[Zope3-checkins] SVN: Zope3/trunk/src/zope/security/ Converted XXX to TODO.

Stephan Richter srichter at cosmos.phy.tufts.edu
Tue Jul 13 12:28:46 EDT 2004


Log message for revision 26454:
  Converted XXX to TODO.
  


Changed:
  U   Zope3/trunk/src/zope/security/__init__.py
  U   Zope3/trunk/src/zope/security/builtins.py
  U   Zope3/trunk/src/zope/security/interfaces.py
  U   Zope3/trunk/src/zope/security/interpreter.py
  U   Zope3/trunk/src/zope/security/proxy.py
  U   Zope3/trunk/src/zope/security/tests/test_checker.py
  U   Zope3/trunk/src/zope/security/tests/test_proxy.py


-=-
Modified: Zope3/trunk/src/zope/security/__init__.py
===================================================================
--- Zope3/trunk/src/zope/security/__init__.py	2004-07-13 16:27:24 UTC (rev 26453)
+++ Zope3/trunk/src/zope/security/__init__.py	2004-07-13 16:28:46 UTC (rev 26454)
@@ -2,7 +2,7 @@
 # This file is necessary to make this directory a package.
 
 
-# XXX There's a circular import problem with the proxy package.
+# TODO: There's a circular import problem with the proxy package.
 # The proxy framework needs some refactoring, but not today.
 import zope.proxy
 

Modified: Zope3/trunk/src/zope/security/builtins.py
===================================================================
--- Zope3/trunk/src/zope/security/builtins.py	2004-07-13 16:27:24 UTC (rev 26453)
+++ Zope3/trunk/src/zope/security/builtins.py	2004-07-13 16:28:46 UTC (rev 26454)
@@ -48,7 +48,7 @@
         'True', 'False'
         ]
 
-    # XXX dir segfaults with a seg fault due to a bas tuple check in
+    # TODO: dir segfaults with a seg fault due to a bas tuple check in
     # merge_class_dict in object.c. The assert macro seems to be doing
     # the wrong think. Basically, if an object has bases, then bases
     # is assumed to be a tuple.
@@ -63,7 +63,7 @@
     #    input does I/O
     #    raw_input does I/O
     #    intern's effect is too global
-    #    reload does import, XXX doesn't it use __import__?
+    #    reload does import, TODO: doesn't it use __import__?
 
     _builtinTypeChecker = NamesChecker(
         ['__str__', '__repr__', '__name__', '__module__',

Modified: Zope3/trunk/src/zope/security/interfaces.py
===================================================================
--- Zope3/trunk/src/zope/security/interfaces.py	2004-07-13 16:27:24 UTC (rev 26453)
+++ Zope3/trunk/src/zope/security/interfaces.py	2004-07-13 16:28:46 UTC (rev 26454)
@@ -140,9 +140,9 @@
 
         If participation is not None, it is added to the new interaction.
 
-        XXX perhaps this should be a separate interface IInteractionFactory,
-            and the factory registered by calling
-            ISecurityManagement.global setInteractionFactory(factory).
+        TODO: perhaps this should be a separate interface IInteractionFactory,
+              and the factory registered by calling
+              ISecurityManagement.global setInteractionFactory(factory).
         """
 
     def checkPermission(permission, object, interaction):

Modified: Zope3/trunk/src/zope/security/interpreter.py
===================================================================
--- Zope3/trunk/src/zope/security/interpreter.py	2004-07-13 16:27:24 UTC (rev 26453)
+++ Zope3/trunk/src/zope/security/interpreter.py	2004-07-13 16:28:46 UTC (rev 26454)
@@ -13,13 +13,8 @@
 ##############################################################################
 """Restricted interpreter.
 
-XXX This code is not used!  Before using it, a serious security review
-should be undertaken.
+TODO: This code needs a serious security review!!!
 
-XXX (SR) Yes the code is used for the inline Python support. As far as I can
-tell the security works well, as I had to make all sorts of security
-declarations to make it work. 
-
 $Id$
 """
 from zope.security.builtins import RestrictedBuiltins

Modified: Zope3/trunk/src/zope/security/proxy.py
===================================================================
--- Zope3/trunk/src/zope/security/proxy.py	2004-07-13 16:27:24 UTC (rev 26453)
+++ Zope3/trunk/src/zope/security/proxy.py	2004-07-13 16:28:46 UTC (rev 26454)
@@ -30,7 +30,7 @@
     trusted and the proxy can always be recreated by calling the
     proxy factory and getting back a proxy with the same checker.
 
-    XXX More thought needs to be given to assuring this contract.
+    TODO: More thought needs to be given to assuring this contract.
     """
     if ((type(object) is Proxy) and
         isinstance(getChecker(object), TrustedCheckerBase)

Modified: Zope3/trunk/src/zope/security/tests/test_checker.py
===================================================================
--- Zope3/trunk/src/zope/security/tests/test_checker.py	2004-07-13 16:27:24 UTC (rev 26453)
+++ Zope3/trunk/src/zope/security/tests/test_checker.py	2004-07-13 16:28:46 UTC (rev 26454)
@@ -312,7 +312,7 @@
             self.assertRaises(Forbidden, checker.check_setattr, inst, 'a')
             self.assertRaises(Forbidden, checker.check_setattr, inst, 'z')
 
-    # XXX write a test to see that
+    # TODO: write a test to see that
     # Checker.check/check_setattr handle permission
     # values that evaluate to False
 

Modified: Zope3/trunk/src/zope/security/tests/test_proxy.py
===================================================================
--- Zope3/trunk/src/zope/security/tests/test_proxy.py	2004-07-13 16:27:24 UTC (rev 26453)
+++ Zope3/trunk/src/zope/security/tests/test_proxy.py	2004-07-13 16:28:46 UTC (rev 26454)
@@ -279,7 +279,7 @@
                         self.shouldFail(lambda x, y: eval(expr), x, y)
 
     def test_inplace(self):
-        # XXX should test all inplace operators...
+        # TODO: should test all inplace operators...
         P = self.c.proxy
 
         pa = P(1)



More information about the Zope3-Checkins mailing list