def guard(container, value, index=None):
if Containers(type(container)) and Containers(type(value)):
# Simple type. Short circuit.
return
if getSecurityManager().validate(container, container, index, value):
return
_error(index)
def guarded_import(mname, globals=None, locals=None, fromlist=None, level=-1):
if fromlist is None:
fromlist = ()
if '*' in fromlist:
raise Unauthorized("'from %s import *' is not allowed")
if globals is None:
globals = {}
if locals is None:
locals = {}
# Refs https://bugs.launchpad.net/zope2/+bug/659968
if level != -1:
raise Unauthorized("Using import with a level specification isn't "
"supported by AccessControl: %s" % mname)
mnameparts = mname.split('.')
validate = getSecurityManager().validate
module = load_module(None, None, mnameparts, validate, globals, locals)
if module is None:
raise Unauthorized("import of '%s' is unauthorized" % mname)
if fromlist is None:
fromlist = ()
for name in fromlist:
v = getattr(module, name, None)
if v is None:
v = load_module(module, mname, [name], validate, globals, locals)
if not validate(module, module, name, v):
raise Unauthorized
else:
return module #__import__(mname, globals, locals, fromlist)
def guarded_import(mname, globals=None, locals=None, fromlist=None,
level=-1):
if fromlist is None:
fromlist = ()
if '*' in fromlist:
raise Unauthorized("'from %s import *' is not allowed")
if globals is None:
globals = {}
if locals is None:
locals = {}
# Refs https://bugs.launchpad.net/zope2/+bug/659968
if level != -1:
raise Unauthorized("Using import with a level specification isn't "
"supported by AccessControl: %s" % mname)
mnameparts = mname.split('.')
validate = getSecurityManager().validate
module = load_module(None, None, mnameparts, validate, globals, locals)
if module is None:
raise Unauthorized("import of '%s' is unauthorized" % mname)
if fromlist is None:
fromlist = ()
for name in fromlist:
v = getattr(module, name, None)
if v is None:
v = load_module(module, mname, [name], validate,
globals, locals)
if not validate(module, module, name, v):
raise Unauthorized
else:
return module #__import__(mname, globals, locals, fromlist)
def guard(container, value, index=None):
if Containers(type(container)) and Containers(type(value)):
# Simple type. Short circuit.
return
if getSecurityManager().validate(container, container, index, value):
return
_error(index)
def guarded_filter(f, seq, skip_unauthorized=0):
if type(seq) is type(''):
return filter(f, seq)
if f is None:
def f(x): return x
v = getSecurityManager().validate
result = []
a = result.append
for el in seq:
if v(seq, seq, None, el):
if f(el): a(el)
elif not skip_unauthorized:
raise Unauthorized, 'unauthorized access to element'
return result
def guarded_filter(f, seq, skip_unauthorized=0):
if type(seq) is type(''):
return filter(f, seq)
if f is None:
def f(x):
return x
v = getSecurityManager().validate
result = []
a = result.append
for el in seq:
if v(seq, seq, None, el):
if f(el): a(el)
elif not skip_unauthorized:
raise Unauthorized, 'unauthorized access to element'
return result
def guarded_getitem(object, index):
if type(index) is SliceType:
if index.step is not None:
v = object[index]
else:
start = index.start
stop = index.stop
if start is None:
start = 0
if stop is None:
v = object[start:]
else:
v = object[start:stop]
# We don't guard slices.
return v
v = object[index]
if Containers(type(object)) and Containers(type(v)):
# Simple type. Short circuit.
return v
if getSecurityManager().validate(object, object, None, v):
return v
raise Unauthorized('unauthorized access to element %s' % index)
def guarded_getitem(object, index):
if type(index) is SliceType:
if index.step is not None:
v = object[index]
else:
start = index.start
stop = index.stop
if start is None:
start = 0
if stop is None:
v = object[start:]
else:
v = object[start:stop]
# We don't guard slices.
return v
v = object[index]
if Containers(type(object)) and Containers(type(v)):
# Simple type. Short circuit.
return v
if getSecurityManager().validate(object, object, None, v):
return v
raise Unauthorized('unauthorized access to element %s' % index)