Is it possible to disable assert-call to expose attribute to external callers?

[MrNaif2018]

Hi, I am using pyarmor's --assert-call flag for better protection

But as I have a plugins system in my FastAPI app, which requires the following structure: plugin directory has a plugin.py file, inside of which there should be a Plugin class. Upon loading it initializes Plugin object like so:

module = importlib.import_module(plugin.replace("/", ".").replace(".py", ""))
plugin_obj = module.Plugin(os.path.dirname(plugin))

Which fails with RuntimeError: unauthorized use of script

I know there's assert.call.excludes, but it doesn't seem to work for me

Neither pyarmor cfg assert.call:excludes "/Plugin.__init__.*/"
nor pyarmor cfg assert.call:excludes "/Plugin.*/"
Because it seems like this protection is from calling from inside obfuscated code, not from outside. I don't want to fully disable assert-call, only allow to read one class from the module

Full command I run is:
pyarmor gen --enable-bcc --enable-jit --mix-str --obf-code 2 --assert-call -O modules -i modules/myplugin

[jondy]

Are you sure it's assert-call issue? Try to remove option one by one to check which option is problem
Also enable trace log to find which function is excluded

[MrNaif2018]

Well if I remove just the assert call, it works. It may be combination of options of course, but removing assert-call makes the issue go away. In the logs itself I am not sure anything is useful:
Also note that this "external caller" is not obfuscated and can't be obfuscated, that's why exclude maybe isn't working. I assume it works only for inside obfuscated scripts

trace.bcc            my_plugin.plugin:147:Plugin.get
trace.bcc            ! my_plugin.plugin:150:Plugin.__init__ (ignored <unsupported function "super">)
trace.bcc            my_plugin.plugin:163:Plugin.setup_app
trace.bcc            my_plugin.plugin:194:Plugin.post_create_payment_method
trace.bcc            my_plugin.plugin:233:Plugin.handle_new_activated_state

trace.co             my_plugin.plugin:138:Plugin
trace.co             my_plugin.plugin:150:__init__
trace.co             my_plugin.plugin:180:startup
trace.co             my_plugin.plugin:200:shutdown
trace.co             my_plugin.plugin:203:worker_setup

[jondy]

How about no obfuscate function __init__ by this config

pyarmor cfg -p myPlugin.plugin exclude_co_names += __init__

The idea is not obfuscating the function __init__

[MrNaif2018]

Hmm, assuming myPlugin is the folder we are obfuscating (my_plugin in trace logs) and .plugin means plugin.py there (which is correct)
I tried exclude_co_names for __init__ and even Plugin.__init__, but I still get the same error.
I will have to disable assert call for now, but it would be good for it to support such a usecase in the future.
If you want, I can make a minimal reproduction for you to see?