changeset 4742:47c0ada5c1a2

Add security tests for hierarchic acl processing. The tests fail.
author Christopher Denter <moin GUESSWHAT the DASH space DASH station ROUNDTHING com>
date Tue, 09 Jun 2009 00:44:00 +0200
parents e9a2cbcf5479
children 897cdbe9e8f2
files MoinMoin/security/_tests/test_security.py
diffstat 1 files changed, 6 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/security/_tests/test_security.py	Thu May 21 16:38:16 2009 +0200
+++ b/MoinMoin/security/_tests/test_security.py	Tue Jun 09 00:44:00 2009 +0200
@@ -255,10 +255,14 @@
     acls_after = u"All:read"
     mainpage_name = u'AclTestMainPage'
     subpage_name = u'AclTestMainPage/SubPage'
+    item_rwforall = u'EveryoneMayReadWriteMe'
+    subitem_4boss = u'EveryoneMayReadWriteMe/OnlyTheBossMayWMe'
     pages = [
         # pagename, content
         (mainpage_name, u"#acl JoeDoe: JaneDoe:read,write\nFoo!"),
         (subpage_name, u"FooFoo!"),
+        (item_rwforall, u"#acl All:read,write\nMay be read from and written to by anyone"),
+        (subitem_4boss, u"#acl JoeDoe:read,write\nOnly JoeDoe (the boss) may write"),
     ]
 
     def setup_class(self):
@@ -316,6 +320,8 @@
             (True,  self.subpage_name, u'JoeDoe', []), # by inherited acl from main page
             (False, self.subpage_name, u'JaneDoe', ['read', 'write']), # by default acl
             (True,  self.subpage_name, u'JaneDoe', ['read', 'write']), # by inherited acl from main page
+            (True,  self.subitem_4boss, u'AnyUser', ['read']), # by after acl
+            (True,  self.subitem_4boss, u'JoeDoe', ['read', 'write']), # by item acl
         ]
 
         for hierarchic, pagename, username, may in tests: