[Zope-Checkins] CVS: Zope2 - Guards.py:1.3 RestrictionMutator.py:1.3
evan@serenade.digicool.com
evan@serenade.digicool.com
Mon, 14 May 2001 12:42:06 -0400
Update of /cvs-repository/Zope2/lib/python/RestrictedPython
In directory serenade:/home/evan/Zope/trunk/lib/python/RestrictedPython
Modified Files:
Guards.py RestrictionMutator.py
Log Message:
Handle augmented assignment correctly.
--- Updated File Guards.py in package Zope2 --
--- Guards.py 2001/04/27 20:27:51 1.2
+++ Guards.py 2001/05/14 16:41:35 1.3
@@ -105,10 +105,10 @@
def _full_read_guard(g_attr, g_item):
# Nested scope abuse!
- # The two arguments are used by class Wrapper
+ # The arguments are used by class Wrapper
# safetype variable is used by guard()
safetype = {type(()): 1, type([]): 1, type({}): 1, type(''): 1}.has_key
- def guard(ob):
+ def guard(ob, write=None):
# Don't bother wrapping simple types, or objects that claim to
# handle their own read security.
if safetype(type(ob)) or getattr(ob, '_guarded_reads', 0):
@@ -122,7 +122,12 @@
return g_attr(ob, name)
def __getitem__(self, i):
# Must handle both item and slice access.
- return g_item(ob, i)
+ return g_item(ob, i)
+ # Optional, for combined read/write guard
+ def __setitem__(self, index, val):
+ write(ob)[index] = val
+ def __setattr__(self, attr, val):
+ setattr(write(ob), attr, val)
return Wrapper()
return guard
@@ -143,7 +148,7 @@
# Required for slices with negative bounds.
return len(self.ob)
def __init__(self, ob):
- self.ob = ob
+ self.__dict__['ob'] = ob
# Generate class methods
d = Wrapper.__dict__
for name, error_msg in (
@@ -178,4 +183,7 @@
def guarded_delattr(object, name):
delattr(full_write_guard(object), name)
safe_builtins['delattr'] = guarded_delattr
+
+
+
--- Updated File RestrictionMutator.py in package Zope2 --
--- RestrictionMutator.py 2001/04/27 20:27:51 1.2
+++ RestrictionMutator.py 2001/05/14 16:41:35 1.3
@@ -236,7 +236,12 @@
def visitGetattr(self, node, walker):
self.checkAttrName(node)
node = walker.defaultVisitNode(node)
- node.expr = ast.CallFunc(_read_guard_name, [node.expr])
+ expr = [node.expr]
+ if getattr(node, 'use_dual_guard', 0):
+ # We're in an augmented assignment
+ expr.append(_write_guard_name)
+ self.funcinfo._write_used = 1
+ node.expr = ast.CallFunc(_read_guard_name, expr)
self.funcinfo._read_used = 1
return node
@@ -244,7 +249,12 @@
node = walker.defaultVisitNode(node)
if node.flags == OP_APPLY:
# get subscript or slice
- node.expr = ast.CallFunc(_read_guard_name, [node.expr])
+ expr = [node.expr]
+ if getattr(node, 'use_dual_guard', 0):
+ # We're in an augmented assignment
+ expr.append(_write_guard_name)
+ self.funcinfo._write_used = 1
+ node.expr = ast.CallFunc(_read_guard_name, expr)
self.funcinfo._read_used = 1
elif node.flags in (OP_DELETE, OP_ASSIGN):
# set or remove subscript or slice
@@ -273,6 +283,10 @@
node = walker.defaultVisitNode(node)
self.prepBody(node.node.nodes)
return node
+
+ def visitAugAssign(self, node, walker):
+ node.node.use_dual_guard = 1
+ return walker.defaultVisitNode(node)
if __name__ == '__main__':