changeset 252:136a5245d05b

acl code/tests: meta ACL value is a unicode object, do not use bytestrings in tests, remove code that supports it being a list or tuple
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Sun, 05 Jun 2011 12:58:14 +0200
parents 4654343b5abd
children 37c117ad8f7e 1de89cc3a6bd
files MoinMoin/storage/_tests/test_middleware_acl.py MoinMoin/storage/backends/acl.py
diffstat 2 files changed, 15 insertions(+), 13 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/storage/_tests/test_middleware_acl.py	Thu Jun 02 20:21:13 2011 +0200
+++ b/MoinMoin/storage/_tests/test_middleware_acl.py	Sun Jun 05 12:58:14 2011 +0200
@@ -45,7 +45,7 @@
 
     def test_noaccess(self):
         name = u"noaccess"
-        self.create_item_acl(name, "All:")
+        self.create_item_acl(name, u"All:")
         assert py.test.raises(AccessDeniedError, self.get_item, name)
 
     def test_create_item(self):
@@ -56,7 +56,7 @@
         backend = flaskg.storage
         assert py.test.raises(AccessDeniedError, backend.create_item, u"I will never exist")
 
-        item = self.create_item_acl(u"i will exist!", "All:read,write")
+        item = self.create_item_acl(u"i will exist!", u"All:read,write")
         rev = item.create_revision(1)
         data = "my very existent data"
         rev.write(data)
@@ -65,7 +65,7 @@
 
     def test_read_access_allowed(self):
         name = u"readaccessallowed"
-        self.create_item_acl(name, "All:read")
+        self.create_item_acl(name, u"All:read")
         # Should simply pass...
         item = self.get_item(name)
 
@@ -75,12 +75,12 @@
 
     def test_write_after_create(self):
         name = u"writeaftercreate"
-        item = self.create_item_acl(name, "All:")
+        item = self.create_item_acl(name, u"All:")
         assert py.test.raises(AccessDeniedError, item.create_revision, 1)
 
     def test_modify_without_acl_change(self):
         name = u"copy_without_acl_change"
-        acl = "All:read,write"
+        acl = u"All:read,write"
         self.create_item_acl(name, acl)
         item = self.get_item(name)
         rev = item.create_revision(1)
@@ -90,15 +90,16 @@
 
     def test_copy_with_acl_change(self):
         name = u"copy_with_acl_change"
-        acl = "All:read,write"
+        acl = u"All:read,write"
         self.create_item_acl(name, acl)
         item = self.get_item(name)
         rev = item.create_revision(1)
-        py.test.raises(AccessDeniedError, rev.__setitem__, ACL, acl + ",write")
+        # without admin rights it is disallowed to change ACL
+        py.test.raises(AccessDeniedError, rev.__setitem__, ACL, acl + u",destroy")
 
     def test_write_without_read(self):
         name = u"write_but_not_read"
-        acl = "All:write"
+        acl = u"All:write"
         item = flaskg.storage.create_item(name)
         rev = item.create_revision(0)
         rev[ACL] = acl
--- a/MoinMoin/storage/backends/acl.py	Thu Jun 02 20:21:13 2011 +0200
+++ b/MoinMoin/storage/backends/acl.py	Sun Jun 05 12:58:14 2011 +0200
@@ -168,14 +168,15 @@
             item = self.backend.get_item(itemname)
             # we always use the ACLs set on the latest revision:
             current_rev = item.get_revision(-1)
-            acls = current_rev[ACL]
+            acl = current_rev[ACL]
+            if not isinstance(acl, unicode):
+                raise TypeError("%s metadata has unsupported type: %r" % (ACL, acl))
+            acls = [acl, ]
         except (NoSuchItemError, NoSuchRevisionError, KeyError):
             # do not use default acl here
             acls = []
-        if not isinstance(acls, (tuple, list)):
-            acls = (acls, )
         default = self.default.default
-        return ContentACL(self.cfg, acls, default=default, valid=self.valid)
+        return ContentACL(self.cfg, tuple(acls), default=default, valid=self.valid)
 
     def _may(self, itemname, right, username=None):
         """ Check if username may have <right> access on item <itemname>.
@@ -482,7 +483,7 @@
                 last_rev = self._item.get_revision(-1)
                 last_acl = last_rev[ACL]
             except (NoSuchRevisionError, KeyError):
-                last_acl = ''
+                last_acl = u''
 
             acl_changed = value != last_acl