[Zope-Coders] Re: [Zope-Checkins] CVS: Zope/lib/python/AccessControl - ZopeGuards.py:1.13

Shane Hathaway shane@ZOPE.COM
Wed, 18 Dec 2002 10:48:11 -0500 

Chris Withers wrote:
> Shane Hathaway wrote:
> 
>> Chris Withers wrote:
>>
>>> You might be able to use the stuff that PlugginIndexes use to get 
>>> imported first to make sure you hot-swap the required module before 
>>> other stuff needs it, so removing the need to actually replce the 
>>> module on disk.
>>
>>
>> Interesting idea, but I would have to integrate a piece of 
>> TransparentFolders into the core, which I wouldn't feel good about.  I 
>> have to set an example, you know. :-)
> 
> 
> How so? The idea I was suggesting should let you hot-replace the bits 
> that you would otherwise have to put into the core...

I don't see what you mean.  The name "TransparentFolder" should not 
appear anywhere in Zope, so what would I do?

>> imp.find_module() doesn't seem to do enough: it can't deal with 
>> hierarchical names until you load_module().
> 
> 
> Well, you wouldn't use find_module, just load_module. And I'm counting 
> on that not to do anything with heirarchical names so that we don't 
> import anything we're not planning on importing...

load_module executes the module, just like __import__.  Maybe I don't 
understand what you're saying.

> 
>>> Hmmm... how, and more importantly, where should I write these unit 
>>> tests?
>>
>>
>> In AccessControl/tests.  I'd create a structure like this:
>>
>> AccessControl/tests/
>>   safe_pkg/
>>     __init__.py
>>     zope_security.py
>>   unsafe_pkg/
>>     __init__.py   (upon import, set a flag that says the test failed)
> 
> 
> How about just raise a HideousSecurityHole exception? ;-)

I'm concerned that some versions of Python (perhaps unreleased versions) 
may catch that exception and transform it into ImportError.  I don't 
know how likely that is, though.

> 
>>   safe_module.py
>>   safe_module_zope_security.py
>>   unsafe_module.py  (set the failed test flag here too)
>>
>> Then call guarded_import for safe_pkg, unsafe_pkg, safe_module, and 
>> unsafe_module.  In the "unsafe" tests, catch and ignore Unauthorized 
>> errors.  
> 
> 
> They'll be ImportErrors, and I'll be doing an assertRaises.

What happens now when you try to import something not specifically 
allowed?  ImportError or Unauthorized?  I would expect Unauthorized (or 
perhaps even a new UnauthorizedImportError, which subclasses both types.)

Shane