Commit aa6c5455 authored by Hanno Schlichting's avatar Hanno Schlichting

Avoid a dependency on PythonScripts in ZopeTestCase

parent f693e300
......@@ -20,8 +20,6 @@ $Id$
from Testing import ZopeTestCase
ZopeTestCase.installProduct('PythonScripts')
from Testing.ZopeTestCase import user_name
from Testing.ZopeTestCase import user_password
......@@ -48,10 +46,6 @@ class TestFunctional(ZopeTestCase.FunctionalTestCase):
self.folder.addDTMLDocument('secret_html', file='secret')
self.folder.secret_html.manage_permission(view, ['Owner'])
# A Python Script performing integer computation
self.folder.manage_addProduct['PythonScripts'].manage_addPythonScript('script')
self.folder.script.ZPythonScript_edit(params='a=0', body='return a+1')
# A method redirecting to the Zope root
redirect = '''<dtml-call "RESPONSE.redirect('%s')">''' % self.app.absolute_url()
self.folder.addDTMLMethod('redirect', file=redirect)
......@@ -74,20 +68,6 @@ class TestFunctional(ZopeTestCase.FunctionalTestCase):
self.assertEqual(response.getStatus(), 200)
self.assertEqual(response.getBody(), 'index')
def testPublishScript(self):
response = self.publish(self.folder_path+'/script')
self.assertEqual(response.getStatus(), 200)
self.assertEqual(response.getBody(), '1')
def testPublishScriptWithArgument(self):
response = self.publish(self.folder_path+'/script?a:int=2')
self.assertEqual(response.getStatus(), 200)
self.assertEqual(response.getBody(), '3')
def testServerError(self):
response = self.publish(self.folder_path+'/script?a=2')
self.assertEqual(response.getStatus(), 500)
def testUnauthorized(self):
response = self.publish(self.folder_path+'/secret_html')
self.assertEqual(response.getStatus(), 401)
......@@ -191,7 +171,7 @@ class TestFunctional(ZopeTestCase.FunctionalTestCase):
self.assertEqual(getSecurityManager().getUser().getId(), user_name)
self.folder.acl_users.userFolderAddUser('barney', 'secret', [], [])
response = self.publish(self.folder_path, basic='barney:secret')
self.publish(self.folder_path, basic='barney:secret')
self.assertEqual(getSecurityManager().getUser().getId(), user_name)
......
##############################################################################
#
# Copyright (c) 2005 Zope Foundation and Contributors.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""Example ZopeTestCase testing a PythonScript in the default fixture
This test module demonstrates the security API of ZopeTestCase.
Note that you are encouraged to call any of the following methods to
modify the test user's security credentials:
setRoles()
setPermissions()
login()
logout()
$Id$
"""
from Testing import ZopeTestCase
ZopeTestCase.installProduct('PythonScripts')
from AccessControl import Unauthorized
from AccessControl import getSecurityManager
access_permissions = ['View management screens']
change_permissions = ['Change Python Scripts']
ps_params1 = 'a=1'
ps_body1 = 'return a'
ps_params2 = 'a'
ps_body2 = 'return a+1'
class TestPythonScript(ZopeTestCase.ZopeTestCase):
'''Tries various things allowed by the ZopeTestCase API.'''
def afterSetUp(self):
'''Adds a PythonScript object to the default fixture'''
dispatcher = self.folder.manage_addProduct['PythonScripts']
dispatcher.manage_addPythonScript('ps')
self.ps = self.folder['ps']
self.ps.ZPythonScript_edit(ps_params1, ps_body1)
# Test the setup
def testSetup(self):
# The PythonScript should exist and be properly set up
self.failUnless(hasattr(self.folder, 'ps'))
self.assertEqual(self.ps.body(), ps_body1+'\n')
self.assertEqual(self.ps.params(), ps_params1)
owner = self.ps.getOwner()
self.assertEqual(owner.getUserName(), ZopeTestCase.user_name)
# Test the script(s)
def testCanCallScript1WithArgument(self):
# PythonScript should return 2
self.assertEqual(self.ps(2), 2)
def testCanCallScript1WithoutArgument(self):
# PythonScript should return 1
self.assertEqual(self.ps(), 1)
def testCanCallScript2WithArgument(self):
# PythonScript should return 2
self.ps.ZPythonScript_edit(ps_params2, ps_body2)
self.assertEqual(self.ps(1), 2)
def testCannotCallScript2WithoutArgument(self):
# PythonScript should raise a TypeError if called without arguments
self.ps.ZPythonScript_edit(ps_params2, ps_body2)
self.assertRaises(TypeError, self.ps, ())
# Test access protection with restrictedTraverse
def testCannotAccessWithoutAccessPermission(self):
# manage_main should be protected
self.assertRaises(Unauthorized, self.ps.restrictedTraverse, 'manage_main')
def testCanAccessWithAccessPermission(self):
# manage_main should be accessible if we have the necessary permissions
self.setPermissions(access_permissions)
try:
self.ps.restrictedTraverse('manage_main')
except Unauthorized:
self.fail('Access to manage_main was denied')
def testCannotAccessIfAnonymous(self):
# manage_main should be protected from Anonymous
self.logout()
self.assertRaises(Unauthorized, self.ps.restrictedTraverse, 'manage_main')
def testCanAccessIfManager(self):
# manage_main should be accessible to Manager
self.setRoles(['Manager'])
try:
self.ps.restrictedTraverse('manage_main')
except Unauthorized:
self.fail('Access to manage_main was denied to Manager')
# Test access protection with SecurityManager
def testCannotAccessWithoutAccessPermissionSecurityManager(self):
# manage_main should be protected
self.assertRaises(Unauthorized, getSecurityManager().validate,
self.ps, self.ps, 'manage_main', self.ps.manage_main)
def testCanAccessWithAccessPermissionSecurityManager(self):
# manage_main should be accessible if we have the necessary permissions
self.setPermissions(access_permissions)
try:
getSecurityManager().validate(self.ps, self.ps, 'manage_main', self.ps.manage_main)
except Unauthorized:
self.fail('Access to manage_main was denied')
def testCannotAccessIfAnonymousSecurityManager(self):
# manage_main should be protected from Anonymous
self.logout()
self.assertRaises(Unauthorized, getSecurityManager().validate,
self.ps, self.ps, 'manage_main', self.ps.manage_main)
def testCanAccessIfManagerSecurityManager(self):
# manage_main should be accessible to Manager
self.setRoles(['Manager'])
try:
getSecurityManager().validate(self.ps, self.ps, 'manage_main', self.ps.manage_main)
except Unauthorized:
self.fail('Access to manage_main was denied to Manager')
# Test edit protection with restrictedTraverse
def testCannotEditWithoutChangePermission(self):
# PythonScript should not be editable
try:
self.ps.restrictedTraverse('ZPythonScript_edit')(ps_params2, ps_body2)
except Unauthorized:
pass # Test passed
else:
self.assertEqual(self.ps.body(), ps_body2+'\n',
'ZPythonScript_edit was not protected')
self.assertEqual(self.ps.body(), ps_body1+'\n',
'ZPythonScript_edit was protected but no exception was raised')
def testCanEditWithChangePermission(self):
# PythonScript should be editable if we have the necessary permissions
self.setPermissions(change_permissions)
try:
self.ps.restrictedTraverse('ZPythonScript_edit')(ps_params2, ps_body2)
except Unauthorized:
self.fail('Access to ZPythonScript_edit was denied')
else:
self.assertEqual(self.ps.body(), ps_body2+'\n')
self.assertEqual(self.ps.params(), ps_params2)
def testCannotEditIfAnonymous(self):
# PythonScript should not be editable by Anonymous
self.logout()
try:
self.ps.restrictedTraverse('ZPythonScript_edit')(ps_params2, ps_body2)
except Unauthorized:
pass # Test passed
else:
self.assertEqual(self.ps.body(), ps_body2+'\n',
'ZPythonScript_edit was not protected')
self.assertEqual(self.ps.body(), ps_body1+'\n',
'ZPythonScript_edit was protected but no exception was raised')
def testCanEditIfManager(self):
# PythonScript should be editable by Manager
self.setRoles(['Manager'])
try:
self.ps.restrictedTraverse('ZPythonScript_edit')(ps_params2, ps_body2)
except Unauthorized:
self.fail('Access to ZPythonScript_edit was denied to Manager')
else:
self.assertEqual(self.ps.body(), ps_body2+'\n')
self.assertEqual(self.ps.params(), ps_params2)
def test_suite():
from unittest import TestSuite, makeSuite
suite = TestSuite()
suite.addTest(makeSuite(TestPythonScript))
return suite
......@@ -86,36 +86,6 @@ Test Publish Document
<BLANKLINE>
index
Test Publish Script
>>> print http(r"""
... GET /test_folder_1_/script HTTP/1.1
... """, handle_errors=False)
HTTP/1.1 200 OK
Content-Length: 1
Content-Type: text/plain; charset=...
<BLANKLINE>
1
Test Publish Script with Argument
>>> print http(r"""
... GET /test_folder_1_/script?a:int=2 HTTP/1.1
... """, handle_errors=False)
HTTP/1.1 200 OK
Content-Length: 1
Content-Type: text/plain; charset=...
<BLANKLINE>
3
Test Server Error
>>> print http(r"""
... GET /test_folder_1_/script?a=2 HTTP/1.1
... """, handle_errors=True)
HTTP/1.1 500 Internal Server Error
...Content-Type: text/html...TypeError...
Test parameter containing an additional '?'
>>> print http(r"""
......
......@@ -14,11 +14,9 @@
"""
import unittest
from Testing.ZopeTestCase import installProduct
from Testing.ZopeTestCase import FunctionalDocTestSuite
from Testing.ZopeTestCase import FunctionalDocFileSuite
installProduct('PythonScripts')
class HTTPHeaderOutputTests(unittest.TestCase):
......@@ -108,9 +106,6 @@ def setUp(self):
'''
self.folder.addDTMLDocument('index_html', file='index')
self.folder.manage_addProduct['PythonScripts'].manage_addPythonScript('script')
self.folder.script.ZPythonScript_edit(params='a=0', body='return a+1')
change_title = '''<dtml-call "manage_changeProperties(title=REQUEST.get('title'))">'''
self.folder.addDTMLMethod('change_title', file=change_title)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment