[Zope-dev] Re: hasattr implementation for Zope?
Dieter Maurer
dieter at handshake.de
Mon May 30 12:50:48 EDT 2005
Tres Seaver wrote at 2005-5-28 12:34 -0400:
> ...
>The spelling, of course, would be up for endless argument. ;) Perhaps
>we could call it 'persistent_hasattr', and then let folks alias it at
>import time as they wish (even to 'hasattr', but not in the core!).
The spelling is not my major concern.
The "safe_hasattr" method (or similarly spelled) must be easily
accessible in both trusted and untrusted (DTML, TALES, PythonScript, ...)
code. I think it should be easier than
"modules['ZODB.utils'].safe_hasattr(...)"
And it would indeed be very good (as suggested by Paul) when a variant
(with a different name or with an additional argument)
could disable acquisition for the test.
>We would then (as you note) need to ensure that we made it available to
>restricted code. For that casee, we might need a variant of it which
>used 'guarded_getattr' (but I'm not sure about that).
What would be the aim?
The non "guarded" implementation would tell you "exists, does not exist",
the "guarded" implementation "exists, Unauthorized, does
not exist" with the "Unauthorized exception being a variant of
"exists". Few applications would be interested in the
"Unauthorized" exception; if they were, the could easily get it
by other means. The exception would not provide additional
"security". Unless we would turn it into a "does not exist".
But, first I hate such cheating, second it may work against
many some use cases ("see if it is already there; otherwise create it")
and third, I would not make anything safer unless we also provide
a restricted "getattr".
--
Dieter
More information about the Zope-Dev
mailing list