LP #659968: Added support for level argument to the ``__import__`` function as...

LP #659968: Added support for level argument to the ``__import__`` function as introduced in Python 2.5. Currently only level=0 is supported.

LP #659968: Added support for level argument to the ``import`` function as...
LP #659968: Added support for level argument to the ``__import__`` function as introduced in Python 2.5. Currently only level=0 is supported.
ad9c1bdb · Hanno Schlichting · 1abc1453 · ad9c1bdb · ad9c1bdb · ad9c1bdb
Commit ad9c1bdb authored Oct 15, 2010 by Hanno Schlichting
Showing with 27 additions and 8 deletions

doc/CHANGES.rst doc/CHANGES.rst +6 -0

src/AccessControl/ZopeGuards.py src/AccessControl/ZopeGuards.py +9 -3

src/AccessControl/tests/testModuleSecurity.py src/AccessControl/tests/testModuleSecurity.py +12 -5

No files found.
--- a/doc/CHANGES.rst
+++ b/doc/CHANGES.rst
@@ -12,6 +12,12 @@ Bugs Fixed
 ++++++++++


+Features Added
++++++++++++++
+
+- LP #659968: Added support for level argument to the ``__import__`` function
+  as introduced in Python 2.5. Currently only level=0 is supported.
+

 2.12.12 (2010-10-02)
 --------------------

--- a/src/AccessControl/ZopeGuards.py
+++ b/src/AccessControl/ZopeGuards.py
@@ -267,21 +267,27 @@ def guarded_zip(*seqs):
    return zip(*safe_seqs)
 safe_builtins['zip'] = guarded_zip

-def guarded_import(mname, globals=None, locals=None, fromlist=None):
+def guarded_import(mname, globals=None, locals=None, fromlist=None,
+                   level=0):
    if fromlist is None:
        fromlist = ()
    if '*' in fromlist:
-        raise Unauthorized, "'from %s import *' is not allowed"
+        raise Unauthorized("'from %s import *' is not allowed")
    if globals is None:
        globals = {}
    if locals is None:
        locals = {}
+    # Refs https://bugs.launchpad.net/zope2/+bug/659968
+    if level != 0:
+        raise Unauthorized("Using import with a level specification isn't "
+                           "supported by AccessControl: %s" % mname)
+
    mnameparts = mname.split('.')
    firstmname = mnameparts[0]
    validate = getSecurityManager().validate
    module = load_module(None, None, mnameparts, validate, globals, locals)
    if module is None:
-        raise Unauthorized, "import of '%s' is unauthorized" % mname
+        raise Unauthorized("import of '%s' is unauthorized" % mname)
    if fromlist is None:
        fromlist = ()
    for name in fromlist:

--- a/src/AccessControl/tests/testModuleSecurity.py
+++ b/src/AccessControl/tests/testModuleSecurity.py
@@ -32,15 +32,15 @@ class ModuleSecurityTests(unittest.TestCase):
            if module in sys.modules:
                del sys.modules[module]

-    def assertUnauth(self, module, fromlist):
+    def assertUnauth(self, module, fromlist, level=0):
        from zExceptions import Unauthorized
        from AccessControl.ZopeGuards import guarded_import
-        self.assertRaises(Unauthorized,
-                          guarded_import, module, fromlist=fromlist)
+        self.assertRaises(Unauthorized, guarded_import, module,
+                          fromlist=fromlist, level=level)

-    def assertAuth(self, module, fromlist):
+    def assertAuth(self, module, fromlist, level=0):
        from AccessControl.ZopeGuards import guarded_import
-        guarded_import(module, fromlist=fromlist)
+        guarded_import(module, fromlist=fromlist, level=level)

    def testPrivateModule(self):
        self.assertUnauth('AccessControl.tests.private_module', ())
@@ -76,5 +76,12 @@ class ModuleSecurityTests(unittest.TestCase):
                      guarded_import, 'AccessControl.tests.nonesuch', ())
        self.failUnless('AccessControl.tests.nonesuch' in MS)

+    def test_level_zero(self):
+        self.assertAuth('AccessControl.tests.public_module', (), level=0)
+
+    def test_level_nonzero(self):
+        self.assertUnauth('AccessControl.tests.public_module', (), level=1)
+
+
 def test_suite():
    return unittest.makeSuite(ModuleSecurityTests)