[Zope3-dev] Bug or Feature in security proxy / checker code?
Jim Fulton
jim at zope.com
Thu Jan 12 12:52:29 EST 2006
Christian Theune wrote:
> Hi,
>
> we are wondering about the behaviour in the following situation:
>
> * self is a view and we're in a method of that view
>
> * self.context is an instance of class A
> (A is a content class and a folder)
>
> * self.context is security proxied
>
> * class A has a method doStuff
>
> * we call self.context.doStuff()
>
> * in doStuff, self is not proxied
>
> * accessing other things through self[id] in doStuff does not give a
> proxied object
>
> Result: code can perform operations that users normally could not do,
> without anybody calling "removeAllProxies" explicitly.
Right.
> Is this intentional?
Yes. self is never proxied.
> I'm not sure about that. I feel like those calls
> should work with proxied objects as well.
I don't agree. At some point, you have to trust code,
especially methods.
...
> PS: It seems that the _zope_security_proxy.c code and the corresponding
> Python code are a little bit out of sync. The C-code does a little bit
> more that isn't in the python code anymore. See this patch:
...
> --- checker.py (Revision 41246)
> +++ checker.py (Arbeitskopie)
> @@ -371,6 +371,9 @@
> if checker is NoProxy:
> return None
>
> + if checker is _defaultChecker and isinstance(object, Exception):
> + return None
> +
> while not isinstance(checker, Checker):
> checker = checker(object)
> if checker is NoProxy or checker is None:
>
> As stated in _zope_security_proxy.c line 495:
>
> /* if checker is _defaultChecker and isinstance(object, Exception):
> */
> /* return None */
>
> if (checker == _defaultChecker
> && PyObject_IsInstance(object, PyExc_Exception))
> {
> Py_INCREF(Py_None);
> return Py_None;
> }
Good point.
Jim
--
Jim Fulton mailto:jim at zope.com Python Powered!
CTO (540) 361-1714 http://www.python.org
Zope Corporation http://www.zope.com http://www.zope.org
More information about the Zope3-dev
mailing list