Christian Theune wrote:
Hi,
we are wondering about the behaviour in the following situation:
* self is a view and we're in a method of that view
* self.context is an instance of class A
(A is a content class and a folder)
* self.context is security proxied
* class A has a method doStuff
* we call self.context.doStuff()
* in doStuff, self is not proxied
* accessing other things through self[id] in doStuff does not give a
proxied object
Result: code can perform operations that users normally could not do,
without anybody calling "removeAllProxies" explicitly.
Right.
Is this intentional?
Yes. self is never proxied.
> I'm not sure about that. I feel like those calls
should work with proxied objects as well.
I don't agree. At some point, you have to trust code,
especially methods.
...
PS: It seems that the _zope_security_proxy.c code and the corresponding
Python code are a little bit out of sync. The C-code does a little bit
more that isn't in the python code anymore. See this patch:
...
--- checker.py (Revision 41246)
+++ checker.py (Arbeitskopie)
@@ -371,6 +371,9 @@
if checker is NoProxy:
return None
+ if checker is _defaultChecker and isinstance(object, Exception):
+ return None
+
while not isinstance(checker, Checker):
checker = checker(object)
if checker is NoProxy or checker is None:
As stated in _zope_security_proxy.c line 495:
/* if checker is _defaultChecker and isinstance(object, Exception):
*/
/* return None */
if (checker == _defaultChecker
&& PyObject_IsInstance(object, PyExc_Exception))
{
Py_INCREF(Py_None);
return Py_None;
}
Good point.
Jim
--
Jim Fulton mailto:[EMAIL PROTECTED] Python Powered!
CTO (540) 361-1714 http://www.python.org
Zope Corporation http://www.zope.com http://www.zope.org
_______________________________________________
Zope3-dev mailing list
[email protected]
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com
