Split out ZMI related parts of user folders and move it to OFS

128c6215 · Hanno Schlichting · bb0df0df · 128c6215 · 128c6215 · 128c6215
Commit 128c6215 authored Jun 19, 2010 by Hanno Schlichting
18 changed files
--- a/src/AccessControl/User.py
+++ b/src/AccessControl/User.py
@@ -34,6 +34,12 @@ from .users import absattr
 from .users import reqattr
 from .users import UnrestrictedUser as Super

-from .userfolder import BasicUserFolder
-from .userfolder import UserFolder
-from .userfolder import manage_addUserFolder
+
+from zope.deferredimport import deprecated
+deprecated("User folders are no longer part of AccessControl, please depend "
+           "on Zope2 and import from OFS.userfolder or use the new minimal "
+           "user folder classes from AccessControl.userfolder.",
+    BasicUserFolder = 'OFS.userfolder:BasicUserFolder',
+    manage_addUserFolder = 'OFS.userfolder:manage_addUserFolder',
+    UserFolder = 'OFS.userfolder:UserFolder',
+)
--- a/src/AccessControl/interfaces.py
+++ b/src/AccessControl/interfaces.py
@@ -197,6 +197,7 @@ class IRoleManager(IPermissionMappingSupport):
            'disallowed_permissions' -> all other permissions 
        """

+
 class IStandardUserFolder(Interface):

    def getUser(name):
@@ -213,6 +214,7 @@ class IStandardUserFolder(Interface):
        """Get a sequence of names of the users which reside in the user folder.
        """

+
 class ISecurityPolicy(Interface):
    """Plug-in policy for checking access to objects within untrusted code.
    """

--- a/src/AccessControl/tests/testOwned.py
+++ b/src/AccessControl/tests/testOwned.py
@@ -197,7 +197,7 @@ class OwnershipChangeTests(unittest.TestCase):

    def setUp(self):
        from AccessControl.owner import UnownableOwner
-        from AccessControl.User import UserFolder
+        from AccessControl.userfolder import UserFolder
        super(OwnershipChangeTests, self).setUp()

        self.root = FauxRoot()

--- a/src/AccessControl/tests/testZopeSecurityPolicy.py
+++ b/src/AccessControl/tests/testZopeSecurityPolicy.py
@@ -167,8 +167,8 @@ class ZopeSecurityPolicyTestBase(unittest.TestCase):
        uf = UserFolder()
        a.acl_users = uf
        self.uf = a.acl_users
-        uf._addUser('joe', 'password', 'password', user_roles, ())
-        uf._addUser('theowner', 'password', 'password', eo_roles, ())
+        uf._doAddUser('joe', 'password', user_roles, ())
+        uf._doAddUser('theowner', 'password', eo_roles, ())
        user = uf.getUserById('joe')
        self.user = user
        context = SecurityContext(user)
@@ -307,8 +307,8 @@ class ZopeSecurityPolicyTestBase(unittest.TestCase):
        self.a.subobject = ImplictAcqObject()
        subobject = self.a.subobject
        subobject.acl_users = UserFolder()
-        subobject.acl_users._addUser('theowner', 'password', 'password', 
-                                      eo_roles + sysadmin_roles, ())
+        subobject.acl_users._doAddUser('theowner', 'password', 
+                                       eo_roles + sysadmin_roles, ())
        subobject.r_item = RestrictedSimpleItem()
        r_subitem = subobject.r_item
        r_subitem.owned_setuid_m = OwnedSetuidMethod()
@@ -353,8 +353,8 @@ class ZopeSecurityPolicyTestBase(unittest.TestCase):
        self.a.subobject = ImplictAcqObject()
        subobject = self.a.subobject
        subobject.acl_users = UserFolder()
-        subobject.acl_users._addUser('theowner', 'password', 'password', 
-                                      eo_roles + sysadmin_roles, ())
+        subobject.acl_users._doAddUser('theowner', 'password',
+                                       eo_roles + sysadmin_roles, ())
        subobject.item = UnprotectedSimpleItem()
        subitem = subobject.item
        subitem.owned_setuid_m = OwnedSetuidMethod()

--- a/src/AccessControl/tests/test_userfolder.py
+++ b/src/AccessControl/tests/test_userfolder.py
+##############################################################################
+#
+# Copyright (c) 2002 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+""" Unit tests for AccessControl.User
+"""
+import unittest
+
+# TODO class Test_readUserAccessFile(unittest.TestCase)
+
+
+# TODO class BasicUserFoldertests(unittest.TestCase)
+
+
+class UserFolderTests(unittest.TestCase):
+
+    def setUp(self):
+        import transaction
+        transaction.begin()
+
+    def tearDown(self):
+        import transaction
+        from AccessControl.SecurityManagement import noSecurityManager
+        noSecurityManager()
+        transaction.abort()
+
+    def _getTargetClass(self):
+        from AccessControl.userfolder import UserFolder
+        return UserFolder
+
+    def _makeOne(self):
+        uf = self._getTargetClass()()
+        uf._doAddUser('user1', 'secret', ['role1'], [])
+        return uf
+
+    def _makeBasicAuthToken(self, creds='user1:secret'):
+        import base64
+        return 'Basic %s' % base64.encodestring(creds)
+
+    def _login(self, uf, name):
+        from AccessControl.SecurityManagement import newSecurityManager
+        user = uf.getUserById(name)
+        user = user.__of__(uf)
+        newSecurityManager(None, user)
+
+    def test_class_conforms_to_IStandardUserFolder(self):
+        from AccessControl.interfaces import IStandardUserFolder
+        from zope.interface.verify import verifyClass
+        verifyClass(IStandardUserFolder, self._getTargetClass())
+
+    def testGetUser(self):
+        uf = self._makeOne()
+        self.failIfEqual(uf.getUser('user1'), None)
+
+    def testGetBadUser(self):
+        uf = self._makeOne()
+        self.assertEqual(uf.getUser('user2'), None)
+
+    def testGetUserById(self):
+        uf = self._makeOne()
+        self.failIfEqual(uf.getUserById('user1'), None)
+
+    def testGetBadUserById(self):
+        uf = self._makeOne()
+        self.assertEqual(uf.getUserById('user2'), None)
+
+    def testGetUsers(self):
+        uf = self._makeOne()
+        users = uf.getUsers()
+        self.failUnless(users)
+        self.assertEqual(users[0].getUserName(), 'user1')
+
+    def testGetUserNames(self):
+        uf = self._makeOne()
+        names = uf.getUserNames()
+        self.failUnless(names)
+        self.assertEqual(names[0], 'user1')
+
+    def testIdentify(self):
+        uf = self._makeOne()
+        name, password = uf.identify(self._makeBasicAuthToken())
+        self.assertEqual(name, 'user1')
+        self.assertEqual(password, 'secret')
+
+    def testGetRoles(self):
+        uf = self._makeOne()
+        user = uf.getUser('user1')
+        self.failUnless('role1' in user.getRoles())
+
+    def testMaxListUsers(self):
+        # create a folder-ish thing which contains a roleManager,
+        # then put an acl_users object into the folde-ish thing
+        from AccessControl.userfolder import BasicUserFolder
+
+        class Folderish(BasicUserFolder):
+            def __init__(self, size, count):
+                self.maxlistusers = size
+                self.users = []
+                self.acl_users = self
+                self.__allow_groups__ = self
+                for i in xrange(count):
+                    self.users.append("Nobody")
+
+            def getUsers(self):
+                return self.users
+
+            def user_names(self):
+                return self.getUsers()
+
+
+        tinyFolderOver = Folderish(15, 20)
+        tinyFolderUnder = Folderish(15, 10)
+
+        assert tinyFolderOver.maxlistusers == 15
+        assert tinyFolderUnder.maxlistusers == 15
+        assert len(tinyFolderOver.user_names()) == 20
+        assert len(tinyFolderUnder.user_names()) == 10
+
+        try:
+            list = tinyFolderOver.get_valid_userids()
+            assert 0, "Did not raise overflow error"
+        except OverflowError:
+            pass
+
+        try:
+            list = tinyFolderUnder.get_valid_userids()
+            pass
+        except OverflowError:
+            assert 0, "Raised overflow error erroneously"
+
+    def test__doAddUser_with_not_yet_encrypted_passwords(self):
+        # See collector #1869 && #1926
+        from AccessControl.AuthEncoding import pw_validate
+
+        USER_ID = 'not_yet_encrypted'
+        PASSWORD = 'password'
+
+        uf = self._makeOne()
+        uf.encrypt_passwords = True
+        self.failIf(uf._isPasswordEncrypted(PASSWORD))
+
+        uf._doAddUser(USER_ID, PASSWORD, [], [])
+        user = uf.getUserById(USER_ID)
+        self.failUnless(uf._isPasswordEncrypted(user.__))
+        self.failUnless(pw_validate(user.__, PASSWORD))
+
+    def test__doAddUser_with_preencrypted_passwords(self):
+        # See collector #1869 && #1926
+        from AccessControl.AuthEncoding import pw_validate
+
+        USER_ID = 'already_encrypted'
+        PASSWORD = 'password'
+
+        uf = self._makeOne()
+        uf.encrypt_passwords = True
+        ENCRYPTED = uf._encryptPassword(PASSWORD)
+
+        uf._doAddUser(USER_ID, ENCRYPTED, [], [])
+        user = uf.getUserById(USER_ID)
+        self.assertEqual(user.__, ENCRYPTED)
+        self.failUnless(uf._isPasswordEncrypted(user.__))
+        self.failUnless(pw_validate(user.__, PASSWORD))
+
+
+def test_suite():
+    suite = unittest.TestSuite()
+    suite.addTest(unittest.makeSuite(UserFolderTests))
+    return suite
--- a/src/AccessControl/userfolder.py
+++ b/src/AccessControl/userfolder.py
--- a/src/OFS/Application.py
+++ b/src/OFS/Application.py
@@ -27,13 +27,13 @@ import transaction
 from AccessControl import ClassSecurityInfo
 from AccessControl.class_init import InitializeClass
 from AccessControl.Permission import ApplicationDefaultPermissions
-from AccessControl.User import UserFolder
 from Acquisition import aq_base
 from App.ApplicationManager import ApplicationManager
 from App.config import getConfiguration
 from App.Product import doInstall
 from DateTime import DateTime
 from HelpSys.HelpSys import HelpSys
+from OFS.userfolder import UserFolder
 from Persistence import Persistent
 from webdav.NullResource import NullResource
 from zExceptions import Redirect as RedirectException, Forbidden

--- a/src/AccessControl/dtml/addUser.dtml
+++ b/src/AccessControl/dtml/addUser.dtml
--- a/src/AccessControl/dtml/editUser.dtml
+++ b/src/AccessControl/dtml/editUser.dtml
--- a/src/AccessControl/dtml/mainUser.dtml
+++ b/src/AccessControl/dtml/mainUser.dtml
--- a/src/AccessControl/dtml/userFolderProps.dtml
+++ b/src/AccessControl/dtml/userFolderProps.dtml
--- a/src/OFS/role.py
+++ b/src/OFS/role.py
@@ -10,8 +10,9 @@
 # FOR A PARTICULAR PURPOSE
 #
 ##############################################################################
-"""Access control support
+"""Role manager
 """
+
 from cgi import escape

 from App.Dialogs import MessageDialog

--- a/src/OFS/tests/testUserFolder.py
+++ b/src/OFS/tests/testUserFolder.py
@@ -10,7 +10,7 @@
 # FOR A PARTICULAR PURPOSE.
 #
 ##############################################################################
-""" Unit tests for AccessControl.User
+""" Unit tests for OFS.userfolder
 """
 import unittest

@@ -33,7 +33,7 @@ class UserFolderTests(unittest.TestCase):
        transaction.abort()

    def _getTargetClass(self):
-        from AccessControl.User import UserFolder
+        from OFS.userfolder import UserFolder
        return UserFolder

    def _makeOne(self, app=None):
@@ -74,45 +74,6 @@ class UserFolderTests(unittest.TestCase):
        from zope.interface.verify import verifyClass
        verifyClass(IStandardUserFolder, self._getTargetClass())

-    def testGetUser(self):
-        uf = self._makeOne()
-        self.failIfEqual(uf.getUser('user1'), None)
-
-    def testGetBadUser(self):
-        uf = self._makeOne()
-        self.assertEqual(uf.getUser('user2'), None)
-
-    def testGetUserById(self):
-        uf = self._makeOne()
-        self.failIfEqual(uf.getUserById('user1'), None)
-
-    def testGetBadUserById(self):
-        uf = self._makeOne()
-        self.assertEqual(uf.getUserById('user2'), None)
-
-    def testGetUsers(self):
-        uf = self._makeOne()
-        users = uf.getUsers()
-        self.failUnless(users)
-        self.assertEqual(users[0].getUserName(), 'user1')
-
-    def testGetUserNames(self):
-        uf = self._makeOne()
-        names = uf.getUserNames()
-        self.failUnless(names)
-        self.assertEqual(names[0], 'user1')
-
-    def testIdentify(self):
-        uf = self._makeOne()
-        name, password = uf.identify(self._makeBasicAuthToken())
-        self.assertEqual(name, 'user1')
-        self.assertEqual(password, 'secret')
-
-    def testGetRoles(self):
-        uf = self._makeOne()
-        user = uf.getUser('user1')
-        self.failUnless('role1' in user.getRoles())
-
    def testGetRolesInContext(self):
        app = self._makeApp()
        uf = self._makeOne(app)
@@ -208,80 +169,6 @@ class UserFolderTests(unittest.TestCase):
        app = self._makeApp()
        self.assertRaises(Unauthorized, app.restrictedTraverse, 'doc')

-    def testMaxListUsers(self):
-        # create a folder-ish thing which contains a roleManager,
-        # then put an acl_users object into the folde-ish thing
-        from AccessControl.User import BasicUserFolder
-
-        class Folderish(BasicUserFolder):
-            def __init__(self, size, count):
-                self.maxlistusers = size
-                self.users = []
-                self.acl_users = self
-                self.__allow_groups__ = self
-                for i in xrange(count):
-                    self.users.append("Nobody")
-
-            def getUsers(self):
-                return self.users
-
-            def user_names(self):
-                return self.getUsers()
-
-
-        tinyFolderOver = Folderish(15, 20)
-        tinyFolderUnder = Folderish(15, 10)
-
-        assert tinyFolderOver.maxlistusers == 15
-        assert tinyFolderUnder.maxlistusers == 15
-        assert len(tinyFolderOver.user_names()) == 20
-        assert len(tinyFolderUnder.user_names()) == 10
-
-        try:
-            list = tinyFolderOver.get_valid_userids()
-            assert 0, "Did not raise overflow error"
-        except OverflowError:
-            pass
-
-        try:
-            list = tinyFolderUnder.get_valid_userids()
-            pass
-        except OverflowError:
-            assert 0, "Raised overflow error erroneously"
-
-    def test__doAddUser_with_not_yet_encrypted_passwords(self):
-        # See collector #1869 && #1926
-        from AccessControl.AuthEncoding import pw_validate
-
-        USER_ID = 'not_yet_encrypted'
-        PASSWORD = 'password'
-
-        uf = self._makeOne()
-        uf.encrypt_passwords = True
-        self.failIf(uf._isPasswordEncrypted(PASSWORD))
-
-        uf._doAddUser(USER_ID, PASSWORD, [], [])
-        user = uf.getUserById(USER_ID)
-        self.failUnless(uf._isPasswordEncrypted(user.__))
-        self.failUnless(pw_validate(user.__, PASSWORD))
-
-    def test__doAddUser_with_preencrypted_passwords(self):
-        # See collector #1869 && #1926
-        from AccessControl.AuthEncoding import pw_validate
-
-        USER_ID = 'already_encrypted'
-        PASSWORD = 'password'
-
-        uf = self._makeOne()
-        uf.encrypt_passwords = True
-        ENCRYPTED = uf._encryptPassword(PASSWORD)
-
-        uf._doAddUser(USER_ID, ENCRYPTED, [], [])
-        user = uf.getUserById(USER_ID)
-        self.assertEqual(user.__, ENCRYPTED)
-        self.failUnless(uf._isPasswordEncrypted(user.__))
-        self.failUnless(pw_validate(user.__, PASSWORD))
-

 def test_suite():
    suite = unittest.TestSuite()

--- a/src/OFS/userfolder.py
+++ b/src/OFS/userfolder.py
--- a/src/Products/OFSP/__init__.py
+++ b/src/Products/OFSP/__init__.py
@@ -14,7 +14,7 @@ __doc__='''Object system core
 $Id$'''
 __version__='$Revision: 1.38 $'[11:-2]

-import OFS.Image, OFS.Folder, AccessControl.User
+import OFS.Image, OFS.Folder, OFS.userfolder
 import OFS.DTMLMethod, OFS.DTMLDocument, OFS.PropertySheets
 import OFS.OrderedFolder

@@ -79,10 +79,10 @@ def initialize(context):
        )

    context.registerClass(
-        AccessControl.User.UserFolder,
-        constructors=(AccessControl.User.manage_addUserFolder,),
+        OFS.userfolder.UserFolder,
+        constructors=(OFS.userfolder.manage_addUserFolder,),
        icon='images/UserFolder_icon.gif',
-        legacy=(AccessControl.User.manage_addUserFolder,),
+        legacy=(OFS.userfolder.manage_addUserFolder,),
        )

    context.registerHelp()

--- a/src/Testing/ZopeTestCase/ZopeTestCase.py
+++ b/src/Testing/ZopeTestCase/ZopeTestCase.py
@@ -71,7 +71,7 @@ class ZopeTestCase(base.TestCase):

    def _setupUserFolder(self):
        '''Creates the user folder.'''
-        from AccessControl.User import manage_addUserFolder
+        from OFS.userfolder import manage_addUserFolder
        manage_addUserFolder(self.folder)

    def _setupUser(self):

--- a/src/Testing/ZopeTestCase/testPortalTestCase.py
+++ b/src/Testing/ZopeTestCase/testPortalTestCase.py
@@ -406,7 +406,7 @@ class TestPortalTestCase(ZopeTestCase.PortalTestCase):
        self.assertEqual(lhs, rhs)


-from AccessControl.User import UserFolder
+from OFS.userfolder import UserFolder

 class WrappingUserFolder(UserFolder):
    '''User folder returning wrapped user objects'''

--- a/src/Testing/ZopeTestCase/testZopeTestCase.py
+++ b/src/Testing/ZopeTestCase/testZopeTestCase.py
@@ -349,7 +349,7 @@ class TestZopeTestCase(ZopeTestCase.ZopeTestCase):
        self.assertEqual(lhs, rhs)


-from AccessControl.User import UserFolder
+from OFS.userfolder import UserFolder
 from Acquisition import aq_inner, aq_parent, aq_chain

 class WrappingUserFolder(UserFolder):