[Lxml-checkins] r52107 - in lxml/trunk: . src/lxml src/lxml/tests
scoder at codespeak.net
scoder at codespeak.net
Mon Mar 3 19:41:59 CET 2008
Author: scoder
Date: Mon Mar 3 19:41:59 2008
New Revision: 52107
Modified:
lxml/trunk/ (props changed)
lxml/trunk/CHANGES.txt
lxml/trunk/TODO.txt
lxml/trunk/src/lxml/tests/test_xslt.py
lxml/trunk/src/lxml/xslt.pxi
Log:
r3698 at delle: sbehnel | 2008-03-03 11:49:57 +0100
constant instances DENY_ALL/DENY_WRITE on XSLTAccessControl class
Modified: lxml/trunk/CHANGES.txt
==============================================================================
--- lxml/trunk/CHANGES.txt (original)
+++ lxml/trunk/CHANGES.txt Mon Mar 3 19:41:59 2008
@@ -8,6 +8,9 @@
Features added
--------------
+* Constant instances ``DENY_ALL`` and ``DENY_WRITE`` on
+ ``XSLTAccessControl`` class.
+
* Extension elements for XSLT (experimental!)
* ``Element.base`` property returns the xml:base or HTML base URL of
Modified: lxml/trunk/TODO.txt
==============================================================================
--- lxml/trunk/TODO.txt (original)
+++ lxml/trunk/TODO.txt Mon Mar 3 19:41:59 2008
@@ -45,6 +45,13 @@
by libxml2 (patch exists)
+XSLT
+----
+
+* Support subclassing XSLTAccessControl to provide custom per-URL
+ access check methods
+
+
lxml 2.0
========
Modified: lxml/trunk/src/lxml/tests/test_xslt.py
==============================================================================
--- lxml/trunk/src/lxml/tests/test_xslt.py (original)
+++ lxml/trunk/src/lxml/tests/test_xslt.py Mon Mar 3 19:41:59 2008
@@ -819,6 +819,29 @@
self.assertEquals(root[3].get("value"),
'B')
+ def test_xslt_document_parse_allow(self):
+ access_control = etree.XSLTAccessControl(read_file=True)
+ xslt = etree.XSLT(etree.parse(fileInTestDir("test-document.xslt")),
+ access_control = access_control)
+ result = xslt(etree.XML('<a/>'))
+ root = result.getroot()
+ self.assertEquals(root.tag,
+ 'test')
+ self.assertEquals(root[0].tag,
+ '{http://www.w3.org/1999/XSL/Transform}stylesheet')
+
+ def test_xslt_document_parse_deny(self):
+ access_control = etree.XSLTAccessControl(read_file=False)
+ xslt = etree.XSLT(etree.parse(fileInTestDir("test-document.xslt")),
+ access_control = access_control)
+ self.assertRaises(etree.XSLTApplyError, xslt, etree.XML('<a/>'))
+
+ def test_xslt_document_parse_deny_all(self):
+ access_control = etree.XSLTAccessControl.DENY_ALL
+ xslt = etree.XSLT(etree.parse(fileInTestDir("test-document.xslt")),
+ access_control = access_control)
+ self.assertRaises(etree.XSLTApplyError, xslt, etree.XML('<a/>'))
+
def test_xslt_move_result(self):
root = etree.XML('''\
<transform>
Modified: lxml/trunk/src/lxml/xslt.pxi
==============================================================================
--- lxml/trunk/src/lxml/xslt.pxi (original)
+++ lxml/trunk/src/lxml/xslt.pxi Mon Mar 3 19:41:59 2008
@@ -180,6 +180,11 @@
- read_network
- write_network
+ For convenience, there is also a class member `DENY_ALL` that
+ provides an XSLTAccessControl instance that is readily configured
+ to deny everything, and a `DENY_WRITE` member that denies all
+ write access but allows read access.
+
See `XSLT`.
"""
cdef xslt.xsltSecurityPrefs* _prefs
@@ -194,6 +199,14 @@
self._setAccess(xslt.XSLT_SECPREF_READ_NETWORK, read_network)
self._setAccess(xslt.XSLT_SECPREF_WRITE_NETWORK, write_network)
+ DENY_ALL = XSLTAccessControl(
+ read_file=False, write_file=False, create_dir=False,
+ read_network=False, write_network=False)
+
+ DENY_WRITE = XSLTAccessControl(
+ read_file=True, write_file=False, create_dir=False,
+ read_network=True, write_network=False)
+
def __dealloc__(self):
if self._prefs is not NULL:
xslt.xsltFreeSecurityPrefs(self._prefs)
More information about the lxml-checkins
mailing list