gtg team mailing list archive

Thread
Date

[Merge] lp:~izidor/gtg/eval-cleanup into lp:gtg

To: mp+136021@xxxxxxxxxxxxxxxxxx
From: Izidor Matušov <izidor.matusov@xxxxxxxxx>
Date: Sat, 24 Nov 2012 19:44:23 -0000
Reply-to: mp+136021@xxxxxxxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

Izidor Matušov has proposed merging lp:~izidor/gtg/eval-cleanup into lp:gtg.

Requested reviews:
  Gtg developers (gtg)

For more details, see:
https://code.launchpad.net/~izidor/gtg/eval-cleanup/+merge/136021

Remove usage of eval for converting parameters read from config files into correct formats. Use instead better constructions:

int(x) => for numbers
x == "True" => for boolean values

Eval is potentionally harmful because it executes any python code you put in.
-- 
https://code.launchpad.net/~izidor/gtg/eval-cleanup/+merge/136021
Your team Gtg developers is requested to review the proposed merge of lp:~izidor/gtg/eval-cleanup into lp:gtg.

=== modified file 'GTG/core/__init__.py'
--- GTG/core/__init__.py	2012-11-01 10:09:06 +0000
+++ GTG/core/__init__.py	2012-11-24 19:43:21 +0000
@@ -106,8 +106,10 @@
             #Converting to the good type
             if name in self.__defaults:
                 ntype = type(self.__defaults[name])
-                if ntype in (bool, int) and type(toreturn) == str:
-                    toreturn = eval(toreturn)
+                if ntype == int:
+                    toreturn = int(toreturn)
+                elif ntype == bool and type(toreturn) == str:
+                    toreturn = toreturn == "True"
         elif name in self.__defaults:
             toreturn = self.__defaults[name]
             self.__conf[name] = toreturn

=== modified file 'GTG/core/plugins/engine.py'
--- GTG/core/plugins/engine.py	2012-07-13 17:24:28 +0000
+++ GTG/core/plugins/engine.py	2012-11-24 19:43:21 +0000
@@ -59,7 +59,7 @@
             except KeyError:
                 setattr(self, attr, [])
         # turn the enabled attribute into a bool
-        self.enabled = eval(info['Enabled'])
+        self.enabled = info['Enabled'] == "True"
         # ensure the dbus dependencies are a list
         if isinstance(self.dbus_depends, str):
             self.dbus_depends = [self.dbus_depends]

=== modified file 'GTG/gtk/editor/editor.py'
--- GTG/gtk/editor/editor.py	2012-08-26 16:41:47 +0000
+++ GTG/gtk/editor/editor.py	2012-11-24 19:43:21 +0000
@@ -168,15 +168,11 @@
             tid = self.task.get_id()
             if tid in self.config:
                 if "position" in self.config[tid]:
-                    pos = self.config[tid]["position"]
-                    self.move(pos[0],pos[1])
-                    #print "restoring position %s %s" %(pos[0],pos[1])
+                    x, y = self.config[tid]["position"]
+                    self.move(int(x), int(y))
                 if "size" in self.config[tid]:
-                    size = self.config[tid]["size"]
-                    #print "size %s - %s" %(str(size[0]), str(size[1]))
-                    #this eval(str()) is a ugly (!) hack to accept both int and str
-                    #FIXME: Fix this!
-                    self.window.resize(eval(str(size[0])),eval(str(size[1])))
+                    x, y = self.config[tid]["size"]
+                    self.window.resize(int(x), int(y))
 
         self.textview.set_editable(True)
         self.window.show()
@@ -520,7 +516,6 @@
             tid = self.task.get_id()
             if not tid in self.config:
                 self.config[tid] = dict()
-            #print "saving task position %s" %str(self.get_position())
             self.config[tid]["position"] = self.get_position()
             self.config[tid]["size"] = self.window.get_size()

Follow ups

Re: [Merge] lp:~izidor/gtg/eval-cleanup into lp:gtg
From: Nimit Shah, 2012-11-25