Apparently zope vocabularies aren't easily accessible in restricted python, such as in Plomino code.
For a start IVocabularyFactory is a whitelisted import.
Also, once you get the vocabulary itself SimpleTerm doesn't have enough security context to be able to be accessed
you will get message below:
2014-11-20 17:03:10 INFO Plomino Plomino Script Exception: <function at 0xa003140>, field_-subUpdate-subscribed_routes-_SelectionListFormula
Traceback (most recent call last):
File "/home/ivan/var/buildout-cache/eggs/Products.CMFPlomino-1.19-py2.7.egg/Products/CMFPlomino/PlominoDesignManager.py", line 746, in runFormulaScript
result = contextual_ps()
File "/home/ivan/var/buildout-cache/eggs/Zope2-2.13.22-py2.7.egg/Shared/DC/Scripts/Bindings.py", line 322, in call
return self._bindAndExec(args, kw, None)
File "/home/ivan/var/buildout-cache/eggs/Zope2-2.13.22-py2.7.egg/Shared/DC/Scripts/Bindings.py", line 359, in _bindAndExec
return self._exec(bound_data, args, kw)
File "/home/ivan/var/buildout-cache/eggs/Products.PythonScripts-2.13.2-py2.7.egg/Products/PythonScripts/PythonScript.py", line 344, in exec
result = f(*args, **kw)
File "Script (Python)", line 84, in field-subUpdate-subscribed_routes-_SelectionListFormula
File "Script (Python)", line 82, in libConfig_getRoutesVocabulary
File "/home/ivan/var/buildout-cache/eggs/AccessControl-3.0.8-py2.7-linux-x86_64.egg/AccessControl/ZopeGuards.py", line 197, in next
File "/home/ivan/var/buildout-cache/eggs/AccessControl-3.0.8-py2.7-linux-x86_64.egg/AccessControl/ZopeGuards.py", line 227, in guard
if getSecurityManager().validate(container, container, index, value):
Unauthorized: You are not allowed to access 'a particular SimpleTerm' in this context
Can anyone see a problem with just whitelisting these Objects and interfaces or is there a better way?