[Zope-dev] how to add to the pythonscript allowed import list?
R. David Murray
bitz@bitdance.com
Thu, 19 Apr 2001 15:59:31 -0400 (EDT)
On Thu, 19 Apr 2001, Chris McDonough wrote:
> http://www.zope.org/Documentation/ZDG/Security.dtml (see Using
> ModuleSecurityInfo Objects)
>
> I think it will be something along the lines of:
>
> from AccessControl import ModuleSecurityInfo
> ModuleSecurityInfo('Products').declarePublic('SignedEditions')
> ModuleSecurityInfo('Products.SignedEditions').declarePublic('stripCardNumber
> ', 'verifyCardNumber')
Thanks, that worked!
I'm going to file a collector report on that misleading error message.
Also, I did read stuff very similar to the text you pointed me to above,
in the PythonMethods wiki. Clearly, it did *not* tell me as a developer
how to do what the text is saying it is telling me how to do: make it
so I can import a function in a pythonscript. So I think you should
add a note about the need for the ModuleSecurityInfo('Products').declarePublic
call, and incorporate it into the example (or another example).
Also, the text makes a distinction between marking "external" modules
and marking "embedded" modules. The former uses the spelling above,
the latter the "security = ModuleSecurityInfo()" spelling. As far as
I can see, what I am doing is the *latter* case, and what I tried
naively following the directions did not work, but this external
spelling did. So something needs to be clarified there, as well.
I've filed this as a tracker comment on the ZDG, as well.
--RDM