[Zope] build a safe proxy

[Eric Bréhault]

Hello,

I am trying to build a safe proxy to wrap the Plone portal object in order
to control what is allowed or not.
Here is my code:
class SafeProxy:
    def __init__(self, obj):
        self.__dict__['_obj'] = obj

    def __getattr__(self, attr):
        attributes_whitelist=['portal_membership', 'MailHost']
        if attr in attributes_whitelist:
            return getattr(self._obj, attr)
        else:
            raise AttributeError, attr+" not allowed in Plomino formula
context"

    def __setattr__(self, attr, val):
        raise AttributeError, attr+" not allowed in Plomino formula context"

Then I use it that way:
>>>safeportal=SafeProxy(portal)
>>>safeportal.portal_membership
<MembershipTool at /myportal/portal_membership>
>>>safeportal.portal_catalog
AttributeError: portal_catalog not allowed in Plomino formula context

which is perfect.

But my problem is:
>>> safeportal._obj.portal_catalog
<CatalogTool at /concerteau/portal_catalog>

How can I hide completely the SafeProxy _obj ? How can I make sure it can
only be used from the SafeProxy class code itself and nowhere else ?
How can I turn it private ? (in Python private attributes are supposed to
start with 2 underscores:  __obj, but it just mangles with the classname:
_SafeProxy__obj, so it just guarantees it will not be overwrite by another
class, it does not physically protect it)

OR (if totally impossible in Python):
how can I do it another way ? maybe using zope.proxy.ProxyBase, but i do not
find any documentation about it...

Thanks in advance,

Eric BREHAULT
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.zope.org/pipermail/zope/attachments/20070315/3c7e226b/attachment.htm