PyCon DC 2004
Quixote is another Web application framework. Its servlet lookup technique is very Pythonic: you place your servlet hierarchy in an importable Python package. Quixote processes the URL parts from left to right, using getattr() to find each part. This allows wide flexibility: each part can be a submodule, class, instance or anything else that has attributes. Eventually Quixote should find something callable: a function, a method or an instance with a .__call__ method. It calls that with a request data structure, and the return value is the HTML string (or an instance of a streaming class). At each step three special attributes in the parent affect the behavior:
._q_public (list of strings, required)
Must list the subattribute. If the subattribute is missing or ._q_public is missing, Quixote pretends it couldn't find the subattribute. That's to prevent accidentally publishing private objects.
._q_access (function/method, optional)
May raise AccessError to forbid the request.
._q_index (function/method, optional)
Saves the day if Quixote falls off the end of the URL without finding something callable; akin to index.html.
._q_lookup (function/method, optional)
Wildcard attribute if no specific attribute matches; akin to Python's .__getattr__().
But the most interesting aspect of Quixote is its template system, PTL. It's useful not only in Web servlets but in a wide variety of applications. Unlike Nevow and most template systems that have placeholders in the text, PTL embeds the text as string literals in a function. For instance:
# example.ptl def cell [html] (content): '<td>' content '</td>' def ordinary(): # An ordinary Python function. return "Result."
To use it:
import quixote; quixote.enable_ptl import example print example.cell("Acme & Co.") # Prints "<td>Acme & Co.</td>".
enable_ptl installs an import hook, which tells import how to load *.ptl files, compile them and write *.ptlc files. [html] is a decorator as described in Guido's keynote above. Because Python doesn't yet have a decorator syntax built in, PTL has to fake it. The PTL compiler captures the literal result of each expression or string--what Python's interactive mode would have printed--and concatenates them into a return value. This is something I've often wished Python or Cheetah could do, and here it is. PTL seems more suited for templates with smallish blocks of text and a lot of calculations than for templates with multi-page static text and only a few placeholders.
The [html] decorator automatically HTML-escapes expression results and arguments but does not escape literals. This is usually what you want, because results may come from an untrusted source, but literals are presumably correct. The return value is a pseudo string, an htmltext instance, used to protect it from further escaping should it be passed to another [html] function. There's also another decorator, [plain], which does all the concatenation goodies without the escaping and is suitable for your non-HTML applications.
I went to the Atop talk because the summary said BSDDB. I thought, "Well, anything about Berkeley DB will be mildly interesting." It turned out to be majorly interesting, because Atop is an object database built on top of Berkeley DB. How did they know I recently had been looking for Python object databases besides ZODB?
The session paper is not on-line, but the SubEthaEdit notes are. All serializable objects must subclass or be Item. Every item has a unique numeric ID; there's no physical nesting of objects. However, a Pool acts like a list and gives the illusion of nesting. In reality it contains pointers to the various raw items. Pools can be queried, for instance:
pool = store.getItemByID(7) # 'store' is an open database. for item in pool.queryIndex('name', startKey='Bob'): # Loop through all elements whose 'name' attribute is >= 'Bob'. print item.name
Berkeley DB is reliable, fast, easy to install and fully integrated with Python. Several other projects use it, including MySQL (as an optional table format) and Subversion. However, it's extremely difficult to use correctly, and the dangers include data corruption. Fortunately, Atop takes care of these problems so you don't have to.
Atop currently is distributed as part of divmod.org's Quotient package, a Twisted server that's described next.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Death of RoboVM
- BitTorrent Inc.'s Sync
- The Humble Hacker?
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- ACI Worldwide's UP Retail Payments
- New Container Image Standard Promises More Portable Apps
- AdaCore's SPARK Pro
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide