def runFunction(request, module_key, function_key): auth_check = auth(request) if auth_check: return auth_check #assumption: members start with lower-case, classes start with upper-case safe_member_keys = [key for key in blazigator.__dict__.keys() if not (key.startswith("__") or inspect.isclass(blazigator.__dict__[key]) or inspect.ismodule(blazigator.__dict__[key]) ) ] if not module_key in safe_member_keys: return HttpResponse("naw bro", status =403) module = blazigator.__dict__[module_key] safe_function_keys = [f for f in dir(module) if (callable(getattr(module, f)) and not f.startswith("__") ) ] if not function_key in safe_function_keys: return HttpResponse("naw bro", status =403) ScriptManager.current_script_name = "None.py" ScriptManager.run("None.py") args = ast.literal_eval(urllib.unquote(request.GET['args'])) if args: return HttpResponse(getattr(module, function_key)(args)) else: return HttpResponse(getattr(module, function_key)())
def run(request, title): auth_check = auth(request) if auth_check: return auth_check ScriptManager.current_script_name = title ScriptManager.run(title) return redirect("/scripts")