changeset 1993:e0a036c7f7f7

improved security tests
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Wed, 13 Feb 2013 13:32:23 +0100
parents d06e56e20b91
children 21fb938ab077
files MoinMoin/security/_tests/test_security.py
diffstat 1 files changed, 15 insertions(+), 0 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/security/_tests/test_security.py	Tue Feb 12 20:11:39 2013 +0100
+++ b/MoinMoin/security/_tests/test_security.py	Wed Feb 13 13:32:23 2013 +0100
@@ -203,6 +203,12 @@
 
     TO DO: test unknown user?
     """
+    def testhasACL(self):
+        acl = AccessControlList(valid=app.cfg.acl_rights_contents)
+        assert not acl.has_acl()
+        acl = AccessControlList(["All:read", ], valid=app.cfg.acl_rights_contents)
+        assert acl.has_acl()
+
     def testApplyACLByUser(self):
         """ security: applying acl by user name"""
         # This acl string...
@@ -329,6 +335,7 @@
     from MoinMoin._tests import wikiconfig
     class Config(wikiconfig.Config):
         content_acl = dict(hierarchic=False, before=u"WikiAdmin:admin,read,write,create,destroy", default=u"All:read,write", after=u"All:read")
+        acl_functions = u"SuperUser:superuser NoTextchaUser:notextcha"
 
     def setup_method(self, method):
         become_trusted(username=u'WikiAdmin')
@@ -378,6 +385,14 @@
             for right in mayNot:
                 yield _not_have_right, u, right, itemname
 
+        # check function rights
+        u = User(auth_username='SuperUser')
+        assert u.may.superuser()
+        u = User(auth_username='NoTextchaUser')
+        assert u.may.notextcha()
+        u = User(auth_username='SomeGuy')
+        assert not u.may.superuser()
+        assert not u.may.notextcha()
 
 class TestItemHierachicalAcls(object):
     """ security: real-life access control list on items testing