[Zope-dev] Re: hasattr implementation for Zope?

Jim Fulton jim at zope.com
Fri May 27 11:49:03 EDT 2005 

Paul Winkler wrote:
> On Fri, May 27, 2005 at 09:25:58AM -0400, Jim Fulton wrote:
> 
>>Tim Peters wrote:
>>
>>>OTOH, defining & importing a utility function-- say, safehasattr()
>>>--would make it all explicit.  That's what ZODB does.  
> 
> 
> OK.
> 
> (BTW, I just went grepping for this safehasattr() in zope 2.7.6's
> ZODB and didn't find anything. What's it called?)
>  
> There are ~700 calls to hasattr() currently in the Zope core (ouch!).  
> Are there cases where the current use of hasattr() is considered safe?
> Or since it's "broken by design",  should we replace all 700
> calls with this hypothetical safe_hasattr()?
> 
> While we're on the subject, the other day Dieter Maurer was complaining that:
> 
> """
> An incredibly long time ago, I filed a feature request for                      
> "hasattr_unacquired" -- together with patch, unit tests and
> documentation       
> update. I am convinced that such a function in the                              
> DTML namespace (and therefore always available in restricted code)              
> would be much clearer than the "aq_inner.aq_explicit" dance.                    
>                                                                                 
> But, unfortunately, the Zope developers decided not to                          
> accept my patch or the "hasattr_unacquired" idea                                
> and instead made "aq_inner" accessible by untrusted code.                       
> A bad decision!                                                                 
> As a consequence, you see the nasty code.                                       
> """

I'm sure this was an unintentional non-acceptance.  It would be
a lot easier if Dieter became a contributor and checked this in
himself.  I'd be happy to see Dieter's patch accepted.

> So, assuming we add a safe_hasattr() function, maybe it could take 
> an extra keyword arg?
> 
> something like:
> 
> def safe_hasattr(obj, attr, acquired=True, _marker=[]):
>     if not acquired:
>         obj = aq_inner(aq_explicit(obj))
>     return getattr(obj, attr, _marker) is not _marker

I'd rather have 2 separate functions.

BTW, I prefer to code things like this in the following way:

   def safe_hasattr():
       marker = object()

       def safe_hasattr(obj, attr):
           return getattr(obj, attr, marker) is not marker

       return safe_hasattr

   safe_hasattr = safe_hasattr()

This way, there aren't any extra arguments or funny
globals to confuse matters.  (I've seen code that broke
because people tried to reuse marker definitions accross
modules.

BTW, I think this function or something like it should be
added to the Python standard library.  Anybody want to
try to get it into 2.5?

Jim

-- 
Jim Fulton           mailto:jim at zope.com       Python Powered!
CTO                  (540) 361-1714            http://www.python.org
Zope Corporation     http://www.zope.com       http://www.zope.org

More information about the Zope-Dev mailing list