Purpose of safe_eval in python odoo

Question

the purpose of safe_eval in Python odoo? and use of safe_eval. I have checked with few custom modules, they have safe eval function.

Already asked? https://stackoverflow.com/questions/28369/is-safe-eval-really-safe — Richard Housham, Jul 27 '17 at 15:25

score 9 · Accepted Answer · answered Jul 27 '17 at 13:26

safe_eval:

Module which contains methods intended to provide more restricted alternatives to evaluate simple and/or untrusted code.
Methods in this module are typically used as alternatives to eval() to parse OpenERP domain strings, conditions and expressions, mostly based on locals condition/math builtins.

Usage:

safe_eval(expression[, globals[, locals[, mode[, nocopy]]]]) -> result

System-restricted Python expression evaluation

Evaluates a string that contains an expression that mostly uses Python constants, arithmetic expressions and the objects directly provided in context.

This can be used to e.g. evaluate an OpenERP domain expression from an untrusted source.

throws TypeError: If the expression provided is a code object
throws SyntaxError: If the expression provided is not valid Python
throws NameError: If the expression provided accesses forbidden names
throws ValueError: If the expression provided uses forbidden bytecode

@Annadurai You should mark the answer, as *the* answer by clicking in check mark. Please, do so, it's good manners. — manu, Aug 02 '17 at 00:08
You should also note that `safe_eval` re-cast any other exception into ValueError. — manu, Aug 02 '17 at 00:09

Purpose of safe_eval in python odoo

1 Answers1