You are not logged in Log in Join
You are here: Home » Members » 4AM Productions (Evan Simpson) » PythonMethodWiki » PlannedBehavior
Log in
Name

Password

 
Link icon Forgot your password?
 
Print

History for PlannedBehavior

??changed:
-
Python Methods Planned Behavior

  - uses GuardedBlock for security

  - copies methods from !DocumentTemplate.DT_Util.!TemplateDict into the
  builtins dictionary

  - uses the Bindings tab to make the container, context, method object,
  caller's DTML namespace, and traversal information available through
  user-chosen names.

  - recurses into code blocks, allowing lambdas and nested function 
  definitions.

GuardedBlock security

  - 'co_names' is checked for multi-character names beginning with "_".

  - 'print' statements are replaced with calls to a function that stores
  the text in a list.  The concatenation of these strings is available
  through global variable 'printed'.  If 'printed' is not read, but 'print'
  statements are used, a warning is printed.

  - assignments to attributes, items, or slices are replaced
  with calls to methods of the container.  These are named 
  '__guarded_setattr__', '__guarded_setitem__', and '__guarded_setslice__'.

  - 'del' statements that operate on attributes, items, or slices are
  replaced with calls to methods of the container.  These are named 
  '__guarded_delattr__', '__guarded_delitem__', and '__guarded_delslice__'.

  - Literal lists and dictionaries are exempted from this wrapping, as are
  objects which declare that they handle their own write security, by
  exposing a true '_guarded_writes' attribute.

  - 'return', 'assert', 'try/finally', 'try/except/else', 'pass', 'raise',
  'break', 'global', and 'if/elif/else' are not changed or
  restricted.

  - 'for/else', 'while/else', and 'continue' statements have calls to a
  global iteration counter/termination polling function inserted just
  before the jump to the start of a loop.

  - 'import' is restricted by providing an '__import__' function which
  only succeeds if each module to be imported is already in 'sys.modules'.
  Access to names within modules is protected by calling the security
  machinery.

  - 'exec' statements are not allowed.

  - The only other statements are expression statements.  Expression
  evaluation is altered so that multiplication operations are replaced
  with calls to 'careful_mul' from '!DocumentTemplate.!VSEval'. All
  access to attributes, items, and slices is guarded by calls to the
  security machinery.

  - Since CodeBlock compiles a function in an empty global namespace with
  no builtins, the function is flagged restricted, and cannot access
  internal attributes such as 'im_func'.
Copyright (c) 2011 Zope Foundation. All rights reserved. Legal | Contact
If you can read this text, it means you are not experiencing the Plone design at its best. Plone makes heavy use of CSS, which means it is accessible to any internet browser, but the design needs a standards-compliant browser to look like we intended it. Just so you know ;)