"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/Products/PageTemplates/tests/testExpressions.py" between
Zope-5.2.tar.gz and Zope-5.2.1.tar.gz

About: Zope Z Object Publishing Environment - web application platform used for building content management systems, intranets, portals, and custom applications.

testExpressions.py  (Zope-5.2):testExpressions.py  (Zope-5.2.1)
import unittest import unittest
import warnings import warnings
from AccessControl import safe_builtins from AccessControl import safe_builtins
from zExceptions import NotFound from zExceptions import NotFound
from zope.component.testing import PlacelessSetup from zope.component.testing import PlacelessSetup
from zope.location.interfaces import LocationError
class EngineTestsBase(PlacelessSetup): class EngineTestsBase(PlacelessSetup):
def setUp(self): def setUp(self):
from zope.component import provideAdapter from zope.component import provideAdapter
from zope.traversing.adapters import DefaultTraversable from zope.traversing.adapters import DefaultTraversable
PlacelessSetup.setUp(self) PlacelessSetup.setUp(self)
provideAdapter(DefaultTraversable, (None,)) provideAdapter(DefaultTraversable, (None,))
def tearDown(self): def tearDown(self):
skipping to change at line 234 skipping to change at line 235
ec = self._makeContext() ec = self._makeContext()
self.assertIs(ec.evaluate('nocall: list'), safe_builtins["list"]) self.assertIs(ec.evaluate('nocall: list'), safe_builtins["list"])
def test_underscore_traversal(self): def test_underscore_traversal(self):
# Prevent traversal to names starting with an underscore (_) # Prevent traversal to names starting with an underscore (_)
ec = self._makeContext() ec = self._makeContext()
with self.assertRaises(NotFound): with self.assertRaises(NotFound):
ec.evaluate("context/__class__") ec.evaluate("context/__class__")
with self.assertRaises(NotFound): with self.assertRaises((NotFound, LocationError)):
ec.evaluate("nocall: random/_itertools/repeat") ec.evaluate("nocall: random/_itertools/repeat")
with self.assertRaises(NotFound): with self.assertRaises((NotFound, LocationError)):
ec.evaluate("random/_itertools/repeat/foobar") ec.evaluate("random/_itertools/repeat/foobar")
class TrustedEngineTests(EngineTestsBase, unittest.TestCase): class TrustedEngineTests(EngineTestsBase, unittest.TestCase):
def _makeEngine(self): def _makeEngine(self):
from Products.PageTemplates.Expressions import createTrustedZopeEngine from Products.PageTemplates.Expressions import createTrustedZopeEngine
return createTrustedZopeEngine() return createTrustedZopeEngine()
# XXX: add tests that show security checks *not* being enforced # XXX: add tests that show security checks *not* being enforced
 End of changes. 3 change blocks. 
2 lines changed or deleted 3 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)