Skip to content

Z
Zope
Commit 5aeb67d3 authored by Tres Seaver's avatar Tres Seaver
Browse files
Options

- Merge fix / test for Collector #1186

parent f8899497
Show whitespace changes
Inline Side-by-side
Showing with 33 additions and 3 deletions
lib/python/AccessControl/ZopeGuards.py
View file @ 5aeb67d3
...@@ -11,13 +11,14 @@ ...@@ -11,13 +11,14 @@
# #
############################################################################## ##############################################################################
__version__='$Revision: 1.17 $'[11:-2] __version__='$Revision: 1.18 $'[11:-2]
import sys import sys
import RestrictedPython import RestrictedPython
from RestrictedPython.Guards import safe_builtins, full_write_guard from RestrictedPython.Guards import safe_builtins, full_write_guard
from RestrictedPython.Utilities import utility_builtins from RestrictedPython.Utilities import utility_builtins
from RestrictedPython.Eval import RestrictionCapableEval
from SecurityManagement import getSecurityManager from SecurityManagement import getSecurityManager
from SecurityInfo import secureModule from SecurityInfo import secureModule
from SimpleObjectPolicies import Containers, ContainerAssertions from SimpleObjectPolicies import Containers, ContainerAssertions
...@@ -406,3 +407,5 @@ _safe_globals = {'__builtins__': safe_builtins, ...@@ -406,3 +407,5 @@ _safe_globals = {'__builtins__': safe_builtins,
} }
get_safe_globals = _safe_globals.copy get_safe_globals = _safe_globals.copy
RestrictionCapableEval.globals.update(_safe_globals)
lib/python/AccessControl/tests/testSecurity.py
View file @ 5aeb67d3
...@@ -13,8 +13,8 @@ ...@@ -13,8 +13,8 @@
"""Document Template Tests """Document Template Tests
""" """
__rcs_id__='$Id: testSecurity.py,v 1.11 2003/01/27 22:55:27 gvanrossum Exp $' __rcs_id__='$Id: testSecurity.py,v 1.12 2004/01/16 18:18:51 tseaver Exp $'
__version__='$Revision: 1.11 $'[11:-2] __version__='$Revision: 1.12 $'[11:-2]
import os, sys, unittest import os, sys, unittest
...@@ -78,6 +78,33 @@ class SecurityTests (DTMLTests): ...@@ -78,6 +78,33 @@ class SecurityTests (DTMLTests):
res = html(c=c) res = html(c=c)
assert res == '10', res assert res == '10', res
def testNewDTMLBuiltins(self):
NEW_BUILTINS_TEMPLATE = """
<dtml-var expr="_.min([1,2])">
<dtml-var expr="_.max([2,3])">
<dtml-var expr="_.sum([1,2,3,4])">
<dtml-var expr="[x for x in (1, 2, 3)]">
"""
EXPECTED = ['1', '3', '10', '[1, 2, 3]']
#
# XXX: these expressions seem like they should work, with
# the following ExPECTED, but they raise Unauthorized
# on the 'next' name.
#
#<dtml-var expr="_.iter([1,2,3]).next()">
#<dtml-var expr="_.enumerate([1,2,3]).next()">
#
#EXPECTED = ['1', '3', '10', '1', '(0, 1)']
template = self.doc_class(NEW_BUILTINS_TEMPLATE)
res = template()
lines = filter(None, [x.strip() for x in res.split('\n')])
self.assertEqual(lines, EXPECTED)
# Note: we need more tests! # Note: we need more tests!
def test_suite(): def test_suite():
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7