[Zope-dev] how to add to the pythonscript allowed import list?

Chris McDonough chrism@digicool.com
Thu, 19 Apr 2001 16:25:22 -0400


> > I think it will be something along the lines of:
> >
> > from AccessControl import ModuleSecurityInfo
> > ModuleSecurityInfo('Products').declarePublic('SignedEditions')
> >
ModuleSecurityInfo('Products.SignedEditions').declarePublic('stripCardNumber
> > ', 'verifyCardNumber')
>
> Thanks, that worked!
>
> I'm going to file a collector report on that misleading error message.

I'm not sure much will be done about it. ;-)

>
> Also, I did read stuff very similar to the text you pointed me to above,
> in the PythonMethods wiki.  Clearly, it did *not* tell me as a developer
> how to do what the text is saying it is telling me how to do: make it
> so I can import a function in a pythonscript.  So I think you should
> add a note about the need for the
ModuleSecurityInfo('Products').declarePublic
> call, and incorporate it into the example (or another example).

Yes, the wiki is broken.  So is the help system for that matter.  Sigh.

> Also, the text makes a distinction between marking "external" modules
> and marking "embedded" modules.  The former uses the spelling above,
> the latter the "security = ModuleSecurityInfo()" spelling.  As far as
> I can see, what I am doing is the *latter* case, and what I tried
> naively following the directions did not work, but this external
> spelling did.  So something needs to be clarified there, as well.

The fundamental problem is that you need to make explicit declarations for
all packages along the import path.  So making a declaration for a module
that is inside a package won't allow you to import that module unless you've
made security declarations for the containing package.  Since the "Products"
package had no declarations, it was disallowing access.

This is rather confusing and I need to not only fix the ZDG but understand a
bunch of use cases that aren't covered in it.

> I've filed this as a tracker comment on the ZDG, as well.

Thanks!

> --RDM
>
>