~launchpad-pqm/launchpad/devel : revision 13843.9.4

3

4

__metaclass__ = type

5

6

from zope.component import getSiteManager

6

from zope.component import (

7

getSiteManager,

8

queryAdapter,

9

)

7

10

from zope.interface import (

8

11

implements,

9

12

Interface,

11

14

12

15

from canonical.testing.layers import ZopelessDatabaseLayer

13

16

from lp.app.interfaces.security import IAuthorization

14

from lp.app.security import AuthorizationBase

17

from lp.app.security import (

18

AuthorizationBase,

19

ForwardedAuthorization,

20

)

15

21

from lp.testing import TestCaseWithFactory

16

22

from lp.testing.fakemethod import FakeMethod

17

23

18

24

25

def registerFakeSecurityAdapter(interface, permission, adapter=None):

26

"""Register an instance of FakeSecurityAdapter.

27

28

Create a factory for an instance of FakeSecurityAdapter and register

29

it as an adapter for the given interface and permission name.

30

"""

31

if adapter is None:

32

adapter = FakeSecurityAdapter()

33

34

def adapter_factory(adaptee):

35

return adapter

36

37

getSiteManager().registerAdapter(

38

adapter_factory, (interface,), IAuthorization, permission)

39

return adapter

40

41

19

42

class FakeSecurityAdapter(AuthorizationBase):

20

43

21

44

def __init__(self, adaptee=None):

24

47

self.checkUnauthenticated = FakeMethod()

25

48

26

49

27

class DummyInterface(Interface):

50

class IDummy(Interface):

28

51

"""Marker interface to test forwarding."""

29

52

30

53

31

class DummyClass:

32

"""An implementation of DummyInterface."""

33

implements(DummyInterface)

54

class Dummy:

55

"""An implementation of IDummy."""

56

implements(IDummy)

34

57

35

58

36

59

class TestAuthorizationBase(TestCaseWithFactory):

59

82

(0, adapter.checkAuthenticated.call_count),

60

83

(1, adapter.checkUnauthenticated.call_count))

61

84

62

def _registerFakeSecurityAdpater(self, interface, permission):

63

"""Register an instance of FakeSecurityAdapter.

64

65

Create a factory for an instance of FakeSecurityAdapter and register

66

it as an adapter for the given interface and permission name.

67

"""

68

adapter = FakeSecurityAdapter()

69

70

def adapter_factory(adaptee):

71

return adapter

72

73

getSiteManager().registerAdapter(

74

adapter_factory, (interface,), IAuthorization, permission)

75

return adapter

76

77

85

def test_forwardCheckAuthenticated_object_changes(self):

78

86

# Requesting a check for the same permission on a different object.

79

87

permission = self.factory.getUniqueString()

80

next_adapter = self._registerFakeSecurityAdpater(

81

DummyInterface, permission)

88

next_adapter = registerFakeSecurityAdapter(

89

IDummy, permission)

82

90

83

91

adapter = FakeSecurityAdapter()

84

92

adapter.permission = permission

85

93

adapter.usedfor = None

86

94

adapter.checkPermissionIsRegistered = FakeMethod(result=True)

87

95

88

adapter.forwardCheckAuthenticated(None, DummyClass())

96

adapter.forwardCheckAuthenticated(None, Dummy())

89

97

90

98

self.assertVectorEqual(

91

99

(1, adapter.checkPermissionIsRegistered.call_count),

94

102

def test_forwardCheckAuthenticated_permission_changes(self):

95

103

# Requesting a check for a different permission on the same object.

96

104

next_permission = self.factory.getUniqueString()

97

next_adapter = self._registerFakeSecurityAdpater(

98

DummyInterface, next_permission)

105

next_adapter = registerFakeSecurityAdapter(

106

IDummy, next_permission)

99

107

100

adapter = FakeSecurityAdapter(DummyClass())

108

adapter = FakeSecurityAdapter(Dummy())

101

109

adapter.permission = self.factory.getUniqueString()

102

adapter.usedfor = DummyInterface

110

adapter.usedfor = IDummy

103

111

adapter.checkPermissionIsRegistered = FakeMethod(result=True)

104

112

105

113

adapter.forwardCheckAuthenticated(None, permission=next_permission)

112

120

# Requesting a check for a different permission and a different

113

121

# object.

114

122

next_permission = self.factory.getUniqueString()

115

next_adapter = self._registerFakeSecurityAdpater(

116

DummyInterface, next_permission)

123

next_adapter = registerFakeSecurityAdapter(

124

IDummy, next_permission)

117

125

118

126

adapter = FakeSecurityAdapter()

119

127

adapter.permission = self.factory.getUniqueString()

120

128

adapter.usedfor = None

121

129

adapter.checkPermissionIsRegistered = FakeMethod(result=True)

122

130

123

adapter.forwardCheckAuthenticated(None, DummyClass(), next_permission)

131

adapter.forwardCheckAuthenticated(None, Dummy(), next_permission)

124

132

125

133

self.assertVectorEqual(

126

134

(1, adapter.checkPermissionIsRegistered.call_count),

130

138

# If the requested forwarding adapter does not exist, return False.

131

139

adapter = FakeSecurityAdapter()

132

140

adapter.permission = self.factory.getUniqueString()

133

adapter.usedfor = DummyInterface

141

adapter.usedfor = IDummy

134

142

adapter.checkPermissionIsRegistered = FakeMethod(result=True)

135

143

136

144

self.assertFalse(

137

adapter.forwardCheckAuthenticated(None, DummyClass()))

145

adapter.forwardCheckAuthenticated(None, Dummy()))

146

147

148

class FakeForwardedAuthorization(ForwardedAuthorization):

149

def __init__(self, obj, permission=None):

150

super(FakeForwardedAuthorization, self).__init__(

151

obj.child_obj, permission)

152

153

154

class FakeForwardedObject:

155

implements(IDummy)

156

def __init__(self):

157

self.child_obj = Dummy()

158

159

160

class TestForwardedAuthorizationBase(TestCaseWithFactory):

161

162

layer = ZopelessDatabaseLayer

163

164

def test_ForwardedAuthorization_same_permissions(self):

165

166

permission = self.factory.getUniqueString()

167

fake_obj = FakeForwardedObject()

168

outer_adapter = FakeForwardedAuthorization(fake_obj)

169

outer_adapter.permission = permission

170

171

inner_adapter = FakeSecurityAdapter()

172

inner_adapter.permission = permission

173

registerFakeSecurityAdapter(IDummy, permission, inner_adapter)

174

user = object()

175

outer_adapter.checkAuthenticated(user)

176

outer_adapter.checkUnauthenticated()

177

self.assertVectorEqual(

178

(1, inner_adapter.checkAuthenticated.call_count),

179

(1, inner_adapter.checkUnauthenticated.call_count))

180

181

def test_ForwardedAuthorization_different_permissions(self):

182

perm_inner = 'inner'

183

perm_outer = 'outer'

184

fake_obj = FakeForwardedObject()

185

outer_adapter = FakeForwardedAuthorization(fake_obj, perm_inner)

186

registerFakeSecurityAdapter(IDummy, perm_outer, outer_adapter)

187

188

inner_adapter = FakeSecurityAdapter()

189

inner_adapter.permission = perm_inner

190

registerFakeSecurityAdapter(IDummy, perm_inner, inner_adapter)

191

192

user = object()

193

adapter = queryAdapter(

194

FakeForwardedObject(), IAuthorization, perm_outer)

195

adapter.checkAuthenticated(user)

196

adapter.checkUnauthenticated()

197

self.assertVectorEqual(

198

(1, inner_adapter.checkAuthenticated.call_count),

199

(1, inner_adapter.checkUnauthenticated.call_count))