def guarded_import(mname, globals=None, locals=None, fromlist=None):
if fromlist is None:
fromlist = ()
if '*' in fromlist:
raise Unauthorized, "'from %s import *' is not allowed"
if globals is None:
globals = {}
if locals is None:
locals = {}
mnameparts = mname.split('.')
firstmname = mnameparts[0]
validate = getSecurityManager().validate
module = load_module(None, None, mnameparts, validate, globals, locals)
if module is None:
raise Unauthorized, "import of '%s' is unauthorized" % mname
if fromlist is None:
fromlist = ()
for name in fromlist:
v = getattr(module, name, None)
if v is None:
v = load_module(module, mname, [name], validate,
globals, locals)
if not validate(module, module, name, v):
raise Unauthorized
else:
return __import__(mname, globals, locals, fromlist)
def guard(container, value, index=None):
if Containers(type(container)) and Containers(type(value)):
# Simple type. Short circuit.
return
if getSecurityManager().validate(container, container, index, value):
return
_error(index)
def guard(container, value, index=None):
if Containers(type(container)) and Containers(type(value)):
# Simple type. Short circuit.
return
if getSecurityManager().validate(container, container, index, value):
return
_error(index)
def guarded_import(mname, globals=None, locals=None, fromlist=None,
level=-1):
if fromlist is None:
fromlist = ()
if '*' in fromlist:
raise Unauthorized("'from %s import *' is not allowed")
if globals is None:
globals = {}
if locals is None:
locals = {}
# Refs https://bugs.launchpad.net/zope2/+bug/659968
if level != -1:
raise Unauthorized("Using import with a level specification isn't "
"supported by AccessControl: %s" % mname)
mnameparts = mname.split('.')
validate = getSecurityManager().validate
module = load_module(None, None, mnameparts, validate, globals, locals)
if module is None:
raise Unauthorized("import of '%s' is unauthorized" % mname)
if fromlist is None:
fromlist = ()
for name in fromlist:
v = getattr(module, name, None)
if v is None:
v = load_module(module, mname, [name], validate,
globals, locals)
if not validate(module, module, name, v):
raise Unauthorized
else:
return __import__(mname, globals, locals, fromlist)
def guarded_import(mname, globals=None, locals=None, fromlist=None, level=-1):
if fromlist is None:
fromlist = ()
if '*' in fromlist:
raise Unauthorized("'from %s import *' is not allowed")
if globals is None:
globals = {}
if locals is None:
locals = {}
# Refs https://bugs.launchpad.net/zope2/+bug/659968
if level != -1:
raise Unauthorized("Using import with a level specification isn't "
"supported by AccessControl: %s" % mname)
mnameparts = mname.split('.')
validate = getSecurityManager().validate
module = load_module(None, None, mnameparts, validate, globals, locals)
if module is None:
raise Unauthorized("import of '%s' is unauthorized" % mname)
if fromlist is None:
fromlist = ()
for name in fromlist:
v = getattr(module, name, None)
if v is None:
v = load_module(module, mname, [name], validate, globals, locals)
if not validate(module, module, name, v):
raise Unauthorized
else:
return __import__(mname, globals, locals, fromlist)
def guarded_import(mname, globals={}, locals={}, fromlist=None):
mnameparts = mname.split('.')
firstmname = mnameparts[0]
validate = getSecurityManager().validate
module = load_module(None, None, mnameparts, validate, globals, locals)
if module is not None:
if fromlist is None:
fromlist = ()
try:
for name in fromlist:
if name == '*':
raise ImportError, ('"from %s import *" is not allowed' %
mname)
v = getattr(module, name, None)
if v is None:
v = load_module(module, mname, [name], validate, globals,
locals)
if not validate(module, module, name, v):
raise Unauthorized
else:
return __import__(mname, globals, locals, fromlist)
except Unauthorized, why:
raise ImportError, (
'import of "%s" from "%s" is unauthorized. %s' %
(name, mname, why))
def guarded_filter(f, seq, skip_unauthorized=0):
if type(seq) is type(''):
return filter(f, seq)
if f is None:
def f(x): return x
v = getSecurityManager().validate
result = []
a = result.append
for el in seq:
if v(seq, seq, None, el):
if f(el): a(el)
elif not skip_unauthorized:
raise Unauthorized, 'unauthorized access to element'
return result
def guarded_filter(f, seq, skip_unauthorized=0):
if type(seq) is type(''):
return filter(f, seq)
if f is None:
def f(x):
return x
v = getSecurityManager().validate
result = []
a = result.append
for el in seq:
if v(seq, seq, None, el):
if f(el): a(el)
elif not skip_unauthorized:
raise Unauthorized, 'unauthorized access to element'
return result
def guarded_getattr(inst, name, default=_marker):
if name[:1] != '_':
# Try to get the attribute normally so that unusual
# exceptions are caught early.
try: v = getattr(inst, name)
except AttributeError:
if default is not _marker:
return default
raise
if Containers(type(inst)):
# Simple type. Short circuit.
return v
validate = getSecurityManager().validate
# Filter out the objects we can't access.
if hasattr(inst, 'aq_acquire'):
return inst.aq_acquire(name, aq_validate, validate)
# Or just try to get the attribute directly.
if validate(inst, inst, name, v):
return v
raise Unauthorized, name
def guarded_getitem(object, index):
if type(index) is SliceType:
if index.step is not None:
v = object[index]
else:
start = index.start
stop = index.stop
if start is None:
start = 0
if stop is None:
v = object[start:]
else:
v = object[start:stop]
# We don't guard slices.
return v
v = object[index]
if Containers(type(object)) and Containers(type(v)):
# Simple type. Short circuit.
return v
if getSecurityManager().validate(object, object, None, v):
return v
raise Unauthorized, 'unauthorized access to element %s' % `i`
def guarded_getitem(object, index):
if type(index) is SliceType:
if index.step is not None:
v = object[index]
else:
start = index.start
stop = index.stop
if start is None:
start = 0
if stop is None:
v = object[start:]
else:
v = object[start:stop]
# We don't guard slices.
return v
v = object[index]
if Containers(type(object)) and Containers(type(v)):
# Simple type. Short circuit.
return v
if getSecurityManager().validate(object, object, None, v):
return v
raise Unauthorized('unauthorized access to element %s' % index)
def authorize(self, user, accessed, container, name, value, roles):
user = getattr(user, 'aq_base', user).__of__(self)
newSecurityManager(None, user)
security = getSecurityManager()
try:
try:
# This is evil: we cannot pass _noroles directly because
# it is a special marker, and that special marker is not
# the same between the C and Python policy implementations.
# We __really__ need to stop using this marker pattern!
if roles is _noroles:
if security.validate(accessed, container, name, value):
return 1
else:
if security.validate(accessed, container, name, value,
roles):
return 1
except:
noSecurityManager()
raise
except Unauthorized: pass
return 0
def authorize(self, user, accessed, container, name, value, roles):
user = getattr(user, 'aq_base', user).__of__(self)
newSecurityManager(None, user)
security = getSecurityManager()
try:
try:
# This is evil: we cannot pass _noroles directly because
# it is a special marker, and that special marker is not
# the same between the C and Python policy implementations.
# We __really__ need to stop using this marker pattern!
if roles is _noroles:
if security.validate(accessed, container, name, value):
return 1
else:
if security.validate(accessed, container, name, value,
roles):
return 1
except:
noSecurityManager()
raise
except Unauthorized: pass
return 0
def guarded_import(mname, globals={}, locals={}, fromlist=None):
mnameparts = mname.split('.')
firstmname = mnameparts[0]
validate = getSecurityManager().validate
module = load_module(None, None, mnameparts, validate, globals, locals)
if module is not None:
if fromlist is None:
fromlist = ()
try:
for name in fromlist:
if name == '*':
raise ImportError, ('"from %s import *" is not allowed'
% mname)
v = getattr(module, name, None)
if v is None:
v = load_module(module, mname, [name], validate,
globals, locals)
if not validate(module, module, name, v):
raise Unauthorized
else:
return __import__(mname, globals, locals, fromlist)
except Unauthorized, why:
raise ImportError, ('import of "%s" from "%s" is unauthorized. %s'
% (name, mname, why))
def guarded_import(mname, globals=None, locals=None, fromlist=None):
if fromlist is None:
fromlist = ()
if '*' in fromlist:
raise Unauthorized, "'from %s import *' is not allowed"
if globals is None:
globals = {}
if locals is None:
locals = {}
mnameparts = mname.split('.')
validate = getSecurityManager().validate
module = load_module(None, None, mnameparts, validate, globals, locals)
if module is None:
raise Unauthorized, "import of '%s' is unauthorized" % mname
if fromlist is None:
fromlist = ()
for name in fromlist:
v = getattr(module, name, None)
if v is None:
v = load_module(module, mname, [name], validate, globals, locals)
if not validate(module, module, name, v):
raise Unauthorized
else:
return __import__(mname, globals, locals, fromlist)
