couchdb-python icon indicating copy to clipboard operation
couchdb-python copied to clipboard
verified publisher icon djc

Merge query server from kxepal/viewserver

Open iblislin opened this issue 9 years ago • 14 comments

Hi! I read #268 and i really want the python query server!

This PR import the code from kxepal/couchdb-python@9145545. And i modified the code in order to support python3.

The test cases from @kxepal is included.

To be honest, i do not test it with my couch yet. i just want to send this PR as soon as possible. And i do not review whole the code base, i just make the testing pass. So please test and review it carefully. :smile:

I listed some idea needed everyone's feedback or potential problem here:

  • Test with pypy
    • performance benchmark
  • Threading/multiprocessing support
  • Security aspect
    • prevent dangerous import e.g. import socket, os
  • Documentation

iblislin avatar Mar 15 '16 13:03 iblislin

Awesome! Thank you!

As for security: forget about it. There is no safe sandboxing for Python, unless PyPy, but it's not proven to be secure AFAIK.

kxepal avatar Mar 15 '16 13:03 kxepal

Hi @kxepal ~~Long time age~~ I have tried this https://pypi.python.org/pypi/RestrictedPython

Not sure this package is python3 ready or not, and it seems unmaintained. Maybe we can try it out and fork it.

iblislin avatar Mar 15 '16 14:03 iblislin

Hi @iblis17 If you're interested there were quite comprehensive discussion about sanboxing Python on python-dev@ ML. Check "Reviving restricted mode?" and "The pysandbox project is broken" threads there (sorry, I'm not sure how to provide link to them with a nicer readable UI as my mail client). TL;DR - don't waste a time. Worth to check PyPy sandbox project though.

kxepal avatar Mar 15 '16 14:03 kxepal

:-o I will check out PyPy sandbox project.

iblislin avatar Mar 15 '16 14:03 iblislin

Hey! I think it's great that you want to work on this. However, my concerns from #268 are pretty much still the same. Would you be up for creating a commit series following the plan outlined by @kxepal in that PR to bring us from the current state to your end state in a clean series?

djc avatar Mar 15 '16 19:03 djc

Hi @djc! Ok. I will make it. I need more time to understand the code for creating the commit series.

I will create a new branch to work on and let this branch un-rebased. Everyone can test/file bugs with this branch first.

@kxepal when I need your help, may I discuss here? or do we have irc channel?

iblislin avatar Mar 16 '16 02:03 iblislin

@iblis17 Feel free here anytime. Here we have a code as context, so it would be easy to talk about it.

kxepal avatar Mar 16 '16 06:03 kxepal

@iblis17 very happy to hear that you want to take this on! Please let us know at any point if you need help.

djc avatar Mar 16 '16 19:03 djc

@kxepal Do you mind if i commit with author=kxepal like this?

iblislin avatar Mar 21 '16 02:03 iblislin

@iblis17 I'm fine with either, just forget about the work you'd done (;

kxepal avatar Mar 21 '16 06:03 kxepal

@iblis17 how are you doing? Do you think you'll be able to finish this?

djc avatar Apr 27 '16 18:04 djc

@djc I'm sorry for my procrastination.

busy until next week... I hope that i can finish it in two weeks.

iblislin avatar Apr 28 '16 04:04 iblislin

I think the progress is about 40% now....

iblislin avatar May 13 '16 17:05 iblislin

Woo, cool! Maybe you can just start a new pull request with what you've got so far. Assuming it doesn't break any of the test cases we currently have, we can start to merge it already.

djc avatar May 13 '16 19:05 djc