Apache Mod-Python - Updated: (MODPYTHON-43) mod_python.publisher auth functions

This is Interesting: Free IT Magazines  
Home > Archive > Apache Mod-Python > February 2006 > Updated: (MODPYTHON-43) mod_python.publisher auth functions





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author Updated: (MODPYTHON-43) mod_python.publisher auth functions
Graham Dumpleton (JIRA)

2006-02-23, 5:47 pm

[ http://issues.apache.org/jira/brows...HON-43?page=all ]

Graham Dumpleton updated MODPYTHON-43:
--------------------------------------

Attachment: grahamd_20060224_MP43_1.diff

Patches attached as grahamd_20060224_MP43_1.diff.

If no one can see problems with this, I will commit change into repository for 3.3.

> mod_python.publisher auth functions access to globals
> -----------------------------------------------------
>
> Key: MODPYTHON-43
> URL: http://issues.apache.org/jira/browse/MODPYTHON-43
> Project: mod_python
> Type: Improvement
> Components: publisher
> Versions: 3.1.4
> Reporter: Graham Dumpleton
> Priority: Minor
> Attachments: grahamd_20060224_MP43_1.diff
>
> In the mod_python.publisher code, the code for performing basic authentication
> has in a few spots code of the form:
> if "__auth__" in func_code.co_names:
> i = list(func_code.co_names).index("__auth__")
> __auth__ = func_code.co_consts[i+1]
> if hasattr(__auth__, "co_name"):
> __auth__ = new.function(__auth__, globals())
> found_auth = 1
> What this does is that if the target of the request is a function and that function
> contains a nested function, which in this case is called "__auth__", then that
> nested function is turned into a callable object and is subsequently called to
> determine if the user is able to perform the request.
> In making the nested function callable, it uses "globals()". By using this though
> it is using the globals from the mod_python.publisher module and not the
> module which the nested function is contained within. This means that the
> following code will actually fail.
> import xxx
> def function(req):
> def __auth__(req,username,password):
> return xxx.auth(req,username,password)
> This is because the module "xxx" imported at global scope within the module isn't
> available to the nested function when it is called as it is seeing the globals of
> mod_python.publisher instead. To get around the problem, the import has to be
> local to the nested function.
> def function(req):
> def __auth__(req,username,password):
> import xxx
> return xxx.auth(req,username,password)
> Since in this case the auth function being called is a nested function, we know that
> we can actually grab the globals for the correct module by getting "func_globals"
> from the enclosing function.
> if "__auth__" in func_code.co_names:
> i = list(func_code.co_names).index("__auth__")
> __auth__ = func_code.co_consts[i+1]
> if hasattr(__auth__, "co_name"):
> __auth__ = new.function(__auth__, object.func_globals)
> found_auth = 1
> Ie., instead of "globals()", use "object.func_globals" where "object is the enclosing
> function object.

Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com