allow `@` expressions - Githubissues

zopefoundation / RestrictedPython

A restricted execution environment for Python to run untrusted code.

http://restrictedpython.readthedocs.io/

Other

456 stars 38 forks source link

allow `@` expressions #269

Closed rawwerks closed 6 months ago

rawwerks commented 7 months ago

this commit updates transformers.py to allow @ expressions. would close https://github.com/zopefoundation/RestrictedPython/issues/268.

icemac commented 7 months ago

Thank you for your pull request. We are currently asserting that @ is not supported. Could you come up with a test asserting that the @-operator works?

rawwerks commented 7 months ago

this is a bit above my pay-grade, so please accept my apologies if i am totally misunderstanding how the tests work.

i'm trying to follow the examples of test_functiondef.py...what about something like this?

def test_RestrictingNodeTransformer__visit_MatMult__1():
    """It allows the `@` operator for matrix multiplication."""
    source_code = """
class MatMulSupport:
    def __matmul__(self, other):
        return "MatMul Operation Allowed"

def test_matmul():
    a = MatMulSupport()
    b = MatMulSupport()
    return a @ b

result = test_matmul()
"""
    result = compile_restricted_exec(source_code)
    assert result.errors == (functiondef_err_msg)

(i'm so unsure of myself that i'm hoping to get feedback before updating the PR)

...or maybe there is a simpler way to just make a foo test...

def foo(a, b):
    return a @ b

rawwerks commented 7 months ago

ok wait, this is probably the better place to do it: https://github.com/zopefoundation/RestrictedPython/pull/269/commits/959ac23ee015ba2c4aad0f3e98d1cc502689e350

(maybe not the right way, but i think it should work)

icemac commented 7 months ago

I think I understood the idea of the test and I think I can get it working, but first we need some general paperwork:

Thank you for your contribution.

According to the contributing policies of the zopefoundation organization you need to sign a contributor agreement before any non-trivial change can be merged. For details please consult the Contributing guidelines for zopefoundation projects.

rawwerks commented 7 months ago

i'm reviewing the document.

in the meantime, hopefully we can do this:

this pull request (https://github.com/zopefoundation/RestrictedPython/pull/269) by Raymond Weitekamp (rawwerks) is marked with CC0 1.0 Universal.

icemac commented 6 months ago

@rawwerks Thank you for putting your changes into public domain. I'll come up with a new PR containing your changes. @loechel Please the the changes in https://github.com/zopefoundation/.github/blob/master/CONTRIBUTING.md regarding CC0 contributions.

icemac commented 6 months ago

I created #270 as followup PR.

loechel commented 6 months ago

@icemac how should I please or approve https://github.com/zopefoundation/.github/pull/8 if it is already merged? I am fine with it, and it makes sense for simple contributions, where people don't want to sign the contributor agreement.

icemac commented 6 months ago

@loechel Sorry, I did not check what I wrote, I meant: "Please see the changes in …" in case you were not aware of them.