Backport `rolesForPermissionOn` fix from standalone AccessControl project

a3639de7 · Hanno Schlichting · 12632a55 · a3639de7 · a3639de7 · a3639de7
Commit a3639de7 authored Aug 23, 2012 by Hanno Schlichting
3 changed files
--- a/doc/CHANGES.rst
+++ b/doc/CHANGES.rst
@@ -8,6 +8,9 @@ http://docs.zope.org/zope2/releases/.
 2.12.24 (unreleased)
 --------------------

+- Fix a bug in ZopeSecurityPolicy.py. Global variable `rolesForPermissionOn`
+  could be overridden if `__role__` had custom rolesForPermissionOn.
+
 - Updated distributions:

  - zdaemon = 2.0.7

--- a/src/AccessControl/ZopeSecurityPolicy.py
+++ b/src/AccessControl/ZopeSecurityPolicy.py
@@ -52,9 +52,10 @@ def getRoles(container, name, value, default):

    if roles is None or isinstance(roles, tuple_or_list):
        return roles
-    
-    rolesForPermissionOn = getattr(roles, 'rolesForPermissionOn', None)
-    if rolesForPermissionOn is not None:
-        roles = rolesForPermissionOn(value)
+
+    # Do not override global variable `rolesForPermissionOn`.
+    roles_rolesForPermissionOn = getattr(roles, 'rolesForPermissionOn', None)
+    if roles_rolesForPermissionOn is not None:
+        roles = roles_rolesForPermissionOn(value)

    return roles
--- a/src/AccessControl/tests/testZopeSecurityPolicy.py
+++ b/src/AccessControl/tests/testZopeSecurityPolicy.py
@@ -10,13 +10,11 @@
 # FOR A PARTICULAR PURPOSE
 #
 ##############################################################################
-"""Tests of ZopeSecurityPolicy
-"""

-__rcs_id__='$Id$'
-__version__='$Revision: 1.10 $'[11:-2]
-
-import os, sys, unittest
+import os
+import sys
+import thread
+import unittest

 import ZODB
 try:
@@ -576,11 +574,61 @@ def test_zsp_gets_right_roles_for_methods():

 from doctest import DocTestSuite

+
+class GetRolesWithMultiThreadTest(unittest.TestCase):
+
+    def setUp(self):
+        self._original_check_interval = sys.getcheckinterval()
+        sys.setcheckinterval(1)
+
+    def tearDown(self):
+        sys.setcheckinterval(self._original_check_interval)
+
+    def testGetRolesWithMultiThread(self):
+        from AccessControl.ZopeSecurityPolicy import getRoles
+
+        class C(object):
+            pass
+
+        class V1(object):
+            class __roles__(object):
+                @staticmethod
+                def rolesForPermissionOn(ob):
+                    return ['Member']
+
+        class V2(object):
+            class __roles__(object):
+                @staticmethod
+                def rolesForPermissionOn(ob):
+                    return ['User']
+
+        c = C()
+        c.v1 = V1()
+        c.v2 = V2()
+
+        self.assertEqual(getRoles(c, None, c.v1, 42), ['Member'])
+        self.assertEqual(getRoles(c, None, c.v2, 42), ['User'])
+        mark = []
+
+        def loop():
+            while 1:
+                getRoles(c, None, c.v2, 42)
+                if len(mark) > 0:
+                    return
+        thread.start_new_thread(loop, ())
+        try:
+            for i in range(1000):
+                self.assertEqual(getRoles(c, None, c.v1, 42), ['Member'])
+        finally:
+            mark.append(None)
+
+
 def test_suite():
    suite = unittest.TestSuite()
    suite.addTest(unittest.makeSuite(Python_ZSPTests, 'test'))
    suite.addTest(unittest.makeSuite(C_ZSPTests, 'test'))
    suite.addTest(DocTestSuite())
+    suite.addTest(unittest.makeSuite(GetRolesWithMultiThreadTest))
    return suite

 def main():