Commit 40b7d51b authored by Arnaud Fontaine's avatar Arnaud Fontaine

zope4py2: patches/ERP5Type/Restricted.py: Introduce `allow_full_write`.

Utility function taking care of the internal changes between RestrictedPython v3
and v5, keeping support for both (instead of having multiple if statements).
parent 43726cf8
......@@ -35,6 +35,7 @@ def checkNameLax(self, node, name=_MARKER, allow_magic_methods=False):
If ``allow_magic_methods is True`` names in `ALLOWED_FUNC_NAMES`
are additionally allowed although their names start with `_`.
TODO: zope4py2: we don't really use ALLOWED_FUNC_NAMES here.
"""
if name is None:
return
......@@ -260,13 +261,40 @@ ModuleSecurityInfo('collections').declarePublic('defaultdict')
from collections import Counter
ModuleSecurityInfo('collections').declarePublic('Counter')
def allow_full_write(t):
"""Allow setattr and delattr for this type.
This supports both RestrictedPython-3.6.0, where the safetype is implemented as:
safetype = {dict: True, list: True}.has_key
...
safetype(t)
and RestrictedPython-5.1, where the safetype is implemented as:
safetypes = {dict, list}
...
safetype(t)
"""
# Modify 'safetype' dict in full_write_guard function of RestrictedPython
# (closure) directly to allow write access (using __setattr__ and __delattr__)
# to ndarray and pandas DataFrame below.
from RestrictedPython.Guards import full_write_guard
safetype = full_write_guard.func_closure[1].cell_contents
if isinstance(safetype, set): # 5.1
safetype.add(t)
else: # 3.6
safetype.__self__.update({t: True})
from AccessControl.ZopeGuards import _dict_white_list
# Attributes cannot be set on defaultdict, thus modify 'safetype' dict
# (closure) directly to ignore defaultdict like dict/list
# Attributes cannot be set on defaultdict, thus ignore defaultdict like dict/list
from RestrictedPython.Guards import full_write_guard
ContainerAssertions[defaultdict] = _check_access_wrapper(defaultdict, _dict_white_list)
#XXXfull_write_guard.func_closure[1].cell_contents.__self__[defaultdict] = True
allow_full_write(defaultdict)
ContainerAssertions[OrderedDict] = _check_access_wrapper(OrderedDict, _dict_white_list)
OrderedDict.__guarded_setitem__ = OrderedDict.__setitem__.__func__
......@@ -490,18 +518,9 @@ for dtype in ('int8', 'int16', 'int32', 'int64', \
allow_type(np.timedelta64)
allow_type(type(np.c_))
allow_type(type(np.dtype('int16')))
# Modify 'safetype' dict in full_write_guard function of RestrictedPython
# (closure) directly to allow write access to ndarray
# (and pandas DataFrame below).
from RestrictedPython.Guards import full_write_guard
safetype = full_write_guard.func_closure[1].cell_contents.__self__
safetype.update(dict.fromkeys((
np.ndarray,
np.core.records.recarray,
np.core.records.record,
), True))
allow_full_write(np.ndarray)
allow_full_write(np.core.records.recarray)
allow_full_write(np.core.records.record)
def restrictedMethod(s,name):
def dummyMethod(*args, **kw):
......@@ -542,15 +561,13 @@ else:
ContainerAssertions[pd.DataFrame] = _check_access_wrapper(
pd.DataFrame, dict.fromkeys(dataframe_black_list, restrictedMethod))
safetype.update(dict.fromkeys((
pd.DataFrame,
pd.Series,
pd.tseries.index.DatetimeIndex,
pd.core.indexing._iLocIndexer,
pd.core.indexing._LocIndexer,
pd.MultiIndex,
pd.Index,
), True))
allow_full_write(pd.DataFrame)
allow_full_write(pd.Series)
allow_full_write(pd.tseries.index.DatetimeIndex)
allow_full_write(pd.core.indexing._iLocIndexer)
allow_full_write(pd.core.indexing._LocIndexer)
allow_full_write(pd.MultiIndex)
allow_full_write(pd.Index)
import ipaddress
allow_module('ipaddress')
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment