Commit 75c8ee3b authored by Jérome Perrin's avatar Jérome Perrin

patches/Restricted: allow random.Random

all member of random module are available (because in ZopeGuards, there's a
random.__allow_access_to_unprotected_subobjects__ = 1), SystemRandom class
also is, but Random class was not, even though there should be nothing unsafe
in this.

This is needed if we want to use a random number generator with a fixed seed
to get reproductible results. We could use random.seed module level function
but since this is also used by several things in ERP5 this does not produce
reproductible sequences.
parent 9fea292f
Pipeline #11537 failed with stage
in 0 seconds
...@@ -129,6 +129,10 @@ class TestRestrictedPythonSecurity(ERP5TypeTestCase): ...@@ -129,6 +129,10 @@ class TestRestrictedPythonSecurity(ERP5TypeTestCase):
expected=[('q', 's')] expected=[('q', 's')]
) )
def testRandom(self):
self.createAndRunScript('import random',
'return random.Random().getrandbits(10)')
def testSystemRandom(self): def testSystemRandom(self):
self.createAndRunScript('import random', self.createAndRunScript('import random',
'return random.SystemRandom().getrandbits(10)') 'return random.SystemRandom().getrandbits(10)')
......
...@@ -393,6 +393,8 @@ del member_id, member ...@@ -393,6 +393,8 @@ del member_id, member
from random import SystemRandom from random import SystemRandom
allow_type(SystemRandom) allow_type(SystemRandom)
from random import Random
allow_type(Random)
ModuleSecurityInfo('os').declarePublic('urandom') ModuleSecurityInfo('os').declarePublic('urandom')
# #
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment