cval

 # :NOTE: modules is False by default, and the reason we allow function calls
#        is to see the error given when trying to import a module.
cval ( '__import__("os")' , calls = True , modules = False )

 cval ( '__import__("os")' , allowed_modules = [ "os" ], allowed_calls = [ "import" ])

 cval ( 'print("Hello, World!")' , calls = False )

 cval ( 'print("Hello, World!")' , allowed_calls = [ "print" ])

 foo = "bar"

def foobar ():
    # :NOTE: `globals` doesn't need to be passed in this case
    #        this is only done here for clarity 
    cval ( 'print(foo)' , globals = globals (), allowed_calls = [ "print" ])  # Will not be able to access "foo"
foobar ()

 foo = "bar"

def foobar ():
    cval ( 'print(foo)' , globals = globals (), allowed_global_vars = [ "foo" ], allowed_calls = [ "print" ])
foobar ()

 foo = "bar"
bar = "foo"

def foobar ():
    cval ( 'print(bar+foo")' , globals = globals (), allowed_global_vars = [ "*" ], allowed_calls = [ "print" ])
foobar ()

 def fizzbuzz ():
    fizz = "buzz"
    cval ( 'print(fizz)' , locals = locals ())  # Will not be able to access "fizz"
fizzbuzz ()

 def fizzbuzz ():
    fizz = "buzz"
    cval ( 'print(fizz)' , locals = locals (), allowed_local_vars = [ "fizz" ], allowed_calls = [ "print" ])
fizzbuzz ()

 def fizzbuzz ():
    fizz = "buzz"
    buzz = "fizz"
    cval ( 'print(buzz+fizz)' , locals = locals (), allowed_local_vars = [ "*" ], allowed_calls = [ "print" ])
fizzbuzz ()