-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, 19 Mar 2003, Sean Riley wrote: Thanks for your response!
The "Module not allowed" exception means that you need to call setCopierForClass for the class. This maps a server-side class string to a client side class so the Jelly knows what type of object to create on the client. For example:
pb.setCopierForClass('MyApp.game.server.door.Door', RemoteDoor)
This is usually done at the bottom of the file that the class client-side is defined in.
I thought this was what pb.SetUnjellableForClass() was for... Inspecting pb.py leads to flavors.py, where I see that setCopierForClass is actually a reference to setUnjellyableForClass. So I'm already doing this -- note that I'm not getting class not allowed exceptions, but module not allowed. Moreover following the logic through to it's culmination in jelly.SecurityOptions.allowTypes(), I still can't see how this could affect which modules are allowed. It looks like I need to call jelly.globalSecurity.allowInstancesOf() directly. Probably in a similar manner to how jelly.SetUnjellyableForClass() calls globalSecuirty.allowTypes(). Actually, this looks like a bug: shouldn't SetUnjellyableForClass() call allowInstancesOf() rather than allowTypes()?
As far the inheritance, you should only to inherit from RemoteCopy for client side objects, not both pb.Copyable and pb.RemoteCopy...
The objects can go both ways, and so it is easiest to set them all to inherit from both. This is what's suggested by the documention, so i figured it shouldn't hurt anything.
The "setCopyableState" idiom for constructing remote classes may seem onerous at first, but its use really is necessary. Distributed objects _are_ different from regular local objects and the requirements for managing them are different too. One of the benefits of PB is its inherent security model - it is far more secure and resistant to hackery than using Pickle. Pickle's internal use of Python's eval function makes it very scary to unserialized Pickled objects on a server...
I do like the security, and many aspects of the architecture are quite nice! Looking more closely at jelly.py I see that I probably don't need to worry about setCopyableState(), as it seems to do it's business without relying upon __init__, and thus __init__ can still be used traditionally. - -Jasper
-----Original Message----- Sent: Wednesday, March 19, 2003 6:04 PM Subject: [Twisted-Python] Problems with PB and Jelly...
I'm new to twisted, and attempting to use it for networkable gaming; unfortunately I've run into some problems.
I have a Perspective <-> Referenceable server/client setup, and am trying to pass objects between them. Following the online docs I've set all the relavent classes to inherit from pb.Copyable + pb.RemoteCopy, and passed them all to pb.setUnjellyableForClass.
However, I still get "Module not allowed" exceptions raised in twisted.spread.jelly.py line 523. Looking more closely, I see that modules are not allowed unless passed to SecurityOptions.allowModules(), which is only called from SecurityOptions.allowInstancesOf(), which is not exposed through pb...
In short I don't see how the example code on: http://twistedmatrix.com/documents/howto/pb-copyable could possibly work! Is it indeed necessary to call allowInstancesOf() directly? Hopefully I am just missing something... :-)
I'm also unsure what to make of the last bullet under "Things To Watch Out For" on the above webpage. It seems unsure whether using __init__ to initialize transferable objects is ok... Must I truly go and hack all my objects to not use __init__, and instead use setCopyableState()?
This, especially when combined with the need to inherit from pb.Copyable + pb.RemoteCopy, seems onerous when compared to the minimal interface of pickle. I would like to be able to simple pass objects of arbitrary classes, provided I've registered them as UnJellyable. Hopefully I'm missing something here as well!
Thanks in advance, - -Jasper -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org
iD8DBQE+ej658EpjZ7/X9bIRAn6SAKDQ3sl9QMcFYIU3OoOyh6Sh+AFqOACggT0m PnpcFNBsxqhPk9ioke8picY= =9G/G -----END PGP SIGNATURE-----