Mercurial > repos > shellac > guppy_basecaller
annotate env/lib/python3.7/site-packages/jinja2/sandbox.py @ 3:758bc20232e8 draft
"planemo upload commit 2a0fe2cc28b09e101d37293e53e82f61762262ec"
| author | shellac |
|---|---|
| date | Thu, 14 May 2020 16:20:52 -0400 |
| parents | 26e78fe6e8c4 |
| children |
| rev | line source |
|---|---|
|
0
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
1 # -*- coding: utf-8 -*- |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
2 """A sandbox layer that ensures unsafe operations cannot be performed. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
3 Useful when the template itself comes from an untrusted source. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
4 """ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
5 import operator |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
6 import types |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
7 import warnings |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
8 from collections import deque |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
9 from string import Formatter |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
10 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
11 from markupsafe import EscapeFormatter |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
12 from markupsafe import Markup |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
13 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
14 from ._compat import abc |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
15 from ._compat import PY2 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
16 from ._compat import range_type |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
17 from ._compat import string_types |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
18 from .environment import Environment |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
19 from .exceptions import SecurityError |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
20 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
21 #: maximum number of items a range may produce |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
22 MAX_RANGE = 100000 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
23 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
24 #: attributes of function objects that are considered unsafe. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
25 if PY2: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
26 UNSAFE_FUNCTION_ATTRIBUTES = { |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
27 "func_closure", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
28 "func_code", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
29 "func_dict", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
30 "func_defaults", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
31 "func_globals", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
32 } |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
33 else: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
34 # On versions > python 2 the special attributes on functions are gone, |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
35 # but they remain on methods and generators for whatever reason. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
36 UNSAFE_FUNCTION_ATTRIBUTES = set() |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
37 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
38 #: unsafe method attributes. function attributes are unsafe for methods too |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
39 UNSAFE_METHOD_ATTRIBUTES = {"im_class", "im_func", "im_self"} |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
40 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
41 #: unsafe generator attributes. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
42 UNSAFE_GENERATOR_ATTRIBUTES = {"gi_frame", "gi_code"} |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
43 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
44 #: unsafe attributes on coroutines |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
45 UNSAFE_COROUTINE_ATTRIBUTES = {"cr_frame", "cr_code"} |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
46 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
47 #: unsafe attributes on async generators |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
48 UNSAFE_ASYNC_GENERATOR_ATTRIBUTES = {"ag_code", "ag_frame"} |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
49 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
50 # make sure we don't warn in python 2.6 about stuff we don't care about |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
51 warnings.filterwarnings( |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
52 "ignore", "the sets module", DeprecationWarning, module=__name__ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
53 ) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
54 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
55 _mutable_set_types = (set,) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
56 _mutable_mapping_types = (dict,) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
57 _mutable_sequence_types = (list,) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
58 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
59 # on python 2.x we can register the user collection types |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
60 try: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
61 from UserDict import UserDict, DictMixin |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
62 from UserList import UserList |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
63 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
64 _mutable_mapping_types += (UserDict, DictMixin) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
65 _mutable_set_types += (UserList,) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
66 except ImportError: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
67 pass |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
68 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
69 # if sets is still available, register the mutable set from there as well |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
70 try: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
71 from sets import Set |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
72 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
73 _mutable_set_types += (Set,) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
74 except ImportError: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
75 pass |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
76 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
77 #: register Python 2.6 abstract base classes |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
78 _mutable_set_types += (abc.MutableSet,) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
79 _mutable_mapping_types += (abc.MutableMapping,) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
80 _mutable_sequence_types += (abc.MutableSequence,) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
81 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
82 _mutable_spec = ( |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
83 ( |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
84 _mutable_set_types, |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
85 frozenset( |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
86 [ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
87 "add", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
88 "clear", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
89 "difference_update", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
90 "discard", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
91 "pop", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
92 "remove", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
93 "symmetric_difference_update", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
94 "update", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
95 ] |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
96 ), |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
97 ), |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
98 ( |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
99 _mutable_mapping_types, |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
100 frozenset(["clear", "pop", "popitem", "setdefault", "update"]), |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
101 ), |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
102 ( |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
103 _mutable_sequence_types, |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
104 frozenset(["append", "reverse", "insert", "sort", "extend", "remove"]), |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
105 ), |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
106 ( |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
107 deque, |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
108 frozenset( |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
109 [ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
110 "append", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
111 "appendleft", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
112 "clear", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
113 "extend", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
114 "extendleft", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
115 "pop", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
116 "popleft", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
117 "remove", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
118 "rotate", |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
119 ] |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
120 ), |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
121 ), |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
122 ) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
123 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
124 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
125 class _MagicFormatMapping(abc.Mapping): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
126 """This class implements a dummy wrapper to fix a bug in the Python |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
127 standard library for string formatting. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
128 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
129 See https://bugs.python.org/issue13598 for information about why |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
130 this is necessary. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
131 """ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
132 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
133 def __init__(self, args, kwargs): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
134 self._args = args |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
135 self._kwargs = kwargs |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
136 self._last_index = 0 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
137 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
138 def __getitem__(self, key): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
139 if key == "": |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
140 idx = self._last_index |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
141 self._last_index += 1 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
142 try: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
143 return self._args[idx] |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
144 except LookupError: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
145 pass |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
146 key = str(idx) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
147 return self._kwargs[key] |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
148 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
149 def __iter__(self): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
150 return iter(self._kwargs) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
151 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
152 def __len__(self): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
153 return len(self._kwargs) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
154 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
155 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
156 def inspect_format_method(callable): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
157 if not isinstance( |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
158 callable, (types.MethodType, types.BuiltinMethodType) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
159 ) or callable.__name__ not in ("format", "format_map"): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
160 return None |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
161 obj = callable.__self__ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
162 if isinstance(obj, string_types): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
163 return obj |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
164 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
165 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
166 def safe_range(*args): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
167 """A range that can't generate ranges with a length of more than |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
168 MAX_RANGE items. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
169 """ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
170 rng = range_type(*args) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
171 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
172 if len(rng) > MAX_RANGE: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
173 raise OverflowError( |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
174 "Range too big. The sandbox blocks ranges larger than" |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
175 " MAX_RANGE (%d)." % MAX_RANGE |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
176 ) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
177 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
178 return rng |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
179 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
180 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
181 def unsafe(f): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
182 """Marks a function or method as unsafe. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
183 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
184 :: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
185 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
186 @unsafe |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
187 def delete(self): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
188 pass |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
189 """ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
190 f.unsafe_callable = True |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
191 return f |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
192 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
193 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
194 def is_internal_attribute(obj, attr): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
195 """Test if the attribute given is an internal python attribute. For |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
196 example this function returns `True` for the `func_code` attribute of |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
197 python objects. This is useful if the environment method |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
198 :meth:`~SandboxedEnvironment.is_safe_attribute` is overridden. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
199 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
200 >>> from jinja2.sandbox import is_internal_attribute |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
201 >>> is_internal_attribute(str, "mro") |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
202 True |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
203 >>> is_internal_attribute(str, "upper") |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
204 False |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
205 """ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
206 if isinstance(obj, types.FunctionType): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
207 if attr in UNSAFE_FUNCTION_ATTRIBUTES: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
208 return True |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
209 elif isinstance(obj, types.MethodType): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
210 if attr in UNSAFE_FUNCTION_ATTRIBUTES or attr in UNSAFE_METHOD_ATTRIBUTES: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
211 return True |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
212 elif isinstance(obj, type): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
213 if attr == "mro": |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
214 return True |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
215 elif isinstance(obj, (types.CodeType, types.TracebackType, types.FrameType)): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
216 return True |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
217 elif isinstance(obj, types.GeneratorType): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
218 if attr in UNSAFE_GENERATOR_ATTRIBUTES: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
219 return True |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
220 elif hasattr(types, "CoroutineType") and isinstance(obj, types.CoroutineType): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
221 if attr in UNSAFE_COROUTINE_ATTRIBUTES: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
222 return True |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
223 elif hasattr(types, "AsyncGeneratorType") and isinstance( |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
224 obj, types.AsyncGeneratorType |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
225 ): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
226 if attr in UNSAFE_ASYNC_GENERATOR_ATTRIBUTES: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
227 return True |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
228 return attr.startswith("__") |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
229 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
230 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
231 def modifies_known_mutable(obj, attr): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
232 """This function checks if an attribute on a builtin mutable object |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
233 (list, dict, set or deque) would modify it if called. It also supports |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
234 the "user"-versions of the objects (`sets.Set`, `UserDict.*` etc.) and |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
235 with Python 2.6 onwards the abstract base classes `MutableSet`, |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
236 `MutableMapping`, and `MutableSequence`. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
237 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
238 >>> modifies_known_mutable({}, "clear") |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
239 True |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
240 >>> modifies_known_mutable({}, "keys") |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
241 False |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
242 >>> modifies_known_mutable([], "append") |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
243 True |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
244 >>> modifies_known_mutable([], "index") |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
245 False |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
246 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
247 If called with an unsupported object (such as unicode) `False` is |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
248 returned. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
249 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
250 >>> modifies_known_mutable("foo", "upper") |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
251 False |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
252 """ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
253 for typespec, unsafe in _mutable_spec: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
254 if isinstance(obj, typespec): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
255 return attr in unsafe |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
256 return False |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
257 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
258 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
259 class SandboxedEnvironment(Environment): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
260 """The sandboxed environment. It works like the regular environment but |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
261 tells the compiler to generate sandboxed code. Additionally subclasses of |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
262 this environment may override the methods that tell the runtime what |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
263 attributes or functions are safe to access. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
264 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
265 If the template tries to access insecure code a :exc:`SecurityError` is |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
266 raised. However also other exceptions may occur during the rendering so |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
267 the caller has to ensure that all exceptions are caught. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
268 """ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
269 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
270 sandboxed = True |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
271 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
272 #: default callback table for the binary operators. A copy of this is |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
273 #: available on each instance of a sandboxed environment as |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
274 #: :attr:`binop_table` |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
275 default_binop_table = { |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
276 "+": operator.add, |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
277 "-": operator.sub, |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
278 "*": operator.mul, |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
279 "/": operator.truediv, |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
280 "//": operator.floordiv, |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
281 "**": operator.pow, |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
282 "%": operator.mod, |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
283 } |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
284 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
285 #: default callback table for the unary operators. A copy of this is |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
286 #: available on each instance of a sandboxed environment as |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
287 #: :attr:`unop_table` |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
288 default_unop_table = {"+": operator.pos, "-": operator.neg} |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
289 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
290 #: a set of binary operators that should be intercepted. Each operator |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
291 #: that is added to this set (empty by default) is delegated to the |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
292 #: :meth:`call_binop` method that will perform the operator. The default |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
293 #: operator callback is specified by :attr:`binop_table`. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
294 #: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
295 #: The following binary operators are interceptable: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
296 #: ``//``, ``%``, ``+``, ``*``, ``-``, ``/``, and ``**`` |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
297 #: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
298 #: The default operation form the operator table corresponds to the |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
299 #: builtin function. Intercepted calls are always slower than the native |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
300 #: operator call, so make sure only to intercept the ones you are |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
301 #: interested in. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
302 #: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
303 #: .. versionadded:: 2.6 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
304 intercepted_binops = frozenset() |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
305 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
306 #: a set of unary operators that should be intercepted. Each operator |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
307 #: that is added to this set (empty by default) is delegated to the |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
308 #: :meth:`call_unop` method that will perform the operator. The default |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
309 #: operator callback is specified by :attr:`unop_table`. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
310 #: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
311 #: The following unary operators are interceptable: ``+``, ``-`` |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
312 #: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
313 #: The default operation form the operator table corresponds to the |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
314 #: builtin function. Intercepted calls are always slower than the native |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
315 #: operator call, so make sure only to intercept the ones you are |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
316 #: interested in. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
317 #: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
318 #: .. versionadded:: 2.6 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
319 intercepted_unops = frozenset() |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
320 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
321 def intercept_unop(self, operator): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
322 """Called during template compilation with the name of a unary |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
323 operator to check if it should be intercepted at runtime. If this |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
324 method returns `True`, :meth:`call_unop` is executed for this unary |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
325 operator. The default implementation of :meth:`call_unop` will use |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
326 the :attr:`unop_table` dictionary to perform the operator with the |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
327 same logic as the builtin one. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
328 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
329 The following unary operators are interceptable: ``+`` and ``-`` |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
330 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
331 Intercepted calls are always slower than the native operator call, |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
332 so make sure only to intercept the ones you are interested in. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
333 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
334 .. versionadded:: 2.6 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
335 """ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
336 return False |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
337 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
338 def __init__(self, *args, **kwargs): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
339 Environment.__init__(self, *args, **kwargs) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
340 self.globals["range"] = safe_range |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
341 self.binop_table = self.default_binop_table.copy() |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
342 self.unop_table = self.default_unop_table.copy() |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
343 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
344 def is_safe_attribute(self, obj, attr, value): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
345 """The sandboxed environment will call this method to check if the |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
346 attribute of an object is safe to access. Per default all attributes |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
347 starting with an underscore are considered private as well as the |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
348 special attributes of internal python objects as returned by the |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
349 :func:`is_internal_attribute` function. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
350 """ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
351 return not (attr.startswith("_") or is_internal_attribute(obj, attr)) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
352 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
353 def is_safe_callable(self, obj): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
354 """Check if an object is safely callable. Per default a function is |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
355 considered safe unless the `unsafe_callable` attribute exists and is |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
356 True. Override this method to alter the behavior, but this won't |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
357 affect the `unsafe` decorator from this module. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
358 """ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
359 return not ( |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
360 getattr(obj, "unsafe_callable", False) or getattr(obj, "alters_data", False) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
361 ) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
362 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
363 def call_binop(self, context, operator, left, right): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
364 """For intercepted binary operator calls (:meth:`intercepted_binops`) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
365 this function is executed instead of the builtin operator. This can |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
366 be used to fine tune the behavior of certain operators. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
367 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
368 .. versionadded:: 2.6 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
369 """ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
370 return self.binop_table[operator](left, right) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
371 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
372 def call_unop(self, context, operator, arg): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
373 """For intercepted unary operator calls (:meth:`intercepted_unops`) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
374 this function is executed instead of the builtin operator. This can |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
375 be used to fine tune the behavior of certain operators. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
376 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
377 .. versionadded:: 2.6 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
378 """ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
379 return self.unop_table[operator](arg) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
380 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
381 def getitem(self, obj, argument): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
382 """Subscribe an object from sandboxed code.""" |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
383 try: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
384 return obj[argument] |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
385 except (TypeError, LookupError): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
386 if isinstance(argument, string_types): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
387 try: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
388 attr = str(argument) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
389 except Exception: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
390 pass |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
391 else: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
392 try: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
393 value = getattr(obj, attr) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
394 except AttributeError: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
395 pass |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
396 else: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
397 if self.is_safe_attribute(obj, argument, value): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
398 return value |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
399 return self.unsafe_undefined(obj, argument) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
400 return self.undefined(obj=obj, name=argument) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
401 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
402 def getattr(self, obj, attribute): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
403 """Subscribe an object from sandboxed code and prefer the |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
404 attribute. The attribute passed *must* be a bytestring. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
405 """ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
406 try: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
407 value = getattr(obj, attribute) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
408 except AttributeError: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
409 try: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
410 return obj[attribute] |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
411 except (TypeError, LookupError): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
412 pass |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
413 else: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
414 if self.is_safe_attribute(obj, attribute, value): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
415 return value |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
416 return self.unsafe_undefined(obj, attribute) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
417 return self.undefined(obj=obj, name=attribute) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
418 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
419 def unsafe_undefined(self, obj, attribute): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
420 """Return an undefined object for unsafe attributes.""" |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
421 return self.undefined( |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
422 "access to attribute %r of %r " |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
423 "object is unsafe." % (attribute, obj.__class__.__name__), |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
424 name=attribute, |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
425 obj=obj, |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
426 exc=SecurityError, |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
427 ) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
428 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
429 def format_string(self, s, args, kwargs, format_func=None): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
430 """If a format call is detected, then this is routed through this |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
431 method so that our safety sandbox can be used for it. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
432 """ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
433 if isinstance(s, Markup): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
434 formatter = SandboxedEscapeFormatter(self, s.escape) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
435 else: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
436 formatter = SandboxedFormatter(self) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
437 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
438 if format_func is not None and format_func.__name__ == "format_map": |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
439 if len(args) != 1 or kwargs: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
440 raise TypeError( |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
441 "format_map() takes exactly one argument %d given" |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
442 % (len(args) + (kwargs is not None)) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
443 ) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
444 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
445 kwargs = args[0] |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
446 args = None |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
447 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
448 kwargs = _MagicFormatMapping(args, kwargs) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
449 rv = formatter.vformat(s, args, kwargs) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
450 return type(s)(rv) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
451 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
452 def call(__self, __context, __obj, *args, **kwargs): # noqa: B902 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
453 """Call an object from sandboxed code.""" |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
454 fmt = inspect_format_method(__obj) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
455 if fmt is not None: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
456 return __self.format_string(fmt, args, kwargs, __obj) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
457 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
458 # the double prefixes are to avoid double keyword argument |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
459 # errors when proxying the call. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
460 if not __self.is_safe_callable(__obj): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
461 raise SecurityError("%r is not safely callable" % (__obj,)) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
462 return __context.call(__obj, *args, **kwargs) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
463 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
464 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
465 class ImmutableSandboxedEnvironment(SandboxedEnvironment): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
466 """Works exactly like the regular `SandboxedEnvironment` but does not |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
467 permit modifications on the builtin mutable objects `list`, `set`, and |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
468 `dict` by using the :func:`modifies_known_mutable` function. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
469 """ |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
470 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
471 def is_safe_attribute(self, obj, attr, value): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
472 if not SandboxedEnvironment.is_safe_attribute(self, obj, attr, value): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
473 return False |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
474 return not modifies_known_mutable(obj, attr) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
475 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
476 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
477 # This really is not a public API apparently. |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
478 try: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
479 from _string import formatter_field_name_split |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
480 except ImportError: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
481 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
482 def formatter_field_name_split(field_name): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
483 return field_name._formatter_field_name_split() |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
484 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
485 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
486 class SandboxedFormatterMixin(object): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
487 def __init__(self, env): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
488 self._env = env |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
489 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
490 def get_field(self, field_name, args, kwargs): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
491 first, rest = formatter_field_name_split(field_name) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
492 obj = self.get_value(first, args, kwargs) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
493 for is_attr, i in rest: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
494 if is_attr: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
495 obj = self._env.getattr(obj, i) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
496 else: |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
497 obj = self._env.getitem(obj, i) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
498 return obj, first |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
499 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
500 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
501 class SandboxedFormatter(SandboxedFormatterMixin, Formatter): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
502 def __init__(self, env): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
503 SandboxedFormatterMixin.__init__(self, env) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
504 Formatter.__init__(self) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
505 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
506 |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
507 class SandboxedEscapeFormatter(SandboxedFormatterMixin, EscapeFormatter): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
508 def __init__(self, env, escape): |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
509 SandboxedFormatterMixin.__init__(self, env) |
|
26e78fe6e8c4
"planemo upload commit c699937486c35866861690329de38ec1a5d9f783"
shellac
parents:
diff
changeset
|
510 EscapeFormatter.__init__(self, escape) |