARTICULAR PURPOSE. +# +############################################################################## +"""User folder tests. + +$Id$ +""" + +import unittest +import Testing +import Zope2 +Zope2.startup() + +import os, sys, base64 + +import transaction +from Testing.makerequest import makerequest + +from AccessControl import Unauthorized +from AccessControl.SecurityManagement import newSecurityManager +from AccessControl.SecurityManagement import noSecurityManager +from AccessControl.User import BasicUserFolder, UserFolder +from AccessControl.User import User + + +class UserFolderTests(unittest.TestCase): + + def setUp(self): + transaction.begin() + self.app = makerequest(Zope2.app()) + try: + # Set up a user and role + self.uf = UserFolder().__of__(self.app) + self.uf._doAddUser('user1', 'secret', ['role1'], []) + self.app._addRole('role1') + self.app.manage_role('role1', ['View']) + # Set up a published object accessible to user + self.app.addDTMLMethod('doc', file='') + self.app.doc.manage_permission('View', ['role1'], acquire=0) + # Rig the REQUEST so it looks like we traversed to doc + self.app.REQUEST.set('PUBLISHED', self.app.doc) + self.app.REQUEST.set('PARENTS', [self.app]) + self.app.REQUEST.steps = ['doc'] + self.basic = 'Basic %s' % base64.encodestring('user1:secret') + except: + self.tearDown() + raise + + def tearDown(self): + noSecurityManager() + transaction.abort() + self.app._p_jar.close() + + def login(self, name): + user = self.uf.getUserById(name) + user = user.__of__(self.uf) + newSecurityManager(None, user) + + def test_z3interfaces(self): + from AccessControl.interfaces import IStandardUserFolder + from AccessControl.User import UserFolder + from zope.interface.verify import verifyClass + + verifyClass(IStandardUserFolder, UserFolder) + + def testGetUser(self): + self.failIfEqual(self.uf.getUser('user1'), None) + + def testGetBadUser(self): + self.assertEqual(self.uf.getUser('user2'), None) + + def testGetUserById(self): + self.failIfEqual(self.uf.getUserById('user1'), None) + + def testGetBadUserById(self): + self.assertEqual(self.uf.getUserById('user2'), None) + + def testGetUsers(self): + users = self.uf.getUsers() + self.failUnless(users) + self.assertEqual(users[0].getUserName(), 'user1') + + def testGetUserNames(self): + names = self.uf.getUserNames() + self.failUnless(names) + self.assertEqual(names[0], 'user1') + + def testIdentify(self): + name, password = self.uf.identify(self.basic) + self.assertEqual(name, 'user1') + self.assertEqual(password, 'secret') + + def testGetRoles(self): + user = self.uf.getUser('user1') + self.failUnless('role1' in user.getRoles()) + + def testGetRolesInContext(self): + user = self.uf.getUser('user1') + self.app.manage_addLocalRoles('user1', ['Owner']) + roles = user.getRolesInContext(self.app) + self.failUnless('role1' in roles) + self.failUnless('Owner' in roles) + + def testHasRole(self): + user = self.uf.getUser('user1') + self.failUnless(user.has_role('role1', self.app)) + + def testHasLocalRole(self): + user = self.uf.getUser('user1') + self.app.manage_addLocalRoles('user1', ['Owner']) + self.failUnless(user.has_role('Owner', self.app)) + + def testHasPermission(self): + user = self.uf.getUser('user1') + self.failUnless(user.has_permission('View', self.app)) + self.app.manage_role('role1', ['Add Folders']) + self.failUnless(user.has_permission('Add Folders', self.app)) + + def testHasLocalRolePermission(self): + user = self.uf.getUser('user1') + self.app.manage_role('Owner', ['Add Folders']) + self.app.manage_addLocalRoles('user1', ['Owner']) + self.failUnless(user.has_permission('Add Folders', self.app)) + + def testAuthenticate(self): + user = self.uf.getUser('user1') + self.failUnless(user.authenticate('secret', self.app.REQUEST)) + + def testValidate(self): + user = self.uf.validate(self.app.REQUEST, self.basic, ['role1']) + self.failIfEqual(user, None) + self.assertEqual(user.getUserName(), 'user1') + + def testNotValidateWithoutAuth(self): + user = self.uf.validate(self.app.REQUEST, '', ['role1']) + self.assertEqual(user, None) + + def testValidateWithoutRoles(self): + # Note - calling uf.validate without specifying roles will cause + # the security machinery to determine the needed roles by looking + # at the object itself (or its container). I'm putting this note + # in to clarify because the original test expected failure but it + # really should have expected success, since the user and the + # object being checked both have the role 'role1', even though no + # roles are passed explicitly to the userfolder validate method. + user = self.uf.validate(self.app.REQUEST, self.basic) + self.assertEqual(user.getUserName(), 'user1') + + def testNotValidateWithEmptyRoles(self): + user = self.uf.validate(self.app.REQUEST, self.basic, []) + self.assertEqual(user, None) + + def testNotValidateWithWrongRoles(self): + user = self.uf.validate(self.app.REQUEST, self.basic, ['Manager']) + self.assertEqual(user, None) + + def testAllowAccessToUser(self): + self.login('user1') + try: + self.app.restrictedTraverse('doc') + except Unauthorized: + self.fail('Unauthorized') + + def testDenyAccessToAnonymous(self): + self.assertRaises(Unauthorized, self.app.restrictedTraverse, 'doc') + + def testMaxListUsers(self): + # create a folder-ish thing which contains a roleManager, + # then put an acl_users object into the folde-ish thing + + class Folderish(BasicUserFolder): + def __init__(self, size, count): + self.maxlistusers = size + self.users = [] + self.acl_users = self + self.__allow_groups__ = self + for i in xrange(count): + self.users.append("Nobody") + + def getUsers(self): + return self.users + + def user_names(self): + return self.getUsers() + + + tinyFolderOver = Folderish(15, 20) + tinyFolderUnder = Folderish(15, 10) + + assert tinyFolderOver.maxlistusers == 15 + assert tinyFolderUnder.maxlistusers == 15 + assert len(tinyFolderOver.user_names()) == 20 + assert len(tinyFolderUnder.user_names()) == 10 + + try: + list = tinyFolderOver.get_valid_userids() + assert 0, "Did not raise overflow error" + except OverflowError: + pass + + try: + list = tinyFolderUnder.get_valid_userids() + pass + except OverflowError: + assert 0, "Raised overflow error erroneously" + + def test__doAddUser_with_not_yet_encrypted_passwords(self): + # See collector #1869 && #1926 + from AccessControl.AuthEncoding import pw_validate + + USER_ID = 'not_yet_encrypted' + PASSWORD = 'password' + + uf = UserFolder().__of__(self.app) + uf.encrypt_passwords = True + self.failIf(uf._isPasswordEncrypted(PASSWORD)) + + uf._doAddUser(USER_ID, PASSWORD, [], []) + user = uf.getUserById(USER_ID) + self.failUnless(uf._isPasswordEncrypted(user.__)) + self.failUnless(pw_validate(user.__, PASSWORD)) + + def test__doAddUser_with_preencrypted_passwords(self): + # See collector #1869 && #1926 + from AccessControl.AuthEncoding import pw_validate + + USER_ID = 'already_encrypted' + PASSWORD = 'password' + + uf = UserFolder().__of__(self.app) + uf.encrypt_passwords = True + ENCRYPTED = uf._encryptPassword(PASSWORD) + + uf._doAddUser(USER_ID, ENCRYPTED, [], []) + user = uf.getUserById(USER_ID) + self.assertEqual(user.__, ENCRYPTED) + self.failUnless(uf._isPasswordEncrypted(user.__)) + self.failUnless(pw_validate(user.__, PASSWORD)) + + +class UserTests(unittest.TestCase): + + def testGetUserName(self): + f = User('chris', '123', ['Manager'], []) + self.assertEqual(f.getUserName(), 'chris') + + def testGetUserId(self): + f = User('chris', '123', ['Manager'], []) + self.assertEqual(f.getId(), 'chris') + + def testBaseUserGetIdEqualGetName(self): + # this is true for the default user type, but will not + # always be true for extended user types going forward (post-2.6) + f = User('chris', '123', ['Manager'], []) + self.assertEqual(f.getId(), f.getUserName()) + + def testGetPassword(self): + f = User('chris', '123', ['Manager'], []) + self.assertEqual(f._getPassword(), '123') + + def testGetRoles(self): + f = User('chris', '123', ['Manager'], []) + self.assertEqual(f.getRoles(), ('Manager', 'Authenticated')) + + def testGetDomains(self): + f = User('chris', '123', ['Manager'], []) + self.assertEqual(f.getDomains(), ()) + + def testRepr(self): + f = User('flo', '123', ['Manager'], []) + self.assertEqual(repr(f), "<User 'flo'>") + + def testReprSpecial(self): + from AccessControl.User import NullUnrestrictedUser + from AccessControl.User import nobody + from AccessControl.User import system + # NullUnrestrictedUser is used when there is no emergency user + self.assertEqual(repr(NullUnrestrictedUser()), + "<NullUnrestrictedUser (None, None)>") + self.assertEqual(repr(nobody), + "<SpecialUser 'Anonymous User'>") + self.assertEqual(repr(system), + "<UnrestrictedUser 'System Processes'>") + +def test_suite(): + suite = unittest.TestSuite() + suite.addTest(unittest.makeSuite(UserFolderTests)) + suite.addTest(unittest.makeSuite(UserTests)) + return suite + +if __name__ == '__main__': + unittest.main(defaultTest='test_suite') Deleted: Zope/trunk/src/AccessControl/tests/testUserFolder.py =================================================================== --- Zope/trunk/src/AccessControl/tests/testUserFolder.py 2010-05-16 15:09:54 UTC (rev 112350) +++ Zope/trunk/src/AccessControl/tests/testUserFolder.py 2010-05-16 15:10:03 UTC (rev 112351) @@ -1,301 +0,0 @@ -############################################################################## -# -# Copyright (c) 2002 Zope Foundation and Contributors. -# -# This software is subject to the provisions of the Zope Public License, -# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution. -# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED -# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS -# FOR A PARTICULAR PURPOSE. -# -############################################################################## -"""User folder tests. - -$Id$ -""" - -import unittest -import Testing -import Zope2 -Zope2.startup() - -import os, sys, base64 - -import transaction -from Testing.makerequest import makerequest - -from AccessControl import Unauthorized -from AccessControl.SecurityManagement import newSecurityManager -from AccessControl.SecurityManagement import noSecurityManager -from AccessControl.User import BasicUserFolder, UserFolder -from AccessControl.User import User - - -class UserFolderTests(unittest.TestCase): - - def setUp(self): - transaction.begin() - self.app = makerequest(Zope2.app()) - try: - # Set up a user and role - self.uf = UserFolder().__of__(self.app) - self.uf._doAddUser('user1', 'secret', ['role1'], []) - self.app._addRole('role1') - self.app.manage_role('role1', ['View']) - # Set up a published object accessible to user - self.app.addDTMLMethod('doc', file='') - self.app.doc.manage_permission('View', ['role1'], acquire=0) - # Rig the REQUEST so it looks like we traversed to doc - self.app.REQUEST.set('PUBLISHED', self.app.doc) - self.app.REQUEST.set('PARENTS', [self.app]) - self.app.REQUEST.steps = ['doc'] - self.basic = 'Basic %s' % base64.encodestring('user1:secret') - except: - self.tearDown() - raise - - def tearDown(self): - noSecurityManager() - transaction.abort() - self.app._p_jar.close() - - def login(self, name): - user = self.uf.getUserById(name) - user = user.__of__(self.uf) - newSecurityManager(None, user) - - def test_z3interfaces(self): - from AccessControl.interfaces import IStandardUserFolder - from AccessControl.User import UserFolder - from zope.interface.verify import verifyClass - - verifyClass(IStandardUserFolder, UserFolder) - - def testGetUser(self): - self.failIfEqual(self.uf.getUser('user1'), None) - - def testGetBadUser(self): - self.assertEqual(self.uf.getUser('user2'), None) - - def testGetUserById(self): - self.failIfEqual(self.uf.getUserById('user1'), None) - - def testGetBadUserById(self): - self.assertEqual(self.uf.getUserById('user2'), None) - - def testGetUsers(self): - users = self.uf.getUsers() - self.failUnless(users) - self.assertEqual(users[0].getUserName(), 'user1') - - def testGetUserNames(self): - names = self.uf.getUserNames() - self.failUnless(names) - self.assertEqual(names[0], 'user1') - - def testIdentify(self): - name, password = self.uf.identify(self.basic) - self.assertEqual(name, 'user1') - self.assertEqual(password, 'secret') - - def testGetRoles(self): - user = self.uf.getUser('user1') - self.failUnless('role1' in user.getRoles()) - - def testGetRolesInContext(self): - user = self.uf.getUser('user1') - self.app.manage_addLocalRoles('user1', ['Owner']) - roles = user.getRolesInContext(self.app) - self.failUnless('role1' in roles) - self.failUnless('Owner' in roles) - - def testHasRole(self): - user = self.uf.getUser('user1') - self.failUnless(user.has_role('role1', self.app)) - - def testHasLocalRole(self): - user = self.uf.getUser('user1') - self.app.manage_addLocalRoles('user1', ['Owner']) - self.failUnless(user.has_role('Owner', self.app)) - - def testHasPermission(self): - user = self.uf.getUser('user1') - self.failUnless(user.has_permission('View', self.app)) - self.app.manage_role('role1', ['Add Folders']) - self.failUnless(user.has_permission('Add Folders', self.app)) - - def testHasLocalRolePermission(self): - user = self.uf.getUser('user1') - self.app.manage_role('Owner', ['Add Folders']) - self.app.manage_addLocalRoles('user1', ['Owner']) - self.failUnless(user.has_permission('Add Folders', self.app)) - - def testAuthenticate(self): - user = self.uf.getUser('user1') - self.failUnless(user.authenticate('secret', self.app.REQUEST)) - - def testValidate(self): - user = self.uf.validate(self.app.REQUEST, self.basic, ['role1']) - self.failIfEqual(user, None) - self.assertEqual(user.getUserName(), 'user1') - - def testNotValidateWithoutAuth(self): - user = self.uf.validate(self.app.REQUEST, '', ['role1']) - self.assertEqual(user, None) - - def testValidateWithoutRoles(self): - # Note - calling uf.validate without specifying roles will cause - # the security machinery to determine the needed roles by looking - # at the object itself (or its container). I'm putting this note - # in to clarify because the original test expected failure but it - # really should have expected success, since the user and the - # object being checked both have the role 'role1', even though no - # roles are passed explicitly to the userfolder validate method. - user = self.uf.validate(self.app.REQUEST, self.basic) - self.assertEqual(user.getUserName(), 'user1') - - def testNotValidateWithEmptyRoles(self): - user = self.uf.validate(self.app.REQUEST, self.basic, []) - self.assertEqual(user, None) - - def testNotValidateWithWrongRoles(self): - user = self.uf.validate(self.app.REQUEST, self.basic, ['Manager']) - self.assertEqual(user, None) - - def testAllowAccessToUser(self): - self.login('user1') - try: - self.app.restrictedTraverse('doc') - except Unauthorized: - self.fail('Unauthorized') - - def testDenyAccessToAnonymous(self): - self.assertRaises(Unauthorized, self.app.restrictedTraverse, 'doc') - - def testMaxListUsers(self): - # create a folder-ish thing which contains a roleManager, - # then put an acl_users object into the folde-ish thing - - class Folderish(BasicUserFolder): - def __init__(self, size, count): - self.maxlistusers = size - self.users = [] - self.acl_users = self - self.__allow_groups__ = self - for i in xrange(count): - self.users.append("Nobody") - - def getUsers(self): - return self.users - - def user_names(self): - return self.getUsers() - - - tinyFolderOver = Folderish(15, 20) - tinyFolderUnder = Folderish(15, 10) - - assert tinyFolderOver.maxlistusers == 15 - assert tinyFolderUnder.maxlistusers == 15 - assert len(tinyFolderOver.user_names()) == 20 - assert len(tinyFolderUnder.user_names()) == 10 - - try: - list = tinyFolderOver.get_valid_userids() - assert 0, "Did not raise overflow error" - except OverflowError: - pass - - try: - list = tinyFolderUnder.get_valid_userids() - pass - except OverflowError: - assert 0, "Raised overflow error erroneously" - - def test__doAddUser_with_not_yet_encrypted_passwords(self): - # See collector #1869 && #1926 - from AccessControl.AuthEncoding import pw_validate - - USER_ID = 'not_yet_encrypted' - PASSWORD = 'password' - - uf = UserFolder().__of__(self.app) - uf.encrypt_passwords = True - self.failIf(uf._isPasswordEncrypted(PASSWORD)) - - uf._doAddUser(USER_ID, PASSWORD, [], []) - user = uf.getUserById(USER_ID) - self.failUnless(uf._isPasswordEncrypted(user.__)) - self.failUnless(pw_validate(user.__, PASSWORD)) - - def test__doAddUser_with_preencrypted_passwords(self): - # See collector #1869 && #1926 - from AccessControl.AuthEncoding import pw_validate - - USER_ID = 'already_encrypted' - PASSWORD = 'password' - - uf = UserFolder().__of__(self.app) - uf.encrypt_passwords = True - ENCRYPTED = uf._encryptPassword(PASSWORD) - - uf._doAddUser(USER_ID, ENCRYPTED, [], []) - user = uf.getUserById(USER_ID) - self.assertEqual(user.__, ENCRYPTED) - self.failUnless(uf._isPasswordEncrypted(user.__)) - self.failUnless(pw_validate(user.__, PASSWORD)) - - -class UserTests(unittest.TestCase): - - def testGetUserName(self): - f = User('chris', '123', ['Manager'], []) - self.assertEqual(f.getUserName(), 'chris') - - def testGetUserId(self): - f = User('chris', '123', ['Manager'], []) - self.assertEqual(f.getId(), 'chris') - - def testBaseUserGetIdEqualGetName(self): - # this is true for the default user type, but will not - # always be true for extended user types going forward (post-2.6) - f = User('chris', '123', ['Manager'], []) - self.assertEqual(f.getId(), f.getUserName()) - - def testGetPassword(self): - f = User('chris', '123', ['Manager'], []) - self.assertEqual(f._getPassword(), '123') - - def testGetRoles(self): - f = User('chris', '123', ['Manager'], []) - self.assertEqual(f.getRoles(), ('Manager', 'Authenticated')) - - def testGetDomains(self): - f = User('chris', '123', ['Manager'], []) - self.assertEqual(f.getDomains(), ()) - - def testRepr(self): - f = User('flo', '123', ['Manager'], []) - self.assertEqual(repr(f), "<User 'flo'>") - - def testReprSpecial(self): - from AccessControl.User import NullUnrestrictedUser - from AccessControl.User import nobody - from AccessControl.User import system - # NullUnrestrictedUser is used when there is no emergency user - self.assertEqual(repr(NullUnrestrictedUser()), - "<NullUnrestrictedUser (None, None)>") - self.assertEqual(repr(nobody), - "<SpecialUser 'Anonymous User'>") - self.assertEqual(repr(system), - "<UnrestrictedUser 'System Processes'>") - -def test_suite(): - suite = unittest.TestSuite() - suite.addTest(unittest.makeSuite(UserFolderTests)) - suite.addTest(unittest.makeSuite(UserTests)) - return suite - -if __name__ == '__main__': - unittest.main(defaultTest='test_suite') _______________________________________________ Zope-Checkins maillist - Zope-Checkins@zope.org https://mail.zope.org/mailman/listinfo/zope-checkins