summaryrefslogtreecommitdiffstats
path: root/Doc/library/bastion.rst
blob: 8f103e7a02826c53991e73cc498a852a28e28b9c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64

:mod:`Bastion` --- Restricting access to objects
================================================

.. module:: Bastion
   :synopsis: Providing restricted access to objects.
   :deprecated:

.. deprecated:: 2.6
   The :mod:`Bastion` module has been removed in Python 3.0.

.. moduleauthor:: Barry Warsaw <bwarsaw@python.org>


.. versionchanged:: 2.3
   Disabled module.

.. note::

   The documentation has been left in place to help in reading old code that uses
   the module.

According to the dictionary, a bastion is "a fortified area or position", or
"something that is considered a stronghold."  It's a suitable name for this
module, which provides a way to forbid access to certain attributes of an
object.  It must always be used with the :mod:`rexec` module, in order to allow
restricted-mode programs access to certain safe attributes of an object, while
denying access to other, unsafe attributes.

.. I'm concerned that the word 'bastion' won't be understood by people
.. for whom English is a second language, making the module name
.. somewhat mysterious.  Thus, the brief definition... --amk

.. I've punted on the issue of documenting keyword arguments for now.


.. function:: Bastion(object[, filter[, name[, class]]])

   Protect the object *object*, returning a bastion for the object.  Any attempt to
   access one of the object's attributes will have to be approved by the *filter*
   function; if the access is denied an :exc:`AttributeError` exception will be
   raised.

   If present, *filter* must be a function that accepts a string containing an
   attribute name, and returns true if access to that attribute will be permitted;
   if *filter* returns false, the access is denied.  The default filter denies
   access to any function beginning with an underscore (``'_'``).  The bastion's
   string representation will be ``<Bastion for name>`` if a value for *name* is
   provided; otherwise, ``repr(object)`` will be used.

   *class*, if present, should be a subclass of :class:`BastionClass`;  see the
   code in :file:`bastion.py` for the details.  Overriding the default
   :class:`BastionClass` will rarely be required.


.. class:: BastionClass(getfunc, name)

   Class which actually implements bastion objects.  This is the default class used
   by :func:`Bastion`.  The *getfunc* parameter is a function which returns the
   value of an attribute which should be exposed to the restricted execution
   environment when called with the name of the attribute as the only parameter.
   *name* is used to construct the :func:`repr` of the :class:`BastionClass`
   instance.