format source using black

Michael Merickel

2018-10-15 0c29cf2df41600d3906d521c72991c7686018b71

 tests/test_authorization.py

@@ -2,6 +2,7 @@

from pyramid.testing import cleanUp


class TestACLAuthorizationPolicy(unittest.TestCase):
    def setUp(self):
        cleanUp()
@@ -11,6 +12,7 @@

    def _getTargetClass(self):
        from pyramid.authorization import ACLAuthorizationPolicy

        return ACLAuthorizationPolicy

    def _makeOne(self):
@@ -19,18 +21,20 @@
    def test_class_implements_IAuthorizationPolicy(self):
        from zope.interface.verify import verifyClass
        from pyramid.interfaces import IAuthorizationPolicy

        verifyClass(IAuthorizationPolicy, self._getTargetClass())

    def test_instance_implements_IAuthorizationPolicy(self):
        from zope.interface.verify import verifyObject
        from pyramid.interfaces import IAuthorizationPolicy

        verifyObject(IAuthorizationPolicy, self._makeOne())

    def test_permits_no_acl(self):
        context = DummyContext()
        policy = self._makeOne()
        self.assertEqual(policy.permits(context, [], 'view'), False)
        

    def test_permits(self):
        from pyramid.security import Deny
        from pyramid.security import Allow
@@ -38,68 +42,76 @@
        from pyramid.security import Authenticated
        from pyramid.security import ALL_PERMISSIONS
        from pyramid.security import DENY_ALL

        root = DummyContext()
        community = DummyContext(__name__='community', __parent__=root)
        blog = DummyContext(__name__='blog', __parent__=community)
        root.__acl__ = [
            (Allow, Authenticated, VIEW),
            ]
        root.__acl__ = [(Allow, Authenticated, VIEW)]
        community.__acl__ = [
            (Allow, 'fred', ALL_PERMISSIONS),
            (Allow, 'wilma', VIEW),
            DENY_ALL,
            ]
        ]
        blog.__acl__ = [
            (Allow, 'barney', MEMBER_PERMS),
            (Allow, 'wilma', VIEW),
            ]
        ]

        policy = self._makeOne()

        result = policy.permits(blog, [Everyone, Authenticated, 'wilma'],
                                'view')
        result = policy.permits(
            blog, [Everyone, Authenticated, 'wilma'], 'view'
        )
        self.assertEqual(result, True)
        self.assertEqual(result.context, blog)
        self.assertEqual(result.ace, (Allow, 'wilma', VIEW))
        self.assertEqual(result.acl, blog.__acl__)

        result = policy.permits(blog, [Everyone, Authenticated, 'wilma'],
                                'delete')
        result = policy.permits(
            blog, [Everyone, Authenticated, 'wilma'], 'delete'
        )
        self.assertEqual(result, False)
        self.assertEqual(result.context, community)
        self.assertEqual(result.ace, (Deny, Everyone, ALL_PERMISSIONS))
        self.assertEqual(result.acl, community.__acl__)

        result = policy.permits(blog, [Everyone, Authenticated, 'fred'], 'view')
        result = policy.permits(
            blog, [Everyone, Authenticated, 'fred'], 'view'
        )
        self.assertEqual(result, True)
        self.assertEqual(result.context, community)
        self.assertEqual(result.ace, (Allow, 'fred', ALL_PERMISSIONS))
        result = policy.permits(blog, [Everyone, Authenticated, 'fred'],
                                'doesntevenexistyet')
        result = policy.permits(
            blog, [Everyone, Authenticated, 'fred'], 'doesntevenexistyet'
        )
        self.assertEqual(result, True)
        self.assertEqual(result.context, community)
        self.assertEqual(result.ace, (Allow, 'fred', ALL_PERMISSIONS))
        self.assertEqual(result.acl, community.__acl__)

        result = policy.permits(blog, [Everyone, Authenticated, 'barney'],
                                'view')
        result = policy.permits(
            blog, [Everyone, Authenticated, 'barney'], 'view'
        )
        self.assertEqual(result, True)
        self.assertEqual(result.context, blog)
        self.assertEqual(result.ace, (Allow, 'barney', MEMBER_PERMS))
        result = policy.permits(blog, [Everyone, Authenticated, 'barney'],
                                'administer')
        result = policy.permits(
            blog, [Everyone, Authenticated, 'barney'], 'administer'
        )
        self.assertEqual(result, False)
        self.assertEqual(result.context, community)
        self.assertEqual(result.ace, (Deny, Everyone, ALL_PERMISSIONS))
        self.assertEqual(result.acl, community.__acl__)
        
        result = policy.permits(root, [Everyone, Authenticated, 'someguy'],
                                'view')

        result = policy.permits(
            root, [Everyone, Authenticated, 'someguy'], 'view'
        )
        self.assertEqual(result, True)
        self.assertEqual(result.context, root)
        self.assertEqual(result.ace, (Allow, Authenticated, VIEW))
        result = policy.permits(blog,
                                [Everyone, Authenticated, 'someguy'], 'view')
        result = policy.permits(
            blog, [Everyone, Authenticated, 'someguy'], 'view'
        )
        self.assertEqual(result, False)
        self.assertEqual(result.context, community)
        self.assertEqual(result.ace, (Deny, Everyone, ALL_PERMISSIONS))
@@ -116,128 +128,149 @@
        self.assertEqual(result, False)
        self.assertEqual(result.ace, '<default deny>')
        self.assertEqual(
            result.acl,
            '<No ACL found on any object in resource lineage>')
            result.acl, '<No ACL found on any object in resource lineage>'
        )

    def test_permits_string_permissions_in_acl(self):
        from pyramid.security import Allow

        root = DummyContext()
        root.__acl__ = [
            (Allow, 'wilma', 'view_stuff'),
            ]
        root.__acl__ = [(Allow, 'wilma', 'view_stuff')]

        policy = self._makeOne()

        result = policy.permits(root, ['wilma'], 'view')
        # would be True if matching against 'view_stuff' instead of against
        # ['view_stuff']
        self.assertEqual(result, False) 
        self.assertEqual(result, False)

    def test_principals_allowed_by_permission_direct(self):
        from pyramid.security import Allow
        from pyramid.security import DENY_ALL

        context = DummyContext()
        acl = [ (Allow, 'chrism', ('read', 'write')),
                DENY_ALL,
                (Allow, 'other', 'read') ]
        acl = [
            (Allow, 'chrism', ('read', 'write')),
            DENY_ALL,
            (Allow, 'other', 'read'),
        ]
        context.__acl__ = acl
        policy = self._makeOne()
        result = sorted(
            policy.principals_allowed_by_permission(context, 'read'))
            policy.principals_allowed_by_permission(context, 'read')
        )
        self.assertEqual(result, ['chrism'])

    def test_principals_allowed_by_permission_callable_acl(self):
        from pyramid.security import Allow
        from pyramid.security import DENY_ALL

        context = DummyContext()
        acl = lambda: [ (Allow, 'chrism', ('read', 'write')),
                        DENY_ALL,
                        (Allow, 'other', 'read') ]
        acl = lambda: [
            (Allow, 'chrism', ('read', 'write')),
            DENY_ALL,
            (Allow, 'other', 'read'),
        ]
        context.__acl__ = acl
        policy = self._makeOne()
        result = sorted(
            policy.principals_allowed_by_permission(context, 'read'))
            policy.principals_allowed_by_permission(context, 'read')
        )
        self.assertEqual(result, ['chrism'])
        

    def test_principals_allowed_by_permission_string_permission(self):
        from pyramid.security import Allow

        context = DummyContext()
        acl = [ (Allow, 'chrism', 'read_it')]
        acl = [(Allow, 'chrism', 'read_it')]
        context.__acl__ = acl
        policy = self._makeOne()
        result = policy.principals_allowed_by_permission(context, 'read')
        # would be ['chrism'] if 'read' were compared against 'read_it' instead
        # of against ['read_it']
        self.assertEqual(list(result), [])
        

    def test_principals_allowed_by_permission(self):
        from pyramid.security import Allow
        from pyramid.security import Deny
        from pyramid.security import DENY_ALL
        from pyramid.security import ALL_PERMISSIONS

        root = DummyContext(__name__='', __parent__=None)
        community = DummyContext(__name__='community', __parent__=root)
        blog = DummyContext(__name__='blog', __parent__=community)
        root.__acl__ = [ (Allow, 'chrism', ('read', 'write')),
                         (Allow, 'other', ('read',)),
                         (Allow, 'jim', ALL_PERMISSIONS)]
        community.__acl__ = [  (Deny, 'flooz', 'read'),
                               (Allow, 'flooz', 'read'),
                               (Allow, 'mork', 'read'),
                               (Deny, 'jim', 'read'),
                               (Allow, 'someguy', 'manage')]
        blog.__acl__ = [ (Allow, 'fred', 'read'),
                         DENY_ALL]
        root.__acl__ = [
            (Allow, 'chrism', ('read', 'write')),
            (Allow, 'other', ('read',)),
            (Allow, 'jim', ALL_PERMISSIONS),
        ]
        community.__acl__ = [
            (Deny, 'flooz', 'read'),
            (Allow, 'flooz', 'read'),
            (Allow, 'mork', 'read'),
            (Deny, 'jim', 'read'),
            (Allow, 'someguy', 'manage'),
        ]
        blog.__acl__ = [(Allow, 'fred', 'read'), DENY_ALL]

        policy = self._makeOne()
        

        result = sorted(policy.principals_allowed_by_permission(blog, 'read'))
        self.assertEqual(result, ['fred'])
        result = sorted(policy.principals_allowed_by_permission(community,
            'read'))
        result = sorted(
            policy.principals_allowed_by_permission(community, 'read')
        )
        self.assertEqual(result, ['chrism', 'mork', 'other'])
        result = sorted(policy.principals_allowed_by_permission(community,
            'read'))
        result = sorted(
            policy.principals_allowed_by_permission(community, 'read')
        )
        result = sorted(policy.principals_allowed_by_permission(root, 'read'))
        self.assertEqual(result, ['chrism', 'jim', 'other'])

    def test_principals_allowed_by_permission_no_acls(self):
        context = DummyContext()
        policy = self._makeOne()
        result = sorted(policy.principals_allowed_by_permission(context,'read'))
        result = sorted(
            policy.principals_allowed_by_permission(context, 'read')
        )
        self.assertEqual(result, [])

    def test_principals_allowed_by_permission_deny_not_permission_in_acl(self):
        from pyramid.security import Deny
        from pyramid.security import Everyone

        context = DummyContext()
        acl = [ (Deny, Everyone, 'write') ]
        acl = [(Deny, Everyone, 'write')]
        context.__acl__ = acl
        policy = self._makeOne()
        result = sorted(
            policy.principals_allowed_by_permission(context, 'read'))
            policy.principals_allowed_by_permission(context, 'read')
        )
        self.assertEqual(result, [])

    def test_principals_allowed_by_permission_deny_permission_in_acl(self):
        from pyramid.security import Deny
        from pyramid.security import Everyone

        context = DummyContext()
        acl = [ (Deny, Everyone, 'read') ]
        acl = [(Deny, Everyone, 'read')]
        context.__acl__ = acl
        policy = self._makeOne()
        result = sorted(
            policy.principals_allowed_by_permission(context, 'read'))
            policy.principals_allowed_by_permission(context, 'read')
        )
        self.assertEqual(result, [])

    def test_callable_acl(self):
        from pyramid.security import Allow

        context = DummyContext()
        fn = lambda self: [(Allow, 'bob', 'read')]
        context.__acl__ = fn.__get__(context, context.__class__)
        policy = self._makeOne()
        result = policy.permits(context, ['bob'], 'read')
        self.assertTrue(result)
        


class DummyContext:
    def __init__(self, *arg, **kw):
@@ -256,4 +289,3 @@
MEMBER_PERMS = GUEST_PERMS + (EDIT, CREATE, DELETE)
MODERATOR_PERMS = MEMBER_PERMS + (MODERATE,)
ADMINISTRATOR_PERMS = MODERATOR_PERMS + (ADMINISTER,)