[Zope] Scoping question (Python scripts)

Martijn Pieters mj@digicool.com
Mon, 9 Apr 2001 18:46:18 +0200


On Mon, Apr 09, 2001 at 08:56:54AM -0700, Kirby Urner wrote:
> Here's another question along the same lines -- directed to 
> anyone (like, I understand if you're busy).  
> 
> Even in an earlier Python like 1.5.2 I believe it's legal to 
> write a function like this:
> 
> ==========
> 
> def f():
> 
>    class test:
> 
>       def d(self,n):
>          return n+100
>       
>       def c(self,n):
>          n = n + self.d(n)
>          return n+10
>       
>    om = test()
>    j = om.c(3)
>    return j
> 
> ==========
> 
> There's a class defined internally to the function.  The above works for 
> me in regular Python (2.1 beta -- but I'm not depending on nested scopes, 
> no importing from __future___, and no warnings for not).
> 
> However, if I strip off the top line and make the rest be a "function 
> body" ala a Zope script (de-indent the rest of the lines), like this:
> 
> ==========
> 
> class test:
> 
>     def d(self,n):
>          return n+100
>       
>     def c(self,n):
>          n = n + self.d(n)
>          return n+10
>       
> om = test()
> j = om.c(3)
> return j
> 
> ==========
> 
> ...then when I try to save it I get:
> 
> Forbidden operation STORE_NAME at line 4
> Forbidden operation STORE_NAME at line 7
> 
> So is there something about Python classes that they can't
> be defined internally to an ordinary function/script?  

I *think* this is because you are not allowed to manipulate classes from
Python Script

What I think happens is that the special Python bytecompiler used to
parse and compile the above Python Script is that as soon as you get to
the 'def d(self, n):' statement, you are trying to store a new method in
the 'test' class, which the compiler has been told you are not allowed to
do. Because you try and do this twice, you get two errors.

As for the reason why: if you could manipulate classes in the Zope
framework, you'd probably be able to break the security somewhere with a
well aimed method in a key class. This would not be a good idea, so Ethan
wisely disabled that. This restriction could posibly be loosened to allow
for locally defined classes, but I have no experience with restricting
python bytecode compilations.

> I've been seeing a lot of text about "publishing a product" 
> which involves doing some bookkeeping stuff I was hoping
> to avoid.
> 
> The on-line docs seem to go from "Hello world" type scripts 
> (and vaccinating a hippo) to publishing products, without 
> a whole lot in between (and so my train of thought keeps 
> falling through the cracks).

There are a great deal many more documents; try the Zope Book, and
Itamar's Developers Guide is also excellent:

  http://www.zope.org/Members/michel/ZB
  http://itamarst.org/learningzope/

In the meantime, you can use External Methods to accomplish things in an
unrestricted environment.

-- 
Martijn Pieters
| Software Engineer  mailto:mj@digicool.com
| Digital Creations  http://www.digicool.com/
| Creators of Zope   http://www.zope.org/
---------------------------------------------