dce68fdb0d8ea0459f2cbc7ae44baa8471095eab
1 # Copyright (c) 2002 ekit.com Inc (http://www.ekit-inc.com/)
2 #
3 # Permission is hereby granted, free of charge, to any person obtaining a copy
4 # of this software and associated documentation files (the "Software"), to deal
5 # in the Software without restriction, including without limitation the rights
6 # to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
7 # copies of the Software, and to permit persons to whom the Software is
8 # furnished to do so, subject to the following conditions:
9 #
10 # The above copyright notice and this permission notice shall be included in
11 # all copies or substantial portions of the Software.
12 #
13 # THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
14 # IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15 # FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
16 # AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
17 # LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
18 # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
19 # SOFTWARE.
21 # $Id: test_security.py,v 1.2 2002-07-26 08:27:00 richard Exp $
23 import os, unittest, shutil
25 from roundup.password import Password
26 from test_db import setupSchema, MyTestCase, config
28 class PermissionTest(MyTestCase):
29 def setUp(self):
30 from roundup.backends import anydbm
31 # remove previous test, ignore errors
32 if os.path.exists(config.DATABASE):
33 shutil.rmtree(config.DATABASE)
34 os.makedirs(config.DATABASE + '/files')
35 self.db = anydbm.Database(config, 'test')
36 setupSchema(self.db, 1, anydbm)
38 def testInterfaceSecurity(self):
39 ' test that the CGI and mailgw have initialised security OK '
40 # TODO: some asserts
42 def testInitialiseSecurity(self):
43 ''' Create some Permissions and Roles on the security object
45 This function is directly invoked by security.Security.__init__()
46 as a part of the Security object instantiation.
47 '''
48 ei = self.db.security.addPermission(name="Edit", klass="issue",
49 description="User is allowed to edit issues")
50 self.db.security.addPermissionToRole('User', ei)
51 ai = self.db.security.addPermission(name="View", klass="issue",
52 description="User is allowed to access issues")
53 self.db.security.addPermissionToRole('User', ai)
55 def testGetPermission(self):
56 self.db.security.getPermission('Edit')
57 self.db.security.getPermission('View')
58 self.assertRaises(ValueError, self.db.security.getPermission, 'x')
59 self.assertRaises(ValueError, self.db.security.getPermission, 'Edit',
60 'fubar')
61 ei = self.db.security.addPermission(name="Edit", klass="issue",
62 description="User is allowed to edit issues")
63 self.db.security.getPermission('Edit', 'issue')
64 ai = self.db.security.addPermission(name="View", klass="issue",
65 description="User is allowed to access issues")
66 self.db.security.getPermission('View', 'issue')
68 def testDBinit(self):
69 self.db.user.create(username="admin", roles='Admin')
70 self.db.user.create(username="anonymous", roles='User')
72 def testAccessControls(self):
73 self.testDBinit()
74 self.testInitialiseSecurity()
76 # test class-level access
77 userid = self.db.user.lookup('admin')
78 self.assertEquals(self.db.security.hasPermission('Edit', userid,
79 'issue'), 1)
80 self.assertEquals(self.db.security.hasPermission('Edit', userid,
81 'user'), 1)
82 userid = self.db.user.lookup('anonymous')
83 self.assertEquals(self.db.security.hasPermission('Edit', userid,
84 'issue'), 1)
85 self.assertEquals(self.db.security.hasPermission('Edit', userid,
86 'user'), 0)
88 # test node-level access
89 issueid = self.db.issue.create(title='foo', assignedto='admin')
90 userid = self.db.user.lookup('admin')
91 self.assertEquals(self.db.security.hasNodePermission('issue',
92 issueid, assignedto=userid), 1)
93 self.assertEquals(self.db.security.hasNodePermission('issue',
94 issueid, nosy=userid), 0)
95 self.db.issue.set(issueid, nosy=[userid])
96 self.assertEquals(self.db.security.hasNodePermission('issue',
97 issueid, nosy=userid), 1)
99 def suite():
100 return unittest.makeSuite(PermissionTest)
103 #
104 # $Log: not supported by cvs2svn $
105 # Revision 1.1 2002/07/25 07:14:06 richard
106 # Bugger it. Here's the current shape of the new security implementation.
107 # Still to do:
108 # . call the security funcs from cgi and mailgw
109 # . change shipped templates to include correct initialisation and remove
110 # the old config vars
111 # ... that seems like a lot. The bulk of the work has been done though. Honest :)
112 #
113 # Revision 1.1 2002/07/10 06:40:01 richard
114 # ehem, forgot to add
115 #
116 #
117 #
118 # vim: set filetype=python ts=4 sw=4 et si