Commit 22a3cc53 authored by Jérome Perrin's avatar Jérome Perrin

patches/Restricted: fix access check for type

On python2, attributes of new style classes (classes, not instances)
were not properly validated. On python3, attributes of classes were not.
parent 7f16d81d
......@@ -124,8 +124,14 @@ class TypeAccessChecker:
as "a method which returing a method" because we can not know what is the
type until it is actually called. So the three ways are simulated the
function returned by this method.
We don't return a simple function, but a class instance with a __bool__ method
to accomodate the two cases where this is called by SecurityManager.validate when
checking access on the class (then only the bool is used) or by guarded_getattr
when checking access on the instance (the __call__ is used).
"""
def factory(inst, name):
class _AccessChecker:
def __call__(self, inst, name):
"""
Check function used with ContainerAssertions checked by cAccessControl.
"""
......@@ -143,7 +149,12 @@ class TypeAccessChecker:
# fallback to default security
aq_acquire(inst, name, aq_validate, getSecurityManager().validate)
return v
return factory
def __bool__(self):
return False
__nonzero__ = __bool__ # six.PY2
return _AccessChecker()
def __bool__(self):
# If Containers(type(x)) is true, ZopeGuard checks will short circuit,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment