r7250 - in branches: 1.1/turbogears/identity 1.1/turbogears/identity/tests 1.5/turbogears/identity 1.5/turbogears/identity/tests
svn-c...@turbogears.org
Date: Fri Mar 11 11:11:08 2011
New Revision: 7250
URL: http://trac.turbogears.org/changeset/7250
Log:
SecureObject didn't proxy attributes assignments to proxied objects (#2535).
Modified:
branches/1.1/turbogears/identity/conditions.py
branches/1.1/turbogears/identity/tests/test_identity.py
branches/1.5/turbogears/identity/conditions.py
branches/1.5/turbogears/identity/tests/test_identity.py
Modified: branches/1.1/turbogears/identity/conditions.py
==============================================================================
--- branches/1.1/turbogears/identity/conditions.py Thu Mar 10 14:56:51 2011 (r7249)
+++ branches/1.1/turbogears/identity/conditions.py Fri Mar 11 11:11:08 2011 (r7250)
@@ -24,15 +24,17 @@
]
-import types
+from types import MethodType
from cherrypy import request
+
from turbogears import config
-from turbogears.identity.exceptions import *
-from turbogears.identity.base import current
from turbogears.decorator import weak_signature_decorator
from turbogears.util import match_ip
+from turbogears.identity.exceptions import *
+from turbogears.identity.base import current
+
class Predicate(object):
"""Generic base class for testing true or false for a condition."""
@@ -267,7 +269,6 @@
class SecureResource(object):
def __getattribute__(self, name):
- from turbogears import controllers
if name.startswith('_cp') or name == 'require':
return object.__getattribute__(self, name)
try:
@@ -281,10 +282,11 @@
" attribute either on the controller class itself"
" or in the config file")
errors = []
- if (isinstance(value, types.MethodType) and
+ if (isinstance(value, MethodType) and
hasattr(value, 'exposed')):
return _check_method(self, value, predicate)
- if isinstance(value, controllers.Controller):
+ from turbogears.controllers import Controller
+ if isinstance(value, Controller):
return SecureObject(value, predicate)
# Some other property
return value
@@ -296,18 +298,12 @@
class SecureObject(object):
def __init__(self, obj, require, exclude=[]):
- self._exclude = exclude
self._object = obj
self._require = require
+ self._exclude = exclude
def __getattribute__(self, name):
- from turbogears import controllers
- if name.startswith('_cp') or name in ('_object', '_require', '_exclude'):
- if name.startswith('_cp'):
- try:
- return getattr(object.__getattribute__(self, '_object'), name)
- except AttributeError:
- pass
+ if name in ('_object', '_require', '_exclude'):
return object.__getattribute__(self, name)
try:
obj = object.__getattribute__(self, '_object')
@@ -316,13 +312,20 @@
predicate = object.__getattribute__(self, '_require')
if name in object.__getattribute__(self, '_exclude'):
return value
- if (isinstance(value, types.MethodType) and
+ if (isinstance(value, MethodType) and
hasattr(value, 'exposed')):
return _check_method(obj, value, predicate)
- if isinstance(value, controllers.Controller):
+ from turbogears.controllers import Controller
+ if isinstance(value, Controller):
return SecureObject(value, predicate)
# Some other property
return value
except IdentityException, e:
errors = [str(e)]
raise IdentityFailure(errors)
+
+ def __setattr__(self, name, value):
+ if name in ('_object', '_require', '_exclude'):
+ super(SecureObject, self).__setattr__(name, value)
+ else:
+ setattr(self._object, name, value)
Modified: branches/1.1/turbogears/identity/tests/test_identity.py
==============================================================================
--- branches/1.1/turbogears/identity/tests/test_identity.py Thu Mar 10 14:56:51 2011 (r7249)
+++ branches/1.1/turbogears/identity/tests/test_identity.py Fri Mar 11 11:11:08 2011 (r7250)
@@ -125,6 +125,18 @@
test_object._cp_filters = test_filters
assert test_object._cp_filters == test_filters
+ def test_secure_object_proxies_setattr(self):
+ """Test that SecureObject also proxies attributes assigned later."""
+
+ class TestObject(object):
+ pass
+
+ test_object = SecureObject(TestObject(), None)
+ assert isinstance(test_object._object, TestObject)
+
+ test_object.value = 'value'
+ assert test_object._object.value == 'value'
+
class RestrictedArea(Controller, SecureResource):
Modified: branches/1.5/turbogears/identity/conditions.py
==============================================================================
--- branches/1.5/turbogears/identity/conditions.py Thu Mar 10 14:56:51 2011 (r7249)
+++ branches/1.5/turbogears/identity/conditions.py Fri Mar 11 11:11:08 2011 (r7250)
@@ -10,15 +10,17 @@
'not_anonymous', 'require']
-import types
+from types import MethodType
from cherrypy import request
+
from turbogears import config
+from turbogears.decorator import weak_signature_decorator
+from turbogears.util import match_ip, request_available
+
from turbogears.identity.exceptions import (IdentityException,
IdentityFailure, RequestRequiredException)
from turbogears.identity.base import current
-from turbogears.decorator import weak_signature_decorator
-from turbogears.util import match_ip, request_available
class Predicate(object):
@@ -255,7 +257,6 @@
def __getattribute__(self, name):
if name.startswith('_cp') or name == 'require':
return object.__getattribute__(self, name)
- from turbogears.controllers import Controller
try:
value = object.__getattribute__(self, name)
try:
@@ -267,9 +268,10 @@
" attribute either on the controller class itself"
" or in the config file")
errors = []
- if (isinstance(value, types.MethodType) and
+ if (isinstance(value, MethodType) and
hasattr(value, 'exposed')):
return _check_method(self, value, predicate)
+ from turbogears.controllers import Controller
if isinstance(value, Controller):
return SecureObject(value, predicate)
# Some other property
@@ -282,19 +284,13 @@
class SecureObject(object):
def __init__(self, obj, require, exclude=[]):
- self._exclude = exclude
self._object = obj
self._require = require
+ self._exclude = exclude
def __getattribute__(self, name):
- if name.startswith('_cp') or name in ('_object', '_require', '_exclude'):
- if name.startswith('_cp'):
- try:
- return getattr(object.__getattribute__(self, '_object'), name)
- except AttributeError:
- pass
+ if name in ('_object', '_require', '_exclude'):
return object.__getattribute__(self, name)
- from turbogears.controllers import Controller
try:
obj = object.__getattribute__(self, '_object')
value = getattr(obj, name)
@@ -302,9 +298,10 @@
predicate = object.__getattribute__(self, '_require')
if name in object.__getattribute__(self, '_exclude'):
return value
- if (isinstance(value, types.MethodType) and
+ if (isinstance(value, MethodType) and
hasattr(value, 'exposed')):
return _check_method(obj, value, predicate)
+ from turbogears.controllers import Controller
if isinstance(value, Controller):
return SecureObject(value, predicate)
# Some other property
@@ -312,3 +309,9 @@
except IdentityException, e:
errors = [str(e)]
raise IdentityFailure(errors)
+
+ def __setattr__(self, name, value):
+ if name in ('_object', '_require', '_exclude'):
+ super(SecureObject, self).__setattr__(name, value)
+ else:
+ setattr(self._object, name, value)
Modified: branches/1.5/turbogears/identity/tests/test_identity.py
==============================================================================
--- branches/1.5/turbogears/identity/tests/test_identity.py Thu Mar 10 14:56:51 2011 (r7249)
+++ branches/1.5/turbogears/identity/tests/test_identity.py Fri Mar 11 11:11:08 2011 (r7250)
@@ -121,6 +121,18 @@
test_object._cp_config = test_config
assert test_object._cp_config == test_config
+ def test_secure_object_proxies_setattr(self):
+ """Test that SecureObject also proxies attributes assigned later."""
+
+ class TestObject(object):
+ pass
+
+ test_object = SecureObject(TestObject(), None)
+ assert isinstance(test_object._object, TestObject)
+
+ test_object.value = 'value'
+ assert test_object._object.value == 'value'
+
class RestrictedArea(Controller, SecureResource):