Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Zope developer book - chapter security - missing info about implications of docstrings? #770

Open
jugmac00 opened this issue Jan 28, 2020 · 5 comments
Assignees

Comments

@jugmac00
Copy link
Member

I just read through the chapter 8 of the Zope developer book "Security" (https://zope.readthedocs.io/en/latest/zdgbook/Security.html), and I could not find any mention of what adding or leaving out docstrings do to the accessibility of methods through the web.

@d-maurer gave me a hint about what happens when you add a docstring to a method:
zopefoundation/Products.ZCatalog#89 (comment)

Shouldn't this be mentioned in the documentation?

Especially in this list?
https://zope.readthedocs.io/en/latest/zdgbook/Security.html#details-of-the-default-zope-security-policy

P.S.: Thanks for updating the chapter!!!

@jugmac00
Copy link
Member Author

Also, after reading the security chapter, I do not understand why in the following example the docstring matters, as there is an explicit security declaration:
zopefoundation/Products.ZCatalog#89 (review)

@perrinjerome
Copy link
Contributor

In my understanding, the docstrings matters only for publishing (when an object or method is accessed by URL in an HTTP request) and not for "restricted python security" (when accessing objects or methods in restricted python scripts).

The relevant documentation seems to be
https://zope.readthedocs.io/en/latest/zdgbook/ObjectPublishing.html#publishable-object-requirements and https://zope.readthedocs.io/en/latest/zdgbook/Security.html#how-the-security-policy-relates-to-zope-s-publishing-machinery explains the relation between the two.

@jugmac00
Copy link
Member Author

Thanks for your input. I guess I still need to read more about this topic and maybe play around in an instance to fully grasp that concept.

  • method with security.declareProtected -> View => only logged in users/with permission View
  • method without security declaration without docstring => nobody
  • method without security declaration with docstring => everybody
  • method with security.declarationPublic => everybody
  • method with leading underscore....

Basically I'd have to create a matrix with

  • 3x different security declarations + without declaration
  • with or without docstring
  • with or without leading underscore
    => 4 x 2 x 2 => 16 different possibilities?

@icemac
Copy link
Member

icemac commented Jan 31, 2020

A leading underscore makes a method always private. (This might be changed by using TrustedExacutables.) The doctoring should only be taken into account if there is no security declaration. I created #774 to discuss the meaning of docstrings.

@d-maurer
Copy link
Contributor

d-maurer commented Jan 31, 2020 via email

dhavlik pushed a commit to dhavlik/Zope that referenced this issue May 14, 2020
dhavlik pushed a commit to dhavlik/Zope that referenced this issue May 14, 2020
@dhavlik dhavlik self-assigned this May 14, 2020
icemac pushed a commit that referenced this issue May 14, 2020
* #770 mention the doc string restriction when publishing in security chapter
* #770 mention the doc string restriction in the overview list of the default security policy
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

5 participants