Re: [Zope] Zope security and packing the database
Cameron Beattie wrote: def main(): urllib._urlopener = MyUrlOpener() url = %s/Control_Panel/Database/manage_pack?days:float=%s % \ *sigh* url whacking, bleugh! If I use the backup user then urllib can't get the url due to no authentication so errors as follows: What roles do you want to have the backup user to have? What permissions are mapped to those roles? What permissions are mapped to the Owner role? Looking at the differences will tell you what's going on ;-) PS: I wouldn't do zodb packing by whacking a url. There's a script that scripts with ZOpe now that opens up a ZEO connection and does the pack that way, that's what I'd do... I don't use ZEO - can I just do the scripted packing bit without all the associated ZEO setup? You should use ZEO! there's no sane reason not to... Chris -- Simplistix - Content Management, Zope Python Consulting - http://www.simplistix.co.uk ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Zope security and packing the database
Cameron Beattie wrote: I have created a script based on zope_pack from the Zope book which allows a username and password to be specified when it is called. I wish to create a user specifically for this purpose that only has the ability to pack the ZODB. What permission is ZODB packing protected by? granted the backup role all available permissions. But the user can't login to http://mydomain.com/Control_Panel/Database/main/manage_workspace I don't know what zope_pack looks like, can you show us? What error message do you get? Any tracebacks? cheers, Chris PS: I wouldn't do zodb packing by whacking a url. There's a script that scripts with ZOpe now that opens up a ZEO connection and does the pack that way, that's what I'd do... -- Simplistix - Content Management, Zope Python Consulting - http://www.simplistix.co.uk ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Zope security and packing the database
I have created a script based on zope_pack from the Zope book which allows a username and password to be specified when it is called. I wish to create a user specifically for this purpose that only has the ability to pack the ZODB. What permission is ZODB packing protected by? I don't know. That's part of the problem. I can't see any permissions that allow or disallow this. granted the backup role all available permissions. But the user can't login to http://mydomain.com/Control_Panel/Database/main/manage_workspace I don't know what zope_pack looks like, can you show us? vi zope_pack #!/usr/bin/python import sys, urllib host = sys.argv[1] days = sys.argv[2] user = sys.argv[3] pwd = sys.argv[4] class MyUrlOpener(urllib.FancyURLopener): def prompt_user_passwd(self, host, realm): return (user,pwd) def __init__(self, *args): self.version = Zope Packer urllib.FancyURLopener.__init__(self, *args) def main(): urllib._urlopener = MyUrlOpener() url = %s/Control_Panel/Database/manage_pack?days:float=%s % \ (host, days) try: f = urllib.urlopen(url).read() except IOError: print Cannot open URL %s, aborting % url print Successfully packed ZODB on host %s % host if __name__ == '__main__': main() What error message do you get? If I use a user that has the Owner role it works correctly. If I use the backup user then urllib can't get the url due to no authentication so errors as follows: File /usr/lib/python2.4/urllib.py, line 180, in open return getattr(self, name)(url) File /usr/lib/python2.4/urllib.py, line 305, in open_http return self.http_error(url, fp, errcode, errmsg, headers) File /usr/lib/python2.4/urllib.py, line 318, in http_error result = method(url, fp, errcode, errmsg, headers) File /usr/lib/python2.4/urllib.py, line 615, in http_error_401 return getattr(self,name)(url, realm) File /usr/lib/python2.4/urllib.py, line 628, in retry_http_basic_auth return self.open(newurl) Any tracebacks? Nothing appears in the log. PS: I wouldn't do zodb packing by whacking a url. There's a script that scripts with ZOpe now that opens up a ZEO connection and does the pack that way, that's what I'd do... I don't use ZEO - can I just do the scripted packing bit without all the associated ZEO setup? Regards Cameron ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Zope security and packing the database
I have created a script based on zope_pack from the Zope book which allows a username and password to be specified when it is called. I wish to create a user specifically for this purpose that only has the ability to pack the ZODB. I've created a custom role and a user that has this role. Then I went to http://mydomain.com/Control_Panel/Database/main/manage_access and granted the backup role all available permissions. But the user can't login to http://mydomain.com/Control_Panel/Database/main/manage_workspace in order to pack the database. Obviously I'm missing something very fundamental here. Could anyone point me in the right direction please? Regards Cameron ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
