Commit bcceaf7e authored by Aurel's avatar Aurel Committed by Arnaud Fontaine

make patch work with Zope2

parent fa3f0307
...@@ -16,9 +16,14 @@ import copy ...@@ -16,9 +16,14 @@ import copy
import sys import sys
import types import types
from RestrictedPython.transformer import RestrictingNodeTransformer try:
from RestrictedPython.transformer import FORBIDDEN_FUNC_NAMES
except:
# BBB
FORBIDDEN_FUNC_NAMES = frozenset(['printed',])
_MARKER = [] _MARKER = []
def checkNameLax(self, node, name, allow_magic_methods=False): def checkNameLax(self, node, name=_MARKER, allow_magic_methods=False):
"""Check names if they are allowed. """Check names if they are allowed.
In ERP5 we are much more lax that than in Zope's original restricted In ERP5 we are much more lax that than in Zope's original restricted
...@@ -26,22 +31,33 @@ def checkNameLax(self, node, name, allow_magic_methods=False): ...@@ -26,22 +31,33 @@ def checkNameLax(self, node, name, allow_magic_methods=False):
runtime checks to prevent access to forbidden attributes from objects. runtime checks to prevent access to forbidden attributes from objects.
We don't allow defining attributes ending with __roles__ though. We don't allow defining attributes ending with __roles__ though.
If ``allow_magic_methods is True`` names in `ALLOWED_FUNC_NAMES` If ``allow_magic_methods is True`` names in `ALLOWED_FUNC_NAMES`
are additionally allowed although their names start with `_`. are additionally allowed although their names start with `_`.
""" """
if name is None: if name is None:
return return
if name is _MARKER:
# we use same implementation for checkName and checkAttrName which access
# the name in different ways ( see RestrictionMutator 3.6.0 )
name = node.attrname
if name.endswith('__roles__'): if name.endswith('__roles__'):
self.error(node, '"%s" is an invalid variable name because ' self.error(node, '"%s" is an invalid variable name because '
'it ends with "__roles__".' % name) 'it ends with "__roles__".' % name)
elif name in FORBIDDEN_FUNC_NAMES: elif name in FORBIDDEN_FUNC_NAMES:
self.error(node, '"{name}" is a reserved name.'.format(name=name)) self.error(node, '"{name}" is a reserved name.'.format(name=name))
RestrictingNodeTransformer.check_name = checkNameLax
# XXX we might want to pach visit_Attribute too try:
from RestrictedPython.transformer import RestrictingNodeTransformer
RestrictingNodeTransformer.check_name = checkNameLax
except ImportError:
# BBB Restriced 3.6.0
from RestrictedPython.RestrictionMutator import RestrictionMutator
RestrictionMutator.checkName = RestrictionMutator.checkAttrName = checkNameLax
from Acquisition import aq_acquire from Acquisition import aq_acquire
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment