Commit 7444277a authored by Arnaud Fontaine's avatar Arnaud Fontaine

py3: RestrictedPython: Port code and allow Python3/six modules.

parent 036a541a
......@@ -11,6 +11,7 @@
#
##############################################################################
import six
import copy
import sys
import types
......@@ -198,10 +199,14 @@ def get_iteritems(c, name):
_dict_white_list['iteritems'] = get_iteritems
def guarded_sorted(seq, cmp=None, key=None, reverse=False):
if cmp is not None: # six.PY2
from functools import cmp_to_key
key = cmp_to_key(cmp)
if not isinstance(seq, SafeIter):
for i, x in enumerate(seq):
guard(seq, x, i)
return sorted(seq, cmp=cmp, key=key, reverse=reverse)
return sorted(seq, key=key, reverse=reverse)
safe_builtins['sorted'] = guarded_sorted
def guarded_reversed(seq):
......@@ -298,11 +303,15 @@ from RestrictedPython.Guards import full_write_guard
ContainerAssertions[defaultdict] = _check_access_wrapper(defaultdict, _dict_white_list)
allow_full_write(defaultdict)
# In contrary to builtins such as dict/defaultdict, it is possible to set
# attributes on OrderedDict instances, so only allow setitem/delitem
# On Python2 only: In contrary to builtins such as dict/defaultdict, it is
# possible to set attributes on OrderedDict instances, so only allow
# setitem/delitem
ContainerAssertions[OrderedDict] = _check_access_wrapper(OrderedDict, _dict_white_list)
OrderedDict.__guarded_setitem__ = OrderedDict.__setitem__.__func__
OrderedDict.__guarded_delitem__ = OrderedDict.__delitem__.__func__
if six.PY2:
OrderedDict.__guarded_setitem__ = OrderedDict.__setitem__.__func__
OrderedDict.__guarded_delitem__ = OrderedDict.__delitem__.__func__
else:
allow_full_write(OrderedDict)
_counter_white_list = copy.copy(_dict_white_list)
_counter_white_list['most_common'] = 1
......@@ -331,16 +340,19 @@ allow_type(type(re.compile('')))
allow_type(type(re.match('x','x')))
allow_type(type(re.finditer('x','x')))
allow_module('StringIO')
import StringIO
StringIO.StringIO.__allow_access_to_unprotected_subobjects__ = 1
allow_module('cStringIO')
import cStringIO
allow_type(cStringIO.InputType)
allow_type(cStringIO.OutputType)
allow_module('io')
import io
allow_type(io.BytesIO)
if six.PY2:
allow_module('StringIO')
import StringIO
StringIO.StringIO.__allow_access_to_unprotected_subobjects__ = 1
allow_module('cStringIO')
import cStringIO
allow_type(cStringIO.InputType)
allow_type(cStringIO.OutputType)
else:
allow_type(io.StringIO)
ModuleSecurityInfo('cgi').declarePublic('escape', 'parse_header')
allow_module('datetime')
......@@ -380,10 +392,36 @@ import hashlib
allow_type(type(hashlib.md5()))
allow_module('time')
allow_module('unicodedata')
allow_module('urlparse')
import urlparse
allow_type(urlparse.ParseResult)
allow_type(urlparse.SplitResult)
if six.PY2:
import urlparse
allow_module('urlparse')
allow_type(urlparse.ParseResult)
allow_type(urlparse.SplitResult)
ModuleSecurityInfo('urllib').declarePublic(
'urlencode',
'quote', 'unquote',
'quote_plus', 'unquote_plus',
)
import six
ModuleSecurityInfo('six').declarePublic(
'PY2', 'PY3',
'iterkeys', 'iteritems', 'itervalues',
'string_types', 'binary_type', 'text_type')
import six.moves.urllib.parse
allow_module('six.moves.urllib.parse')
allow_type(six.moves.urllib.parse.ParseResult)
allow_type(six.moves.urllib.parse.SplitResult)
ModuleSecurityInfo('six.moves.urllib.parse').declarePublic(
'urlencode',
'quote', 'unquote',
'quote_plus', 'unquote_plus',
)
allow_module('struct')
ModuleSecurityInfo('os.path').declarePublic(
......@@ -444,12 +482,6 @@ safe_builtins['__import__'] = guarded_import
ModuleSecurityInfo('transaction').declarePublic('doom')
ModuleSecurityInfo('urllib').declarePublic(
'urlencode',
'quote', 'unquote',
'quote_plus', 'unquote_plus',
)
import hmac
allow_module('hmac')
# HMAC does not sub-class object so ContainerAssertions
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment