def test_dict_access(self): from RestrictedPython.tests import verify SIMPLE_DICT_ACCESS_SCRIPT = """ def foo(text): return text kw = {'text':'baz'} print foo(**kw) kw = {'text':True} print foo(**kw) """ code, its_globals = self._compile_str(SIMPLE_DICT_ACCESS_SCRIPT, 'x') verify.verify(code) sm = SecurityManager() old = self.setSecurityManager(sm) try: exec code in its_globals finally: self.setSecurityManager(old) self.assertEqual(its_globals['_print'](), 'baz\nTrue\n')
def _checkBeforeAndAfter(self, mod): from RestrictedPython.RCompile import RModule from compiler import parse defre = re.compile(r'def ([_A-Za-z0-9]+)_(after|before)\(') beforel = [name for name in mod.__dict__ if name.endswith("_before")] for name in beforel: before = getattr(mod, name) before_src = get_source(before) before_src = re.sub(defre, r'def \1(', before_src) rm = RModule(before_src, '') tree_before = rm._get_tree() after = getattr(mod, name[:-6]+'after') after_src = get_source(after) after_src = re.sub(defre, r'def \1(', after_src) tree_after = parse(after_src) self.assertEqual(str(tree_before), str(tree_after)) rm.compile() verify.verify(rm.getCode())
def checkBeforeAndAfter(self): from RestrictedPython.RCompile import RModule from RestrictedPython.tests import before_and_after from compiler import parse defre = re.compile(r'def ([_A-Za-z0-9]+)_(after|before)\(') beforel = [ name for name in before_and_after.__dict__ if name.endswith("_before") ] for name in beforel: before = getattr(before_and_after, name) before_src = get_source(before) before_src = re.sub(defre, r'def \1(', before_src) rm = RModule(before_src, '') tree_before = rm._get_tree() after = getattr(before_and_after, name[:-6] + 'after') after_src = get_source(after) after_src = re.sub(defre, r'def \1(', after_src) tree_after = parse(after_src) self.assertEqual(str(tree_before), str(tree_after)) rm.compile() verify.verify(rm.getCode())
def _compile_file(self, name): path = os.path.join(_HERE, name) f = open(path, "r") source = f.read() f.close() co = compile_restricted(source, path, "exec") verify.verify(co) return co
def checkUnpackSequenceSingle(self): co = compile_restricted("x, y = 1, 2", "<string>", "single") verify.verify(co) calls = [] def getiter(s): calls.append(s) return list(s) globals = {"_getiter_": getiter} exec co in globals, {} self.assertEqual(calls, [(1, 2)])
def checkUnpackSequenceExpression(self): co = compile_restricted("[x for x, y in [(1, 2)]]", "<string>", "eval") verify.verify(co) calls = [] def getiter(s): calls.append(s) return list(s) globals = {"_getiter_": getiter} exec co in globals, {} self.assertEqual(calls, [[(1,2)], (1, 2)])
def checkUnpackSequenceExpression(self): co = compile_restricted("[x for x, y in [(1, 2)]]", "<string>", "eval") verify.verify(co) calls = [] def getiter(s): calls.append(s) return list(s) globals = {"_getiter_": getiter} exec co in globals, {} self.assertEqual(calls, [[(1, 2)], (1, 2)])
def execFunc(self, name, *args, **kw): func = rmodule[name] verify.verify(func.func_code) func.func_globals.update({'_getattr_': guarded_getattr, '_getitem_': guarded_getitem, '_write_': TestGuard, '_print_': PrintCollector, # I don't want to write something as involved as ZopeGuard's # SafeIter just for these tests. Using the builtin list() function # worked OK for everything the tests did at the time this was added, # but may fail in the future. If Python 2.1 is no longer an # interesting platform then, using 2.2's builtin iter() here should # work for everything. '_getiter_': list, '_apply_': apply_wrapper, '_inplacevar_': inplacevar_wrapper, }) return func(*args, **kw)
def execFunc(self, name, *args, **kw): func = rmodule[name] verify.verify(func.func_code) func.func_globals.update({ '_getattr_': guarded_getattr, '_getitem_': guarded_getitem, '_write_': TestGuard, '_print_': PrintCollector, # I don't want to write something as involved as ZopeGuard's # SafeIter just for these tests. Using the builtin list() function # worked OK for everything the tests did at the time this was added, # but may fail in the future. If Python 2.1 is no longer an # interesting platform then, using 2.2's builtin iter() here should # work for everything. '_getiter_': list, '_apply_': apply_wrapper, '_inplacevar_': inplacevar_wrapper, }) return func(*args, **kw)
def test_derived_class_normal(self): from RestrictedPython.tests import verify NORMAL_SCRIPT = """ class Normal(ProtectedBase): pass normal = Normal() print normal.private_method() """ code, its_globals = self._compile_str(NORMAL_SCRIPT, 'normal_script') its_globals['ProtectedBase'] = self._getProtectedBaseClass() verify.verify(code) self._initPolicyAndManager() try: exec code in its_globals except Unauthorized: pass else: self.fail("Didn't raise Unauthorized: \n%s" % its_globals['_print']())
def testPython(self): from RestrictedPython.tests import verify code, its_globals = self._compile("actual_python.py") verify.verify(code) # Fiddle the global and safe-builtins dicts to count how many times # the special functions are called. self._wrap_replaced_dict_callables(its_globals) self._wrap_replaced_dict_callables(its_globals['__builtins__']) sm = SecurityManager() old = self.setSecurityManager(sm) try: exec code in its_globals finally: self.setSecurityManager(old) # Use wrapper_count to determine coverage. ## print wrapper_count # uncomment to see wrapper names & counts untouched = [k for k, v in wrapper_count.items() if v == 0] if untouched: untouched.sort() self.fail("Unexercised wrappers: %r" % untouched)
def _newfun(self, code): verify(code) return PythonScript._newfun(self, code)