簡單介紹:
說明: 在指定命名空間中計算參數字符串的有效表達式,并返回一個對象,
Help?on?built-in?function?eval?in?module?__builtin__:eval(...)eval(source[,?globals[,?locals]])?->?valueEvaluate?the?source?in?the?context?of?globals?and?locals.The?source?may?be?a?string?representing?a?Python?expressionor?a?code?object?as?returned?by?compile().The?globals?must?be?a?dictionary?and?locals?can?be?any?mapping,defaulting?to?the?current?globals?and?locals.If?only?globals?is?given,?locals?defaults?to?it.技巧: eval很危險,因為它默認在當前命名空間中解析語句表達式,但它支持設定命名空間防止當前命名空間被污染,可以有效防止注入
最佳實踐:
#!/usr/bin/env?python
#?-*-?coding:?utf-8?-*-
"""
#
#?Authors:?limanman
#?OsChina:?http://xmdevops.blog.51cto.com/
#?Purpose:
#
"""
#?說明:?兼容絕對導入
from?__future__?import?absolute_import
#?說明:?導入公共模塊
import?time
import?operator
#?說明:?導入其它模塊
from?.alarm?import?alarm_template
from?.alarm.api?import?weixin_notifydef?avg(alarmtmplist,?redis_key,?trigg_key,?trigg_val,?errors):scope?=?{}realdata_lst?=?[](service_name,?converts_val,?during_time,?_,?operator_val,compare_time,?warnning_val,?critical_val)?=?trigg_valconvertsfunc?=?eval(converts_val,?scope)warnning_val?=?convertsfunc(warnning_val)critical_val?=?convertsfunc(critical_val)datacate,?host,?plugin?=?redis_key.split('::')operatorfunc?=?getattr(operator,?operator_val)for?cur_item?in?alarmtmplist:cur_item?=?convertsfunc(cur_item['data']['target'])realdata_lst.append(cur_item)avg_realdata?=?sum(realdata_lst)/len(realdata_lst)warnning_res?=?operatorfunc(avg_realdata,?warnning_val)critical_res?=?operatorfunc(avg_realdata,?critical_val)msgtime?=?time.strftime('%H:%M:%S',?time.localtime())formats?=?'PLUGIN(%s)?DURINGTIME(%s)?COMPARETIMES(%s)?AVG(%s)?OPERATION(%s)?TARGET(%s)'if?critical_res:message?=?formats?%?(plugin,?during_time,?compare_time,?avg_realdata,?operator_val,?critical_val)res_msg?=?alarm_template?%?(host,?'critical',?errors,?msgtime,?message)weixin_notify(res_msg)returnif?warnning_res:message?=?formats?%?(plugin,?during_time,?compare_time,?avg_realdata,?operator_val,?warnning_val)res_msg?=?alarm_template?%?(host,?'warnning',?errors,??msgtime,?message)weixin_notify(res_msg)return說明: 此文件本是預警系統閥值處理接口文件,傳遞過來的參數converts_val可能為str/int/float等類型名稱,都屬于內置函數名,為了不污染當前線程運行環境同名內置函數,定義一個空scope,搜索時就在scope的__builtins__中調用純凈的str/int/float等內置函數,如果不定義,線程下次運行時可能就找不到str/int/float等內置函數.
轉載于:https://blog.51cto.com/xmdevops/1860640
)
)
