[Zope3-dev] Calling persistent function
Stephan Richter
srichter at cosmos.phy.tufts.edu
Sat Jan 24 10:27:30 EST 2004
On Saturday 24 January 2004 09:30, Steve Alexander wrote:
> > One problem I have with that is that
> > modules['time'].asctime() is forbidden in zpt. How do
> > I put the time and date in a zpt template?
>
> Make it not forbidden in zpt?
Yeah, we need to create some declarations of the modules that are safe.
> I'd also like to see a <script> tag work for this, so that python code
> can be embedded in ZPTs in a natural kind of way.
Errm, Steve, I implemented this in the summer. This example should work:
<html>
<body>
<h1>
<script type="text/server-python">
import time
print time.asctime()
</script>
</h1>
</body>
</html>
However, it does not, since the time module has not been declared safe by the
restricted Python interpreter. I did a quick read through the security code
and I *think* doing ZCML like
<class name="time">
<allow attributes="asctime ..." />
</class>
should make this work. For reference, I announced the <script> tag
functionality at:
http://dev.zope.org/Zope3/Zope3Newsletter10
> You shouldn't need to play with utilities to get this simple task done.
I totally agree.
Regards,
Stephan
--
Stephan Richter
CBU Physics & Chemistry (B.S.) / Tufts Physics (Ph.D. student)
Web2k - Web Software Design, Development and Training
More information about the Zope3-dev
mailing list