Class
zope.app.pagetemplate.engine.ZopeEngine

Untrusted expression engine.

This engine does not allow modules to be imported; only modules already available may be accessed:

>>> modname = 'zope.app.pagetemplate.tests.trusted'
>>> engine = _Engine()
>>> context = engine.getContext(engine.getBaseNames())

>>> modname in sys.modules
False
>>> context.evaluate('modules/' + modname)
Traceback (most recent call last):
  ...
KeyError: 'zope.app.pagetemplate.tests.trusted'

(The use of KeyError is an unfortunate implementation detail; I think this should be a TraversalError.)

Modules which have already been imported by trusted code are available, wrapped in security proxies:

>>> m = context.evaluate('modules/sys')
>>> m.__name__
'sys'
>>> m._getframe
Traceback (most recent call last):
  ...
ForbiddenAttribute: ('_getframe', <module 'sys' (built-in)>)

The results of Python expressions evaluated by this engine are wrapped in security proxies:

>>> r = context.evaluate('python: {12: object()}.values')
>>> type(r)
<type 'zope.security._proxy._Proxy'>
>>> r = context.evaluate('python: {12: object()}.values()[0].__class__')
>>> type(r)
<type 'zope.security._proxy._Proxy'>

General path expressions provide objects that are wrapped in security proxies as well:

>>> from zope.app.container.sample import SampleContainer
>>> from zope.app.testing.placelesssetup import setUp, tearDown
>>> from zope.security.checker import NamesChecker, defineChecker

>>> class Container(SampleContainer):
...     implements(ITraversable)
...     def traverse(self, name, further_path):
...         return self[name]

>>> setUp()
>>> defineChecker(Container, NamesChecker(['traverse']))
>>> d = engine.getBaseNames()
>>> foo = Container()
>>> foo.__name__ = 'foo'
>>> d['foo'] = ProxyFactory(foo)
>>> foo['bar'] = bar = Container()
>>> bar.__name__ = 'bar'
>>> bar.__parent__ = foo
>>> bar['baz'] = baz = Container()
>>> baz.__name__ = 'baz'
>>> baz.__parent__ = bar
>>> context = engine.getContext(d)

>>> o1 = context.evaluate('foo/bar')
>>> o1.__name__
'bar'
>>> type(o1)
<type 'zope.security._proxy._Proxy'>

>>> o2 = context.evaluate('foo/bar/baz')
>>> o2.__name__
'baz'
>>> type(o2)
<type 'zope.security._proxy._Proxy'>
>>> o3 = o2.__parent__
>>> type(o3)
<type 'zope.security._proxy._Proxy'>
>>> o1 == o3
True

>>> o1 is o2
False

Note that this engine special-cases dicts during path traversal: it traverses only to their items, but not to their attributes (e.g. methods on dicts), because of performance reasons:

>>> d = engine.getBaseNames()
>>> d['adict'] = {'items': 123}
>>> d['anotherdict'] = {}
>>> context = engine.getContext(d)
>>> context.evaluate('adict/items')
123
>>> context.evaluate('anotherdict/keys')
Traceback (most recent call last):
  ...
KeyError: 'keys'
>>> tearDown()

Base classes

Implemented Interfaces

Attributes/Properties

There are no attributes in this class.

Methods

Known Subclasses

There are no known subclasses.