Commit 8609d1db authored by Arnaud Fontaine's avatar Arnaud Fontaine Committed by Aurel

zope4py2: patches/ERP5Type/Restricted.py: Introduce `allow_full_write`.

Utility function taking care of the internal changes between RestrictedPython v3
and v5, keeping support for both (instead of having multiple if statements).
parent bc10f093
...@@ -35,6 +35,7 @@ def checkNameLax(self, node, name=_MARKER, allow_magic_methods=False): ...@@ -35,6 +35,7 @@ def checkNameLax(self, node, name=_MARKER, allow_magic_methods=False):
If ``allow_magic_methods is True`` names in `ALLOWED_FUNC_NAMES` If ``allow_magic_methods is True`` names in `ALLOWED_FUNC_NAMES`
are additionally allowed although their names start with `_`. are additionally allowed although their names start with `_`.
TODO: zope4py2: we don't really use ALLOWED_FUNC_NAMES here.
""" """
if name is None: if name is None:
return return
...@@ -260,13 +261,40 @@ ModuleSecurityInfo('collections').declarePublic('defaultdict') ...@@ -260,13 +261,40 @@ ModuleSecurityInfo('collections').declarePublic('defaultdict')
from collections import Counter from collections import Counter
ModuleSecurityInfo('collections').declarePublic('Counter') ModuleSecurityInfo('collections').declarePublic('Counter')
def allow_full_write(t):
"""Allow setattr and delattr for this type.
This supports both RestrictedPython-3.6.0, where the safetype is implemented as:
safetype = {dict: True, list: True}.has_key
...
safetype(t)
and RestrictedPython-5.1, where the safetype is implemented as:
safetypes = {dict, list}
...
safetype(t)
"""
# Modify 'safetype' dict in full_write_guard function of RestrictedPython
# (closure) directly to allow write access (using __setattr__ and __delattr__)
# to ndarray and pandas DataFrame below.
from RestrictedPython.Guards import full_write_guard
safetype = full_write_guard.func_closure[1].cell_contents
if isinstance(safetype, set): # 5.1
safetype.add(t)
else: # 3.6
safetype.__self__.update({t: True})
from AccessControl.ZopeGuards import _dict_white_list from AccessControl.ZopeGuards import _dict_white_list
# Attributes cannot be set on defaultdict, thus modify 'safetype' dict # Attributes cannot be set on defaultdict, thus ignore defaultdict like dict/list
# (closure) directly to ignore defaultdict like dict/list
from RestrictedPython.Guards import full_write_guard from RestrictedPython.Guards import full_write_guard
ContainerAssertions[defaultdict] = _check_access_wrapper(defaultdict, _dict_white_list) ContainerAssertions[defaultdict] = _check_access_wrapper(defaultdict, _dict_white_list)
#XXXfull_write_guard.func_closure[1].cell_contents.__self__[defaultdict] = True allow_full_write(defaultdict)
ContainerAssertions[OrderedDict] = _check_access_wrapper(OrderedDict, _dict_white_list) ContainerAssertions[OrderedDict] = _check_access_wrapper(OrderedDict, _dict_white_list)
OrderedDict.__guarded_setitem__ = OrderedDict.__setitem__.__func__ OrderedDict.__guarded_setitem__ = OrderedDict.__setitem__.__func__
...@@ -490,18 +518,9 @@ for dtype in ('int8', 'int16', 'int32', 'int64', \ ...@@ -490,18 +518,9 @@ for dtype in ('int8', 'int16', 'int32', 'int64', \
allow_type(np.timedelta64) allow_type(np.timedelta64)
allow_type(type(np.c_)) allow_type(type(np.c_))
allow_type(type(np.dtype('int16'))) allow_type(type(np.dtype('int16')))
allow_full_write(np.ndarray)
# Modify 'safetype' dict in full_write_guard function of RestrictedPython allow_full_write(np.core.records.recarray)
# (closure) directly to allow write access to ndarray allow_full_write(np.core.records.record)
# (and pandas DataFrame below).
from RestrictedPython.Guards import full_write_guard
safetype = full_write_guard.func_closure[1].cell_contents.__self__
safetype.update(dict.fromkeys((
np.ndarray,
np.core.records.recarray,
np.core.records.record,
), True))
def restrictedMethod(s,name): def restrictedMethod(s,name):
def dummyMethod(*args, **kw): def dummyMethod(*args, **kw):
...@@ -542,15 +561,13 @@ else: ...@@ -542,15 +561,13 @@ else:
ContainerAssertions[pd.DataFrame] = _check_access_wrapper( ContainerAssertions[pd.DataFrame] = _check_access_wrapper(
pd.DataFrame, dict.fromkeys(dataframe_black_list, restrictedMethod)) pd.DataFrame, dict.fromkeys(dataframe_black_list, restrictedMethod))
safetype.update(dict.fromkeys(( allow_full_write(pd.DataFrame)
pd.DataFrame, allow_full_write(pd.Series)
pd.Series, allow_full_write(pd.tseries.index.DatetimeIndex)
pd.tseries.index.DatetimeIndex, allow_full_write(pd.core.indexing._iLocIndexer)
pd.core.indexing._iLocIndexer, allow_full_write(pd.core.indexing._LocIndexer)
pd.core.indexing._LocIndexer, allow_full_write(pd.MultiIndex)
pd.MultiIndex, allow_full_write(pd.Index)
pd.Index,
), True))
import ipaddress import ipaddress
allow_module('ipaddress') allow_module('ipaddress')
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment