restricted: Allow patched pandas.read_* functions
Rationale: Converting * to data frame / numpy array efficiently is required in all wendelin projects, without this functionality wendelin is useless. Currently all projects allow this functionality in an insecure way. This commit aims to improve the situation by supporting a secure way of this functionality. (See nexedi/wendelin!99 (comment 158474)) Because pandas (in restricted Python) can also be useful in 'pure' ERP5 (without Wendelin) the functionality is added to ERP5 source code. --- Security: Security is guaranteed by patching selected read_* functions and allowing the patched versions. The patch prohibits anything but string input which directly contains the data (e.g. no urls, file paths). New unit tests ensure the restrictions of the patches are actually effective. --- Notes on implementation decisions: Instead of offering new ERP5 extension methods (e.g. Base_readJson) this commit adds patched pandas read functions in restricted Python. In this way the change of the known API is as minimal as possible. Instead of globally monkey-patching pandas read_* functions, only the functions inside restricted python are patched. In this way the fully-functional, original functions are still available in Zope products or ERP5 extension code. Minor changes in the way how pandas is allowed in restricted python have been applied. Please consult the following discussions in the Merge request for details: nexedi/erp5!1615 (comment 159203) nexedi/erp5!1615 (comment 159341)
Showing
product/ERP5Type/Pandas.py
0 → 100644
Please register or sign in to comment