Update of /cvsroot/modeling/ZModeling/ZModelizationTool
In directory sc8-pr-cvs1:/tmp/cvs-serv2635/ZModelizationTool
Modified Files:
ZModelizationTool.py __init__.py README
Log Message:
ZModelizationTool:
- model's props page update: Oracle supported in core.
- Added the ability to load PyModels
- Removed the useless contraints on the 'id' which formerly should be
equal to 'modelization_tool'
- Added a security warning: the ZModelizationTool product may be
dangerous in a production environment.
Index: ZModelizationTool.py
===================================================================
RCS file: /cvsroot/modeling/ZModeling/ZModelizationTool/ZModelizationTool.py,v
retrieving revision 1.13
retrieving revision 1.14
diff -C2 -d -r1.13 -r1.14
*** ZModelizationTool.py 27 May 2003 19:49:17 -0000 1.13
--- ZModelizationTool.py 7 Sep 2003 13:51:42 -0000 1.14
***************
*** 111,116 ****
# Initialization
def __init__(self, id):
- if id!='modelization_tool':
- raise ValueError, 'id must be equal to modelization_tool'
self.id = id
ModelSet.__init__.im_func(self)
--- 111,114 ----
***************
*** 180,185 ****
def manage_importModel(self, file, REQUEST=None):
! "..."
! model=self.addModelFromXML({'string':file.read()})
model._p_changed=1
self._p_changed=1
--- 178,195 ----
def manage_importModel(self, file, REQUEST=None):
! "Imports a xml-model or a pymodel"
! if file.filename[-4:]=='.xml':
! model=self.addModelFromXML({'string':file.read()})
! else:
! # PyModel
! _code=file.read()
! local={'zmt_model':None}
! exec(_code+'''
! try: model.build()
! except RuntimeError: pass
! except NameError: raise NameError, "Import failed: the pymodel.py should store the PyModel in the variable \'model\'"
! zmt_model=model.component''') in {},local
! model=local['zmt_model']
! self.addModel(model)
model._p_changed=1
self._p_changed=1
Index: __init__.py
===================================================================
RCS file: /cvsroot/modeling/ZModeling/ZModelizationTool/__init__.py,v
retrieving revision 1.2
retrieving revision 1.3
diff -C2 -d -r1.2 -r1.3
*** __init__.py 10 Jan 2003 10:45:45 -0000 1.2
--- __init__.py 7 Sep 2003 13:51:43 -0000 1.3
***************
*** 27,33 ****
import ZModelizationTool
def initialize(context):
!
context.registerClass(
ZModelizationTool.ZModelizationTool,
--- 27,35 ----
import ZModelizationTool
+ import zLOG
def initialize(context):
! warning="Please do not leave the ZModelizationTool product in a production environment, especially now that it can load PyModel: PyModels are evaluated through an exec statement, hence leaving this product in a production environment may be a security hole\n"
! zLOG.LOG('ZModelizationTool', zLOG.WARNING, 'Reminder: Security Warning', warning)
context.registerClass(
ZModelizationTool.ZModelizationTool,
Index: README
===================================================================
RCS file: /cvsroot/modeling/ZModeling/ZModelizationTool/README,v
retrieving revision 1.1
retrieving revision 1.2
diff -C2 -d -r1.1 -r1.2
*** README 6 May 2003 16:29:48 -0000 1.1
--- README 7 Sep 2003 13:51:43 -0000 1.2
***************
*** 16,17 ****
--- 16,30 ----
The current documentation can be found in the User's Guide:
http://modeling.sourceforge.net/UserGuide/define-model.html
+
+
+ Security Warning
+ ----------------
+
+ Please do not leave the ZModelizationTool product in a production
+ environment, especially now that it can load PyModel: PyModels are evaluated
+ through an exec statement, hence leaving this product in a production
+ environment may be a security hole.
+
+ Moreover, you probably do not want to leave a product in a production
+ environment which may have the ability to drop and recreate a database, for
+ example.
|
