Re: [ZUnit-devel] ZUnit and DTML methods

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

On Sat, 2001-12-22 at 19:08, Albertas Agejevas wrote:
> Hello,
> 
> As noone took the trouble to answer my questions, after I've figured
> the things out myself, I think this might turn out useful for someone.

Sorry, holidays...

> On Tue, Dec 18, 2001 at 12:41:14PM +0200, Albertas Agejevas wrote:
> >  * How to call a DTML method from a Tests.TestCase descendant?
> >    My take would be something like 
> > 
> >    self.ZopeContext.re.Property.detailsHtml(self.zopeNames['_'].None, 
> >                                             self.zopeNames['_'])
> 
> That would be 
> 
>      cx = self.ZopeContext
>      Property = cx.re.Property
>      REQUEST = cx.REQUEST
> 
>      Property.detailsHtml(Property, REQUEST)

Correct.

> 
> >  * And, yes, any hints on if it's possible to switch the authenticated
> >    user, so we could test our permissions management?
> 
>     from AccessControl.User import SimpleUser
> 
>     oldUser = REQUEST['AUTHENTICATED_USER']
>     REQUEST['AUTHENTICATED_USER'] = SimpleUser('user', 'passwd', 
> 					       ('Role1', 'Role2'),())

Nice! I'd asked myself the same thing before, but never took the time to
look it up.

However it may not fool newer scripts and methods that don't use the
deprecated REQUEST['AUTHENTICATED_USER']. Newer dtml methods should use
the 'SecurityGetUser' and other 'Security...' functions (see 'Zope Help'
-> 'DTML Reference' -> Functions) and newer PythonScripts should use:

  import AccessControl

  AccessControl.getSecurityManager().getUser()

And these aren't fooled by REQUEST['AUTHENTICATED_USER'].

The ideal would be to have a way to compose a request object,
particularly if you could do it thru the web. I'll take a look at
lib/python/Testing/makerequest.py now.

-- 
Ideas don't stay in some minds very long because they don't like
solitary confinement.