使用实现的权限规则共享插件资源

class SharedResources: # Here should be a shared resource manager that I tried to write # but got stuck. That's why I ask this long and convoluted question! # Some beginning: def __init__ (self, owner): self.owner = owner def __call__ (self): # Here we should return some object that will do # required stuff. Read more for details. pass class plugin (dict): def __init__ (self, filename): dict.__init__(self) # Here some checks and filling with secure versions of __builtins__ etc. # ... self["__name__"] = "__main__" self["__file__"] = filename # Add a shared resources manager to this plugin self["SharedResources"] = SharedResources(filename) # And then: execfile(filename, self, self) # Expose the plug-in interface to outside world: def __getattr__ (self, a): return self[a] def __setattr__ (self, a, v): self[a] = v def __delattr__ (self, a): del self[a] # Note: I didn't use self.__dict__ because this makes encapsulation easier. # In future I won't use object itself at all but separate dict to do it. For now let it be ---------------------------------------- # An example of two scripts that would use shared resource and be run with plugins["name"] = plugin("<filename>"): # Presented code is same in both scripts, what comes after will be different. def loadSomeResource (): # Do it here... return loadedresource # Then Load this resource if it's not already loaded in shared resources, if it isn't then add loaded resource to shared resources: shr = SharedResources() # This would be an instance allowing access to shared resources if not shr.has_key("Default Resources"): shr.create("Default Resources") if not shr["Default Resources"].has_key("SomeResource"): shr["Default Resources"].add("SomeResource", loadSomeResource()) resource = shr["Default Resources"]["SomeResource"] # And then we use normally resource variable that can be any object. # Here I Used category "Default Resources" to add and/or retrieve a resource named "SomeResource". # I want more categories so that plugins that deal with audio aren't mixed with plug-ins that deal with video for instance. But this is not strictly needed. # Here comes code specific for each plug-in that will use shared resource named "SomeResource" from category "Default Resources". ... # And end of plugin script! ---------------------------------------- # And then, in main program we load plug-ins: import os plugins = {} # Here we store all loaded plugins for x in os.listdir("plugins"): plugins[x] = plugin(x)

# Dict that will hold a category of resources (should implement some security): class ResourceCategory (dict): def __getattr__ (self, i): return self[i] def __setattr__ (self, i, v): self[i] = v def __delattr__ (self, i): del self[i] SharedResources = {} # Resource pool class ResourceManager: def __init__ (self, owner): self.owner = owner def add (self, category, name, value): if not SharedResources.has_key(category): SharedResources[category] = ResourceCategory() SharedResources[category][name] = value def get (self, category, name): return SharedResources[category][name] def rem (self, category, name=None): if name==None: del SharedResources[category] else: del SharedResources[category][name] def __call__ (self, category): if not SharedResources.has_key(category): SharedResources[category] = ResourceCategory() return SharedResources[category] __getattr__ = __getitem__ = __call__ # When securing, this must not be left as this, it is unsecure, can provide a way back to SharedResources pool: has_category = has_key = SharedResources.has_key

class plugin(dict): def __init__ (self, path, owner): dict.__init__() self["__name__"] = "__main__" # etc. etc. # And when adding resource manager to the plugin, register it with this plugin as an owner self["SharedResources"] = ResourceManager(owner) # ... execfile(path, self, self) # ...

#----------------------------------- # Get a category we want. (Using __call__() ) Note: If a category doesn't exist, it is created automatically. AudioResource = SharedResources("Audio") # Use an MP3 resource (let say a bytestring): if not AudioResource.has_key("Beep"): f = open("./sounds/beep.mp3", "rb") Audio.Beep = f.read() f.close() # Take a reference out for fast access and nicer look: beep = Audio.Beep # BTW, immutables doesn't propagate as references by themselves, doesn't they? A copy will be returned, so the RAM space usage will increase instead. Immutables shall be wrapped in a composed data type.

1条回答

网友

1楼 · 发布于 2024-09-30 08:14:39

所以，我的一般做法是这样。你知道吗

拥有一个中央共享资源池。通过此池的访问对每个人都是只读的。将所有数据打包到共享池中，这样“按规则玩”的人就不能编辑其中的任何内容。
每个代理（插件）在加载它时维护它“拥有”的知识。它为自己保留一个读/写引用，并向集中式只读池注册对资源的引用。
当一个插件被加载时，它会得到一个对中央只读池的引用，这个池可以注册新的资源。

因此，仅针对python本机数据结构（而不是自定义类的实例）的问题，一个相当封闭的只读实现系统如下所示。请注意，用于锁定它们的技巧与其他人用来绕过这些锁的技巧是相同的，因此如果有一点python知识的人正在积极尝试打破沙盒，那么沙盒是非常弱的。你知道吗

import collections as _col
import sys

if sys.version_info >= (3, 0):
    immutable_scalar_types = (bytes, complex, float, int, str)
else:
    immutable_scalar_types = (basestring, complex, float, int, long)

# calling this will circumvent any control an object has on its own attribute lookup
getattribute = object.__getattribute__

# types that will be safe to return without wrapping them in a proxy
immutable_safe = immutable_scalar_types

def add_immutable_safe(cls):
    # decorator for adding a new class to the immutable_safe collection
    # Note: only ImmutableProxyContainer uses it in this initial
    # implementation
    global immutable_safe
    immutable_safe += (cls,)
    return cls

def get_proxied(proxy):
    # circumvent normal object attribute lookup
    return getattribute(proxy, "_proxied")

def set_proxied(proxy, proxied):
    # circumvent normal object attribute setting
    object.__setattr__(proxy, "_proxied", proxied)

def immutable_proxy_for(value):
    # Proxy for known container types, reject all others
    if isinstance(value, _col.Sequence):
        return ImmutableProxySequence(value)
    elif isinstance(value, _col.Mapping):
        return ImmutableProxyMapping(value)
    elif isinstance(value, _col.Set):
        return ImmutableProxySet(value)
    else:
        raise NotImplementedError(
            "Return type {} from an ImmutableProxyContainer not supported".format(
                type(value)))

@add_immutable_safe
class ImmutableProxyContainer(object):

    # the only names that are allowed to be looked up on an instance through
    # normal attribute lookup
    _allowed_getattr_fields = ()

    def __init__(self, proxied):
        set_proxied(self, proxied)

    def __setattr__(self, name, value):
        # never allow attribute setting through normal mechanism
        raise AttributeError(
            "Cannot set attributes on an ImmutableProxyContainer")

    def __getattribute__(self, name):
        # enforce attribute lookup policy
        allowed_fields = getattribute(self, "_allowed_getattr_fields")
        if name in allowed_fields:
            return getattribute(self, name)
        raise AttributeError(
            "Cannot get attribute {} on an ImmutableProxyContainer".format(name))

    def __repr__(self):
        proxied = get_proxied(self)
        return "{}({})".format(type(self).__name__, repr(proxied))

    def __len__(self):
        # works for all currently supported subclasses
        return len(get_proxied(self))

    def __hash__(self):
        # will error out if proxied object is unhashable
        proxied = getattribute(self, "_proxied")
        return hash(proxied)

    def __eq__(self, other):
        proxied = get_proxied(self)
        if isinstance(other, ImmutableProxyContainer):
            other = get_proxied(other)
        return proxied == other


class ImmutableProxySequence(ImmutableProxyContainer, _col.Sequence):

    _allowed_getattr_fields = ("count", "index")

    def __getitem__(self, index):
        proxied = get_proxied(self)
        value = proxied[index]
        if isinstance(value, immutable_safe):
            return value
        return immutable_proxy_for(value)


class ImmutableProxyMapping(ImmutableProxyContainer, _col.Mapping):

    _allowed_getattr_fields = ("get", "keys", "values", "items")

    def __getitem__(self, key):
        proxied = get_proxied(self)
        value = proxied[key]
        if isinstance(value, immutable_safe):
            return value
        return immutable_proxy_for(value)

    def __iter__(self):
        proxied = get_proxied(self)
        for key in proxied:
            if not isinstance(key, immutable_scalar_types):
                # If mutable keys are used, returning them could be dangerous.
                # If owner never puts a mutable key in, then integrity should
                # be okay. tuples and frozensets should be okay as keys, but
                # are not supported in this implementation for simplicity.
                raise NotImplementedError(
                    "keys of type {} not supported in "
                    "ImmutableProxyMapping".format(type(key)))
            yield key


class ImmutableProxySet(ImmutableProxyContainer, _col.Set):

    _allowed_getattr_fields = ("isdisjoint", "_from_iterable")

    def __contains__(self, value):
        return value in get_proxied(self)

    def __iter__(self):
        proxied = get_proxied(self)
        for value in proxied:
            if isinstance(value, immutable_safe):
                yield value
            yield immutable_proxy_for(value)

    @classmethod
    def _from_iterable(cls, it):
        return set(it)

注意：这只在Python3.4上测试过，但我尝试编写它，使其与Python2和Python3兼容。你知道吗

使共享资源的根成为字典。给插件一个ImmutableProxyMapping的字典。你知道吗

private_shared_root = {}
public_shared_root = ImmutableProxyMapping(private_shared_root)

创建一个API，插件可以在其中向public_shared_root注册新资源，可能是先到先得（如果它已经存在，就不能注册）。用你知道需要的任何容器，或者任何你想与所有插件共享但你想成为只读的数据，预先填充private_shared_root。你知道吗

如果共享根映射中键的约定都是字符串（如文件系统路径（/home/dalen/local/python）或点路径（如python库对象（os.path.expanduser））可能会很方便。这样一来，如果插件试图向池中添加相同的资源，那么冲突检测将是即时的、琐碎的/显而易见的。你知道吗

相关问题更多 >

编程相关推荐

热门问题

热门文章