[Zope3-checkins] CVS: Zope3/src/zope/security - checker.py:1.10

Steve Alexander steve@cat-box.net
Wed, 12 Mar 2003 05:11:16 -0500


Update of /cvs-repository/Zope3/src/zope/security
In directory cvs.zope.org:/tmp/cvs-serv12381/src/zope/security

Modified Files:
	checker.py 
Log Message:
__repr__ is now always allowed by security checkers.
This is important because you can always get around a restriction
on __repr__ by putting the object inside a tuple, dict or list, and
calling __repr__ on the tuple, dict, or list.

We discovered at Rotterdam that it is painful and non-intuitive to
protect __repr__ on tuples, dicts and lists.

So, it is better to make __repr__ publicly and obviously available.


=== Zope3/src/zope/security/checker.py 1.9 => 1.10 ===
--- Zope3/src/zope/security/checker.py:1.9	Fri Mar  7 16:13:02 2003
+++ Zope3/src/zope/security/checker.py	Wed Mar 12 05:11:15 2003
@@ -15,7 +15,6 @@
     WATCH_CHECKERS = 0
 
 
-
 def ProxyFactory(object, checker=None):
     """Factory function that creates a proxy for an object
 
@@ -166,13 +165,13 @@
 
 # We want this to behave as a global, meaning it's pickled
 # by name, rather than value. We need to arrange that it has a suitable
-# __reduce__. 
+# __reduce__.
 class Global(object):
 
     def __init__(self, name, module=None):
         if module is None:
             module = sys._getframe(1).f_locals['__name__']
-            
+
         self.__name__ = name
         self.__module__ = module
 
@@ -182,7 +181,7 @@
 CheckerPublic = Global('CheckerPublic')
 
 # Now we wrap it in a security proxy so that it retains it's
-# identity when it needs to be security proxied.  
+# identity when it needs to be security proxied.
 d={}
 CheckerPublic = Proxy(CheckerPublic, Checker(d))
 d['__reduce__'] = CheckerPublic
@@ -347,16 +346,15 @@
                      '__gt__', '__ge__', '__ne__',
                      '__hash__', '__nonzero__',
                      '__class__', '__implements__',
+                     '__repr__'
                      ]
 
-_callableChecker = NamesChecker(['__str__', '__repr__', '__name__',
-                                 '__call__'])
-_typeChecker = NamesChecker(['__str__', '__repr__', '__name__', '__module__',
-                             '__bases__'])
-
-_interfaceChecker = NamesChecker(['__str__', '__repr__', '__name__',
-                                  '__module__', '__bases__', 'getBases',
-                                  'isImplementedBy', 'extends'])
+_callableChecker = NamesChecker(['__str__', '__name__', '__call__'])
+_typeChecker = NamesChecker(['__str__', '__name__', '__module__', '__bases__'])
+
+_interfaceChecker = NamesChecker(['__str__', '__name__', '__module__',
+                                  '__bases__', 'getBases', 'isImplementedBy',
+                                  'extends'])
 
 _iteratorChecker = NamesChecker(['next'])
 
@@ -378,18 +376,16 @@
 
 _default_checkers = {
     dict: NamesChecker(['__getitem__', '__len__', '__iter__',
-                        'get', 'has_key', '__copy__', '__str__', '__repr__',
-                        'keys', 'values', 'items',
-                        'iterkeys', 'iteritems', 'itervalues', '__contains__',
-                        ]),
+                        'get', 'has_key', '__copy__', '__str__', 'keys',
+                        'values', 'items', 'iterkeys', 'iteritems',
+                        'itervalues', '__contains__']),
     list: NamesChecker(['__getitem__', '__getslice__', '__len__', '__iter__',
-                        '__contains__', 'index', 'count', '__str__',
-                        '__repr__']),
+                        '__contains__', 'index', 'count', '__str__']),
 
     # YAGNI: () a rock
     tuple: NamesChecker(['__getitem__', '__getslice__', '__add__',
                          '__contains__', '__len__', '__iter__', '__iadd__',
-                         '__str__', '__repr__']),
+                         '__str__']),
     types.InstanceType: _instanceChecker,
     Proxy: NoProxy,
     types.ClassType: _classChecker,
@@ -403,20 +399,20 @@
     type(iter(())): _iteratorChecker, # different in Python 2.3.
     type(iter(_Sequence())): NamesChecker(['next']),
     type(Interface): _interfaceChecker,
-    datetime.timedelta: NamesChecker(['__repr__', '__str__', '__add__',
-                                      '__radd__', '__sub__', '__rsub__',
-                                      '__neg__', '__pos__', '__abs__',
-                                      '__mul__', '__rmul__', '__div__',
-                                      '__floordiv__', '__cmp__', 'days',
-                                      'seconds', 'microseconds']),
-    datetime.date: NamesChecker(['__repr__', '__str__', 'year', 'month', 'day',
+    datetime.timedelta: NamesChecker(['__str__', '__add__', '__radd__',
+                                      '__sub__', '__rsub__', '__neg__',
+                                      '__pos__', '__abs__', '__mul__',
+                                      '__rmul__', '__div__', '__floordiv__',
+                                      '__cmp__', 'days', 'seconds',
+                                      'microseconds']),
+    datetime.date: NamesChecker(['__str__', 'year', 'month', 'day',
                                  'timetuple', 'toordinal', '__cmp__',
                                  '__hash__', 'ctime', 'strftime', '__add__',
                                  '__radd__', '__sub__', '__rsub__', 'weekday',
                                  'isoweekday', 'isocalendar', 'isoformat',
                                  'min', 'max', 'resolution']),
     datetime.datetime: NamesChecker([
-      '__repr__', '__str__', 'year', 'month', 'day', 'hour', 'minute',
+      '__str__', 'year', 'month', 'day', 'hour', 'minute',
       'second', 'microsecond', 'tzinfo', 'timetuple', 'utctimetuple',
       'toordinal', '__cmp__', '__hash__', 'ctime', 'strftime',
       '__add__', '__radd__', '__sub__', '__rsub__', 'weekday',
@@ -425,10 +421,9 @@
       'timetz'
       ]),
     datetime.time: NamesChecker(['hour', 'minute', 'second', 'microsecond',
-                                 '__cmp__', '__hash__', '__repr__',
-                                 '__str__', 'isoformat', 'strftime', 'min',
-                                 'max', 'resolution', 'tzinfo', 'utcoffset',
-                                 'tzname', 'dst'])
+                                 '__cmp__', '__hash__', '__str__', 'isoformat',
+                                 'strftime', 'min', 'max', 'resolution',
+                                 'tzinfo', 'utcoffset', 'tzname', 'dst'])
 }