From 870a6d63e05a424810753ee24be28d997ca0b754 Mon Sep 17 00:00:00 2001 From: Michael Howitz Date: Fri, 24 Feb 2023 08:01:12 +0100 Subject: [PATCH] Config with pure python template c62c2ffd (#16) * Configuring for pure-python * Lint the code. * Bumped version for breaking release. * Drop support for Python 2.7, 3.5, 3.6. * Add support for Python 3.9, 3.10, 3.11. * Fix badge. --- .coveragerc | 8 -- .editorconfig | 39 ++++++++++ .github/workflows/tests.yml | 61 +++++++++++++++ .gitignore | 26 ++++++- .meta.toml | 24 ++++++ .travis.yml | 22 ------ CHANGES.rst | 8 +- CONTRIBUTING.md | 23 ++++++ MANIFEST.in | 10 ++- README.rst | 4 +- buildout.cfg | 7 -- setup.cfg | 23 +++++- setup.py | 21 ++--- src/zope/securitypolicy/grantinfo.py | 7 +- src/zope/securitypolicy/interfaces.py | 19 +++-- src/zope/securitypolicy/metaconfigure.py | 10 +-- src/zope/securitypolicy/metadirectives.py | 21 ++--- .../securitypolicy/principalpermission.py | 10 ++- src/zope/securitypolicy/principalrole.py | 13 ++-- src/zope/securitypolicy/role.py | 12 +-- src/zope/securitypolicy/rolepermission.py | 11 ++- src/zope/securitypolicy/securitymap.py | 2 +- src/zope/securitypolicy/settings.py | 2 +- src/zope/securitypolicy/testing.py | 25 ------ src/zope/securitypolicy/tests/__init__.py | 11 +-- ...st_annotationprincipalpermissionmanager.py | 15 ++-- .../test_annotationprincipalrolemanager.py | 14 ++-- .../test_annotationrolepermissionmanager.py | 44 ++++++----- .../securitypolicy/tests/test_grantinfo.py | 23 +++--- .../tests/test_principalpermissionmanager.py | 9 ++- .../tests/test_principalrolemanager.py | 11 +-- src/zope/securitypolicy/tests/test_role.py | 9 +-- .../tests/test_rolepermissionmanager.py | 9 ++- .../tests/test_securitydirectives.py | 25 +++--- .../securitypolicy/tests/test_securitymap.py | 20 +++-- .../securitypolicy/tests/test_settings.py | 2 +- .../securitypolicy/tests/test_vocabulary.py | 8 +- .../securitypolicy/tests/test_zopepolicy.py | 52 +++++++------ src/zope/securitypolicy/vocabulary.py | 14 ++-- src/zope/securitypolicy/zopepolicy.py | 45 +++++------ tox.ini | 77 +++++++++++++++---- 41 files changed, 503 insertions(+), 293 deletions(-) delete mode 100644 .coveragerc create mode 100644 .editorconfig create mode 100644 .github/workflows/tests.yml create mode 100644 .meta.toml delete mode 100644 .travis.yml create mode 100644 CONTRIBUTING.md delete mode 100644 buildout.cfg delete mode 100644 src/zope/securitypolicy/testing.py diff --git a/.coveragerc b/.coveragerc deleted file mode 100644 index d430e84..0000000 --- a/.coveragerc +++ /dev/null @@ -1,8 +0,0 @@ -[run] -source = zope.securitypolicy - -[report] -exclude_lines = - pragma: no cover - raise AssertionError - raise NotImplementedError diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..c5508b9 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,39 @@ +# Generated from: +# https://github.com/zopefoundation/meta/tree/master/config/pure-python +# +# EditorConfig Configuration file, for more details see: +# http://EditorConfig.org +# EditorConfig is a convention description, that could be interpreted +# by multiple editors to enforce common coding conventions for specific +# file types + +# top-most EditorConfig file: +# Will ignore other EditorConfig files in Home directory or upper tree level. +root = true + + +[*] # For All Files +# Unix-style newlines with a newline ending every file +end_of_line = lf +insert_final_newline = true +trim_trailing_whitespace = true +# Set default charset +charset = utf-8 +# Indent style default +indent_style = space +# Max Line Length - a hard line wrap, should be disabled +max_line_length = off + +[*.{py,cfg,ini}] +# 4 space indentation +indent_size = 4 + +[*.{yml,zpt,pt,dtml,zcml}] +# 2 space indentation +indent_size = 2 + +[{Makefile,.gitmodules}] +# Tab indentation (no size specified, but view as 4 spaces) +indent_style = tab +indent_size = unset +tab_width = unset diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml new file mode 100644 index 0000000..0e45a78 --- /dev/null +++ b/.github/workflows/tests.yml @@ -0,0 +1,61 @@ +# Generated from: +# https://github.com/zopefoundation/meta/tree/master/config/pure-python +name: tests + +on: + push: + pull_request: + schedule: + - cron: '0 12 * * 0' # run once a week on Sunday + # Allow to run this workflow manually from the Actions tab + workflow_dispatch: + +jobs: + build: + strategy: + # We want to see all failures: + fail-fast: false + matrix: + os: + - ["ubuntu", "ubuntu-20.04"] + config: + # [Python version, tox env] + - ["3.9", "lint"] + - ["3.7", "py37"] + - ["3.8", "py38"] + - ["3.9", "py39"] + - ["3.10", "py310"] + - ["3.11", "py311"] + - ["pypy-3.9", "pypy3"] + - ["3.9", "coverage"] + + runs-on: ${{ matrix.os[1] }} + if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name + name: ${{ matrix.config[1] }} + steps: + - uses: actions/checkout@v3 + - name: Set up Python + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.config[0] }} + - name: Pip cache + uses: actions/cache@v3 + with: + path: ~/.cache/pip + key: ${{ runner.os }}-pip-${{ matrix.config[0] }}-${{ hashFiles('setup.*', 'tox.ini') }} + restore-keys: | + ${{ runner.os }}-pip-${{ matrix.config[0] }}- + ${{ runner.os }}-pip- + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install tox + - name: Test + run: tox -e ${{ matrix.config[1] }} + - name: Coverage + if: matrix.config[1] == 'coverage' + run: | + pip install coveralls + coveralls --service=github + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.gitignore b/.gitignore index f0a6361..1f321f5 100644 --- a/.gitignore +++ b/.gitignore @@ -1,14 +1,32 @@ +# Generated from: +# https://github.com/zopefoundation/meta/tree/master/config/pure-python +*.dll +*.egg-info/ +*.profraw *.pyc +*.pyo +*.so .coverage .coverage.* +.eggs/ .installed.cfg -.tox -__pycache__ +.mr.developer.cfg +.tox/ +.vscode/ +__pycache__/ bin/ +build/ coverage.xml develop-eggs/ +develop/ dist/ +docs/_build eggs/ -htmlcov/ +etc/ +lib/ +lib64 +log/ parts/ -src/*.egg-info +pyvenv.cfg +testing.log +var/ diff --git a/.meta.toml b/.meta.toml new file mode 100644 index 0000000..ca83ca5 --- /dev/null +++ b/.meta.toml @@ -0,0 +1,24 @@ +# Generated from: +# https://github.com/zopefoundation/meta/tree/master/config/pure-python +[meta] +template = "pure-python" +commit-id = "f6bd0f55" + +[python] +with-sphinx-doctests = false +with-future-python = false +with-pypy = true +with-macos = false +with-windows = false + +[tox] +use-flake8 = true + +[coverage] +fail-under = 99 + +[manifest] +additional-rules = [ + "recursive-include src *.txt", + "recursive-include src *.zcml", + ] diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 94c710f..0000000 --- a/.travis.yml +++ /dev/null @@ -1,22 +0,0 @@ -language: python -python: - - 2.7 - - 3.5 - - 3.6 - - 3.7 - - 3.8 - - pypy - - pypy3 -install: - - pip install -U pip setuptools zope.testrunner - - pip install -U coveralls coverage - - pip install -U -e ".[test]" -script: - - coverage run -m zope.testrunner --test-path=src --auto-color -after_success: - - coveralls -notifications: - email: false -cache: pip -before_cache: - - rm -f $HOME/.cache/pip/log/debug.log diff --git a/CHANGES.rst b/CHANGES.rst index 19c1809..fc2c63f 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -2,10 +2,12 @@ Changes ========= -4.3.3 (unreleased) -================== +5.0 (unreleased) +================ + +- Add support for Python 3.9, 3.10, 3.11. -- Nothing changed yet. +- Drop support for Python 2.7, 3.5, 3.6. 4.3.2 (2021-03-19) diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 0000000..31d95f0 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,23 @@ + +# Contributing to zopefoundation projects + +The projects under the zopefoundation GitHub organization are open source and +welcome contributions in different forms: + +* bug reports +* code improvements and bug fixes +* documentation improvements +* pull request reviews + +For any changes in the repository besides trivial typo fixes you are required +to sign the contributor agreement. See +https://www.zope.dev/developer/becoming-a-committer.html for details. + +Please visit our [Developer +Guidelines](https://www.zope.dev/developer/guidelines.html) if you'd like to +contribute code changes and our [guidelines for reporting +bugs](https://www.zope.dev/developer/reporting-bugs.html) if you want to file a +bug report. diff --git a/MANIFEST.in b/MANIFEST.in index b9a5e7f..4d5f54f 100644 --- a/MANIFEST.in +++ b/MANIFEST.in @@ -1,9 +1,11 @@ +# Generated from: +# https://github.com/zopefoundation/meta/tree/master/config/pure-python +include *.md include *.rst include *.txt -include *.py include buildout.cfg include tox.ini -include .coveragerc -recursive-include src * -global-exclude *.pyc +recursive-include src *.py +recursive-include src *.txt +recursive-include src *.zcml diff --git a/README.rst b/README.rst index 9e9c842..607d689 100644 --- a/README.rst +++ b/README.rst @@ -10,8 +10,8 @@ :target: https://pypi.org/project/zope.securitypolicy/ :alt: Supported Python versions -.. image:: https://travis-ci.com/zopefoundation/zope.securitypolicy.svg?branch=master - :target: https://travis-ci.com/zopefoundation/zope.securitypolicy +.. image:: https://github.com/zopefoundation/zope.securitypolicy/actions/workflows/tests.yml/badge.svg + :target: https://github.com/zopefoundation/zope.securitypolicy/actions/workflows/tests.yml .. image:: https://coveralls.io/repos/github/zopefoundation/zope.securitypolicy/badge.svg?branch=master :target: https://coveralls.io/github/zopefoundation/zope.securitypolicy?branch=master diff --git a/buildout.cfg b/buildout.cfg deleted file mode 100644 index ee5cf4e..0000000 --- a/buildout.cfg +++ /dev/null @@ -1,7 +0,0 @@ -[buildout] -develop = . -parts = test - -[test] -recipe = zc.recipe.testrunner -eggs = zope.securitypolicy [test, dublincore] diff --git a/setup.cfg b/setup.cfg index 2a9acf1..1465440 100644 --- a/setup.cfg +++ b/setup.cfg @@ -1,2 +1,23 @@ +# Generated from: +# https://github.com/zopefoundation/meta/tree/master/config/pure-python [bdist_wheel] -universal = 1 +universal = 0 + +[flake8] +doctests = 1 + +[check-manifest] +ignore = + .editorconfig + .meta.toml + +[isort] +force_single_line = True +combine_as_imports = True +sections = FUTURE,STDLIB,THIRDPARTY,ZOPE,FIRSTPARTY,LOCALFOLDER +known_third_party = six, docutils, pkg_resources, pytz +known_zope = +known_first_party = +default_section = ZOPE +line_length = 79 +lines_after_imports = 2 diff --git a/setup.py b/setup.py index ae4da2d..acca9e1 100644 --- a/setup.py +++ b/setup.py @@ -12,14 +12,16 @@ # ############################################################################## # This package is developed by the Zope Toolkit project, documented here: -# http://docs.zope.org/zopetoolkit +# https://zopetoolkit.readthedocs.io/ # When developing and releasing this package, please follow the documented # Zope Toolkit policies as described by this documentation. ############################################################################## """Setup for zope.securitypolicy package """ import os -from setuptools import setup, find_packages + +from setuptools import find_packages +from setuptools import setup def read(*rnames): @@ -29,9 +31,9 @@ def read(*rnames): setup( name='zope.securitypolicy', - version='4.3.3.dev0', + version='5.0.dev0', author='Zope Foundation and Contributors', - author_email='zope-dev@zope.org', + author_email='zope-dev@zope.dev', description='Default security policy for Zope3', long_description=( read('README.rst') @@ -46,24 +48,25 @@ def read(*rnames): 'Intended Audience :: Developers', 'License :: OSI Approved :: Zope Public License', 'Programming Language :: Python', - 'Programming Language :: Python :: 2', - 'Programming Language :: Python :: 2.7', 'Programming Language :: Python :: 3', - 'Programming Language :: Python :: 3.5', - 'Programming Language :: Python :: 3.6', 'Programming Language :: Python :: 3.7', 'Programming Language :: Python :: 3.8', + 'Programming Language :: Python :: 3.9', + 'Programming Language :: Python :: 3.10', + 'Programming Language :: Python :: 3.11', 'Programming Language :: Python :: Implementation :: CPython', 'Programming Language :: Python :: Implementation :: PyPy', 'Natural Language :: English', 'Operating System :: OS Independent', 'Topic :: Internet :: WWW/HTTP', - 'Framework :: Zope :: 3'], + 'Framework :: Zope :: 3', + ], url='https://github.com/zopefoundation/zope.securitypolicy', license='ZPL 2.1', packages=find_packages('src'), package_dir={'': 'src'}, namespace_packages=['zope'], + python_requires='>=3.7', install_requires=[ 'persistent', 'setuptools', diff --git a/src/zope/securitypolicy/grantinfo.py b/src/zope/securitypolicy/grantinfo.py index af1d684..b9607b9 100644 --- a/src/zope/securitypolicy/grantinfo.py +++ b/src/zope/securitypolicy/grantinfo.py @@ -15,14 +15,15 @@ """ from zope.annotation.interfaces import IAnnotations from zope.interface import implementer -from zope.securitypolicy.interfaces import Unset -from zope.securitypolicy.interfaces import IGrantInfo +from zope.securitypolicy.interfaces import IGrantInfo +from zope.securitypolicy.interfaces import Unset from zope.securitypolicy.principalpermission import \ AnnotationPrincipalPermissionManager from zope.securitypolicy.principalrole import AnnotationPrincipalRoleManager from zope.securitypolicy.rolepermission import AnnotationRolePermissionManager + prinperkey = AnnotationPrincipalPermissionManager.key del AnnotationPrincipalPermissionManager @@ -34,7 +35,7 @@ @implementer(IGrantInfo) -class AnnotationGrantInfo(object): +class AnnotationGrantInfo: def __init__(self, context): self._context = context diff --git a/src/zope/securitypolicy/interfaces.py b/src/zope/securitypolicy/interfaces.py index 5a7cd91..39d3ac0 100644 --- a/src/zope/securitypolicy/interfaces.py +++ b/src/zope/securitypolicy/interfaces.py @@ -17,32 +17,35 @@ `Allow`, `Deny`, or `Unset`. """ from zope.interface import Interface -from zope.schema import TextLine, Text +from zope.schema import Text +from zope.schema import TextLine # These are the "setting" values returned by several methods defined # in these interfaces. The implementation may move to another # location in the future, so this should be the preferred module to # import these from. -from zope.securitypolicy.settings import Allow, Deny, Unset # noqa +from zope.securitypolicy.settings import Allow # noqa: F401 unused +from zope.securitypolicy.settings import Deny # noqa: F401 imported but unused +from zope.securitypolicy.settings import Unset class IRole(Interface): """A role object.""" id = TextLine( - title=u"Id", - description=u"Id as which this role will be known and used.", + title="Id", + description="Id as which this role will be known and used.", readonly=True, required=True) title = TextLine( - title=u"Title", - description=u"Provides a title for the role.", + title="Title", + description="Provides a title for the role.", required=True) description = Text( - title=u"Description", - description=u"Provides a description for the role.", + title="Description", + description="Provides a description for the role.", required=False) diff --git a/src/zope/securitypolicy/metaconfigure.py b/src/zope/securitypolicy/metaconfigure.py index 242f9da..2436da6 100644 --- a/src/zope/securitypolicy/metaconfigure.py +++ b/src/zope/securitypolicy/metaconfigure.py @@ -13,17 +13,17 @@ ############################################################################## """ Register security related configuration directives. """ -from zope.configuration.exceptions import ConfigurationError from zope.component.zcml import utility +from zope.configuration.exceptions import ConfigurationError from zope.securitypolicy.interfaces import IRole -from zope.securitypolicy.role import Role -from zope.securitypolicy.rolepermission import \ - rolePermissionManager as role_perm_mgr from zope.securitypolicy.principalpermission import \ principalPermissionManager as principal_perm_mgr from zope.securitypolicy.principalrole import \ principalRoleManager as principal_role_mgr +from zope.securitypolicy.role import Role +from zope.securitypolicy.rolepermission import \ + rolePermissionManager as role_perm_mgr def grant(_context, principal=None, role=None, permission=None, @@ -68,7 +68,7 @@ def grant(_context, principal=None, role=None, permission=None, def deny(_context, principal=None, role=None, permission=None, - permissions=None): + permissions=None): nspecified = ((principal is not None) + (role is not None) + (permission is not None) diff --git a/src/zope/securitypolicy/metadirectives.py b/src/zope/securitypolicy/metadirectives.py index 3784cf0..fd43902 100644 --- a/src/zope/securitypolicy/metadirectives.py +++ b/src/zope/securitypolicy/metadirectives.py @@ -16,20 +16,21 @@ from zope.configuration.fields import Tokens from zope.interface import Interface from zope.schema import Id -from zope.security.zcml import Permission, IPermissionDirective +from zope.security.zcml import IPermissionDirective +from zope.security.zcml import Permission class ISecurityObjectAssignmentDirective(Interface): """Abstract schema for security policy declarations.""" principal = Id( - title=u"Principal", - description=u"Specifies the Principal to be mapped.", + title="Principal", + description="Specifies the Principal to be mapped.", required=False) role = Id( - title=u"Role", - description=u"Specifies the Role to be mapped.", + title="Role", + description="Specifies the Role to be mapped.", required=False) @@ -42,15 +43,15 @@ class ISpecificSecurityObjectAssignmentDirective( """Abstract schema to set up one or more permissions""" permission = Permission( - title=u"Permission", - description=u"Specifies the Permission to be mapped.", + title="Permission", + description="Specifies the Permission to be mapped.", required=False) permissions = Tokens( - title=u"Permissions", + title="Permissions", description=( - u"Specifies a whitespace-separated list of permissions to be " - u"mapped."), + "Specifies a whitespace-separated list of permissions to be " + "mapped."), value_type=Permission(), required=False) diff --git a/src/zope/securitypolicy/principalpermission.py b/src/zope/securitypolicy/principalpermission.py index 1a199ef..5b1a7c5 100644 --- a/src/zope/securitypolicy/principalpermission.py +++ b/src/zope/securitypolicy/principalpermission.py @@ -14,14 +14,16 @@ """Mappings between principals and permissions, stored in an object locally. """ +from zope.authentication.principal import checkPrincipal from zope.interface import implementer from zope.security.permission import allPermissions -from zope.authentication.principal import checkPrincipal -from zope.securitypolicy.interfaces import Allow, Deny, Unset +from zope.securitypolicy.interfaces import Allow +from zope.securitypolicy.interfaces import Deny from zope.securitypolicy.interfaces import IPrincipalPermissionManager -from zope.securitypolicy.securitymap import SecurityMap +from zope.securitypolicy.interfaces import Unset from zope.securitypolicy.securitymap import AnnotationSecurityMap +from zope.securitypolicy.securitymap import SecurityMap @implementer(IPrincipalPermissionManager) @@ -112,7 +114,7 @@ def getPrincipalsAndPermissions(self): # simpler. try: from zope.testing.cleanup import addCleanUp -except ImportError: # pragma: no cover +except ImportError: # pragma: no cover pass else: addCleanUp(principalPermissionManager._clear) diff --git a/src/zope/securitypolicy/principalrole.py b/src/zope/securitypolicy/principalrole.py index b0876fe..08d8eea 100644 --- a/src/zope/securitypolicy/principalrole.py +++ b/src/zope/securitypolicy/principalrole.py @@ -13,14 +13,16 @@ ############################################################################## """Mappings between principals and roles, stored in an object locally. """ +from zope.authentication.principal import checkPrincipal from zope.interface import implementer -from zope.authentication.principal import checkPrincipal -from zope.securitypolicy.interfaces import Allow, Deny, Unset +from zope.securitypolicy.interfaces import Allow +from zope.securitypolicy.interfaces import Deny from zope.securitypolicy.interfaces import IPrincipalRoleManager -from zope.securitypolicy.securitymap import SecurityMap -from zope.securitypolicy.securitymap import AnnotationSecurityMap +from zope.securitypolicy.interfaces import Unset from zope.securitypolicy.role import checkRole +from zope.securitypolicy.securitymap import AnnotationSecurityMap +from zope.securitypolicy.securitymap import SecurityMap @implementer(IPrincipalRoleManager) @@ -94,6 +96,7 @@ def getPrincipalsAndRoles(self): ''' See the interface IPrincipalRoleMap ''' return self.getAllCells() + # Roles are our rows, and principals are our columns principalRoleManager = PrincipalRoleManager() @@ -101,7 +104,7 @@ def getPrincipalsAndRoles(self): # simpler. try: from zope.testing.cleanup import addCleanUp -except ImportError: # pragma: no cover +except ImportError: # pragma: no cover pass else: addCleanUp(principalRoleManager._clear) diff --git a/src/zope/securitypolicy/role.py b/src/zope/securitypolicy/role.py index 8eb5798..855c71c 100644 --- a/src/zope/securitypolicy/role.py +++ b/src/zope/securitypolicy/role.py @@ -16,19 +16,19 @@ __docformat__ = 'restructuredtext' from persistent import Persistent - -from zope.interface import implementer from zope.component import getUtilitiesFor +from zope.i18nmessageid import ZopeMessageFactory as _ +from zope.interface import implementer from zope.location import Location from zope.securitypolicy.interfaces import IRole -from zope.i18nmessageid import ZopeMessageFactory as _ + NULL_ID = _('') @implementer(IRole) -class Role(object): +class Role: def __init__(self, id, title, description=""): self.id = id @@ -58,7 +58,7 @@ def setIdOnActivation(role, event): >>> role1 = LocalRole('Role 1', 'A first role') >>> role1.id - u'' + '' >>> import zope.interface.interfaces >>> event = zope.interface.interfaces.Registered( ... Registration(role1, 'role1')) @@ -96,7 +96,7 @@ def unsetIdOnDeactivation(role, event): >>> unsetIdOnDeactivation(role1, event) >>> role1.id - u'' + '' """ role.id = NULL_ID diff --git a/src/zope/securitypolicy/rolepermission.py b/src/zope/securitypolicy/rolepermission.py index 6a9b366..e6762ce 100644 --- a/src/zope/securitypolicy/rolepermission.py +++ b/src/zope/securitypolicy/rolepermission.py @@ -14,11 +14,13 @@ """Permission to Roles Manager (Adapter) """ from zope.interface import implementer - from zope.security.permission import allPermissions -from zope.securitypolicy.role import checkRole -from zope.securitypolicy.interfaces import Allow, Deny, Unset + +from zope.securitypolicy.interfaces import Allow +from zope.securitypolicy.interfaces import Deny from zope.securitypolicy.interfaces import IRolePermissionManager +from zope.securitypolicy.interfaces import Unset +from zope.securitypolicy.role import checkRole from zope.securitypolicy.securitymap import AnnotationSecurityMap from zope.securitypolicy.securitymap import SecurityMap @@ -96,6 +98,7 @@ def getRolesAndPermissions(self): '''See interface IRolePermissionMap''' return self.getAllCells() + # Permissions are our rows, and roles are our columns rolePermissionManager = RolePermissionManager() @@ -104,7 +107,7 @@ def getRolesAndPermissions(self): # simpler. try: from zope.testing.cleanup import addCleanUp -except ImportError: # pragma: no cover +except ImportError: # pragma: no cover pass else: addCleanUp(rolePermissionManager._clear) diff --git a/src/zope/securitypolicy/securitymap.py b/src/zope/securitypolicy/securitymap.py index b80cbda..50300c1 100644 --- a/src/zope/securitypolicy/securitymap.py +++ b/src/zope/securitypolicy/securitymap.py @@ -18,7 +18,7 @@ from zope.security.management import queryInteraction -class SecurityMap(object): +class SecurityMap: def __init__(self): self._clear() diff --git a/src/zope/securitypolicy/settings.py b/src/zope/securitypolicy/settings.py index e8b5a94..0bf3a87 100644 --- a/src/zope/securitypolicy/settings.py +++ b/src/zope/securitypolicy/settings.py @@ -19,7 +19,7 @@ """ -class PermissionSetting(object): +class PermissionSetting: """PermissionSettings should be considered as immutable. They can be compared by identity. They are identified by their name. diff --git a/src/zope/securitypolicy/testing.py b/src/zope/securitypolicy/testing.py deleted file mode 100644 index bf464bb..0000000 --- a/src/zope/securitypolicy/testing.py +++ /dev/null @@ -1,25 +0,0 @@ -############################################################################## -# -# Copyright (c) 2013 Zope Foundation and Contributors. -# All Rights Reserved. -# -# This software is subject to the provisions of the Zope Public License, -# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution. -# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED -# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS -# FOR A PARTICULAR PURPOSE. -# -############################################################################## -"""Reusable functionality for testing -""" -import re -from zope.testing import renormalizing - -checker = renormalizing.RENormalizing([ - # Python 3 unicode removed the "u". - (re.compile("u('.*?')"), - r"\1"), - (re.compile('u(".*?")'), - r"\1"), -]) diff --git a/src/zope/securitypolicy/tests/__init__.py b/src/zope/securitypolicy/tests/__init__.py index cc30b3d..526acae 100644 --- a/src/zope/securitypolicy/tests/__init__.py +++ b/src/zope/securitypolicy/tests/__init__.py @@ -11,14 +11,14 @@ # FOR A PARTICULAR PURPOSE. # ############################################################################## -from zope.interface import implementer from zope.authentication.interfaces import IAuthentication from zope.authentication.interfaces import PrincipalLookupError +from zope.interface import implementer from zope.security.interfaces import IPrincipal @implementer(IAuthentication) -class DummyPrincipalRegistry(object): +class DummyPrincipalRegistry: """Dummy principal registry that only implements getPrincipal and definePrincipal method that are needed for securitypolicy tests.""" @@ -30,19 +30,20 @@ def getPrincipal(self, id): raise PrincipalLookupError(id) return self._principals[id] - def definePrincipal(self, id, title=u'', description=u''): + def definePrincipal(self, id, title='', description=''): p = DummyPrincipal(id, title, description) self._principals[id] = p return p + principalRegistry = DummyPrincipalRegistry() @implementer(IPrincipal) -class DummyPrincipal(object): +class DummyPrincipal: """Very simple principal implementation""" - def __init__(self, id, title=u'', description=u''): + def __init__(self, id, title='', description=''): self.id = id self.title = title self.description = description diff --git a/src/zope/securitypolicy/tests/test_annotationprincipalpermissionmanager.py b/src/zope/securitypolicy/tests/test_annotationprincipalpermissionmanager.py index f1e6753..e54c25e 100644 --- a/src/zope/securitypolicy/tests/test_annotationprincipalpermissionmanager.py +++ b/src/zope/securitypolicy/tests/test_annotationprincipalpermissionmanager.py @@ -15,29 +15,32 @@ """ import unittest -from zope.component import provideAdapter, provideUtility -from zope.component.testing import PlacelessSetup -from zope.interface import implementer from zope.annotation.attribute import AttributeAnnotations from zope.annotation.interfaces import IAttributeAnnotatable +from zope.component import provideAdapter +from zope.component import provideUtility +from zope.component.testing import PlacelessSetup +from zope.interface import implementer from zope.security.interfaces import IPermission from zope.security.permission import Permission -from zope.securitypolicy.interfaces import Allow, Deny, Unset +from zope.securitypolicy.interfaces import Allow +from zope.securitypolicy.interfaces import Deny +from zope.securitypolicy.interfaces import Unset from zope.securitypolicy.principalpermission import \ AnnotationPrincipalPermissionManager from zope.securitypolicy.tests import principalRegistry @implementer(IAttributeAnnotatable) -class Manageable(object): +class Manageable: pass class Test(PlacelessSetup, unittest.TestCase): def setUp(self): - super(Test, self).setUp() + super().setUp() provideAdapter(AttributeAnnotations) def _make_principal(self, id=None, title=None): diff --git a/src/zope/securitypolicy/tests/test_annotationprincipalrolemanager.py b/src/zope/securitypolicy/tests/test_annotationprincipalrolemanager.py index 6c4637d..151fb13 100644 --- a/src/zope/securitypolicy/tests/test_annotationprincipalrolemanager.py +++ b/src/zope/securitypolicy/tests/test_annotationprincipalrolemanager.py @@ -14,22 +14,24 @@ """Test handler for PrincipalRoleManager module. """ import unittest + import zope.component -from zope.interface import implementer +from zope.annotation.attribute import AttributeAnnotations from zope.annotation.interfaces import IAttributeAnnotatable - from zope.component.testing import PlacelessSetup -from zope.annotation.attribute import AttributeAnnotations +from zope.interface import implementer -from zope.securitypolicy.principalrole import AnnotationPrincipalRoleManager -from zope.securitypolicy.interfaces import Allow, Deny, Unset +from zope.securitypolicy.interfaces import Allow +from zope.securitypolicy.interfaces import Deny from zope.securitypolicy.interfaces import IRole +from zope.securitypolicy.interfaces import Unset +from zope.securitypolicy.principalrole import AnnotationPrincipalRoleManager from zope.securitypolicy.role import Role from zope.securitypolicy.tests import principalRegistry @implementer(IAttributeAnnotatable) -class Manageable(object): +class Manageable: pass diff --git a/src/zope/securitypolicy/tests/test_annotationrolepermissionmanager.py b/src/zope/securitypolicy/tests/test_annotationrolepermissionmanager.py index eb1290e..6518b83 100644 --- a/src/zope/securitypolicy/tests/test_annotationrolepermissionmanager.py +++ b/src/zope/securitypolicy/tests/test_annotationrolepermissionmanager.py @@ -14,22 +14,26 @@ """Test handler for Annotation Role Permission Manager. """ import unittest -from zope.component import provideUtility, provideAdapter -from zope.component.testing import PlacelessSetup -from zope.interface import implementer + from zope.annotation.attribute import AttributeAnnotations from zope.annotation.interfaces import IAttributeAnnotatable +from zope.component import provideAdapter +from zope.component import provideUtility +from zope.component.testing import PlacelessSetup +from zope.interface import implementer from zope.security.interfaces import IPermission from zope.security.permission import Permission -from zope.securitypolicy.role import Role -from zope.securitypolicy.interfaces import Allow, Deny, Unset +from zope.securitypolicy.interfaces import Allow +from zope.securitypolicy.interfaces import Deny from zope.securitypolicy.interfaces import IRole +from zope.securitypolicy.interfaces import Unset +from zope.securitypolicy.role import Role from zope.securitypolicy.rolepermission import AnnotationRolePermissionManager @implementer(IAttributeAnnotatable) -class Manageable(object): +class Manageable: pass @@ -64,28 +68,28 @@ def testNormal(self): mgr.grantPermissionToRole(self.read, self.peon) - l = list(mgr.getPermissionsForRole(self.manager)) - self.assertTrue((self.read, Allow) in l) - self.assertTrue((self.write, Allow) in l) + l_ = list(mgr.getPermissionsForRole(self.manager)) + self.assertTrue((self.read, Allow) in l_) + self.assertTrue((self.write, Allow) in l_) - l = list(mgr.getPermissionsForRole(self.peon)) - self.assertTrue([(self.read, Allow)] == l) + l_ = list(mgr.getPermissionsForRole(self.peon)) + self.assertTrue([(self.read, Allow)] == l_) - l = list(mgr.getRolesForPermission(self.read)) - self.assertTrue((self.manager, Allow) in l) - self.assertTrue((self.peon, Allow) in l) + l_ = list(mgr.getRolesForPermission(self.read)) + self.assertTrue((self.manager, Allow) in l_) + self.assertTrue((self.peon, Allow) in l_) - l = list(mgr.getRolesForPermission(self.write)) - self.assertEqual(l, [(self.manager, Allow)]) + l_ = list(mgr.getRolesForPermission(self.write)) + self.assertEqual(l_, [(self.manager, Allow)]) mgr.denyPermissionToRole(self.read, self.peon) - l = list(mgr.getPermissionsForRole(self.peon)) - self.assertEqual(l, [(self.read, Deny)]) + l_ = list(mgr.getPermissionsForRole(self.peon)) + self.assertEqual(l_, [(self.read, Deny)]) mgr.unsetPermissionFromRole(self.read, self.peon) - l = list(mgr.getRolesForPermission(self.read)) - self.assertEqual(l, [(self.manager, Allow)]) + l_ = list(mgr.getRolesForPermission(self.read)) + self.assertEqual(l_, [(self.manager, Allow)]) self.assertEqual(mgr.getSetting(self.read, self.peon), Unset) self.assertEqual(mgr.getSetting(self.read, self.peon, 1), 1) diff --git a/src/zope/securitypolicy/tests/test_grantinfo.py b/src/zope/securitypolicy/tests/test_grantinfo.py index c29b6ed..a671f8c 100644 --- a/src/zope/securitypolicy/tests/test_grantinfo.py +++ b/src/zope/securitypolicy/tests/test_grantinfo.py @@ -14,14 +14,15 @@ import unittest -from zope import interface from zope.annotation.interfaces import IAnnotations +from zope import interface from zope.securitypolicy import grantinfo + # pylint:disable=protected-access -class Manager(object): +class Manager: def __init__(self): self._bycol = {} @@ -65,7 +66,6 @@ def test_no_annotations(self): self.assertEqual([], info.getRolesForPrincipal(None)) - def test_manager_attributes(self): context, prinper, prinrole, roleperm = self._makeContext() info = self._makeOne(context) @@ -74,7 +74,6 @@ def test_manager_attributes(self): self.assertIs(info.prinrole, prinrole._bycol) self.assertIs(info.permrole, roleperm._byrow) - def test_principal_permission_grant(self): context, prinper, _, _ = self._makeContext() grants = prinper._bycol["principal"] = {} @@ -85,11 +84,17 @@ def test_principal_permission_grant(self): self.assertIs(grant, info.principalPermissionGrant("principal", "permission")) - self.assertIs(grantinfo.Unset, - info.principalPermissionGrant("principal", "other permission")) - - self.assertIs(grantinfo.Unset, - info.principalPermissionGrant("other principal", "other permission")) + self.assertIs( + grantinfo.Unset, + info.principalPermissionGrant( + "principal", + "other permission")) + + self.assertIs( + grantinfo.Unset, + info.principalPermissionGrant( + "other principal", + "other permission")) def test_roles_for_permission(self): context, _, _, roleperm = self._makeContext() diff --git a/src/zope/securitypolicy/tests/test_principalpermissionmanager.py b/src/zope/securitypolicy/tests/test_principalpermissionmanager.py index c2046e5..57b7aa2 100644 --- a/src/zope/securitypolicy/tests/test_principalpermissionmanager.py +++ b/src/zope/securitypolicy/tests/test_principalpermissionmanager.py @@ -15,14 +15,15 @@ """ import unittest +from zope.authentication.interfaces import IAuthentication from zope.component import provideUtility from zope.component.testing import PlacelessSetup from zope.security.interfaces import IPermission from zope.security.permission import Permission -from zope.authentication.interfaces import IAuthentication - -from zope.securitypolicy.interfaces import Allow, Deny, Unset +from zope.securitypolicy.interfaces import Allow +from zope.securitypolicy.interfaces import Deny +from zope.securitypolicy.interfaces import Unset from zope.securitypolicy.principalpermission import \ principalPermissionManager as manager from zope.securitypolicy.tests import principalRegistry @@ -37,7 +38,7 @@ def definePermission(id, title=None, description=None): class Test(PlacelessSetup, unittest.TestCase): def setUp(self): - super(Test, self).setUp() + super().setUp() provideUtility(principalRegistry, IAuthentication) def _make_principal(self, id=None, title=None): diff --git a/src/zope/securitypolicy/tests/test_principalrolemanager.py b/src/zope/securitypolicy/tests/test_principalrolemanager.py index 97763a2..4e8932f 100644 --- a/src/zope/securitypolicy/tests/test_principalrolemanager.py +++ b/src/zope/securitypolicy/tests/test_principalrolemanager.py @@ -15,15 +15,16 @@ """ import unittest +from zope.authentication.interfaces import IAuthentication from zope.component import provideUtility from zope.component.testing import PlacelessSetup -from zope.authentication.interfaces import IAuthentication - -from zope.securitypolicy.role import Role -from zope.securitypolicy.interfaces import Allow, Deny, Unset +from zope.securitypolicy.interfaces import Allow +from zope.securitypolicy.interfaces import Deny from zope.securitypolicy.interfaces import IRole +from zope.securitypolicy.interfaces import Unset from zope.securitypolicy.principalrole import principalRoleManager +from zope.securitypolicy.role import Role from zope.securitypolicy.tests import principalRegistry @@ -36,7 +37,7 @@ def defineRole(id, title=None, description=None): class Test(PlacelessSetup, unittest.TestCase): def setUp(self): - super(Test, self).setUp() + super().setUp() provideUtility(principalRegistry, IAuthentication) def _make_principal(self, id=None, title=None): diff --git a/src/zope/securitypolicy/tests/test_role.py b/src/zope/securitypolicy/tests/test_role.py index a623627..8170513 100644 --- a/src/zope/securitypolicy/tests/test_role.py +++ b/src/zope/securitypolicy/tests/test_role.py @@ -11,15 +11,10 @@ # FOR A PARTICULAR PURPOSE. # ############################################################################## -"""Doctests for 'permission' module. +"""Doctests for 'role' module. """ from doctest import DocTestSuite -import unittest - -from zope.securitypolicy import testing def test_suite(): - return unittest.TestSuite(( - DocTestSuite('zope.securitypolicy.role', checker=testing.checker), - )) + return DocTestSuite('zope.securitypolicy.role') diff --git a/src/zope/securitypolicy/tests/test_rolepermissionmanager.py b/src/zope/securitypolicy/tests/test_rolepermissionmanager.py index 813d251..6b745da 100644 --- a/src/zope/securitypolicy/tests/test_rolepermissionmanager.py +++ b/src/zope/securitypolicy/tests/test_rolepermissionmanager.py @@ -20,11 +20,12 @@ from zope.security.interfaces import IPermission from zope.security.permission import Permission -from zope.securitypolicy.role import Role -from zope.securitypolicy.interfaces import Allow, Deny, Unset +from zope.securitypolicy.interfaces import Allow +from zope.securitypolicy.interfaces import Deny from zope.securitypolicy.interfaces import IRole -from zope.securitypolicy.rolepermission import \ - rolePermissionManager as manager +from zope.securitypolicy.interfaces import Unset +from zope.securitypolicy.role import Role +from zope.securitypolicy.rolepermission import rolePermissionManager as manager def defineRole(id, title=None, description=None): diff --git a/src/zope/securitypolicy/tests/test_securitydirectives.py b/src/zope/securitypolicy/tests/test_securitydirectives.py index 51280a7..16014ad 100644 --- a/src/zope/securitypolicy/tests/test_securitydirectives.py +++ b/src/zope/securitypolicy/tests/test_securitydirectives.py @@ -16,25 +16,25 @@ import unittest import zope.component +from zope.authentication.interfaces import IAuthentication +from zope.component.testing import PlacelessSetup from zope.configuration import xmlconfig from zope.configuration.config import ConfigurationConflictError from zope.configuration.exceptions import ConfigurationError from zope.security.interfaces import IPermission from zope.security.permission import Permission -from zope.component.testing import PlacelessSetup -from zope.authentication.interfaces import IAuthentication - -from zope.securitypolicy.role import Role -from zope.securitypolicy.interfaces import Allow, Deny +import zope.securitypolicy.tests +from zope.securitypolicy.interfaces import Allow +from zope.securitypolicy.interfaces import Deny from zope.securitypolicy.interfaces import IRole -from zope.securitypolicy.rolepermission import \ - rolePermissionManager as role_perm_mgr from zope.securitypolicy.principalpermission import \ principalPermissionManager as principal_perm_mgr from zope.securitypolicy.principalrole import \ principalRoleManager as principal_role_mgr -import zope.securitypolicy.tests +from zope.securitypolicy.role import Role +from zope.securitypolicy.rolepermission import \ + rolePermissionManager as role_perm_mgr from zope.securitypolicy.tests import principalRegistry @@ -47,7 +47,7 @@ def defineRole(id, title=None, description=None): class TestBase(PlacelessSetup): def setUp(self): - super(TestBase, self).setUp() + super().setUp() zope.component.provideUtility(principalRegistry, IAuthentication) @@ -70,7 +70,7 @@ def testDuplicationRegistration(self): class TestSecurityGrantMapping(TestBase, unittest.TestCase): def setUp(self): - super(TestSecurityGrantMapping, self).setUp() + super().setUp() zope.component.provideUtility(Permission('zope.Foo', ''), IPermission, 'zope.Foo') zope.component.provideUtility(Permission('zope.Qwer', ''), @@ -155,7 +155,7 @@ def test_RolePrincipalMap(self): class TestSecurityGrantAllMapping(TestBase, unittest.TestCase): def setUp(self): - super(TestSecurityGrantAllMapping, self).setUp() + super().setUp() zope.component.provideUtility(Permission('zope.Qwer', ''), IPermission, 'zope.Qwer') zope.component.provideUtility(Permission('zope.Qux', ''), @@ -194,7 +194,7 @@ def test_principal_and_role_not_allowed(self): class TestSecurityDenyMapping(TestBase, unittest.TestCase): def setUp(self): - super(TestSecurityDenyMapping, self).setUp() + super().setUp() zope.component.provideUtility(Permission('zope.Foo', ''), IPermission, 'zope.Foo') zope.component.provideUtility(Permission('zope.Qwer', ''), @@ -255,6 +255,7 @@ def test_cannot_specify_all_three_object_types(self): /> ''', context=self.context) + def test_PermPrincipalMap(self): principals = principal_perm_mgr.getPrincipalsForPermission("zope.Foo") perms = principal_perm_mgr.getPermissionsForPrincipal("zope.Blah") diff --git a/src/zope/securitypolicy/tests/test_securitymap.py b/src/zope/securitypolicy/tests/test_securitymap.py index f75d783..4e9ceb1 100644 --- a/src/zope/securitypolicy/tests/test_securitymap.py +++ b/src/zope/securitypolicy/tests/test_securitymap.py @@ -14,13 +14,17 @@ """Test SecurityMap implementations """ import unittest -from zope.securitypolicy.securitymap import SecurityMap + +from zope.security.management import endInteraction +from zope.security.management import getInteraction +from zope.security.management import newInteraction +from zope.security.management import setSecurityPolicy + from zope.securitypolicy.securitymap import PersistentSecurityMap -from zope.security.management import setSecurityPolicy, getInteraction -from zope.security.management import newInteraction, endInteraction +from zope.securitypolicy.securitymap import SecurityMap -class InteractionStub(object): +class InteractionStub: invalidated = 0 def invalidate_cache(self): @@ -60,8 +64,9 @@ def test_addCell(self): def test_addCell_no_invalidation(self): - class NoInvalidation(object): + class NoInvalidation: attrs = () + def __getattr__(self, name): self.attrs += (name,) return object.__getattr__(self, name) @@ -180,10 +185,11 @@ def _getSecurityMap(self): class TestAnnotationSecurityMap(unittest.TestCase): def test_changed_sets_map(self): - from zope.securitypolicy.securitymap import AnnotationSecurityMap from zope.annotation.interfaces import IAnnotations - class Context(object): + from zope.securitypolicy.securitymap import AnnotationSecurityMap + + class Context: def __init__(self): self.annotations = {} diff --git a/src/zope/securitypolicy/tests/test_settings.py b/src/zope/securitypolicy/tests/test_settings.py index 2a73c6a..2e586a4 100644 --- a/src/zope/securitypolicy/tests/test_settings.py +++ b/src/zope/securitypolicy/tests/test_settings.py @@ -13,8 +13,8 @@ ############################################################################## """Security Settings Tests """ -import unittest import pickle +import unittest from zope.securitypolicy.interfaces import Allow diff --git a/src/zope/securitypolicy/tests/test_vocabulary.py b/src/zope/securitypolicy/tests/test_vocabulary.py index 2716333..6e796a5 100644 --- a/src/zope/securitypolicy/tests/test_vocabulary.py +++ b/src/zope/securitypolicy/tests/test_vocabulary.py @@ -14,13 +14,7 @@ """Role vocabluary doc tests. """ from doctest import DocTestSuite -import unittest - -from zope.securitypolicy import testing def test_suite(): - return unittest.TestSuite(( - DocTestSuite( - 'zope.securitypolicy.vocabulary', checker=testing.checker), - )) + return DocTestSuite('zope.securitypolicy.vocabulary') diff --git a/src/zope/securitypolicy/tests/test_zopepolicy.py b/src/zope/securitypolicy/tests/test_zopepolicy.py index 8c83b09..fab6edd 100644 --- a/src/zope/securitypolicy/tests/test_zopepolicy.py +++ b/src/zope/securitypolicy/tests/test_zopepolicy.py @@ -14,50 +14,51 @@ """Tests the zope policy. """ -from doctest import DocFileSuite import unittest +from doctest import DocFileSuite + +from zope.annotation.attribute import AttributeAnnotations +from zope.annotation.interfaces import IAnnotatable +from zope.annotation.interfaces import IAttributeAnnotatable from zope.component import provideAdapter from zope.component.testing import setUp as componentSetUp from zope.component.testing import tearDown as componentTearDown -from zope.annotation.interfaces import IAnnotatable -from zope.annotation.interfaces import IAttributeAnnotatable -from zope.annotation.attribute import AttributeAnnotations from zope.security.management import endInteraction from zope.testing.cleanup import CleanUp -from zope import interface +from zope import interface +from zope.securitypolicy import zopepolicy +from zope.securitypolicy.grantinfo import AnnotationGrantInfo from zope.securitypolicy.interfaces import IGrantInfo -from zope.securitypolicy.interfaces import IPrincipalRoleManager from zope.securitypolicy.interfaces import IPrincipalPermissionManager +from zope.securitypolicy.interfaces import IPrincipalRoleManager from zope.securitypolicy.interfaces import IRolePermissionManager from zope.securitypolicy.principalpermission import \ AnnotationPrincipalPermissionManager -from zope.securitypolicy.principalrole import \ - AnnotationPrincipalRoleManager -from zope.securitypolicy.rolepermission import \ - AnnotationRolePermissionManager -from zope.securitypolicy.grantinfo import \ - AnnotationGrantInfo -from zope.securitypolicy import zopepolicy +from zope.securitypolicy.principalrole import AnnotationPrincipalRoleManager +from zope.securitypolicy.rolepermission import AnnotationRolePermissionManager class TestZCML(CleanUp, unittest.TestCase): def testMetaZCML(self): import zope.configuration + import zope.securitypolicy zope.configuration.xmlconfig.file("meta.zcml", zope.securitypolicy) def testConfigureZCML(self): import zope.configuration + import zope.securitypolicy zope.configuration.xmlconfig.file( "configure.zcml", zope.securitypolicy) def testSecuritypolicyZCML(self): + import zope.annotation import zope.configuration + import zope.securitypolicy - import zope.annotation zope.configuration.xmlconfig.file( "configure.zcml", zope.annotation) @@ -92,22 +93,22 @@ def testSecuritypolicyZCML(self): interface.alsoProvides(self, IAttributeAnnotatable) settings = zopepolicy.settingsForObject(self) self.assertEqual( - settings[0], - ('(no name)', - {'principalPermissions': [], 'principalRoles': [], 'rolePermissions': []}) - ) + settings[0], ('(no name)', { + 'principalPermissions': [], + 'principalRoles': [], + 'rolePermissions': []})) class TestZopePolicy(CleanUp, unittest.TestCase): def setUp(self): - super(TestZopePolicy, self).setUp() + super().setUp() self.policy = zopepolicy.ZopeSecurityPolicy() def test_checkPermission_system_user(self): from zope.security.management import system_user - class Participation(object): + class Participation: principal = system_user interaction = None @@ -117,10 +118,10 @@ class Participation(object): def test_checkPermission_multiple_participations_for_same_id(self): - class Principal(object): + class Principal: id = 'principal' - class Participation(object): + class Participation: principal = Principal() interaction = None @@ -128,6 +129,7 @@ class Participation(object): self.policy.add(Participation()) invoked_counter = [] + def cached_decision(self, *args): invoked_counter.append(args) return True @@ -138,7 +140,8 @@ def cached_decision(self, *args): def test__findGroupsFor_seen(self): group_id = 'group' - class Principal(object): + + class Principal: groups = (group_id,) seen = {group_id} @@ -152,7 +155,8 @@ class Principal(object): def test__findGroupsFor_LookupError(self): # lookup errors are ignored from zope.authentication.interfaces import PrincipalLookupError - class Principal(object): + + class Principal: groups = ('group',) def getPrincipal(gid): diff --git a/src/zope/securitypolicy/vocabulary.py b/src/zope/securitypolicy/vocabulary.py index 263d250..f41317a 100644 --- a/src/zope/securitypolicy/vocabulary.py +++ b/src/zope/securitypolicy/vocabulary.py @@ -18,12 +18,14 @@ __docformat__ = 'restructuredtext' import zope.component -from zope.interface import implementer, provider -from zope.schema.vocabulary import SimpleTerm, SimpleVocabulary +from zope.interface import implementer +from zope.interface import provider from zope.schema.interfaces import IVocabularyFactory +from zope.schema.vocabulary import SimpleTerm +from zope.schema.vocabulary import SimpleVocabulary -from zope.securitypolicy.interfaces import IRole from zope.securitypolicy.interfaces import IGrantVocabulary +from zope.securitypolicy.interfaces import IRole @provider(IVocabularyFactory) @@ -56,9 +58,9 @@ class RoleIdsVocabulary(SimpleVocabulary): >>> vocab = registry.get(None, 'Role Ids') >>> vocab.getTermByToken('a_id').value - u'a_id' + 'a_id' >>> vocab.getTermByToken('b_id').value - u'b_id' + 'b_id' >>> tearDown() @@ -69,7 +71,7 @@ def __init__(self, context): roles = zope.component.getUtilitiesFor(IRole, context) for name, role in roles: terms.append(SimpleTerm(name, name, name)) - super(RoleIdsVocabulary, self).__init__(terms) + super().__init__(terms) @provider(IVocabularyFactory) diff --git a/src/zope/securitypolicy/zopepolicy.py b/src/zope/securitypolicy/zopepolicy.py index 3a97b07..beb067d 100644 --- a/src/zope/securitypolicy/zopepolicy.py +++ b/src/zope/securitypolicy/zopepolicy.py @@ -15,32 +15,29 @@ """ import zope.interface - +from zope.authentication.interfaces import IAuthentication +from zope.authentication.interfaces import PrincipalLookupError from zope.component import getUtility from zope.security.checker import CheckerPublic -from zope.security.management import system_user -from zope.security.simplepolicies import ParanoidSecurityPolicy from zope.security.interfaces import ISecurityPolicy +from zope.security.management import system_user from zope.security.proxy import removeSecurityProxy +from zope.security.simplepolicies import ParanoidSecurityPolicy -from zope.authentication.interfaces import ( - PrincipalLookupError, - IAuthentication) - +from zope.securitypolicy.interfaces import Allow +from zope.securitypolicy.interfaces import Deny +from zope.securitypolicy.interfaces import IPrincipalPermissionMap +from zope.securitypolicy.interfaces import IPrincipalRoleMap +from zope.securitypolicy.interfaces import IRolePermissionMap +from zope.securitypolicy.interfaces import Unset from zope.securitypolicy.principalpermission import principalPermissionManager -globalPrincipalPermissionSetting = principalPermissionManager.getSetting - +from zope.securitypolicy.principalrole import principalRoleManager from zope.securitypolicy.rolepermission import rolePermissionManager -globalRolesForPermission = rolePermissionManager.getRolesForPermission -from zope.securitypolicy.principalrole import principalRoleManager -globalRolesForPrincipal = principalRoleManager.getRolesForPrincipal - -from zope.securitypolicy.interfaces import Allow, Deny, Unset -from zope.securitypolicy.interfaces import IRolePermissionMap -from zope.securitypolicy.interfaces import IPrincipalPermissionMap -from zope.securitypolicy.interfaces import IPrincipalRoleMap +globalPrincipalPermissionSetting = principalPermissionManager.getSetting +globalRolesForPermission = rolePermissionManager.getRolesForPermission +globalRolesForPrincipal = principalRoleManager.getRolesForPrincipal SettingAsBoolean = {Allow: True, Deny: False, Unset: None, None: None} @@ -181,10 +178,10 @@ def cached_roles(self, parent, permission): pass if parent is None: - roles = dict( - [(role, 1) - for (role, setting) in globalRolesForPermission(permission) - if setting is Allow]) + roles = { + role: 1 + for (role, setting) in globalRolesForPermission(permission) + if setting is Allow} cache_roles[permission] = roles return roles @@ -234,9 +231,9 @@ def cached_principal_roles(self, parent, principal): pass if parent is None: - roles = dict( - [(role, SettingAsBoolean[setting]) - for (role, setting) in globalRolesForPrincipal(principal)]) + roles = { + role: SettingAsBoolean[setting] + for (role, setting) in globalRolesForPrincipal(principal)} roles['zope.Anonymous'] = True # Everybody has Anonymous cache_principal_roles[principal] = roles return roles diff --git a/tox.ini b/tox.ini index fae2f79..8fc19f9 100644 --- a/tox.ini +++ b/tox.ini @@ -1,26 +1,75 @@ +# Generated from: +# https://github.com/zopefoundation/meta/tree/master/config/pure-python [tox] +minversion = 3.18 envlist = - py27, - py35, - py36, - py37, - py38, - pypy, - pypy3, + lint + py37 + py38 + py39 + py310 + py311 + pypy3 coverage [testenv] +usedevelop = true +deps = commands = zope-testrunner --test-path=src {posargs:-vc} +extras = + test + +[testenv:lint] +basepython = python3 +skip_install = true +commands = + isort --check-only --diff {toxinidir}/src {toxinidir}/setup.py + flake8 src setup.py + check-manifest + check-python-versions deps = - .[test] + check-manifest + check-python-versions >= 0.19.1 + wheel + flake8 + isort -[testenv:coverage] -usedevelop = true -basepython = python3.6 +[testenv:isort-apply] +basepython = python3 +skip_install = true +commands_pre = +deps = + isort commands = - coverage run -m zope.testrunner --test-path=src [] - coverage report --fail-under=100 + isort {toxinidir}/src {toxinidir}/setup.py [] + +[testenv:coverage] +basepython = python3 +allowlist_externals = + mkdir deps = - {[testenv]deps} coverage +commands = + mkdir -p {toxinidir}/parts/htmlcov + coverage run -m zope.testrunner --test-path=src {posargs:-vc} + coverage html --ignore-errors + coverage report --ignore-errors --show-missing --fail-under=99 + +[coverage:run] +branch = True +source = zope.securitypolicy + +[coverage:report] +precision = 2 +exclude_lines = + pragma: no cover + pragma: nocover + except ImportError: + raise NotImplementedError + if __name__ == '__main__': + self.fail + raise AssertionError + +[coverage:html] +directory = parts/htmlcov