"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "src/ZPublisher/xmlrpc.py" between
Zope-5.1.1.tar.gz and Zope-5.1.2.tar.gz

About: Zope Z Object Publishing Environment - web application platform used for building content management systems, intranets, portals, and custom applications.

xmlrpc.py  (Zope-5.1.1):xmlrpc.py  (Zope-5.1.2)
skipping to change at line 26 skipping to change at line 26
at DC. This code hooks Zope up to Fredrik Lundh's Python XML-RPC library. at DC. This code hooks Zope up to Fredrik Lundh's Python XML-RPC library.
See http://www.xmlrpc.com/ and http://linux.userland.com/ for more See http://www.xmlrpc.com/ and http://linux.userland.com/ for more
information about XML-RPC and Zope. information about XML-RPC and Zope.
""" """
import re import re
import sys import sys
import xmlrpc.client import xmlrpc.client
from AccessControl import getSecurityManager
from AccessControl.Permissions import view
from App.config import getConfiguration from App.config import getConfiguration
# Make DateTime.DateTime marshallable via XML-RPC # Make DateTime.DateTime marshallable via XML-RPC
# http://www.zope.org/Collectors/Zope/2109 # http://www.zope.org/Collectors/Zope/2109
from DateTime.DateTime import DateTime from DateTime.DateTime import DateTime
from ExtensionClass import Base
from zExceptions import Unauthorized from zExceptions import Unauthorized
from ZODB.POSException import ConflictError from ZODB.POSException import ConflictError
WRAPPERS = xmlrpc.client.WRAPPERS + (DateTime, ) WRAPPERS = xmlrpc.client.WRAPPERS + (DateTime, )
def dump_instance(self, value, write): def dump_instance(self, value, write):
# Check for special wrappers # Check for special wrappers
if value.__class__ in WRAPPERS: if value.__class__ in WRAPPERS:
self.write = write self.write = write
value.encode(self) value.encode(self)
del self.write del self.write
else: else:
# Store instance attributes as a struct (really?). # Store instance attributes as a struct (really?).
# We want to avoid disclosing private attributes. # We want to avoid disclosing private attributes.
# Private attributes are by convention named with # Private attributes are by convention named with
# a leading underscore character. # a leading underscore character.
value = {k: v for (k, v) in value.__dict__.items() ob_dict = {k: v for (k, v) in value.__dict__.items() if k[:1] != '_'}
if k[:1] != '_'}
self.dump_struct(value, write) # If the instance attribute is a Zope object we also want to prevent
# disclosing it to users without at least View permission.
zope_objects = [(k, v) for (k, v) in ob_dict.items()
if isinstance(v, Base)]
if zope_objects:
sm = getSecurityManager()
for ob_id, ob in zope_objects:
if not sm.checkPermission(view, getattr(value, ob_id)):
del ob_dict[ob_id]
self.dump_struct(ob_dict, write)
# Override the standard marshaller for object instances # Override the standard marshaller for object instances
# to skip private attributes. # to skip private attributes.
xmlrpc.client.Marshaller.dispatch['_arbitrary_instance'] = dump_instance xmlrpc.client.Marshaller.dispatch['_arbitrary_instance'] = dump_instance
xmlrpc.client.Marshaller.dispatch[DateTime] = dump_instance xmlrpc.client.Marshaller.dispatch[DateTime] = dump_instance
def parse_input(data): def parse_input(data):
"""Parse input data and return a method path and argument tuple """Parse input data and return a method path and argument tuple
The data is a string. The data is a string.
 End of changes. 3 change blocks. 
3 lines changed or deleted 16 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)