def test_dict_access(self):
from RestrictedPython.tests import verify
SIMPLE_DICT_ACCESS_SCRIPT = """
def foo(text):
return text
kw = {'text':'baz'}
print foo(**kw)
kw = {'text':True}
print foo(**kw)
"""
code, its_globals = self._compile_str(SIMPLE_DICT_ACCESS_SCRIPT, 'x')
verify.verify(code)
sm = SecurityManager()
old = self.setSecurityManager(sm)
try:
exec code in its_globals
finally:
self.setSecurityManager(old)
self.assertEqual(its_globals['_print'](),
'baz\nTrue\n')
def _checkBeforeAndAfter(self, mod):
from RestrictedPython.RCompile import RModule
from compiler import parse
defre = re.compile(r'def ([_A-Za-z0-9]+)_(after|before)\(')
beforel = [name for name in mod.__dict__
if name.endswith("_before")]
for name in beforel:
before = getattr(mod, name)
before_src = get_source(before)
before_src = re.sub(defre, r'def \1(', before_src)
rm = RModule(before_src, '')
tree_before = rm._get_tree()
after = getattr(mod, name[:-6]+'after')
after_src = get_source(after)
after_src = re.sub(defre, r'def \1(', after_src)
tree_after = parse(after_src)
self.assertEqual(str(tree_before), str(tree_after))
rm.compile()
verify.verify(rm.getCode())
def test_dict_access(self):
from RestrictedPython.tests import verify
SIMPLE_DICT_ACCESS_SCRIPT = """
def foo(text):
return text
kw = {'text':'baz'}
print foo(**kw)
kw = {'text':True}
print foo(**kw)
"""
code, its_globals = self._compile_str(SIMPLE_DICT_ACCESS_SCRIPT, 'x')
verify.verify(code)
sm = SecurityManager()
old = self.setSecurityManager(sm)
try:
exec code in its_globals
finally:
self.setSecurityManager(old)
self.assertEqual(its_globals['_print'](),
'baz\nTrue\n')
def checkBeforeAndAfter(self):
from RestrictedPython.RCompile import RModule
from RestrictedPython.tests import before_and_after
from compiler import parse
defre = re.compile(r'def ([_A-Za-z0-9]+)_(after|before)\(')
beforel = [
name for name in before_and_after.__dict__
if name.endswith("_before")
]
for name in beforel:
before = getattr(before_and_after, name)
before_src = get_source(before)
before_src = re.sub(defre, r'def \1(', before_src)
rm = RModule(before_src, '')
tree_before = rm._get_tree()
after = getattr(before_and_after, name[:-6] + 'after')
after_src = get_source(after)
after_src = re.sub(defre, r'def \1(', after_src)
tree_after = parse(after_src)
self.assertEqual(str(tree_before), str(tree_after))
rm.compile()
verify.verify(rm.getCode())
def _compile_file(self, name):
path = os.path.join(_HERE, name)
f = open(path, "r")
source = f.read()
f.close()
co = compile_restricted(source, path, "exec")
verify.verify(co)
return co
def _compile_file(self, name):
path = os.path.join(_HERE, name)
f = open(path, "r")
source = f.read()
f.close()
co = compile_restricted(source, path, "exec")
verify.verify(co)
return co
def checkUnpackSequenceSingle(self):
co = compile_restricted("x, y = 1, 2", "<string>", "single")
verify.verify(co)
calls = []
def getiter(s):
calls.append(s)
return list(s)
globals = {"_getiter_": getiter}
exec co in globals, {}
self.assertEqual(calls, [(1, 2)])
def checkUnpackSequenceExpression(self):
co = compile_restricted("[x for x, y in [(1, 2)]]", "<string>", "eval")
verify.verify(co)
calls = []
def getiter(s):
calls.append(s)
return list(s)
globals = {"_getiter_": getiter}
exec co in globals, {}
self.assertEqual(calls, [[(1,2)], (1, 2)])
def checkUnpackSequenceSingle(self):
co = compile_restricted("x, y = 1, 2", "<string>", "single")
verify.verify(co)
calls = []
def getiter(s):
calls.append(s)
return list(s)
globals = {"_getiter_": getiter}
exec co in globals, {}
self.assertEqual(calls, [(1, 2)])
def checkUnpackSequenceExpression(self):
co = compile_restricted("[x for x, y in [(1, 2)]]", "<string>", "eval")
verify.verify(co)
calls = []
def getiter(s):
calls.append(s)
return list(s)
globals = {"_getiter_": getiter}
exec co in globals, {}
self.assertEqual(calls, [[(1, 2)], (1, 2)])
def execFunc(self, name, *args, **kw):
func = rmodule[name]
verify.verify(func.func_code)
func.func_globals.update({'_getattr_': guarded_getattr,
'_getitem_': guarded_getitem,
'_write_': TestGuard,
'_print_': PrintCollector,
# I don't want to write something as involved as ZopeGuard's
# SafeIter just for these tests. Using the builtin list() function
# worked OK for everything the tests did at the time this was added,
# but may fail in the future. If Python 2.1 is no longer an
# interesting platform then, using 2.2's builtin iter() here should
# work for everything.
'_getiter_': list,
'_apply_': apply_wrapper,
'_inplacevar_': inplacevar_wrapper,
})
return func(*args, **kw)
def execFunc(self, name, *args, **kw):
func = rmodule[name]
verify.verify(func.func_code)
func.func_globals.update({
'_getattr_': guarded_getattr,
'_getitem_': guarded_getitem,
'_write_': TestGuard,
'_print_': PrintCollector,
# I don't want to write something as involved as ZopeGuard's
# SafeIter just for these tests. Using the builtin list() function
# worked OK for everything the tests did at the time this was added,
# but may fail in the future. If Python 2.1 is no longer an
# interesting platform then, using 2.2's builtin iter() here should
# work for everything.
'_getiter_': list,
'_apply_': apply_wrapper,
'_inplacevar_': inplacevar_wrapper,
})
return func(*args, **kw)
def test_derived_class_normal(self):
from RestrictedPython.tests import verify
NORMAL_SCRIPT = """
class Normal(ProtectedBase):
pass
normal = Normal()
print normal.private_method()
"""
code, its_globals = self._compile_str(NORMAL_SCRIPT, 'normal_script')
its_globals['ProtectedBase'] = self._getProtectedBaseClass()
verify.verify(code)
self._initPolicyAndManager()
try:
exec code in its_globals
except Unauthorized:
pass
else:
self.fail("Didn't raise Unauthorized: \n%s" %
its_globals['_print']())
def test_derived_class_normal(self):
from RestrictedPython.tests import verify
NORMAL_SCRIPT = """
class Normal(ProtectedBase):
pass
normal = Normal()
print normal.private_method()
"""
code, its_globals = self._compile_str(NORMAL_SCRIPT, 'normal_script')
its_globals['ProtectedBase'] = self._getProtectedBaseClass()
verify.verify(code)
self._initPolicyAndManager()
try:
exec code in its_globals
except Unauthorized:
pass
else:
self.fail("Didn't raise Unauthorized: \n%s" %
its_globals['_print']())
def testPython(self):
from RestrictedPython.tests import verify
code, its_globals = self._compile("actual_python.py")
verify.verify(code)
# Fiddle the global and safe-builtins dicts to count how many times
# the special functions are called.
self._wrap_replaced_dict_callables(its_globals)
self._wrap_replaced_dict_callables(its_globals['__builtins__'])
sm = SecurityManager()
old = self.setSecurityManager(sm)
try:
exec code in its_globals
finally:
self.setSecurityManager(old)
# Use wrapper_count to determine coverage.
## print wrapper_count # uncomment to see wrapper names & counts
untouched = [k for k, v in wrapper_count.items() if v == 0]
if untouched:
untouched.sort()
self.fail("Unexercised wrappers: %r" % untouched)
def testPython(self):
from RestrictedPython.tests import verify
code, its_globals = self._compile("actual_python.py")
verify.verify(code)
# Fiddle the global and safe-builtins dicts to count how many times
# the special functions are called.
self._wrap_replaced_dict_callables(its_globals)
self._wrap_replaced_dict_callables(its_globals['__builtins__'])
sm = SecurityManager()
old = self.setSecurityManager(sm)
try:
exec code in its_globals
finally:
self.setSecurityManager(old)
# Use wrapper_count to determine coverage.
## print wrapper_count # uncomment to see wrapper names & counts
untouched = [k for k, v in wrapper_count.items() if v == 0]
if untouched:
untouched.sort()
self.fail("Unexercised wrappers: %r" % untouched)
def _newfun(self, code):
verify(code)
return PythonScript._newfun(self, code)
def _newfun(self, code):
verify(code)
return PythonScript._newfun(self, code)
