def test_both_wrapper_and_object_have_checkers_not_security_proxied(self):
        from zope.proxy import ProxyBase
        from zope.security.checker import CombinedChecker
        from zope.security.checker import NamesChecker
        from zope.security.checker import defineChecker
        from zope.security.interfaces import ForbiddenAttribute

        class Foo(object):
            a = 'a'
        fooChecker = NamesChecker(['a']) # a is public
        defineChecker(Foo, fooChecker)
        foo = Foo()
        fooChecker.check(foo, 'a') # no raise
        self.assertRaises(ForbiddenAttribute,
                          fooChecker.check, foo, 'b')

        class Wrapper(ProxyBase):
            b = 'b'
            __Security_checker__ = self._makeOne()
        wrapperChecker = NamesChecker(['b']) # b is public
        defineChecker(Wrapper, wrapperChecker)
        wrapper = Wrapper(foo)
        self.assertRaises(ForbiddenAttribute,
                          wrapperChecker.check, foo, 'a')
        wrapperChecker.check(foo, 'b') # no raise

        checker = wrapper.__Security_checker__
        self.assertTrue(isinstance(checker, CombinedChecker))
        checker.check(wrapper, 'a') # no raise
        checker.check(wrapper, 'b') # no raise

    def setUp(self):
        super(AuthZopePublicationTests, self).setUp()
        principalRegistry.defineDefaultPrincipal('anonymous', '')

        root = self.db.open().root()
        app = root[ZopePublication.root_name]
        app['f1'] = rootFolder()
        f1 = app['f1']
        f1['f2'] = Folder()
        if not ISite.providedBy(f1):
            f1.setSiteManager(LocalSiteManager(f1))
        sm1 = f1.getSiteManager()
        addUtility(sm1, '', IAuthentication, AuthUtility1())

        f2 = f1['f2']
        if not ISite.providedBy(f2):
            f2.setSiteManager(LocalSiteManager(f2))
        sm2 = f2.getSiteManager()
        addUtility(sm2, '', IAuthentication, AuthUtility2())
        transaction.commit()

        from zope.container.interfaces import ISimpleReadContainer
        from zope.container.traversal import ContainerTraverser

        component.provideAdapter(ContainerTraverser,
                                 (ISimpleReadContainer, IRequest),
                                 IPublishTraverse, name='')

        from zope.site.interfaces import IFolder
        from zope.security.checker import defineChecker, InterfaceChecker
        defineChecker(Folder, InterfaceChecker(IFolder))

    def test_both_wrapper_and_object_have_checkers_security_proxied(self):
        from zope.proxy import ProxyBase
        from zope.security.checker import CombinedChecker
        from zope.security.checker import NamesChecker
        from zope.security.checker import defineChecker
        from zope.security.proxy import ProxyFactory

        class Foo(object):
            a = 'a'
        fooChecker = NamesChecker(['a']) # a is public
        defineChecker(Foo, fooChecker)
        foo = Foo()
        f_sec = ProxyFactory(foo)

        class Wrapper(ProxyBase):
            b = 'b'
            __Security_checker__ = self._makeOne()
        wrapperChecker = NamesChecker(['b']) # b is public
        defineChecker(Wrapper, wrapperChecker)
        w_sec = Wrapper(f_sec)

        checker = w_sec.__Security_checker__
        self.assertTrue(isinstance(checker, CombinedChecker))
        checker.check(w_sec, 'a') # no raise
        checker.check(w_sec, 'b') # no raise

    def _testBaseTags(self, url, expected):
        # Make sure I1 and O1 are visible in the module namespace
        # so that the classes can be pickled.
        import transaction

        pub = BrowserPublication(self.db)

        ztapi.browserView(I1, 'view', DummyView)
        ztapi.setDefaultViewName(I1, 'view')
        ztapi.browserViewProviding(None, TestTraverser, IBrowserPublisher)

        ob = O1()

        ## the following is for running the tests standalone
        principalRegistry.defineDefaultPrincipal(
            'tim', 'timbot', 'ai at its best')

        # now place our object inside the application

        connection = self.db.open()
        app = connection.root()['Application']
        app.somepath = ob
        transaction.commit()
        connection.close()

        defineChecker(app.__class__, NamesChecker(somepath='xxx'))

        req = self._createRequest(url, pub)
        response = req.response

        publish(req, handle_errors=0)

        self.assertEqual(response.getBase(), expected)

def portletManagerDirective(
    _context, name, title, for_=None, description=u'',
    class_=None, schema=None, layer=IDefaultBrowserLayer,
    provides=(), portlettype=IPortlet, **kw):

    # Build a new class
    ManagerClass = PortletManager(
        name, class_, provides, title, description, schema, portlettype, **kw)

    # Set up permission mapping for various accessible attributes
    required = {'__call__': CheckerPublic,
                'browserDefault': CheckerPublic,
                'publishTraverse': CheckerPublic}

    for iname in IPortletManager:
        required[iname] = CheckerPublic

    # security checker
    defineChecker(ManagerClass, Checker(required))

    # security for schema fields
    for iface in (IPortletManagerConfiguration, schema):
        if iface is None:
            continue
        for f_id in iface:
            field = iface[f_id]
            if IField.providedBy(field) and not field.readonly:
                protectSetAttribute(ManagerClass, f_id, 'zojax.ManagePortlets')
            protectName(ManagerClass, f_id, 'zope.Public')

    # register the portlet manager
    adapter(_context, (ManagerClass,),
            IPortletManager, (for_, layer, None), name=name)

def AddViewFactory(name, schema, label, permission, layer,
                   template, default_template, bases, for_,
                   fields, content_factory, arguments,
                   keyword_arguments, set_before_add, set_after_add):

    class_  = SimpleViewClass(
        template, used_for=schema, bases=bases, name=name)

    class_.schema = schema
    class_.label = label
    class_.fieldNames = fields
    class_._factory_or_id = content_factory
    class_._factory = property(_getFactory, _setFactory)
    class_._arguments = arguments
    class_._keyword_arguments = keyword_arguments
    class_._set_before_add = set_before_add
    class_._set_after_add = set_after_add

    class_.generated_form = ViewPageTemplateFile(default_template)

    defineChecker(class_,
                  NamesChecker(
                    ("__call__", "__getitem__",
                     "browserDefault", "publishTraverse"),
                    permission,
                    )
                  )
    if layer is None:
        layer = IDefaultBrowserLayer
    
    s = zope.component.getGlobalSiteManager()
    s.registerAdapter(class_, (for_, layer), Interface, name)

    def test_template_context_wrapping(self):

        class AU(BrowserView):
            def __str__(self):
                name = self.context.__name__
                if name is None:
                    return 'None'
                return name

        defineChecker(AU, NamesChecker(['__str__']))

        from zope.traversing.namespace import view
        from zope.traversing.interfaces import ITraversable
        provideAdapter(view, (None,), ITraversable, name="view")
        provideAdapter(view, (None, None), ITraversable, name="view")
        provideAdapter(
            AU, (IZopachePageTemplate, TestRequest), Interface, name='name')

        page = ZopachePageTemplate()
        page.setSource(
            u'<p tal:replace="template/@@name" />'
            )
        page = contained(page, None, name='zpt')
        request = TestRequest()
        self.assertEquals(page.render(request), u'zpt')

    def makeObjects(self):
        checker = NamesChecker(["__getitem__"])
        defineChecker(SiteManagerStub, checker)
        self.futurama = futurama = SampleSite()
        directlyProvides(futurama, IContainmentRoot)
        planetexpress = SampleContainer()
        robotfactory = SampleContainer()
        nimbus = SampleContainer()
        omicronpersei = SampleSite()

        bender = SampleContent()
        fry = SampleContent()
        leela = SampleContent()
        mom = SampleContent()
        zapp = SampleContent()
        kif = SampleContent()

        setitem(futurama, futurama.__setitem__, "planetexpress", planetexpress)
        setitem(futurama, futurama.__setitem__, "robotfactory", robotfactory)
        setitem(futurama, futurama.__setitem__, "nimbus", nimbus)
        setitem(futurama, futurama.__setitem__, "omicronpersei", omicronpersei)

        setitem(planetexpress, planetexpress.__setitem__, "bender", bender)
        setitem(planetexpress, planetexpress.__setitem__, "fry", fry)
        setitem(planetexpress, planetexpress.__setitem__, "leela", leela)
        setitem(robotfactory, robotfactory.__setitem__, "mom", mom)
        setitem(nimbus, nimbus.__setitem__, "zapp", zapp)
        setitem(nimbus, nimbus.__setitem__, "kif", kif)

def ttwElementDirective(
    _context, name, title, for_ = interface.Interface,
    description=u'', layer = IDefaultBrowserLayer, template=u''):

    # register pageelement
    pageelementDirective(
        _context, name, for_=for_,
        title=title, description=description, layer=layer, template=template)

    # Make sure that the template exists
    template = os.path.abspath(str(_context.path(template)))
    if not os.path.isfile(template):
        raise ConfigurationError("No such file", template)

    # Build a new class that we can use different permission settings if we
    # use the class more then once.
    cdict = {}
    cdict['name'] = name
    cdict['title'] = title
    cdict['description'] = description
    cdict['template'] = template

    newclass = type(
        str('<TTWResourceFactory %s>'%name), (TTWPageElementFactory,), cdict)

    # Set up permission mapping for various accessible attributes
    required = {}
    for iname in ITTWPageElementFactory:
        required[iname] = CheckerPublic

    # security checker
    defineChecker(newclass, Checker(required))

    # register the page element
    adapter(_context, (newclass,), ITTWItemFactory, (for_, layer), name=name)

def ttwResourceDirective(
    _context, name, title, for_ = interface.Interface,
    layer = IDefaultBrowserLayer, type = '', file = None, description=u'', **kwargs):

    rname = u'simplettw.%s'%name
    # register resource
    resourceDirective(
        _context, rname, file, layer, permission='zope.Public', type='')

    # Build a new class that we can use different permission settings if we
    # use the class more then once.
    cdict = {}
    cdict['name'] = name
    cdict['title'] = title
    cdict['description'] = description
    cdict['file'] = os.path.abspath(str(_context.path(file)))
    cdict['contentType'] = type

    newclass = Type(
        str('<TTWResourceFactory %s>'%name), (TTWResourceFactory,), cdict)

    # Set up permission mapping for various accessible attributes
    required = dict([(iname, CheckerPublic) for iname in ITTWResourceFactory])
    defineChecker(newclass, Checker(required))

    # register the resource element
    adapter(_context, (newclass,), ITTWItemFactory, (ISimpleTTW, layer), name=name)

    # register IStaticResource adapter
    adapter(_context, (StaticResource(rname),),
            IStaticResource, (layer,), name=name)

    def execute(self, factory, config, permissions, **kw):
        if not permissions:
            return False

        if get_config().getboolean('auth', 'enforce_attribute_rights_definition'):
            perms = {}
        else:
            perms = AuditingPermissionDictionary()

        # mandatory, otherwise zope's default Checker impl will be used
        # which doesn't play well with Twisted.
        defineChecker(factory, Checker(perms, perms))

        # TODO: supply the 'inherit' option to the class somehow
        # to facilitate optional inheritance of all permissions
        for class_inheritance_level in permissions:
            for name, permission in class_inheritance_level.items():
                if isinstance(permission, tuple):
                    read_perm, write_perm = permission
                    config.action(discriminator=('protectNameSet', factory, name),
                                  callable=grokcore.security.util.protect_setattr,
                                  args=(factory, name, write_perm))
                else:
                    read_perm = permission

                config.action(discriminator=('protectName', factory, name),
                              callable=grokcore.security.util.protect_getattr,
                              args=(factory, name, read_perm))

        return True

 def setUp(self):
     super(ZopachePageTemplateTests, self).setUp()
     provideAdapter(Traverser, (None,), ITraverser)
     provideAdapter(DefaultTraversable, (None,), ITraversable)
     provideAdapter(
           LocationPhysicallyLocatable, (None,), IPhysicallyLocatable)
     provideAdapter(
           RootPhysicallyLocatable, (IContainmentRoot,), IPhysicallyLocatable)
     defineChecker(Data, NamesChecker(['URL', 'name']))

def handle_security(class_, permission, interfaces, attributes):
    required = set(attributes)
    for ifc in interfaces:
        required.update(set(ifc))

    if permission == 'zope.Public':
        permission = CheckerPublic

    defineChecker(class_, Checker(dict.fromkeys(required, permission)))

def make_checker(factory, view_factory, permission, method_names=None):
    if method_names is None:
        method_names = ['__call__']
    if permission is not None:
        check_permission(factory, permission)
    if permission is None or permission == 'zope.Public':
        checker = NamesChecker(method_names)
    else:
        checker = NamesChecker(method_names, permission)
    defineChecker(view_factory, checker)

 def test_resources(self):
     browserResource('quux', Resource)
     # Only register the checker once, so that multiple test runs pass.
     if Resource not in _checkers:
         defineChecker(Resource, NamesChecker(['__call__']))
     self.addPage('/foo/bar/pt',
                  u'<span tal:replace="context/++resource++quux" />')
     self.verify('/foo/bar/pt', 'http://localhost/@@/quux')
     self.verify('/foo/++vh++https:localhost:443/fake/folders/++/bar/pt',
                 'https://localhost/fake/folders/@@/quux')

def whitelist_module(module, classes=[], definitions=[]):

    # For python scripts and zope
    allow_module(module)
    for klass in classes:
        allow_class(klass)
    if definitions:
        ModuleSecurityInfo(module).declarePublic(*definitions)

    # for zope.untrustedpython
    defineChecker(imodule, NamesChecker([meth for meth in dir(imodule) if meth[0] != "_"]))

    def execute(self, factory, config, permission, **kw):
        # mandatory, otherwise zope's default Checker impl will be used
        # which doesn't play well in async frameworks like twisted.
        defineChecker(factory, Checker({}, {}))

        for method_name in [i for i in dir(factory) if i.startswith('render')]:
            config.action(discriminator=('protectName', factory, method_name),
                          callable=protect_getattr,
                          args=(factory, method_name, permission))

        return True

 def test_w_existing_like_unto_checker_wo_existing_checker(self):
     from zope.security.checker import Checker
     from zope.security.checker import CheckerPublic
     from zope.security.checker import defineChecker
     from zope.security.checker import _checkers
     permission = object()
     foo_checker = Checker({'bar': CheckerPublic}, {'bar': permission})
     defineChecker(Foo, foo_checker)
     self._callFUT(Bar, Foo)
     bar_checker = _checkers[Bar]
     self.assertEqual(bar_checker.get_permissions,
                      foo_checker.get_permissions)
     self.assertEqual(bar_checker.set_permissions,
                      foo_checker.set_permissions)

def make_checker(factory, view_factory, permission, method_names=None):
    """Make a checker for a view_factory associated with factory.

    These could be one and the same for normal views, or different
    in case we make method-based views such as for JSON and XMLRPC.
    """
    if method_names is None:
        method_names = ['__call__']
    if permission is not None:
        check_permission(factory, permission)
    if permission is None or permission == 'zope.Public':
        checker = NamesChecker(method_names)
    else:
        checker = NamesChecker(method_names, permission)
    defineChecker(view_factory, checker)

    def test_locationproxy_security(self):
        from zope.security.checker import defineChecker
        from zope.security.checker import NamesChecker
        from zope.security.proxy import ProxyFactory
        class Unlocated(object):
            a = 'a'
        unlocated = Unlocated()
        located = LocationProxy(unlocated)

        # define a checker for the unlocated object, which will also be
        # used by the security proxy as the LocationProxy defines
        # __Security_checker__:
        unlocatedChecker = NamesChecker(['a'])
        defineChecker(Unlocated, unlocatedChecker)

        secure_located = ProxyFactory(located)
        self.assertEqual(secure_located.a, 'a')