I have an automated API with a secure frontend/backend structure where backend object attributes are hidden with frontend proxy classes.
basically, when accessing an object from the frontend, you get a proxy object disguised as the backend object with all it's explicitly "public" functionality.
what I'm dealing with right now seems to be a design flaw with python's descriptor implementation:
Instance.Attr[item] = value
what this equates to in Python is:
Instance.__class__.Attr.__get__( Instance, Instance.__class__ ).__setitem__( item, value )
the insecurity with this is
__get__ instead of just simply being
__setitem__, meaning I have to pass a private object into my frontend to be indexed from.
or to put it another way, what I expect to be doing is:
Instance.__class__.Attr.__setitem__( Instance, item, value )
is there a way to get this expected behavior??