moo.core.tests.test_security_model_property

Security tests: Property model permission checks.

Covers Property.save / .delete write enforcement, the entrust requirement when changing a property’s owner, and set_protected_attribute() ACL enforcement (the Object.__dict__ shadowing attack).

Functions

`test_property_delete_allowed_for_owner`(...)	The owner can delete a property on their own object.
`test_property_delete_requires_write_permission`(...)	Property.delete() previously had no permission check.
`test_property_owner_change_allowed_with_entrust`(...)	Wizard (who has entrust on everything) can transfer property ownership.
`test_property_owner_change_requires_entrust`(...)	Property.owner is documented as requiring entrust permission to change, but Property.save() previously only checked write.
`test_property_owner_only_requires_entrust`(...)	A caller with `entrust` on a Property (but not `write`) can transfer its ownership.
`test_property_save_requires_write_permission`(...)	A non-wizard with read access must not be able to overwrite a property value by obtaining the Property model instance via obj.properties and calling .save().
`test_property_value_change_does_not_require_entrust`(...)	Changing a property's value (without changing owner) still only needs write — regression.
`test_property_value_change_still_requires_write`(...)	A caller with `entrust` but not `write` cannot change a property's `value`.
`test_set_protected_attribute_on_system_object_requires_write`(...)	The system object (pk=1) is passed as `_` to every verb.
`test_set_protected_attribute_shadows_moo_property_without_acl`(...)	set_protected_attribute() only checks for underscore prefixes before calling setattr().