Commit ad9c1bdb authored by Hanno Schlichting's avatar Hanno Schlichting

LP #659968: Added support for level argument to the ``__import__`` function as...

LP #659968: Added support for level argument to the ``__import__`` function as introduced in Python 2.5. Currently only level=0 is supported.
parent 1abc1453
...@@ -12,6 +12,12 @@ Bugs Fixed ...@@ -12,6 +12,12 @@ Bugs Fixed
++++++++++ ++++++++++
Features Added
++++++++++++++
- LP #659968: Added support for level argument to the ``__import__`` function
as introduced in Python 2.5. Currently only level=0 is supported.
2.12.12 (2010-10-02) 2.12.12 (2010-10-02)
-------------------- --------------------
......
...@@ -267,21 +267,27 @@ def guarded_zip(*seqs): ...@@ -267,21 +267,27 @@ def guarded_zip(*seqs):
return zip(*safe_seqs) return zip(*safe_seqs)
safe_builtins['zip'] = guarded_zip safe_builtins['zip'] = guarded_zip
def guarded_import(mname, globals=None, locals=None, fromlist=None): def guarded_import(mname, globals=None, locals=None, fromlist=None,
level=0):
if fromlist is None: if fromlist is None:
fromlist = () fromlist = ()
if '*' in fromlist: if '*' in fromlist:
raise Unauthorized, "'from %s import *' is not allowed" raise Unauthorized("'from %s import *' is not allowed")
if globals is None: if globals is None:
globals = {} globals = {}
if locals is None: if locals is None:
locals = {} locals = {}
# Refs https://bugs.launchpad.net/zope2/+bug/659968
if level != 0:
raise Unauthorized("Using import with a level specification isn't "
"supported by AccessControl: %s" % mname)
mnameparts = mname.split('.') mnameparts = mname.split('.')
firstmname = mnameparts[0] firstmname = mnameparts[0]
validate = getSecurityManager().validate validate = getSecurityManager().validate
module = load_module(None, None, mnameparts, validate, globals, locals) module = load_module(None, None, mnameparts, validate, globals, locals)
if module is None: if module is None:
raise Unauthorized, "import of '%s' is unauthorized" % mname raise Unauthorized("import of '%s' is unauthorized" % mname)
if fromlist is None: if fromlist is None:
fromlist = () fromlist = ()
for name in fromlist: for name in fromlist:
......
...@@ -32,15 +32,15 @@ class ModuleSecurityTests(unittest.TestCase): ...@@ -32,15 +32,15 @@ class ModuleSecurityTests(unittest.TestCase):
if module in sys.modules: if module in sys.modules:
del sys.modules[module] del sys.modules[module]
def assertUnauth(self, module, fromlist): def assertUnauth(self, module, fromlist, level=0):
from zExceptions import Unauthorized from zExceptions import Unauthorized
from AccessControl.ZopeGuards import guarded_import from AccessControl.ZopeGuards import guarded_import
self.assertRaises(Unauthorized, self.assertRaises(Unauthorized, guarded_import, module,
guarded_import, module, fromlist=fromlist) fromlist=fromlist, level=level)
def assertAuth(self, module, fromlist): def assertAuth(self, module, fromlist, level=0):
from AccessControl.ZopeGuards import guarded_import from AccessControl.ZopeGuards import guarded_import
guarded_import(module, fromlist=fromlist) guarded_import(module, fromlist=fromlist, level=level)
def testPrivateModule(self): def testPrivateModule(self):
self.assertUnauth('AccessControl.tests.private_module', ()) self.assertUnauth('AccessControl.tests.private_module', ())
...@@ -76,5 +76,12 @@ class ModuleSecurityTests(unittest.TestCase): ...@@ -76,5 +76,12 @@ class ModuleSecurityTests(unittest.TestCase):
guarded_import, 'AccessControl.tests.nonesuch', ()) guarded_import, 'AccessControl.tests.nonesuch', ())
self.failUnless('AccessControl.tests.nonesuch' in MS) self.failUnless('AccessControl.tests.nonesuch' in MS)
def test_level_zero(self):
self.assertAuth('AccessControl.tests.public_module', (), level=0)
def test_level_nonzero(self):
self.assertUnauth('AccessControl.tests.public_module', (), level=1)
def test_suite(): def test_suite():
return unittest.makeSuite(ModuleSecurityTests) return unittest.makeSuite(ModuleSecurityTests)
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment