Difference between revisions of "Fetching scripts"

From PyMOLWiki
Jump to: navigation, search
(Created page with "= Overview = I'm considering building in a mechanism for automatically fetching scripts from PyMOLWiki. The goal is to allow users to say <source lang="python"> fetch findSurfac...")
 
m
Line 15: Line 15:
 
Running untrusted code is trouble. Some ideas
 
Running untrusted code is trouble. Some ideas
  
* We could have a page that only administrators are allowed to edit that links to approved scripts
+
* We could have a page that only administrators are allowed to edit that links to approved scripts
* We should print a warning each time a new script is fetched anyway
+
* We should print a warning each time a new script is fetched anyway
* Can fetched scripts persist across saved sessions? Perhaps not.
+
* Can fetched scripts persist across saved sessions? Perhaps not.
  
 
== Validation ==
 
== Validation ==
  
* How will users know that their script is doing the correct thing
+
* How will users know that their script is doing the correct thing
* Perhaps we should have two classes of scripts: approved and validated
+
* Perhaps we should have two classes of scripts: approved and validated

Revision as of 14:23, 18 April 2011

Overview

I'm considering building in a mechanism for automatically fetching scripts from PyMOLWiki. The goal is to allow users to say

fetch findSurfaceResidues, type=script
findSurfaceResidues doShow=True, cutoff=0.5

The convenience benefits are obvious, and I think that lowering the barrier to script usage will greatly increase both the number of people who use various scripts and the incentive to place scripts on the wiki.

Issues

Security

Running untrusted code is trouble. Some ideas

  • We could have a page that only administrators are allowed to edit that links to approved scripts
  • We should print a warning each time a new script is fetched anyway
  • Can fetched scripts persist across saved sessions? Perhaps not.

Validation

  • How will users know that their script is doing the correct thing
  • Perhaps we should have two classes of scripts: approved and validated