[Zope-Checkins] SVN: Zope/branches/2.10/ Fix #2141: TALES doesn't
traverse correctly over 'repeat' variable
Philipp von Weitershausen
philikon at philikon.de
Fri Jul 7 18:40:10 EDT 2006
Log message for revision 69033:
Fix #2141: TALES doesn't traverse correctly over 'repeat' variable
Changed:
U Zope/branches/2.10/doc/CHANGES.txt
U Zope/branches/2.10/lib/python/Products/PageTemplates/Expressions.py
U Zope/branches/2.10/lib/python/Products/PageTemplates/PageTemplateFile.py
U Zope/branches/2.10/lib/python/Products/PageTemplates/TALES.py
A Zope/branches/2.10/lib/python/Products/PageTemplates/tests/input/RepeatVariable.html
A Zope/branches/2.10/lib/python/Products/PageTemplates/tests/output/RepeatVariable.html
U Zope/branches/2.10/lib/python/Products/PageTemplates/tests/testExpressions.py
U Zope/branches/2.10/lib/python/Products/PageTemplates/tests/testHTMLTests.py
-=-
Modified: Zope/branches/2.10/doc/CHANGES.txt
===================================================================
--- Zope/branches/2.10/doc/CHANGES.txt 2006-07-07 22:39:11 UTC (rev 69032)
+++ Zope/branches/2.10/doc/CHANGES.txt 2006-07-07 22:40:09 UTC (rev 69033)
@@ -18,6 +18,9 @@
Bugs Fixed
+ - Fix #2141: TALES doesn't traverse correctly over 'repeat'
+ variable
+
- reStructuredText/ZReST: setting raw_enabled to 0 for security
reasons
Modified: Zope/branches/2.10/lib/python/Products/PageTemplates/Expressions.py
===================================================================
--- Zope/branches/2.10/lib/python/Products/PageTemplates/Expressions.py 2006-07-07 22:39:11 UTC (rev 69032)
+++ Zope/branches/2.10/lib/python/Products/PageTemplates/Expressions.py 2006-07-07 22:40:09 UTC (rev 69033)
@@ -28,6 +28,7 @@
import zope.app.pagetemplate.engine
import OFS.interfaces
+from MultiMapping import MultiMapping
from Acquisition import aq_base
from zExceptions import NotFound, Unauthorized
from Products.Five.browser.providerexpression import Z2ProviderExpression
@@ -140,8 +141,32 @@
return 1
return 0
+class SafeMapping(MultiMapping):
+ """Mapping with security declarations and limited method exposure.
+
+ Since it subclasses MultiMapping, this class can be used to wrap
+ one or more mapping objects. Restricted Python code will not be
+ able to mutate the SafeMapping or the wrapped mappings, but will be
+ able to read any value.
+ """
+ __allow_access_to_unprotected_subobjects__ = True
+ push = pop = None
+
+ _push = MultiMapping.push
+ _pop = MultiMapping.pop
+
class ZopeContext(Context):
+ def __init__(self, engine, contexts):
+ super(ZopeContext, self).__init__(engine, contexts)
+ # wrap the top-level 'repeat' variable, as it is visible to
+ # restricted code
+ self.setContext('repeat', SafeMapping(self.repeat_vars))
+ # regenerate the first scope and the scope stack after messing
+ # with the global context
+ self.vars = vars = contexts.copy()
+ self._vars_stack = [vars]
+
def translate(self, msgid, domain=None, mapping=None, default=None):
context = self.contexts.get('context')
return getGlobalTranslationService().translate(
Modified: Zope/branches/2.10/lib/python/Products/PageTemplates/PageTemplateFile.py
===================================================================
--- Zope/branches/2.10/lib/python/Products/PageTemplates/PageTemplateFile.py 2006-07-07 22:39:11 UTC (rev 69032)
+++ Zope/branches/2.10/lib/python/Products/PageTemplates/PageTemplateFile.py 2006-07-07 22:40:09 UTC (rev 69033)
@@ -56,8 +56,6 @@
security.declareProtected('View management screens',
'read', 'document_src')
- _default_bindings = {'name_subpath': 'traverse_subpath'}
-
def __init__(self, filename, _prefix=None, **kw):
name = kw.pop('__name__', None)
Modified: Zope/branches/2.10/lib/python/Products/PageTemplates/TALES.py
===================================================================
--- Zope/branches/2.10/lib/python/Products/PageTemplates/TALES.py 2006-07-07 22:39:11 UTC (rev 69032)
+++ Zope/branches/2.10/lib/python/Products/PageTemplates/TALES.py 2006-07-07 22:40:09 UTC (rev 69033)
@@ -19,21 +19,7 @@
from zope.tales.tests.simpleexpr import SimpleExpr
from zope.tales.tales import ExpressionEngine as Engine
from zope.tales.tales import _default as Default
+from Products.PageTemplates.Expressions import SafeMapping
-from MultiMapping import MultiMapping
-class SafeMapping(MultiMapping):
- '''Mapping with security declarations and limited method exposure.
-
- Since it subclasses MultiMapping, this class can be used to wrap
- one or more mapping objects. Restricted Python code will not be
- able to mutate the SafeMapping or the wrapped mappings, but will be
- able to read any value.
- '''
- __allow_access_to_unprotected_subobjects__ = 1
- push = pop = None
-
- _push = MultiMapping.push
- _pop = MultiMapping.pop
-
import zope.deprecation
zope.deprecation.moved("zope.tales.tales", "2.12")
Added: Zope/branches/2.10/lib/python/Products/PageTemplates/tests/input/RepeatVariable.html
===================================================================
--- Zope/branches/2.10/lib/python/Products/PageTemplates/tests/input/RepeatVariable.html 2006-07-07 22:39:11 UTC (rev 69032)
+++ Zope/branches/2.10/lib/python/Products/PageTemplates/tests/input/RepeatVariable.html 2006-07-07 22:40:09 UTC (rev 69033)
@@ -0,0 +1,10 @@
+<html>
+ <body>
+ <ol tal:define="results python:range(5)">
+ <tal:block tal:repeat="items results">
+ <li tal:define="odd repeat/items/odd"
+ tal:content="python:odd and 'odd' or 'even'">Content</li>
+ </tal:block>
+ </ol>
+ </body>
+</html>
Property changes on: Zope/branches/2.10/lib/python/Products/PageTemplates/tests/input/RepeatVariable.html
___________________________________________________________________
Name: svn:eol-style
+ native
Added: Zope/branches/2.10/lib/python/Products/PageTemplates/tests/output/RepeatVariable.html
===================================================================
--- Zope/branches/2.10/lib/python/Products/PageTemplates/tests/output/RepeatVariable.html 2006-07-07 22:39:11 UTC (rev 69032)
+++ Zope/branches/2.10/lib/python/Products/PageTemplates/tests/output/RepeatVariable.html 2006-07-07 22:40:09 UTC (rev 69033)
@@ -0,0 +1,21 @@
+<html>
+ <body>
+ <ol>
+
+ <li>even</li>
+
+
+ <li>odd</li>
+
+
+ <li>even</li>
+
+
+ <li>odd</li>
+
+
+ <li>even</li>
+
+ </ol>
+ </body>
+</html>
Property changes on: Zope/branches/2.10/lib/python/Products/PageTemplates/tests/output/RepeatVariable.html
___________________________________________________________________
Name: svn:eol-style
+ native
Modified: Zope/branches/2.10/lib/python/Products/PageTemplates/tests/testExpressions.py
===================================================================
--- Zope/branches/2.10/lib/python/Products/PageTemplates/tests/testExpressions.py 2006-07-07 22:39:11 UTC (rev 69032)
+++ Zope/branches/2.10/lib/python/Products/PageTemplates/tests/testExpressions.py 2006-07-07 22:40:09 UTC (rev 69033)
@@ -74,7 +74,7 @@
ec = self.ec
ec.beginScope()
ec.setRepeat('loop', "python:[1,2,3]")
- assert ec.evaluate("python:repeat['loop'].even()")
+ assert ec.evaluate("python:repeat['loop'].odd()")
ec.endScope()
def testWrappers(self):
Modified: Zope/branches/2.10/lib/python/Products/PageTemplates/tests/testHTMLTests.py
===================================================================
--- Zope/branches/2.10/lib/python/Products/PageTemplates/tests/testHTMLTests.py 2006-07-07 22:39:11 UTC (rev 69032)
+++ Zope/branches/2.10/lib/python/Products/PageTemplates/tests/testHTMLTests.py 2006-07-07 22:40:09 UTC (rev 69033)
@@ -165,6 +165,9 @@
def checkImportOldStyleClass(self):
self.assert_expected(self.folder.t, 'CheckImportOldStyleClass.html')
+ def checkRepeatVariable(self):
+ self.assert_expected(self.folder.t, 'RepeatVariable.html')
+
def test_suite():
return unittest.makeSuite(HTMLTests, 'check')
More information about the Zope-Checkins
mailing list