From d7ea1dafe8a7fbea4d0e0dd0e2a90d5b4e242b2e Mon Sep 17 00:00:00 2001 From: Ned Batchelder Date: Thu, 2 May 2013 10:58:38 -0400 Subject: [PATCH] On second thought, make can_execute_unsafe_code a function returning a boolean. --- common/lib/capa/capa/responsetypes.py | 2 +- common/lib/capa/capa/tests/__init__.py | 2 +- common/lib/capa/capa/tests/test_responsetypes.py | 4 ++-- common/lib/xmodule/xmodule/x_module.py | 8 ++++---- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/common/lib/capa/capa/responsetypes.py b/common/lib/capa/capa/responsetypes.py index f7d285887e..1f71c828c3 100644 --- a/common/lib/capa/capa/responsetypes.py +++ b/common/lib/capa/capa/responsetypes.py @@ -504,7 +504,7 @@ class JavascriptResponse(LoncapaResponse): def call_node(self, args): # Node.js code is un-sandboxed. If the XModuleSystem says we aren't # allowed to run unsafe code, then stop now. - if not self.system.can_execute_unsafe_code: + if not self.system.can_execute_unsafe_code(): raise LoncapaProblemError("Execution of unsafe Javascript code is not allowed.") subprocess_args = ["node"] diff --git a/common/lib/capa/capa/tests/__init__.py b/common/lib/capa/capa/tests/__init__.py index da3a3524f4..ac81ff66c4 100644 --- a/common/lib/capa/capa/tests/__init__.py +++ b/common/lib/capa/capa/tests/__init__.py @@ -40,7 +40,7 @@ def test_system(): node_path=os.environ.get("NODE_PATH", "/usr/local/lib/node_modules"), anonymous_student_id='student', cache=None, - can_execute_unsafe_code=False, + can_execute_unsafe_code=lambda: False, ) return the_system diff --git a/common/lib/capa/capa/tests/test_responsetypes.py b/common/lib/capa/capa/tests/test_responsetypes.py index af6bdf823c..b9c2bfa3ae 100644 --- a/common/lib/capa/capa/tests/test_responsetypes.py +++ b/common/lib/capa/capa/tests/test_responsetypes.py @@ -747,7 +747,7 @@ class JavascriptResponseTest(ResponseTest): os.system("coffee -c %s" % (coffee_file_path)) system = test_system() - system.can_execute_unsafe_code = True + system.can_execute_unsafe_code = lambda: True problem = self.build_problem( system=system, generator_src="test_problem_generator.js", @@ -765,7 +765,7 @@ class JavascriptResponseTest(ResponseTest): # If the system says to disallow unsafe code execution, then making # this problem will raise an exception. system = test_system() - system.can_execute_unsafe_code = False + system.can_execute_unsafe_code = lambda: False with self.assertRaises(LoncapaProblemError): problem = self.build_problem( diff --git a/common/lib/xmodule/xmodule/x_module.py b/common/lib/xmodule/xmodule/x_module.py index 268eb4b40d..3a2bdb798e 100644 --- a/common/lib/xmodule/xmodule/x_module.py +++ b/common/lib/xmodule/xmodule/x_module.py @@ -702,7 +702,7 @@ class ModuleSystem(object): open_ended_grading_interface=None, s3_interface=None, cache=None, - can_execute_unsafe_code=False, + can_execute_unsafe_code=None, ): ''' Create a closure around the system environment. @@ -750,8 +750,8 @@ class ModuleSystem(object): .get(key) returns an object from the cache or None. .set(key, value, timeout_secs=None) stores a value in the cache with a timeout. - can_execute_unsafe_code - A boolean, whether or not to allow the execution - of unsafe, unsandboxed code. + can_execute_unsafe_code - A function returning a boolean, whether or + not to allow the execution of unsafe, unsandboxed code. ''' self.ajax_url = ajax_url @@ -778,7 +778,7 @@ class ModuleSystem(object): self.s3_interface = s3_interface self.cache = cache or DoNothingCache() - self.can_execute_unsafe_code = can_execute_unsafe_code + self.can_execute_unsafe_code = can_execute_unsafe_code or (lambda: False) def get(self, attr): ''' provide uniform access to attributes (like etree).'''