Restricted: bug fixes, support generator and collections module
Add some features to restricted python and fix problems revealed by running Zope's test suites.
# Bug fixes
- Disallow access to old style classes without security declarations. This is not allowed in vanilla zope, but we allowed this accidentally about two years ago. This branch includes some fixes for cases where we accessed not protected classes in a way that should not have been allowed - ERP5 test suite pass, but there might be more cases in code not covered by ERP5 test suite.
- Fix iterating on `reversed(iterable)` which was unauthorized, maybe since python 2.7
- Disallow new style classes in container access (iteration, `{}.get` etc). Only classes had this problem, not instances, so this probably has no impact for us, but it allows running AccessControl test suite.
- Disallow attribute names ending in `__roles__` in class name. This probably does not impact us either, but also for AccessControl tests suite.
# New features
- Allow iterating on a generator. It's still not possible to use `yield` statement in restricted python, but iterating is now possible
- Allow `cStringIO.StringIO("initial value")`, only `cStringIO.StringIO()` was allowed
- Enable `collections.namedtuple` and add a few tests for other members of `collections` ( not `collections.deque` because we never used it so far )
See merge request !1090
| Status | Job ID | Name | Coverage | ||||||
|---|---|---|---|---|---|---|---|---|---|
| External | |||||||||
| passed |
#68678
external
|
ERP5.CodingStyleTest-Master |
|
||||||
| passed |
#68660
external
|
ERP5.PerformanceTest-Master |
00:32:24
|
||||||
| canceled |
#68673
external
|
ERP5.UnitTest-Master |
04:44:54
|
||||||
| passed |
#68688
external
|
SlapOS.Eggs.UnitTest-Master.Python3 |
00:34:20
|
||||||
| passed |
#68665
external
retried
|
SlapOS.Eggs.UnitTest-Master.Python3 |
00:38:49
|
||||||