[Zope-Checkins] CVS: Zope2 - ZopeGuards.py:1.2 DTML.py:1.3 Owned.py:1.11 SimpleObjectPolicies.py:1.7 User.py:1.149 ZopeSecurityPolicy.py:1.10 __init__.py:1.11
shane@digicool.com
shane@digicool.com
Fri, 27 Apr 2001 16:28:10 -0400 (EDT)
Update of /cvs-repository/Zope2/lib/python/AccessControl
In directory korak:/tmp/cvs-serv17686/lib/python/AccessControl
Modified Files:
DTML.py Owned.py SimpleObjectPolicies.py User.py
ZopeSecurityPolicy.py __init__.py
Added Files:
ZopeGuards.py
Log Message:
Merged RestrictedPythonBranch!
--- Updated File ZopeGuards.py in package Zope2 --
--- Updated File DTML.py in package Zope2 --
--- DTML.py 2000/05/11 18:54:13 1.2
+++ DTML.py 2001/04/27 20:27:37 1.3
@@ -88,16 +88,14 @@
__version__='$Revision$'[11:-2]
from DocumentTemplate import DT_Util
-import SecurityManagement
+import SecurityManagement, string, math, whrandom, random
# Allow access to unprotected attributes
DT_Util.TemplateDict.__allow_access_to_unprotected_subobjects__=1
-DT_Util.string.__allow_access_to_unprotected_subobjects__=1
-DT_Util.math.__allow_access_to_unprotected_subobjects__=1
-DT_Util.whrandom.__allow_access_to_unprotected_subobjects__=1
-
-try: DT_Util.random.__allow_access_to_unprotected_subobjects__=1
-except: pass
+string.__allow_access_to_unprotected_subobjects__=1
+math.__allow_access_to_unprotected_subobjects__=1
+whrandom.__allow_access_to_unprotected_subobjects__=1
+random.__allow_access_to_unprotected_subobjects__=1
# Add security testing capabilities
--- Updated File Owned.py in package Zope2 --
--- Owned.py 2001/01/12 15:23:05 1.10
+++ Owned.py 2001/04/27 20:27:37 1.11
@@ -89,7 +89,7 @@
__version__='$Revision$'[11:-2]
import Globals, urlparse, SpecialUsers, ExtensionClass, string
-from AccessControl import getSecurityManager
+from AccessControl import getSecurityManager, Unauthorized
from Acquisition import aq_get, aq_parent, aq_base
UnownableOwner=[]
@@ -201,7 +201,7 @@
urlparse.urlparse(REQUEST['HTTP_REFERER'])[:3])
__traceback_info__=want_referer, got_referer
if (want_referer != got_referer or security.calledByExecutable()):
- raise 'Unauthorized', (
+ raise Unauthorized, (
'manage_takeOwnership was called from an invalid context'
)
--- Updated File SimpleObjectPolicies.py in package Zope2 --
--- SimpleObjectPolicies.py 2001/01/10 20:21:03 1.6
+++ SimpleObjectPolicies.py 2001/04/27 20:27:37 1.7
@@ -100,13 +100,16 @@
type({}): 1,
}
+class _dummy_class: pass
+
from DocumentTemplate.DT_Util import TemplateDict
# Temporarily create a DictInstance so that we can mark its type as
# being a key in the ContainerAssertions.
templateDict = TemplateDict()
try:
dictInstance = templateDict(dummy=1)[0]
- ContainerAssertions[type(dictInstance)]=1
+ if type(dictInstance) is not type(_dummy_class()):
+ ContainerAssertions[type(dictInstance)]=1
except:
# Hmm, this may cause _() and _.namespace() to fail.
# What to do?
--- Updated File User.py in package Zope2 --
--- User.py 2001/04/27 18:07:07 1.148
+++ User.py 2001/04/27 20:27:37 1.149
@@ -98,7 +98,7 @@
from Role import RoleManager
from PermissionRole import _what_not_even_god_should_do, rolesForPermissionOn
from AuthEncoding import pw_validate
-from AccessControl import getSecurityManager
+from AccessControl import getSecurityManager, Unauthorized
from AccessControl.SecurityManagement import newSecurityManager
from AccessControl.SecurityManagement import noSecurityManager
from AccessControl.ZopeSecurityPolicy import _noroles
@@ -572,7 +572,7 @@
except:
noSecurityManager()
raise
- except 'Unauthorized': pass
+ except Unauthorized: pass
return 0
def validate(self, request, auth='', roles=_noroles):
--- Updated File ZopeSecurityPolicy.py in package Zope2 --
--- ZopeSecurityPolicy.py 2001/01/16 20:01:09 1.9
+++ ZopeSecurityPolicy.py 2001/04/27 20:27:37 1.10
@@ -89,6 +89,7 @@
__version__='$Revision$'[11:-2]
import SimpleObjectPolicies
+from AccessControl import Unauthorized
_noroles=SimpleObjectPolicies._noroles
from zLOG import LOG, PROBLEM
@@ -165,7 +166,7 @@
if not p:
if (containerbase is accessedbase):
- raise 'Unauthorized', cleanupName(name, value)
+ raise Unauthorized, cleanupName(name, value)
else:
return 0
@@ -196,7 +197,7 @@
# We don't want someone to acquire if they can't
# get an unacquired!
if accessedbase is containerbase:
- raise 'Unauthorized', (
+ raise Unauthorized, (
'You are not authorized to access <em>%s</em>.' \
% cleanupName(name, value))
return 0
@@ -209,7 +210,7 @@
# Proxy roles actually limit access!
if accessedbase is containerbase:
- raise 'Unauthorized', (
+ raise Unauthorized, (
'You are not authorized to access <em>%s</em>.' \
% cleanupName(name, value))
@@ -222,7 +223,7 @@
# We don't want someone to acquire if they can't get an unacquired!
if accessedbase is containerbase:
- raise 'Unauthorized', (
+ raise Unauthorized, (
'You are not authorized to access <em>%s</em>.' \
% cleanupName(name, value))
--- Updated File __init__.py in package Zope2 --
--- __init__.py 2001/04/11 17:53:22 1.10
+++ __init__.py 2001/04/27 20:27:37 1.11
@@ -83,6 +83,8 @@
#
##############################################################################
+Unauthorized = 'Unauthorized'
+
import DTML
del DTML
@@ -92,6 +94,6 @@
from SecurityInfo import ACCESS_PUBLIC
from SecurityInfo import ACCESS_NONE
from SecurityInfo import secureModule
+from ZopeGuards import full_read_guard, full_write_guard, safe_builtins
-msec = ModuleSecurityInfo('AccessControl')
-msec.declarePublic('getSecurityManager')
+ModuleSecurityInfo('AccessControl').declarePublic('getSecurityManager')