Python PersistentList.__allow_access_to_unprotected_subobjects__ 예제들

예제 #1

파일: test_formatter.py 프로젝트: vedantc98/Plone-test

 def test_prevents_bad_string_formatting_key(self):
     from AccessControl.safe_formatter import SafeFormatter
     from AccessControl.ZopeGuards import guarded_getitem
     from persistent.list import PersistentList
     # Accessing basic Python types in a basic Python list is fine.
     foo = list(['bar'])
     self.assertEqual(SafeFormatter('{0[0]}').safe_format(foo), 'bar')
     self.assertEqual(guarded_getitem(foo, 0), 'bar')
     # For basic Python types in a non-basic list, we guard the access.
     foo = PersistentList(foo)
     self.assertRaises(Unauthorized, guarded_getitem, foo, 0)
     self.assertRaises(Unauthorized,
                       SafeFormatter('{0[0]}').safe_format, foo)
     # though we could allow access if we want:
     foo.__allow_access_to_unprotected_subobjects__ = 1
     self.assertEqual(guarded_getitem(foo, 0), 'bar')
     self.assertEqual(SafeFormatter('{0[0]}').safe_format(foo), 'bar')
     # For non-basic items we want run checks too.
     folder = self._create_folder_with_mixed_contents()
     # We can get the public items just fine:
     self.assertEqual(
         SafeFormatter('{0[0]}').safe_format(folder), '<Item public1>')
     self.assertEqual(
         SafeFormatter('{0[2]}').safe_format(folder), '<Item public2>')
     # But not the private item:
     self.assertRaises(Unauthorized,
                       SafeFormatter('{0[1]}').safe_format, folder)

예제 #2

파일: test_safe_formatter.py 프로젝트: zopefoundation/AccessControl

 def test_prevents_bad_string_formatting_key(self):
     from AccessControl.safe_formatter import SafeFormatter
     from AccessControl.ZopeGuards import guarded_getitem
     from persistent.list import PersistentList
     # Accessing basic Python types in a basic Python list is fine.
     foo = list(['bar'])
     self.assertEqual(SafeFormatter('{0[0]}').safe_format(foo),
                      'bar')
     self.assertEqual(guarded_getitem(foo, 0), 'bar')
     # For basic Python types in a non-basic list, we guard the access.
     foo = PersistentList(foo)
     self.assertRaises(Unauthorized, guarded_getitem, foo, 0)
     self.assertRaises(Unauthorized,
                       SafeFormatter('{0[0]}').safe_format, foo)
     # though we could allow access if we want:
     foo.__allow_access_to_unprotected_subobjects__ = 1
     self.assertEqual(guarded_getitem(foo, 0), 'bar')
     self.assertEqual(SafeFormatter('{0[0]}').safe_format(foo),
                      'bar')
     # For non-basic items we want run checks too.
     folder = self._create_folder_with_mixed_contents()
     # We can get the public items just fine:
     self.assertEqual(SafeFormatter('{0[0]}').safe_format(folder),
                      '<Item public1>')
     self.assertEqual(SafeFormatter('{0[2]}').safe_format(folder),
                      '<Item public2>')
     # But not the private item:
     self.assertRaises(Unauthorized,
                       SafeFormatter('{0[1]}').safe_format,
                       folder)