A
Antoon Pardon
Isn't that contradictory: "Public for someone" I always
thought "public" meant accessible to virtually anyone.
Not to only someone.
Isn't that contradictory: "Public for someone" I always
thought "public" meant accessible to virtually anyone.
Not to only someone.
N
NickC
if/else was added solely because people kept coming up with ways of
embedding a pseudo conditional inside expressions and writing buggy
code in the process. All it really saves you in practice is a bit of
vertical whitespace, so, no, you still don't need it - but if you
insist on doing it, at least there's now an easy way to do it
correctly.
except/finally on the same block level was trivial to implement once
the reference interpreter switched to an AST based compiler for 2.5.
If you look at the AST, you'll find that it still only has TryExcept
and TryFinally, so again, you still don't need except/finally on the
same block level - all the syntax allows you to do is omit the second
try: line and its associated indentation.
Gosh, and here I thought treating programmers as non-idiots was
actually one of the guiding philosophies in the discussion on python-
dev. Good thing we have you here to tell us we're only imagining that.
Are you writing application code or library code? For application
code, you have a much greater idea of the uses for your code, so you
can be confident in your decision as to what should and should not be
visible. For library code, however, it's fairly common for a library
to provide something which is almost, but not quite, what the user
needs. Letting users poke around at their own risk is a nice courtesy
that can save them a lot of work in the long run.
So the decision to hide something is still made (by using an
underscore prefix), but an easy mechanism is provided for the library
user to override that decision.
Using underscores in names (leading or otherwise) separated by
plaintext keywords is a far cry from multiple different symbols that
mean different things in different contexts and can be chained
together fairly arbitrarily.
Module globals aren't visible outside the module without importing it.
Class attributes aren't visible outside the class without derefencing
it.
Instance attributes aren't visible outside an instance without
deferencing one.
*That* is the encapsulation/data hiding which OOP requires, and is the
kind which Python enforces. What you're asking for is encapsulation of
class and instance attributes based on the context in which the
dereferencing occurs (inside the class, inside a subclass of that
class, inside an instance of that class, inside an instance of a
subclass of that class, somewhere else entirely), and that has nothing
to do with the basics of OOP.
On the other hand, if you're so keen on this feature, perhaps you'd
like to make a concrete proposal regarding how you would like the
semantics to work in light of Python dynamic typing model. What will
it do when a method is invoked via the class dict rather than via
attribute retrieval? Can unbound methods access protected or private
attribute? How about descriptor get, set and delete methods? What
happens when a function is added to a class definition after creation
as a new method?
Cheers,
Nick.
N
NickC
They aren't - the only thing that won't see the underscore prefixed
names is "from x import *". If you do "import x" instead, all the
underscored names will be accessible as attributes of the module.
P
Paul Rubin
NickC said:
Come on, it's more than vertical whitespace, it's extraneous variables
and sometimes even extraneous functions and function call overhead.
And Python is supposed to be unbureaucratic. People kept looking for
ways to write conditional expressions instead of spewing the logic
across multiple statements for a reason: the code is often cleaner
that way.
N
NickC
With leading underscores, you can see *at the point of dereference*
that the code is accessing private data. With a "this is private"
keyword you have no idea whether you're accessing private or public
data, because the two namespaces get conflated together.
I'll keep my pebble, thanks.
Cheers,
Nick.
N
NickC
It's interesting to take a look at some of the work Brett Cannon has
done trying to come up with a sandbox for executing Python code that
actually manages to block access to dangerous functions like file() or
urllib.urlopen(). Powerful introspection capabilities and restricted
access to methods and attributes don't really play well together.
http://svn.python.org/view/python/branches/bcannon-objcap/securing_python.txt?rev=55685&view=markup
(I believe that work is on hiatus while he's been busy with other
projects, such as a more flexible Python-based reimplementation of the
import mechanism that would be make it possible to implement the
security restrictions needed to permit limited imports in a sandboxed
interpreter)
Yeah, at this point your only hope is going to be making them go
through such wild contortions to get at the internal data they think
better of it. Actually blocking all access to something written in
Python is fairly tough (you generally need an extension class written
in non-Python code that hides access to certain attributes).
Cheers,
Nick.
N
NickC
And sometimes the person that talked him into accepting the bad idea
in the first place ends up agreeing with him when he eventually
rejects it
Cheers,
Nick.
P.S. Read the list of references in PEP 343 if you want to know what
I'm talking about *cough*
N
NickC
True, but it really was the multitude of buggy workarounds for the
lack of a ternary expression that sealed the deal, rather than the
benefits of ternary expressions in their own right
Given that I personally use ternary expressions solely as the right
hand side of an assignment statement, the reduction in vertical
whitespace usage really is the only thing they gain me. I guess if you
embedded them as an argument to a function call or other more
complicated expression then there may be additional savings. I prefer
not to do that though, since such things can get quite difficult to
parse mentally when reading them later.
Cheers,
Nick.
A
Antoon Pardon
If I remember correctly it was added because one of the python
developers was bitten by a bug in the standard library code
that was caused by the use of the and-or emulation, mentioned
in the FAQ.
And although one indeed doesn't need this. There are a lot
of things in Python one doesn't need. Python could be limited
to single operator expressions. You don't need:
x = a * b + c
You can write it just like this:
x = a * b
x = x + c
And if you want a list comprehension like the following:
ls = [ x * x + 4 for x in xrange(10)]
You can of course write it as follows:
def sqrplus4(a):
rs = a * a
return rs + 4
ls = [sqrplus4(x) for x in xrange(10)]
Now of course noone would defend such a limitation on the grounds
that one doesn't need the general case and that the general case
will only save you some vertical space.
But when it came to the ternary operator that was exactly the
argument used, to defend the lack of it.
I have heard the argument: "Such a feature will be abused too easily"
and similar too many times to find this credible.
N
NickC
Python must have bad unit tests then - the CPython test suite
explicitly tests private methods all the time.
There's actually an extremely good reason for doing it that way: when
the implementation of an internal method gets broken, the unit tests
flag it explicitly, rather than having to derive the breakage from the
breakage of 'higher level' unit tests (after all, you wouldn't factor
something out into its own method or function if you weren't using it
in at least a couple of different places).
Black box testing (testing only the public API) is certainly
important, but grey box and white box testing that either exploits
knowledge of the implementation when crafting interesting test cases,
or explicitly tests internal APIs can be highly beneficial in
localising faults quickly when something does break (and as any
experienced maintenance programmer will tell you, figuring out what
you actually broke is usually harder than fixing it after you find it).
A
Antoon Pardon
But the leading underscore doesn't tell you whether it is your own
private date, which you can use a you see fit, or those of someone
else, which you have to be very carefull with.
C
cokofreedom
Well how is that different from public accessor and mutators of
private variables?
A
Antoon Pardon
Public accessor and mutators for private variables is a bad idea.
So I don't understand what point you are trying to make by suggesting
that the use of an underscore is just like it in this regard.
R
Roy Smith
Ben Finney said:
You know the difference between theory and reality? In theory, there is
none... Sometimes it's useful to test internal components. Imagine this
class:
class ArmegeddonMachine:
def pushTheButton(self):
"Destroy a random city"
city = self._pickCity()
self._destroy(city)
def _pickCity():
cities = ['New York', 'Moscow', 'Tokyo', 'Beijing', 'Mumbai']
thePoorSchmucks = random.choice(cities)
return 'New York'
def _destroy(self, city):
missle = ICBM()
missle.aim(city)
missle.launch()
The only externally visible interface is pushTheButton(), yet you don't
really want to call that during testing. What you do want to do is test
that a random city really does get picked.
You can do one of two things at this point. You can say, "But, that's not
part of the externally visible interface" and refuse to test it, or you can
figure out a way to test it. Up to you.
R
Russ P.
That is true. But with the "priv" keyword you'll discover quickly
enough that you are trying to access private data (as soon as you run
the program). And even if a "priv" keyword is added, you are still
free to use the leading underscore convention if you wish.
The idea of being able to discern properties of an object by its name
alone is something that is not normally done in programming in
general. Yes, of course you should choose identifiers to be
descriptive of what they represent in the real world, but you don't
use names like "intCount," "floatWeight," or "MyClassMyObject" would
you? Why not? That would tell you the type of the object at the "point
of dereferencing," wouldn't it?
T
topher
H
Hans Nowak
I am not familiar with the actual software, but judging from "we expose the
spreadsheet object model to our users", I assume that users can discover the
undocumented attributes, using Python's introspection features, like dir(obj),
obj.__dict__, the inspect module, etc. So in this case, not telling them that
the attributes exist, will not stop them from finding out.
M
Marc 'BlackJack' Rintsch
For the programmer who writes or uses the private API it isn't really
"private", he must document it or know how it works. And he should IMHO
write tests for it and expect "private" functions written by others to be
tested.
Ciao,
Marc 'BlackJack' Rintsch
E
Ethan Furman
Ben said:
I must be missing something in this discussion. Perhaps it's the
appropriate point of view. At any rate, it seems to me that any and
every function should be tested to ensure proper results. It's my
understanding that unit testing (a.k.a. PyUnit) is designed for just
such a purpose.
So is this argument simply over *who* should be (unit) testing the
internals? I.e. The fellow that wrote the code library vs. the other
fellow that wants to use the library? Or is it actually, as it seems,
over the internals being tested at all?
R
Roy Smith
Ben Finney said:
No, that's not what I'm testing at all. I want to test that the cities
really do get picked randomly. Notice the implementation I gave:
def _pickCity():
cities = ['New York', 'Moscow', 'Tokyo', 'Beijing', 'Mumbai']
thePoorSchmucks = random.choice(cities)
return 'New York'
There's a deliberate bug in there, i.e. it always returns 'New York', which
(as a resident of that city), I would find distressing in such an
application. If you plugged in some other function for _pickCity(), you'd
never discover that bug until it was too late.