Jamie Heilman wrote:
Try this in a PythonScript:

d = {1:2}
for t in d.iteritems():
  pass

Annoyingly, it raises Unauthorized: You are not allowed to access 'a
particular tuple' in this context

Is there a reason for this, or is it just part of
AccessControl/RestrictedPython that hasn't been fleshed out yet?

The 'iteritems' method of a dictionary returns an object of type 'dictionary-iterator'; AccessControl.ZopeGuards makes no container assertions about that type, although it *does* permit calling the 'iteritems' method which returns an instance of it.


I find it interesting that that module wraps 'iterkeys' and 'itervalues' in its 'get_iter' checker, but allows unrestricted access to 'iteritems'.

The following patch will make your use case work (it would need to be prettied up for Python < 2.3):


--- lib/python/AccessControl/ZopeGuards.py 16 Jan 2004 18:18:51 -0000 1.18
+++ lib/python/AccessControl/ZopeGuards.py 23 Mar 2004 16:41:19 -0000
@@ -161,6 +161,8 @@
'iterkeys': get_iter, 'itervalues':get_iter,
'pop':get_dict_pop, 'popitem':1, 'setdefault':1, 'update':1, 'values':1}


+ContainerAssertions[type({}.iteritems())] = 1
+
 ContainerAssertions[type([])] = {
     'append':1, 'count':1, 'extend':1, 'index':1, 'insert':1,
     'pop':get_list_pop, 'remove':1, 'reverse':1, 'sort':1}



Tres.
--
===============================================================
Tres Seaver                                [EMAIL PROTECTED]
Zope Corporation      "Zope Dealers"       http://www.zope.com


_______________________________________________
Zope-Dev maillist - [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

Reply via email to