e744336385
C-6: ConnectorRuntime enforces capability_mask per operation.
READ-only ACs cannot invoke MUTATE operations (wipe, lock, retire).
C-7: AC validated against database (exists, active, not expired)
before connector invocation.
C-9: Delegated AC capability bounded by delegator's capability.
C-10: Command counter uses atomic SQL increment with limit check.
M-23: expire_stale() uses same atomic SQL pattern.
H-1: Sensitive credential fields hidden from repr/logs via repr=False.
H-2: Stub backend requires ALLOW_STUB_CREDENTIALS=true to activate.
H-3: Kerberos backend raises CredentialResolutionError instead of
returning stub ticket.
H-4: Chronicle INTENT emitted before execution, RESULT after.
H-5: device_id validated as UUID before Graph API URL interpolation.
H-8: ConnectorRuntime enforces governance for all connector invocations.
Signed-off-by: Tyler King <tking@guildhouse.dev>
35 lines
883 B
Python
35 lines
883 B
Python
import gc
|
|
import weakref
|
|
|
|
|
|
import greenlet
|
|
from . import TestCase
|
|
|
|
class WeakRefTests(TestCase):
|
|
def test_dead_weakref(self):
|
|
def _dead_greenlet():
|
|
g = greenlet.greenlet(lambda: None)
|
|
g.switch()
|
|
return g
|
|
o = weakref.ref(_dead_greenlet())
|
|
gc.collect()
|
|
self.assertEqual(o(), None)
|
|
|
|
def test_inactive_weakref(self):
|
|
o = weakref.ref(greenlet.greenlet())
|
|
gc.collect()
|
|
self.assertEqual(o(), None)
|
|
|
|
def test_dealloc_weakref(self):
|
|
seen = []
|
|
def worker():
|
|
try:
|
|
greenlet.getcurrent().parent.switch()
|
|
finally:
|
|
seen.append(g())
|
|
g = greenlet.greenlet(worker)
|
|
g.switch()
|
|
g2 = greenlet.greenlet(lambda: None, g)
|
|
g = weakref.ref(g2)
|
|
g2 = None
|
|
self.assertEqual(seen, [None])
|