Esempio n. 1
0
def guarded_import(mname, globals=None, locals=None, fromlist=None):
    if fromlist is None:
        fromlist = ()
    if '*' in fromlist:
        raise Unauthorized, "'from %s import *' is not allowed"
    if globals is None:
        globals = {}
    if locals is None:
        locals = {}
    mnameparts = mname.split('.')
    firstmname = mnameparts[0]
    validate = getSecurityManager().validate
    module = load_module(None, None, mnameparts, validate, globals, locals)
    if module is None:
        raise Unauthorized, "import of '%s' is unauthorized" % mname
    if fromlist is None:
        fromlist = ()
    for name in fromlist:
        v = getattr(module, name, None)
        if v is None:
            v = load_module(module, mname, [name], validate,
                            globals, locals)
        if not validate(module, module, name, v):
            raise Unauthorized
    else:
        return __import__(mname, globals, locals, fromlist)
Esempio n. 2
0
def guard(container, value, index=None):
    if Containers(type(container)) and Containers(type(value)):
        # Simple type.  Short circuit.
        return
    if getSecurityManager().validate(container, container, index, value):
        return
    _error(index)
Esempio n. 3
0
def guard(container, value, index=None):
    if Containers(type(container)) and Containers(type(value)):
        # Simple type.  Short circuit.
        return
    if getSecurityManager().validate(container, container, index, value):
        return
    _error(index)
Esempio n. 4
0
def guarded_import(mname, globals=None, locals=None, fromlist=None,
                   level=-1):
    if fromlist is None:
        fromlist = ()
    if '*' in fromlist:
        raise Unauthorized("'from %s import *' is not allowed")
    if globals is None:
        globals = {}
    if locals is None:
        locals = {}
    # Refs https://bugs.launchpad.net/zope2/+bug/659968
    if level != -1:
        raise Unauthorized("Using import with a level specification isn't "
                           "supported by AccessControl: %s" % mname)

    mnameparts = mname.split('.')
    validate = getSecurityManager().validate
    module = load_module(None, None, mnameparts, validate, globals, locals)
    if module is None:
        raise Unauthorized("import of '%s' is unauthorized" % mname)
    if fromlist is None:
        fromlist = ()
    for name in fromlist:
        v = getattr(module, name, None)
        if v is None:
            v = load_module(module, mname, [name], validate,
                            globals, locals)
        if not validate(module, module, name, v):
            raise Unauthorized
    else:
        return __import__(mname, globals, locals, fromlist)
Esempio n. 5
0
def guarded_import(mname, globals=None, locals=None, fromlist=None, level=-1):
    if fromlist is None:
        fromlist = ()
    if '*' in fromlist:
        raise Unauthorized("'from %s import *' is not allowed")
    if globals is None:
        globals = {}
    if locals is None:
        locals = {}
    # Refs https://bugs.launchpad.net/zope2/+bug/659968
    if level != -1:
        raise Unauthorized("Using import with a level specification isn't "
                           "supported by AccessControl: %s" % mname)

    mnameparts = mname.split('.')
    validate = getSecurityManager().validate
    module = load_module(None, None, mnameparts, validate, globals, locals)
    if module is None:
        raise Unauthorized("import of '%s' is unauthorized" % mname)
    if fromlist is None:
        fromlist = ()
    for name in fromlist:
        v = getattr(module, name, None)
        if v is None:
            v = load_module(module, mname, [name], validate, globals, locals)
        if not validate(module, module, name, v):
            raise Unauthorized
    else:
        return __import__(mname, globals, locals, fromlist)
Esempio n. 6
0
def guarded_import(mname, globals={}, locals={}, fromlist=None):
    mnameparts = mname.split('.')
    firstmname = mnameparts[0]
    validate = getSecurityManager().validate
    module = load_module(None, None, mnameparts, validate, globals, locals)
    if module is not None:
        if fromlist is None:
            fromlist = ()
        try:
            for name in fromlist:
                if name == '*':
                    raise ImportError, ('"from %s import *" is not allowed' %
                                        mname)
                v = getattr(module, name, None)
                if v is None:
                    v = load_module(module, mname, [name], validate, globals,
                                    locals)
                if not validate(module, module, name, v):
                    raise Unauthorized
            else:
                return __import__(mname, globals, locals, fromlist)
        except Unauthorized, why:
            raise ImportError, (
                'import of "%s" from "%s" is unauthorized. %s' %
                (name, mname, why))
Esempio n. 7
0
def guarded_filter(f, seq, skip_unauthorized=0):
    if type(seq) is type(''):
        return filter(f, seq)
    if f is None:
        def f(x): return x
    v = getSecurityManager().validate
    result = []
    a = result.append
    for el in seq:
        if v(seq, seq, None, el):
            if f(el): a(el)
        elif not skip_unauthorized:
            raise Unauthorized, 'unauthorized access to element'
    return result
Esempio n. 8
0
def guarded_filter(f, seq, skip_unauthorized=0):
    if type(seq) is type(''):
        return filter(f, seq)
    if f is None:

        def f(x):
            return x

    v = getSecurityManager().validate
    result = []
    a = result.append
    for el in seq:
        if v(seq, seq, None, el):
            if f(el): a(el)
        elif not skip_unauthorized:
            raise Unauthorized, 'unauthorized access to element'
    return result
Esempio n. 9
0
 def guarded_getattr(inst, name, default=_marker):
     if name[:1] != '_':
         # Try to get the attribute normally so that unusual
         # exceptions are caught early.
         try: v = getattr(inst, name)
         except AttributeError:
             if default is not _marker:
                 return default
             raise
         if Containers(type(inst)):
             # Simple type.  Short circuit.
             return v
         validate = getSecurityManager().validate
         # Filter out the objects we can't access.
         if hasattr(inst, 'aq_acquire'):
             return inst.aq_acquire(name, aq_validate, validate)
         # Or just try to get the attribute directly.
         if validate(inst, inst, name, v):
             return v
     raise Unauthorized, name
Esempio n. 10
0
def guarded_getitem(object, index):
    if type(index) is SliceType:
        if index.step is not None:
            v = object[index]
        else:
            start = index.start
            stop = index.stop
            if start is None:
                start = 0
            if stop is None:
                v = object[start:]
            else:
                v = object[start:stop]
        # We don't guard slices.
        return v
    v = object[index]
    if Containers(type(object)) and Containers(type(v)):
        # Simple type.  Short circuit.
        return v
    if getSecurityManager().validate(object, object, None, v):
        return v
    raise Unauthorized, 'unauthorized access to element %s' % `i`
Esempio n. 11
0
def guarded_getitem(object, index):
    if type(index) is SliceType:
        if index.step is not None:
            v = object[index]
        else:
            start = index.start
            stop = index.stop
            if start is None:
                start = 0
            if stop is None:
                v = object[start:]
            else:
                v = object[start:stop]
        # We don't guard slices.
        return v
    v = object[index]
    if Containers(type(object)) and Containers(type(v)):
        # Simple type.  Short circuit.
        return v
    if getSecurityManager().validate(object, object, None, v):
        return v
    raise Unauthorized('unauthorized access to element %s' % index)
Esempio n. 12
0
 def authorize(self, user, accessed, container, name, value, roles):
     user = getattr(user, 'aq_base', user).__of__(self)
     newSecurityManager(None, user)
     security = getSecurityManager()
     try:
         try:
             # This is evil: we cannot pass _noroles directly because
             # it is a special marker, and that special marker is not
             # the same between the C and Python policy implementations.
             # We __really__ need to stop using this marker pattern!
             if roles is _noroles:
                 if security.validate(accessed, container, name, value):
                     return 1
             else:
                 if security.validate(accessed, container, name, value,
                                      roles):
                     return 1
         except:
             noSecurityManager()
             raise
     except Unauthorized: pass
     return 0
Esempio n. 13
0
 def authorize(self, user, accessed, container, name, value, roles):
     user = getattr(user, 'aq_base', user).__of__(self)
     newSecurityManager(None, user)
     security = getSecurityManager()
     try:
         try:
             # This is evil: we cannot pass _noroles directly because
             # it is a special marker, and that special marker is not
             # the same between the C and Python policy implementations.
             # We __really__ need to stop using this marker pattern!
             if roles is _noroles:
                 if security.validate(accessed, container, name, value):
                     return 1
             else:
                 if security.validate(accessed, container, name, value,
                                      roles):
                     return 1
         except:
             noSecurityManager()
             raise
     except Unauthorized: pass
     return 0
Esempio n. 14
0
def guarded_import(mname, globals={}, locals={}, fromlist=None):
    mnameparts = mname.split('.')
    firstmname = mnameparts[0]
    validate = getSecurityManager().validate
    module = load_module(None, None, mnameparts, validate, globals, locals)
    if module is not None:
        if fromlist is None:
            fromlist = ()
        try:
            for name in fromlist:
                if name == '*':
                    raise ImportError, ('"from %s import *" is not allowed'
                                        % mname)
                v = getattr(module, name, None)
                if v is None:
                    v = load_module(module, mname, [name], validate,
                                    globals, locals)
                if not validate(module, module, name, v):
                    raise Unauthorized
            else:
                return __import__(mname, globals, locals, fromlist)
        except Unauthorized, why:
            raise ImportError, ('import of "%s" from "%s" is unauthorized. %s'
                                % (name, mname, why))
Esempio n. 15
0
def guarded_import(mname, globals=None, locals=None, fromlist=None):
    if fromlist is None:
        fromlist = ()
    if '*' in fromlist:
        raise Unauthorized, "'from %s import *' is not allowed"
    if globals is None:
        globals = {}
    if locals is None:
        locals = {}
    mnameparts = mname.split('.')
    validate = getSecurityManager().validate
    module = load_module(None, None, mnameparts, validate, globals, locals)
    if module is None:
        raise Unauthorized, "import of '%s' is unauthorized" % mname
    if fromlist is None:
        fromlist = ()
    for name in fromlist:
        v = getattr(module, name, None)
        if v is None:
            v = load_module(module, mname, [name], validate, globals, locals)
        if not validate(module, module, name, v):
            raise Unauthorized
    else:
        return __import__(mname, globals, locals, fromlist)