Change how we fallback to not_safe_exec.

Edx-platform will be using not_safe_exec in some cases, and we don't want to log a warning in those cases, so only log when it's an aliased fallback, not when the function is called directly.

Change how we fallback to not_safe_exec.
Edx-platform will be using not_safe_exec in some cases, and we don't want to log a warning in those cases, so only log when it's an aliased fallback, not when the function is called directly.
0a1b468d · Ned Batchelder · 045e0916 · 0a1b468d · 0a1b468d
Commit 0a1b468d authored Jun 06, 2013 by Ned Batchelder
Hide whitespace changes
Inline Side-by-side

Showing with 18 additions and 10 deletions

codejail/safe_exec.py
+17 -9

codejail/tests/test_safe_exec.py
+1 -1

No files found.
--- a/codejail/safe_exec.py
+++ b/codejail/safe_exec.py
@@ -185,11 +185,6 @@ def not_safe_exec(code, globals_dict, files=None, python_path=None, slug=None):
    and modifying sys.path.
    """
-    # Because it would be bad if this function were used in production, let's
-    # log a warning when it is used.  Developers can can live with one more
-    # log line.
-    log.warning("Using codejail/safe_exec.py:not_safe_exec")
    g_dict = json_safe(globals_dict)
    with temp_directory() as tmpdir:
@@ -216,7 +211,20 @@ def not_safe_exec(code, globals_dict, files=None, python_path=None, slug=None):
    globals_dict.update(json_safe(g_dict))
-# Running Python code in the sandbox makes it difficult to debug.
+# If the developer wants us to be unsafe (ALWAYS_BE_UNSAFE), or if there isn't
-NO_SAFE_PYTHON = not jail_code.is_configured("python")
+# a configured jail for Python, then we'll be UNSAFE.
-if ALWAYS_BE_UNSAFE or NO_SAFE_PYTHON:   # pragma: no cover
+UNSAFE = ALWAYS_BE_UNSAFE or not jail_code.is_configured("python")
-    safe_exec = not_safe_exec
+if UNSAFE:   # pragma: no cover
+    # Make safe_exec actually call not_safe_exec, but log that we're doing so.
+    def safe_exec(*args, **kwargs):                 # pylint: disable=E0102
+        """An actually-unsafe safe_exec, that warns it's being used."""
+        # Because it would be bad if this function were used in production,
+        # let's log a warning when it is used.  Developers can can live with
+        # one more log line.
+        slug = kwargs.get('slug', None)
+        log.warning("Using codejail/safe_exec.py:not_safe_exec for %s", slug)
+        return not_safe_exec(*args, **kwargs)
--- a/codejail/tests/test_safe_exec.py
+++ b/codejail/tests/test_safe_exec.py
@@ -96,7 +96,7 @@ class TestNotSafeExec(SafeExecTests, unittest.TestCase):
    def setUp(self):
        # If safe_exec is actually an alias to not_safe_exec, then there's no
        # point running these tests.
-        if safe_exec is not_safe_exec:      # pragma: no cover
+        if safe_exec.UNSAFE:                    # pragma: no cover
            raise SkipTest
    def safe_exec(self, *args, **kwargs):