[Zope-Checkins] CVS: Zope/lib/python/Shared/DC/Scripts - Bindings.py:1.9.6.5

Tres Seaver tseaver at zope.com
Mon Jan 26 16:41:12 EST 2004 

Update of /cvs-repository/Zope/lib/python/Shared/DC/Scripts
In directory cvs.zope.org:/tmp/cvs-serv608/lib/python/Shared/DC/Scripts

Modified Files:
      Tag: Zope-2_6-branch
	Bindings.py 
Log Message:


  - Shared/DC/Scripts/Bindings.py:

    o Push script onto the execution stack before computing bindings, so
      that script proxy roles will be in effect during binding.

    o Harden "spacesuit" against Python / ZPublisher's willingness to use
      methods like __str__, __call__, and index_html.

  - Products/PythonScripts/PythonScript.py:

    o Remove code which pushes script onto the execution stack, since
      it is now done in the Binding base class.

  - AccessControl/tests/testBindings.py:

    o Make tests explicitly assert protection of "special" names;  also
      verify that proxy roles work during binding.


=== Zope/lib/python/Shared/DC/Scripts/Bindings.py 1.9.6.4 => 1.9.6.5 ===
--- Zope/lib/python/Shared/DC/Scripts/Bindings.py:1.9.6.4	Mon Jan 26 15:27:43 2004
+++ Zope/lib/python/Shared/DC/Scripts/Bindings.py	Mon Jan 26 16:41:11 2004
@@ -173,11 +173,16 @@
         # Make *extra* sure that the wrapper isn't used to access
         # __call__, __str__, __repr__, etc.
         if name.startswith('__'):
-            name = self.__dict__['_name']
-            raise Unauthorized('Not authorized to access binding: %s' % name)
+            self.__you_lose()
 
         return guarded_getattr(self._wrapped, name, default)
 
+    def __you_lose(self):
+        name = self.__dict__['_name']
+        raise Unauthorized('Not authorized to access binding: %s' % name)
+
+    __str__ = __call__ = index_html = __you_lose
+
 class Bindings:
 
     __ac_permissions__ = (
@@ -323,10 +328,18 @@
         bindcode = getattr(self, '_v_bindcode', _marker)
         if bindcode is _marker:
             bindcode = self._prepareBindCode()
-        if bindcode is None:
-            bound_data = {}
-        else:
-            bound_data = []
-            exec bindcode
-            bound_data = bound_data[0]
-        return self._exec(bound_data, args, kw)
+
+        # Execute the script in a new security context (including the
+        # bindings preparation).
+        security = getSecurityManager()
+        security.addContext(self)
+        try:
+            if bindcode is None:
+                bound_data = {}
+            else:
+                bound_data = []
+                exec bindcode
+                bound_data = bound_data[0]
+            return self._exec(bound_data, args, kw)
+        finally:
+            security.removeContext(self)

More information about the Zope-Checkins mailing list