Plone is a powerful system that allows you to create complex sites, with complex workflows and user access control. But how do you know if the site you are building really does what you expect it to do? You have workgroups that can be private, public or secret; you have documents that can be private, draft, pending or published; you have users that can be members, authors, reviewers, contributors, managers... How can you be sure that for every combination your site does what you expect? I will present the experiences of developing a complex intranet with a scenario similar to above, and show the tools we developed and the approach we used to ensure that that policy as defined by the client was what the site eventually conformed to. We built a testing system to allow the policy for a site to be easily defined and the thousands of security permutations to be effectively visualised and problem patterns spotted. The talk will also include a step by step run through of the use of the tools and a simple example of testing site policy.
Exploring the Future Potential of AI-Enabled Smartphone Processors
Testing Plone Site Security Policy - Is Your Intranet Doing What You Think It Is?
1. Testing Plone Site
Security Policy
(Is your intranet doing what you think it is?)
Matt Hamilton
Netsight Internet Solutions, UK
understand, develop, deliver. www.netsight.co.uk
2. What this talk is NOT
• Not talking about security vulnerabilities
• Not talking about code unit testing
• Not talking about penetration testing
understand, develop, deliver. www.netsight.co.uk
3. So what IS this talk?
It goes something a bit like this:
understand, develop, deliver. www.netsight.co.uk
4. So what IS this talk?
It goes something a bit like this:
Is our intranet secure?
Boss
understand, develop, deliver. www.netsight.co.uk
5. So what IS this talk?
It goes something a bit like this:
Is our intranet secure?
Boss
Yes of course!
You
understand, develop, deliver. www.netsight.co.uk
6. So what IS this talk?
understand, develop, deliver. www.netsight.co.uk
7. So what IS this talk?
• But is it really?! Lets think about this:
understand, develop, deliver. www.netsight.co.uk
8. So what IS this talk?
• But is it really?! Lets think about this:
➡ You installed Plone
understand, develop, deliver. www.netsight.co.uk
9. So what IS this talk?
• But is it really?! Lets think about this:
➡ You installed Plone
➡ You created a set of custom content types
understand, develop, deliver. www.netsight.co.uk
10. So what IS this talk?
• But is it really?! Lets think about this:
➡ You installed Plone
➡ You created a set of custom content types
➡ You created a custom workflow
understand, develop, deliver. www.netsight.co.uk
11. So what IS this talk?
• But is it really?! Lets think about this:
➡ You installed Plone
➡ You created a set of custom content types
➡ You created a custom workflow
➡ Users have group memberships, local roles,
etc
understand, develop, deliver. www.netsight.co.uk
12. So what IS this talk?
So our site is now quite complex in terms of
who should be allowed to do what and
where
understand, develop, deliver. www.netsight.co.uk
15. Belron.net
• Belron.net Intranet is based around ‘Projects’
and ‘Groups’
understand, develop, deliver. www.netsight.co.uk
16. Belron.net
• Belron.net Intranet is based around ‘Projects’
and ‘Groups’
- Users have local membership and roles of
individual groups and projects
understand, develop, deliver. www.netsight.co.uk
17. Belron.net
• Belron.net Intranet is based around ‘Projects’
and ‘Groups’
- Users have local membership and roles of
individual groups and projects
- Projects may be in various ‘states’: Public,
Private, Secret
understand, develop, deliver. www.netsight.co.uk
18. Belron.net
• Belron.net Intranet is based around ‘Projects’
and ‘Groups’
- Users have local membership and roles of
individual groups and projects
- Projects may be in various ‘states’: Public,
Private, Secret
- Users have local roles to their project:
Member, Contributor, Reviewer, Owner, Manager
understand, develop, deliver. www.netsight.co.uk
19. Belron.net
• Belron.net Intranet is based around ‘Projects’
and ‘Groups’
- Users have local membership and roles of
individual groups and projects
- Projects may be in various ‘states’: Public,
Private, Secret
- Users have local roles to their project:
Member, Contributor, Reviewer, Owner, Manager
- Content within a project may be in various
states: Private, Draft, Pending, Published
understand, develop, deliver. www.netsight.co.uk
20. Belron.net
• Belron.net Intranet is based around ‘Projects’
and ‘Groups’
- Users have local membership and roles of
individual groups and projects
- Projects may be in various ‘states’: Public,
Private, Secret
- Users have local roles to their project:
Member, Contributor, Reviewer, Owner, Manager
- Content within a project may be in various
states: Private, Draft, Pending, Published
understand, develop, deliver. www.netsight.co.uk
22. So....
• If a piece of content is in the pending state, in
a private project, in which I am a member and
contributor, should I be able to edit it?
understand, develop, deliver. www.netsight.co.uk
23. So....
• If a piece of content is in the pending state, in
a private project, in which I am a member and
contributor, should I be able to edit it?
• If a project is in the secret state, and I am a
non-member should I be able to view the
project description?
understand, develop, deliver. www.netsight.co.uk
25. Policy decisions
• These are POLICY decisions for the site, not
really CODE decisions.
understand, develop, deliver. www.netsight.co.uk
26. Policy decisions
• These are POLICY decisions for the site, not
really CODE decisions.
- ie. these are high level objectives set by
analysts/managers not coders
understand, develop, deliver. www.netsight.co.uk
27. Policy decisions
• These are POLICY decisions for the site, not
really CODE decisions.
- ie. these are high level objectives set by
analysts/managers not coders
- But they will catch errors in the code or
customisation
understand, develop, deliver. www.netsight.co.uk
29. Coverage
• So, we have 3 project states x 5 local roles x
4 content states = 60 permutations
understand, develop, deliver. www.netsight.co.uk
30. Coverage
• So, we have 3 project states x 5 local roles x
4 content states = 60 permutations
• oh... and in Plone Owner has special meaning
on a piece of content... so 120 permutations
understand, develop, deliver. www.netsight.co.uk
31. Coverage
• So, we have 3 project states x 5 local roles x
4 content states = 60 permutations
• oh... and in Plone Owner has special meaning
on a piece of content... so 120 permutations
• And for each one we want to test: can I View,
Edit, List, Delete, Add....
understand, develop, deliver. www.netsight.co.uk
32. Coverage
• So, we have 3 project states x 5 local roles x
4 content states = 60 permutations
• oh... and in Plone Owner has special meaning
on a piece of content... so 120 permutations
• And for each one we want to test: can I View,
Edit, List, Delete, Add....
• For Belron.net we had approx 1,300 tests
needed
understand, develop, deliver. www.netsight.co.uk
33. An idea...
• What if there was a nice easy way to test all
these different permutations in an automated
way and drive it all from a manager-friendly
spreadsheet and be able to visually see the
results?
understand, develop, deliver. www.netsight.co.uk
34. PolicyTestCase
• Similar to PloneTestCase
• Write a bunch of tests
• Export a spreadsheet as CSV
• Run the tests
• See the results in a table
understand, develop, deliver. www.netsight.co.uk
35. PolicyTestCase
class TestDefaultPlone(PolicyTestCase):
def afterSetUp(self):
# Setup the state, eg workflow etc
def ViewContent(self):
# Test we can view the content
def NoViewContent(self):
# Test we can NOT view the content
understand, develop, deliver. www.netsight.co.uk
36. PolicyTestCase
def test_suite():
from unittest import TestSuite
suite = TestSuite()
csv = open('%s/test_scenarios_simple2.csv' % PACKAGE_HOME)
suite.addTest(makeSuiteFromCSV(TestDefaultPlone, csv))
return suite
understand, develop, deliver. www.netsight.co.uk
37. Demo
Demo and walkthrough of the code
understand, develop, deliver. www.netsight.co.uk
38. Questions?
Any questions?
Matt Hamilton
matth@netsight.co.uk
PolicyTestCase: in collective, will do a release
real soon now ;)
understand, develop, deliver. www.netsight.co.uk