On Jun 3, 9:35 pm, Joe <joe.cwi...@gmail.com> wrote:
> Hello,
>
> I'm trying to implement a way to restrict method usage based on the
> caller's attributes. In the following example I'd like to execute the
> server method "bar" only if the caller's method has a "blue" value for
> it's color attribute.
>
> The current output is:
>
> blue
> red
> bar
> bar
>
> I'd like it to be:
>
> blue
> red
> bar
>
> I've worked my way through inspect but that doesn't seem to be the
> right approach.
>
> # Example
> class Client:
>
> def __init__(self, server):
> self.server=server
>
> def foo(self):
> self.server.bar()
>
> def fu(self):
> self.server.bar()
>
> foo.__dict__['color']='blue'
> fu.__dict__['color']='red'
>
> class BlueServer:
>
> def bar(self):
> """
> Goal is to only accept calls from "blue" client methods.
> Don't know how to do it :(
> """
> print "bar"
>
> s=BlueServer()
> c=Client(s)
> print c.foo.color
> print c.fu.color
> c.foo()
> c.fu()
>
> Thanks for your help!
>
> Joe
It is possible to get access to the code object of the parent
execution frame. Function objects are just wrappers for code objects
and are not part of the frame. You could do something with that
though...
_colors = {}
def color(c):
def decorator(f):
code = f.func_code
key = code.co_filename, code.co_firstlineno
_colors.setdefault(key, set()).add(c)
return f
return decorator
def require(c):
import sys
code = sys._getframe().f_back.f_back.f_code
key = code.co_filename, code.co_firstlineno
assert c in _colors.get(key, ())
def tryit():
require("blue")
@color("blue")
def bluefunc():
tryit()
@color("red")
def redfunc():
tryit()
Executing untrusted Python code is nigh impossible to make secure of
course. I'd suggest examining whether this is necessary. :-)
--
http://mail.python.org/mailman/listinfo/python-list
