Ejemplos de get_safe_globals en Python

Ejemplo n.º 1

Archivo: ZRPythonExpr.py Proyecto: bendavis78/zope

class PythonExpr(PythonExpr):
    _globals = get_safe_globals()
    _globals['_getattr_'] = guarded_getattr
    _globals['__debug__' ] = __debug__

    def __init__(self, name, expr, engine):
        self.text = self.expr = text = expr.strip().replace('\n', ' ')

        # Unicode expression are not handled properly by RestrictedPython
        # We convert the expression to UTF-8 (ajung)
        if isinstance(text, unicode):
            text = text.encode('utf-8')
        code, err, warn, use = compile_restricted_eval(text, 
                                                       self.__class__.__name__)
        if err:
            raise engine.getCompilerError()('Python expression error:\n%s' %
                                            '\n'.join(err))            
        self._varnames = use.keys()
        self._code = code

    def __call__(self, econtext):
        __traceback_info__ = self.text
        vars = self._bind_used_names(econtext, {})
        vars.update(self._globals)
        return eval(self._code, vars, {})

Ejemplo n.º 2

Archivo: testZopeGuards.py Proyecto: bchainn/AccessControl

    def _compile_str(self, text, name):
        from RestrictedPython import compile_restricted
        from AccessControl.ZopeGuards import get_safe_globals, guarded_getattr

        code = compile_restricted(text, name, 'exec')

        g = get_safe_globals()
        g['_getattr_'] = guarded_getattr
        g['__debug__'] = 1  # so assert statements are active
        g['__name__'] = __name__  # so classes can be defined in the script
        return code, g

Ejemplo n.º 3

Archivo: testZopeGuards.py Proyecto: goschtl/zope

    def _compile_str(self, text, name):
        from RestrictedPython import compile_restricted
        from AccessControl.ZopeGuards import get_safe_globals, guarded_getattr

        code = compile_restricted(text, name, 'exec')

        g = get_safe_globals()
        g['_getattr_'] = guarded_getattr
        g['__debug__'] = 1  # so assert statements are active
        g['__name__'] = __name__ # so classes can be defined in the script
        return code, g

Ejemplo n.º 4

Archivo: PythonScript.py Proyecto: wpjunior/proled

    def _newfun(self, code):
        g = get_safe_globals()
        g['_getattr_'] = guarded_getattr
        g['__debug__'] = __debug__
        g['__name__'] = None

        l = {}
        exec code in g, l
        self._v_f = f = l.values()[0]
        self._v_ft = (f.func_code, g, f.func_defaults or ())
        return f

Ejemplo n.º 5

    def _newfun(self, code):
        g = get_safe_globals()
        g['_getattr_'] = guarded_getattr
        g['__debug__'] = __debug__
        g['__name__'] = None

        l = {}
        exec code in g, l
        self._v_f = f = l.values()[0]
        self._v_ft = (f.func_code, g, f.func_defaults or ())
        return f

Ejemplo n.º 6

Archivo: bot.py Proyecto: bgnori/lingrbot-python

def build_global(data):
    """
    based on:
        http://developer.plone.org/security/sandboxing.html
    """
    g = get_safe_globals()
    g['__builtins__'] = safe_builtins

    from AccessControl.ImplPython import guarded_getattr as guarded_getattr_safe
    g['_getattr_'] = guarded_getattr_safe
    g['data'] = data
    return g

Ejemplo n.º 7

 def execute(self):
     self.__alive = True
     restricted_globals = get_safe_globals()
     restricted_globals["input"] = self.sin.reader()
     restricted_globals["_print_"] = self.sout.printer()
     restricted_globals["sleep"] = time.sleep
     restricted_globals["log"] = lambda x: print(f"{self.bot_id}: {x}")
     local_vars = {}
     self.task = threading.Thread(group=None,
                                  target=run_code,
                                  args=(self.code_location,
                                        restricted_globals, local_vars),
                                  name=self.bot_id)
     self.start_time = time.time()
     self.task.start()
     return self.task

Ejemplo n.º 8

Archivo: PythonScript.py Proyecto: perfact/Products.PythonScripts

    def _newfun(self, code):
        safe_globals = get_safe_globals()
        safe_globals['_getattr_'] = guarded_getattr
        safe_globals['__debug__'] = __debug__
        # it doesn't really matter what __name__ is, *but*
        # - we need a __name__
        #   (see testPythonScript.TestPythonScriptGlobals.test__name__)
        # - it should not contain a period, so we can't use the id
        #   (see https://bugs.launchpad.net/zope2/+bug/142731/comments/4)
        # - with Python 2.6 it should not be None
        #   (see testPythonScript.TestPythonScriptGlobals.test_filepath)
        safe_globals['__name__'] = 'script'

        safe_locals = {}
        six.exec_(code, safe_globals, safe_locals)
        func = list(safe_locals.values())[0]
        self._v_ft = (func.__code__, safe_globals, func.__defaults__ or ())
        return func

Ejemplo n.º 9

Archivo: PythonScript.py Proyecto: c0ns0le/zenoss-4

    def _newfun(self, code):
        g = get_safe_globals()
        g['_getattr_'] = guarded_getattr
        g['__debug__'] = __debug__
        # it doesn't really matter what __name__ is, *but*
        # - we need a __name__
        #   (see testPythonScript.TestPythonScriptGlobals.test__name__)
        # - it should not contain a period, so we can't use the id
        #   (see https://bugs.launchpad.net/zope2/+bug/142731/comments/4)
        # - with Python 2.6 it should not be None
        #   (see testPythonScript.TestPythonScriptGlobals.test_filepath)
        g['__name__'] = 'script'

        l = {}
        exec code in g, l
        f = l.values()[0]
        self._v_ft = (f.func_code, g, f.func_defaults or ())
        return f

Ejemplo n.º 10

Archivo: PythonScript.py Proyecto: Andyvs/TrackMonthlyExpenses

    def _newfun(self, code):
        g = get_safe_globals()
        g['_getattr_'] = guarded_getattr
        g['__debug__'] = __debug__
        # it doesn't really matter what __name__ is, *but*
        # - we need a __name__
        #   (see testPythonScript.TestPythonScriptGlobals.test__name__)
        # - it should not contain a period, so we can't use the id
        #   (see https://bugs.launchpad.net/zope2/+bug/142731/comments/4)
        # - with Python 2.6 it should not be None
        #   (see testPythonScript.TestPythonScriptGlobals.test_filepath)
        g['__name__'] = 'script'

        l = {}
        exec code in g, l
        f = l.values()[0]
        self._v_ft = (f.func_code, g, f.func_defaults or ())
        return f

Ejemplo n.º 11

Archivo: PythonScript.py Proyecto: zopefoundation/Products.PythonScripts

    def _newfun(self, code):
        safe_globals = get_safe_globals()
        safe_globals['_getattr_'] = guarded_getattr
        safe_globals['__debug__'] = __debug__
        # it doesn't really matter what __name__ is, *but*
        # - we need a __name__
        #   (see testPythonScript.TestPythonScriptGlobals.test__name__)
        # - it should not contain a period, so we can't use the id
        #   (see https://bugs.launchpad.net/zope2/+bug/142731/comments/4)
        # - with Python 2.6 it should not be None
        #   (see testPythonScript.TestPythonScriptGlobals.test_filepath)
        safe_globals['__name__'] = 'script'

        safe_locals = {}
        six.exec_(code, safe_globals, safe_locals)
        func = list(safe_locals.values())[0]
        self._v_ft = (func.__code__, safe_globals, func.__defaults__ or ())
        return func

Ejemplo n.º 12

class PythonExpr(PythonExpr):
    _globals = get_safe_globals()
    _globals['_getattr_'] = guarded_getattr
    _globals['__debug__'] = __debug__

    def __init__(self, name, expr, engine):
        self.text = self.expr = text = expr.strip().replace('\n', ' ')
        code, err, warn, use = compile_restricted_eval(text,
                                                       self.__class__.__name__)

        if err:
            raise engine.getCompilerError()('Python expression error:\n%s' %
                                            '\n'.join(err))

        self._varnames = list(use.keys())
        self._code = code

    def __call__(self, econtext):
        __traceback_info__ = self.text
        vars = self._bind_used_names(econtext, {})
        vars.update(self._globals)
        return eval(self._code, vars, {})

Ejemplo n.º 13

Archivo: traversal.py Proyecto: datakurre/collective.themefragments

def prepare_restricted_function(p, body, name, filename, globalize=None):
    # We just do what they do in PythonScript...
    r = compile_restricted_function(p, body, name, filename, globalize)

    code = r[0]
    errors = r[1]
    warnings = tuple(r[2])

    if errors:
        logger.warning('\n'.join(errors))
        raise SyntaxError()
    elif warnings:
        logger.warning('\n'.join(warnings))

    g = get_safe_globals()
    g['_getattr_'] = guarded_getattr
    g['__debug__'] = __debug__
    g['__name__'] = 'script'
    l = {}
    exec code in g, l
    f = l.values()[0]

    return f.func_code, g, f.func_defaults or ()

Ejemplo n.º 14

Archivo: traversal.py Proyecto: datakurre/collective.themefragments

def prepare_restricted_function(p, body, name, filename, globalize=None):
    # We just do what they do in PythonScript...
    r = compile_restricted_function(p, body, name, filename, globalize)

    code = r[0]
    errors = r[1]
    warnings = tuple(r[2])

    if errors:
        logger.warning('\n'.join(errors))
        raise SyntaxError()
    elif warnings:
        logger.warning('\n'.join(warnings))

    g = get_safe_globals()
    g['_getattr_'] = guarded_getattr
    g['__debug__'] = __debug__
    g['__name__'] = 'script'
    l = {}
    exec code in g, l
    f = l.values()[0]

    return f.func_code, g, f.func_defaults or ()