Package qm :: Package external :: Package DocumentTemplate :: Module VSEval
[hide private]
[frames] | no frames]

Source Code for Module qm.external.DocumentTemplate.VSEval

  1  ############################################################################## 
  2  #  
  3  # Zope Public License (ZPL) Version 1.0 
  4  # ------------------------------------- 
  5  #  
  6  # Copyright (c) Digital Creations.  All rights reserved. 
  7  #  
  8  # This license has been certified as Open Source(tm). 
  9  #  
 10  # Redistribution and use in source and binary forms, with or without 
 11  # modification, are permitted provided that the following conditions are 
 12  # met: 
 13  #  
 14  # 1. Redistributions in source code must retain the above copyright 
 15  #    notice, this list of conditions, and the following disclaimer. 
 16  #  
 17  # 2. Redistributions in binary form must reproduce the above copyright 
 18  #    notice, this list of conditions, and the following disclaimer in 
 19  #    the documentation and/or other materials provided with the 
 20  #    distribution. 
 21  #  
 22  # 3. Digital Creations requests that attribution be given to Zope 
 23  #    in any manner possible. Zope includes a "Powered by Zope" 
 24  #    button that is installed by default. While it is not a license 
 25  #    violation to remove this button, it is requested that the 
 26  #    attribution remain. A significant investment has been put 
 27  #    into Zope, and this effort will continue if the Zope community 
 28  #    continues to grow. This is one way to assure that growth. 
 29  #  
 30  # 4. All advertising materials and documentation mentioning 
 31  #    features derived from or use of this software must display 
 32  #    the following acknowledgement: 
 33  #  
 34  #      "This product includes software developed by Digital Creations 
 35  #      for use in the Z Object Publishing Environment 
 36  #      (http://www.zope.org/)." 
 37  #  
 38  #    In the event that the product being advertised includes an 
 39  #    intact Zope distribution (with copyright and license included) 
 40  #    then this clause is waived. 
 41  #  
 42  # 5. Names associated with Zope or Digital Creations must not be used to 
 43  #    endorse or promote products derived from this software without 
 44  #    prior written permission from Digital Creations. 
 45  #  
 46  # 6. Modified redistributions of any form whatsoever must retain 
 47  #    the following acknowledgment: 
 48  #  
 49  #      "This product includes software developed by Digital Creations 
 50  #      for use in the Z Object Publishing Environment 
 51  #      (http://www.zope.org/)." 
 52  #  
 53  #    Intact (re-)distributions of any official Zope release do not 
 54  #    require an external acknowledgement. 
 55  #  
 56  # 7. Modifications are encouraged but must be packaged separately as 
 57  #    patches to official Zope releases.  Distributions that do not 
 58  #    clearly separate the patches from the original work must be clearly 
 59  #    labeled as unofficial distributions.  Modifications which do not 
 60  #    carry the name Zope may be packaged in any form, as long as they 
 61  #    conform to all of the clauses above. 
 62  #  
 63  #  
 64  # Disclaimer 
 65  #  
 66  #   THIS SOFTWARE IS PROVIDED BY DIGITAL CREATIONS ``AS IS'' AND ANY 
 67  #   EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 
 68  #   IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 
 69  #   PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL DIGITAL CREATIONS OR ITS 
 70  #   CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 
 71  #   SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 
 72  #   LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF 
 73  #   USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND 
 74  #   ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 
 75  #   OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT 
 76  #   OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 
 77  #   SUCH DAMAGE. 
 78  #  
 79  #  
 80  # This software consists of contributions made by Digital Creations and 
 81  # many individuals on behalf of Digital Creations.  Specific 
 82  # attributions are listed in the accompanying credits file. 
 83  #  
 84  ############################################################################## 
 85  """Very Safe Python Expressions 
 86  """ 
 87  __rcs_id__='$Id: VSEval.py 694 2003-04-16 02:53:50Z sc $' 
 88  __version__='$Revision: 694 $'[11:-2] 
 89   
 90  from string import translate, strip 
 91  import string 
 92  gparse=None 
 93   
 94  nltosp=string.maketrans('\r\n','  ') 
 95   
96 -def default_slicer(env, s, *ind):
97 l=len(ind) 98 if l==2: return s[ind[0]:ind[1]] 99 elif l==1: return s[ind[0]:] 100 return s[:]
101
102 -def careful_mul(env, *factors):
103 # r = result (product of all factors) 104 # c = count (product of all non-sequence factors) 105 # s flags whether any of the factors is a sequence 106 r=c=1 107 s=None 108 for factor in factors: 109 try: 110 l=len(factor) 111 s=1 112 except TypeError: 113 c=c*factor 114 if s and c > 1000: 115 raise TypeError, \ 116 'Illegal sequence repeat (too many repetitions: %d)' % c 117 r=r*factor 118 return r
119 120 121 default_globals={ 122 '__builtins__':{}, 123 '__guarded_mul__': careful_mul, 124 '__guarded_getattr__': lambda env, inst, name: getattr(inst, name), 125 '__guarded_getitem__': lambda env, coll, key: coll[key], 126 '__guarded_getslice__': default_slicer, 127 } 128 129 130
131 -class Eval:
132 """Provide a very-safe environment for evaluating expressions 133 134 This class lets you overide operations, __power__, __mul__, 135 __div__, __mod__, __add__, __sub__, __getitem__, __lshift__, 136 __rshift__, __and__, __xor__, __or__,__pos__, __neg__, __not__, 137 __repr__, __invert__, and __getattr__. 138 139 For example, __mult__ might be overridden to prevent expressions like:: 140 141 'I like spam' * 100000000 142 143 or to disallow or limit attribute access. 144 145 """ 146
147 - def __init__(self, expr, globals=default_globals):
148 """Create a 'safe' expression 149 150 where: 151 152 expr -- a string containing the expression to be evaluated. 153 154 globals -- A global namespace. 155 """ 156 global gparse 157 if gparse is None: import gparse 158 159 expr=strip(expr) 160 161 self.__name__=expr 162 expr=translate(expr,nltosp) 163 self.expr=expr 164 self.globals=globals 165 166 co=compile(expr,'<string>','eval') 167 168 names=list(co.co_names) 169 170 # Check for valid names, disallowing names that begin with '_' or 171 # 'manage'. This is a DC specific rule and probably needs to be 172 # made customizable! 173 for name in names: 174 if name[:1]=='_' and name not in ('_', '_vars', '_getattr'): 175 raise TypeError, 'illegal name used in expression' 176 177 used={} 178 179 i=0 180 code=co.co_code 181 l=len(code) 182 LOAD_NAME=101 183 HAVE_ARGUMENT=90
184 - def HAS_ARG(op): ((op) >= HAVE_ARGUMENT)
185 while(i < l): 186 c=ord(code[i]) 187 if c==LOAD_NAME: 188 name=names[ord(code[i+1])+256*ord(code[i+2])] 189 used[name]=1 190 i=i+3 191 elif c >= HAVE_ARGUMENT: i=i+3 192 else: i=i+1 193 194 self.code=gparse.compile(expr,'<string>','eval') 195 self.used=tuple(used.keys())
196
197 - def eval(self, mapping):
198 d={'_vars': mapping} 199 code=self.code 200 globals=self.globals 201 for name in self.used: 202 try: d[name]=mapping.getitem(name,0) 203 except KeyError: 204 if name=='_getattr': 205 d['__builtins__']=globals 206 exec compiled_getattr in d 207 208 return eval(code,globals,d)
209
210 - def __call__(self, **kw):
211 return eval(self.code, self.globals, kw)
212 213 compiled_getattr=compile( 214 'def _getattr(o,n): return __guarded_getattr__(_vars,o,n)', 215 '<string>','exec') 216