From bda1306749c62ef4f11cfe567ed7d56c8ad94240 Mon Sep 17 00:00:00 2001 From: Michael Merickel <github@m.merickel.org> Date: Mon, 15 Oct 2018 16:56:42 +0200 Subject: [PATCH] Merge pull request #3388 from mmerickel/black --- tests/test_authorization.py | 154 +++++++++++++++++++++++++++++++-------------------- 1 files changed, 93 insertions(+), 61 deletions(-) diff --git a/tests/test_authorization.py b/tests/test_authorization.py index 05cd3b4..efb84b2 100644 --- a/tests/test_authorization.py +++ b/tests/test_authorization.py @@ -2,6 +2,7 @@ from pyramid.testing import cleanUp + class TestACLAuthorizationPolicy(unittest.TestCase): def setUp(self): cleanUp() @@ -11,6 +12,7 @@ def _getTargetClass(self): from pyramid.authorization import ACLAuthorizationPolicy + return ACLAuthorizationPolicy def _makeOne(self): @@ -19,18 +21,20 @@ def test_class_implements_IAuthorizationPolicy(self): from zope.interface.verify import verifyClass from pyramid.interfaces import IAuthorizationPolicy + verifyClass(IAuthorizationPolicy, self._getTargetClass()) def test_instance_implements_IAuthorizationPolicy(self): from zope.interface.verify import verifyObject from pyramid.interfaces import IAuthorizationPolicy + verifyObject(IAuthorizationPolicy, self._makeOne()) def test_permits_no_acl(self): context = DummyContext() policy = self._makeOne() self.assertEqual(policy.permits(context, [], 'view'), False) - + def test_permits(self): from pyramid.security import Deny from pyramid.security import Allow @@ -38,68 +42,76 @@ from pyramid.security import Authenticated from pyramid.security import ALL_PERMISSIONS from pyramid.security import DENY_ALL + root = DummyContext() community = DummyContext(__name__='community', __parent__=root) blog = DummyContext(__name__='blog', __parent__=community) - root.__acl__ = [ - (Allow, Authenticated, VIEW), - ] + root.__acl__ = [(Allow, Authenticated, VIEW)] community.__acl__ = [ (Allow, 'fred', ALL_PERMISSIONS), (Allow, 'wilma', VIEW), DENY_ALL, - ] + ] blog.__acl__ = [ (Allow, 'barney', MEMBER_PERMS), (Allow, 'wilma', VIEW), - ] + ] policy = self._makeOne() - result = policy.permits(blog, [Everyone, Authenticated, 'wilma'], - 'view') + result = policy.permits( + blog, [Everyone, Authenticated, 'wilma'], 'view' + ) self.assertEqual(result, True) self.assertEqual(result.context, blog) self.assertEqual(result.ace, (Allow, 'wilma', VIEW)) self.assertEqual(result.acl, blog.__acl__) - result = policy.permits(blog, [Everyone, Authenticated, 'wilma'], - 'delete') + result = policy.permits( + blog, [Everyone, Authenticated, 'wilma'], 'delete' + ) self.assertEqual(result, False) self.assertEqual(result.context, community) self.assertEqual(result.ace, (Deny, Everyone, ALL_PERMISSIONS)) self.assertEqual(result.acl, community.__acl__) - result = policy.permits(blog, [Everyone, Authenticated, 'fred'], 'view') + result = policy.permits( + blog, [Everyone, Authenticated, 'fred'], 'view' + ) self.assertEqual(result, True) self.assertEqual(result.context, community) self.assertEqual(result.ace, (Allow, 'fred', ALL_PERMISSIONS)) - result = policy.permits(blog, [Everyone, Authenticated, 'fred'], - 'doesntevenexistyet') + result = policy.permits( + blog, [Everyone, Authenticated, 'fred'], 'doesntevenexistyet' + ) self.assertEqual(result, True) self.assertEqual(result.context, community) self.assertEqual(result.ace, (Allow, 'fred', ALL_PERMISSIONS)) self.assertEqual(result.acl, community.__acl__) - result = policy.permits(blog, [Everyone, Authenticated, 'barney'], - 'view') + result = policy.permits( + blog, [Everyone, Authenticated, 'barney'], 'view' + ) self.assertEqual(result, True) self.assertEqual(result.context, blog) self.assertEqual(result.ace, (Allow, 'barney', MEMBER_PERMS)) - result = policy.permits(blog, [Everyone, Authenticated, 'barney'], - 'administer') + result = policy.permits( + blog, [Everyone, Authenticated, 'barney'], 'administer' + ) self.assertEqual(result, False) self.assertEqual(result.context, community) self.assertEqual(result.ace, (Deny, Everyone, ALL_PERMISSIONS)) self.assertEqual(result.acl, community.__acl__) - - result = policy.permits(root, [Everyone, Authenticated, 'someguy'], - 'view') + + result = policy.permits( + root, [Everyone, Authenticated, 'someguy'], 'view' + ) self.assertEqual(result, True) self.assertEqual(result.context, root) self.assertEqual(result.ace, (Allow, Authenticated, VIEW)) - result = policy.permits(blog, - [Everyone, Authenticated, 'someguy'], 'view') + result = policy.permits( + blog, [Everyone, Authenticated, 'someguy'], 'view' + ) self.assertEqual(result, False) self.assertEqual(result.context, community) self.assertEqual(result.ace, (Deny, Everyone, ALL_PERMISSIONS)) @@ -116,128 +128,149 @@ self.assertEqual(result, False) self.assertEqual(result.ace, '<default deny>') self.assertEqual( - result.acl, - '<No ACL found on any object in resource lineage>') + result.acl, '<No ACL found on any object in resource lineage>' + ) def test_permits_string_permissions_in_acl(self): from pyramid.security import Allow + root = DummyContext() - root.__acl__ = [ - (Allow, 'wilma', 'view_stuff'), - ] + root.__acl__ = [(Allow, 'wilma', 'view_stuff')] policy = self._makeOne() result = policy.permits(root, ['wilma'], 'view') # would be True if matching against 'view_stuff' instead of against # ['view_stuff'] - self.assertEqual(result, False) + self.assertEqual(result, False) def test_principals_allowed_by_permission_direct(self): from pyramid.security import Allow from pyramid.security import DENY_ALL + context = DummyContext() - acl = [ (Allow, 'chrism', ('read', 'write')), - DENY_ALL, - (Allow, 'other', 'read') ] + acl = [ + (Allow, 'chrism', ('read', 'write')), + DENY_ALL, + (Allow, 'other', 'read'), + ] context.__acl__ = acl policy = self._makeOne() result = sorted( - policy.principals_allowed_by_permission(context, 'read')) + policy.principals_allowed_by_permission(context, 'read') + ) self.assertEqual(result, ['chrism']) def test_principals_allowed_by_permission_callable_acl(self): from pyramid.security import Allow from pyramid.security import DENY_ALL + context = DummyContext() - acl = lambda: [ (Allow, 'chrism', ('read', 'write')), - DENY_ALL, - (Allow, 'other', 'read') ] + acl = lambda: [ + (Allow, 'chrism', ('read', 'write')), + DENY_ALL, + (Allow, 'other', 'read'), + ] context.__acl__ = acl policy = self._makeOne() result = sorted( - policy.principals_allowed_by_permission(context, 'read')) + policy.principals_allowed_by_permission(context, 'read') + ) self.assertEqual(result, ['chrism']) - + def test_principals_allowed_by_permission_string_permission(self): from pyramid.security import Allow + context = DummyContext() - acl = [ (Allow, 'chrism', 'read_it')] + acl = [(Allow, 'chrism', 'read_it')] context.__acl__ = acl policy = self._makeOne() result = policy.principals_allowed_by_permission(context, 'read') # would be ['chrism'] if 'read' were compared against 'read_it' instead # of against ['read_it'] self.assertEqual(list(result), []) - + def test_principals_allowed_by_permission(self): from pyramid.security import Allow from pyramid.security import Deny from pyramid.security import DENY_ALL from pyramid.security import ALL_PERMISSIONS + root = DummyContext(__name__='', __parent__=None) community = DummyContext(__name__='community', __parent__=root) blog = DummyContext(__name__='blog', __parent__=community) - root.__acl__ = [ (Allow, 'chrism', ('read', 'write')), - (Allow, 'other', ('read',)), - (Allow, 'jim', ALL_PERMISSIONS)] - community.__acl__ = [ (Deny, 'flooz', 'read'), - (Allow, 'flooz', 'read'), - (Allow, 'mork', 'read'), - (Deny, 'jim', 'read'), - (Allow, 'someguy', 'manage')] - blog.__acl__ = [ (Allow, 'fred', 'read'), - DENY_ALL] + root.__acl__ = [ + (Allow, 'chrism', ('read', 'write')), + (Allow, 'other', ('read',)), + (Allow, 'jim', ALL_PERMISSIONS), + ] + community.__acl__ = [ + (Deny, 'flooz', 'read'), + (Allow, 'flooz', 'read'), + (Allow, 'mork', 'read'), + (Deny, 'jim', 'read'), + (Allow, 'someguy', 'manage'), + ] + blog.__acl__ = [(Allow, 'fred', 'read'), DENY_ALL] policy = self._makeOne() - + result = sorted(policy.principals_allowed_by_permission(blog, 'read')) self.assertEqual(result, ['fred']) - result = sorted(policy.principals_allowed_by_permission(community, - 'read')) + result = sorted( + policy.principals_allowed_by_permission(community, 'read') + ) self.assertEqual(result, ['chrism', 'mork', 'other']) - result = sorted(policy.principals_allowed_by_permission(community, - 'read')) + result = sorted( + policy.principals_allowed_by_permission(community, 'read') + ) result = sorted(policy.principals_allowed_by_permission(root, 'read')) self.assertEqual(result, ['chrism', 'jim', 'other']) def test_principals_allowed_by_permission_no_acls(self): context = DummyContext() policy = self._makeOne() - result = sorted(policy.principals_allowed_by_permission(context,'read')) + result = sorted( + policy.principals_allowed_by_permission(context, 'read') + ) self.assertEqual(result, []) def test_principals_allowed_by_permission_deny_not_permission_in_acl(self): from pyramid.security import Deny from pyramid.security import Everyone + context = DummyContext() - acl = [ (Deny, Everyone, 'write') ] + acl = [(Deny, Everyone, 'write')] context.__acl__ = acl policy = self._makeOne() result = sorted( - policy.principals_allowed_by_permission(context, 'read')) + policy.principals_allowed_by_permission(context, 'read') + ) self.assertEqual(result, []) def test_principals_allowed_by_permission_deny_permission_in_acl(self): from pyramid.security import Deny from pyramid.security import Everyone + context = DummyContext() - acl = [ (Deny, Everyone, 'read') ] + acl = [(Deny, Everyone, 'read')] context.__acl__ = acl policy = self._makeOne() result = sorted( - policy.principals_allowed_by_permission(context, 'read')) + policy.principals_allowed_by_permission(context, 'read') + ) self.assertEqual(result, []) def test_callable_acl(self): from pyramid.security import Allow + context = DummyContext() fn = lambda self: [(Allow, 'bob', 'read')] context.__acl__ = fn.__get__(context, context.__class__) policy = self._makeOne() result = policy.permits(context, ['bob'], 'read') self.assertTrue(result) - + class DummyContext: def __init__(self, *arg, **kw): @@ -256,4 +289,3 @@ MEMBER_PERMS = GUEST_PERMS + (EDIT, CREATE, DELETE) MODERATOR_PERMS = MEMBER_PERMS + (MODERATE,) ADMINISTRATOR_PERMS = MODERATOR_PERMS + (ADMINISTER,) - -- Gitblit v1.9.3