[z3-checkins] r11479 - in z3/Five/trunk: . tests
dreamcatcher at codespeak.net
dreamcatcher at codespeak.net
Tue Apr 26 15:47:37 CEST 2005
Author: dreamcatcher
Date: Tue Apr 26 15:47:37 2005
New Revision: 11479
Modified:
z3/Five/trunk/browserconfigure.py
z3/Five/trunk/tests/test_security2.py
Log:
- AddViewFactory and EditViewFactory were not calling protectClass on the generated class
- Cleanup the test to include the view_name in failure if one occurs
Modified: z3/Five/trunk/browserconfigure.py
==============================================================================
--- z3/Five/trunk/browserconfigure.py (original)
+++ z3/Five/trunk/browserconfigure.py Tue Apr 26 15:47:37 2005
@@ -443,7 +443,8 @@
s.provideView(for_, name, IBrowserRequest, class_, layer)
-
+ protectClass(class_, permission)
+ initializeClass(class_)
class FiveFormDirective(BaseFormDirective):
@@ -474,6 +475,7 @@
kw={'menu': self.menu},
)
+
def AddViewFactory(name, schema, label, permission, layer,
template, default_template, bases, for_,
fields, content_factory, arguments,
@@ -495,6 +497,8 @@
class_.generated_form = ZopeTwoPageTemplateFile(default_template)
s.provideView(for_, name, IBrowserRequest, class_, layer)
+ protectClass(class_, permission)
+ initializeClass(class_)
class AddFormDirective(FiveFormDirective):
Modified: z3/Five/trunk/tests/test_security2.py
==============================================================================
--- z3/Five/trunk/tests/test_security2.py (original)
+++ z3/Five/trunk/tests/test_security2.py Tue Apr 26 15:47:37 2005
@@ -155,7 +155,8 @@
response = self.publish('/test_folder_1_/testoid/%s' % view_name,
basic='viewer:secret')
# we expect that we get a 401 Unauthorized
- self.assertEqual(response.getStatus(), 401)
+ status = response.getStatus()
+ self.failUnless(status == 401, (status, 401, view_name))
def test_all_permissions(self):
permissions = self.folder.possible_permissions()
@@ -163,11 +164,12 @@
self.folder.manage_role('Viewer', permissions)
self.folder.manage_addLocalRoles(
'viewer', ['Viewer'])
-
+
for view_name in view_names:
response = self.publish('/test_folder_1_/testoid/%s' % view_name,
basic='viewer:secret')
- self.assertEqual(response.getStatus(), 200)
+ status = response.getStatus()
+ self.failUnless(status == 200, (status, 200, view_name))
def test_almost_all_permissions(self):
permissions = self.folder.possible_permissions()
@@ -176,12 +178,13 @@
self.folder.manage_role('Viewer', permissions)
self.folder.manage_addLocalRoles(
'viewer', ['Viewer'])
-
+
for view_name in view_names:
response = self.publish('/test_folder_1_/testoid/%s' % view_name,
basic='viewer:secret')
# we expect that we get a 401 Unauthorized
- self.assertEqual(response.getStatus(), 401)
+ status = response.getStatus()
+ self.failUnless(status == 401, (status, 401, view_name))
def test_manager_permission(self):
for view_name in view_names:
@@ -193,7 +196,8 @@
def test_public_permission(self):
for view_name in public_view_names:
response = self.publish('/test_folder_1_/testoid/%s' % view_name)
- self.assertEqual(response.getStatus(), 200)
+ status = response.getStatus()
+ self.failUnless(status == 200, (status, 200, view_name))
def test_addpages(self):
manage_addFiveTraversableFolder(self.folder, 'ftf')
@@ -201,7 +205,7 @@
# Unprotected as anonymous
response = self.publish('/test_folder_1_/ftf/+/addsimplecontent.html')
self.assertEqual(response.getStatus(), 200)
-
+
# Protected as manager
response = self.publish('/test_folder_1_/ftf/+/protectedaddform.html',
basic='manager:r00t')
More information about the z3-checkins
mailing list