def guarded_import(mname, globals=None, locals=None, fromlist=None): if fromlist is None: fromlist = () if '*' in fromlist: raise Unauthorized, "'from %s import *' is not allowed" if globals is None: globals = {} if locals is None: locals = {} mnameparts = mname.split('.') firstmname = mnameparts[0] validate = getSecurityManager().validate module = load_module(None, None, mnameparts, validate, globals, locals) if module is None: raise Unauthorized, "import of '%s' is unauthorized" % mname if fromlist is None: fromlist = () for name in fromlist: v = getattr(module, name, None) if v is None: v = load_module(module, mname, [name], validate, globals, locals) if not validate(module, module, name, v): raise Unauthorized else: return __import__(mname, globals, locals, fromlist)
def guard(container, value, index=None): if Containers(type(container)) and Containers(type(value)): # Simple type. Short circuit. return if getSecurityManager().validate(container, container, index, value): return _error(index)
def guarded_import(mname, globals=None, locals=None, fromlist=None, level=-1): if fromlist is None: fromlist = () if '*' in fromlist: raise Unauthorized("'from %s import *' is not allowed") if globals is None: globals = {} if locals is None: locals = {} # Refs https://bugs.launchpad.net/zope2/+bug/659968 if level != -1: raise Unauthorized("Using import with a level specification isn't " "supported by AccessControl: %s" % mname) mnameparts = mname.split('.') validate = getSecurityManager().validate module = load_module(None, None, mnameparts, validate, globals, locals) if module is None: raise Unauthorized("import of '%s' is unauthorized" % mname) if fromlist is None: fromlist = () for name in fromlist: v = getattr(module, name, None) if v is None: v = load_module(module, mname, [name], validate, globals, locals) if not validate(module, module, name, v): raise Unauthorized else: return __import__(mname, globals, locals, fromlist)
def guarded_import(mname, globals={}, locals={}, fromlist=None): mnameparts = mname.split('.') firstmname = mnameparts[0] validate = getSecurityManager().validate module = load_module(None, None, mnameparts, validate, globals, locals) if module is not None: if fromlist is None: fromlist = () try: for name in fromlist: if name == '*': raise ImportError, ('"from %s import *" is not allowed' % mname) v = getattr(module, name, None) if v is None: v = load_module(module, mname, [name], validate, globals, locals) if not validate(module, module, name, v): raise Unauthorized else: return __import__(mname, globals, locals, fromlist) except Unauthorized, why: raise ImportError, ( 'import of "%s" from "%s" is unauthorized. %s' % (name, mname, why))
def guarded_filter(f, seq, skip_unauthorized=0): if type(seq) is type(''): return filter(f, seq) if f is None: def f(x): return x v = getSecurityManager().validate result = [] a = result.append for el in seq: if v(seq, seq, None, el): if f(el): a(el) elif not skip_unauthorized: raise Unauthorized, 'unauthorized access to element' return result
def guarded_getattr(inst, name, default=_marker): if name[:1] != '_': # Try to get the attribute normally so that unusual # exceptions are caught early. try: v = getattr(inst, name) except AttributeError: if default is not _marker: return default raise if Containers(type(inst)): # Simple type. Short circuit. return v validate = getSecurityManager().validate # Filter out the objects we can't access. if hasattr(inst, 'aq_acquire'): return inst.aq_acquire(name, aq_validate, validate) # Or just try to get the attribute directly. if validate(inst, inst, name, v): return v raise Unauthorized, name
def guarded_getitem(object, index): if type(index) is SliceType: if index.step is not None: v = object[index] else: start = index.start stop = index.stop if start is None: start = 0 if stop is None: v = object[start:] else: v = object[start:stop] # We don't guard slices. return v v = object[index] if Containers(type(object)) and Containers(type(v)): # Simple type. Short circuit. return v if getSecurityManager().validate(object, object, None, v): return v raise Unauthorized, 'unauthorized access to element %s' % `i`
def guarded_getitem(object, index): if type(index) is SliceType: if index.step is not None: v = object[index] else: start = index.start stop = index.stop if start is None: start = 0 if stop is None: v = object[start:] else: v = object[start:stop] # We don't guard slices. return v v = object[index] if Containers(type(object)) and Containers(type(v)): # Simple type. Short circuit. return v if getSecurityManager().validate(object, object, None, v): return v raise Unauthorized('unauthorized access to element %s' % index)
def authorize(self, user, accessed, container, name, value, roles): user = getattr(user, 'aq_base', user).__of__(self) newSecurityManager(None, user) security = getSecurityManager() try: try: # This is evil: we cannot pass _noroles directly because # it is a special marker, and that special marker is not # the same between the C and Python policy implementations. # We __really__ need to stop using this marker pattern! if roles is _noroles: if security.validate(accessed, container, name, value): return 1 else: if security.validate(accessed, container, name, value, roles): return 1 except: noSecurityManager() raise except Unauthorized: pass return 0
def guarded_import(mname, globals={}, locals={}, fromlist=None): mnameparts = mname.split('.') firstmname = mnameparts[0] validate = getSecurityManager().validate module = load_module(None, None, mnameparts, validate, globals, locals) if module is not None: if fromlist is None: fromlist = () try: for name in fromlist: if name == '*': raise ImportError, ('"from %s import *" is not allowed' % mname) v = getattr(module, name, None) if v is None: v = load_module(module, mname, [name], validate, globals, locals) if not validate(module, module, name, v): raise Unauthorized else: return __import__(mname, globals, locals, fromlist) except Unauthorized, why: raise ImportError, ('import of "%s" from "%s" is unauthorized. %s' % (name, mname, why))
def guarded_import(mname, globals=None, locals=None, fromlist=None): if fromlist is None: fromlist = () if '*' in fromlist: raise Unauthorized, "'from %s import *' is not allowed" if globals is None: globals = {} if locals is None: locals = {} mnameparts = mname.split('.') validate = getSecurityManager().validate module = load_module(None, None, mnameparts, validate, globals, locals) if module is None: raise Unauthorized, "import of '%s' is unauthorized" % mname if fromlist is None: fromlist = () for name in fromlist: v = getattr(module, name, None) if v is None: v = load_module(module, mname, [name], validate, globals, locals) if not validate(module, module, name, v): raise Unauthorized else: return __import__(mname, globals, locals, fromlist)