svn_authz.py :  » Project-Management » Trac » Trac-0.11.7 » trac » versioncontrol » tests » Python Open Source

Home
Python Open Source
1.3.1.2 Python
2.Ajax
3.Aspect Oriented
4.Blog
5.Build
6.Business Application
7.Chart Report
8.Content Management Systems
9.Cryptographic
10.Database
11.Development
12.Editor
13.Email
14.ERP
15.Game 2D 3D
16.GIS
17.GUI
18.IDE
19.Installer
20.IRC
21.Issue Tracker
22.Language Interface
23.Log
24.Math
25.Media Sound Audio
26.Mobile
27.Network
28.Parser
29.PDF
30.Project Management
31.RSS
32.Search
33.Security
34.Template Engines
35.Test
36.UML
37.USB Serial
38.Web Frameworks
39.Web Server
40.Web Services
41.Web Unit
42.Wiki
43.Windows
44.XML
Python Open Source » Project Management » Trac 
Trac » Trac 0.11.7 » trac » versioncontrol » tests » svn_authz.py
from trac.versioncontrol import svn_authz

import unittest
import sys

def tests():
  """
  Subversion Authz File Permissions
  =================================
  
  Setup code
  ----------
  We'll use the ``make_auth`` method to create Authorizer objects
  for testing the use of authz files.  ``make_auth`` takes a module name
  and a string for the authz configuration contents.
  
  >>> from trac.versioncontrol.svn_authz import RealSubversionAuthorizer
  >>> from StringIO import StringIO
  >>> make_auth = lambda mod, cfg: RealSubversionAuthorizer(None,
  ...                   'user', mod, None, StringIO(cfg))
  
  
  Simple operation
  ----------------
  Returns 1 if no path is given:
      >>> int(make_auth('', '').has_permission(None))
      1
  
  By default read permission is not enabled:
      >>> int(make_auth('', '').has_permission('/'))
      0
  
  Read and Write Permissions
  ----------------------
  Trac is only concerned about read permissions.
      >>> a = make_auth('', '''
      ... [/readonly]
      ... user = r
      ... [/writeonly]
      ... user = w
      ... [/readwrite]
      ... user = rw
      ... [/empty]
      ... user = 
      ... ''')
  
  Permissions of 'r' or 'rw' will allow access:
      >>> int(a.has_permission('/readonly'))
      1
      >>> int(a.has_permission('/readwrite'))
      1
  
  If only 'w' permission is given, Trac does not allow access:
      >>> int(a.has_permission('/writeonly'))
      0
  
  And an empty permission does not give access:
      >>> int(a.has_permission('/empty'))
      0
  
  Trailing Slashes
  ----------------
  Checks all combinations of trailing slashes in the configuration
  or in the path parameter:
      >>> a = make_auth('', '''
      ... [/a]
      ... user = r
      ... [/b/]
      ... user = r
      ... ''')
      >>> int(a.has_permission('/a'))
      1
      >>> int(a.has_permission('/a/'))
      1
      >>> int(a.has_permission('/b'))
      1
      >>> int(a.has_permission('/b/'))
      1
  
  
  Module Usage
  ------------
  If a module name is specified, the rules used are specific to the module.
      >>> a = make_auth('module', '''
      ... [module:/a]
      ... user = r
      ... [other:/b]
      ... user = r
      ... ''')
      >>> int(a.has_permission('/a'))
      1
      >>> int(a.has_permission('/b'))
      0
  
  If a module is specified, but the configuration contains a non-module
  path, the non-module path can still apply:
      >>> int(make_auth('module', '''
      ... [/a]
      ... user = r
      ... ''').has_permission('/a'))
      1
  
  However, the module-specific rule will take precedence if both exist:
      >>> int(make_auth('module', '''
      ... [module:/a]
      ... user = 
      ... [/a]
      ... user = r
      ... ''').has_permission('/a'))
      0
  
  
  Groups and Wildcards
  --------------------
  Authz provides a * wildcard for matching any user:
      >>> int(make_auth('', '''
      ... [/a]
      ... * = r
      ... ''').has_permission('/a'))
      1
  
  Groups are specified in a separate section and used with an @ prefix:
      >>> int(make_auth('', '''
      ... [groups]
      ... grp = user
      ... [/a]
      ... @grp = r
      ... ''').has_permission('/a'))
      1

  Groups can also be members of other groups:
      >>> int(make_auth('', '''
      ... [groups]
      ... grp1 = user
      ... grp2 = @grp1
      ... [/a]
      ... @grp2 = r
      ... ''').has_permission('/a'))
      1

  Groups should not be defined cyclically, but they are handled appropriately
  to avoid infinite loops:
      >>> int(make_auth('', '''
      ... [groups]
      ... grp1 = @grp2
      ... grp2 = @grp3
      ... grp3 = @grp1, user
      ... [/a]
      ... @grp1 = r
      ... ''').has_permission('/a'))
      1
  
  If more than one group matches at the specific path, access is granted
  if any of the group rules allow access.
      >>> a = make_auth('', '''
      ... [groups]
      ... grp1 = user
      ... grp2 = user
      ... [/a]
      ... @grp1 = r
      ... @grp2 = 
      ... [/b]
      ... @grp1 = 
      ... @grp2 = r
      ... ''')
      >>> int(a.has_permission('/a'))
      1
      >>> int(a.has_permission('/b'))
      1
  
  
  Precedence
  ----------
  Precedence is user, group, then *:
      >>> a = make_auth('', '''
      ... [groups]
      ... grp = user
      ... [/a]
      ... @grp = r
      ... user = 
      ... [/b]
      ... * = r
      ... @grp = 
      ... ''')
  
  User specific permission overrides the group permission:
      >>> int(a.has_permission('/a'))
      0
  
  And group permission overrides the * permission:
      >>> int(a.has_permission('/b'))
      0
  
  The most specific matching path takes precedence:
      >>> a = make_auth('', '''
      ... [/]
      ... * = r
      ... [/b]
      ... user = 
      ... ''')
      >>> int(a.has_permission('/'))
      1
      >>> int(a.has_permission('/a'))
      1
      >>> int(a.has_permission('/b'))
      0
  
  Changeset Permissions
  ---------------------
  A test should go here for the changeset permissions.
  """

def suite():
    try:
        from doctest import DocTestSuite
        return DocTestSuite(sys.modules[__name__])
    except ImportError:
        print>>sys.stderr, "WARNING: DocTestSuite required to run these tests"
    return unittest.TestSuite()

if __name__ == '__main__':
    runner = unittest.TextTestRunner()
    runner.run(suite())

www.java2java.com | Contact Us
Copyright 2009 - 12 Demo Source and Support. All rights reserved.
All other trademarks are property of their respective owners.