[Zope] Python scripts

Laurence Rowe l at lrowe.co.uk
Fri Jul 6 15:28:04 UTC 2012

On 6 July 2012 16:36, Richard Harley <richard at scholarpack.com> wrote:
> That works great, thanks. So there is no way to do this across, say, a
> folder with hundreds of scripts in without duplicating the code in each
> individually?

For one Plone hotfix we took the approach of blacklisting certain
scripts by monkey-patching Bindings._bindAndExec (Bindings is a
superclass of PythonScript):

    from Shared.DC.Scripts.Bindings import Bindings
    from zExceptions import Forbidden


    def _patched_bindAndExec(self, args, kw, caller_namespace):
        '''Prepares the bound information and calls _exec(), possibly
        with a namespace.
        template_id = hasattr(self, 'getId') and self.getId() or ''
        request = getattr(self, 'REQUEST', None)
        if (template_id and request and template_id in DO_NOT_PUBLISH and
            request.get('PUBLISHED') is self):
            raise Forbidden('Script may not be published.')
        return self._original_bindAndExec(args, kw, caller_namespace)

    Bindings._original_bindAndExec = Bindings._bindAndExec
    Bindings._bindAndExec = _patched_bindAndExec

You could create an unpublishable subclass of PythonScript using a
similar technique. Ideally PythonScripts would opt in to being
publishable based on some metadata option.


More information about the Zope mailing list