[Zope-CMF] Re: Inconstancy with CA traversal
Tres Seaver wrote: I don't get it: why isn't OFS.Traversable's check sufficient? __bobo_traverse__ has a bad enough (insane, actually) contract, without adding security checking to it. Tres: You're quite right, the security check happens outside of bobo_traverse. Dylan: Could you try this patch and see if it works for you. It really needs some tests writing for it too. Laurence Index: Products/CMFCore/Skinnable.py === --- Products/CMFCore/Skinnable.py (revision 87827) +++ Products/CMFCore/Skinnable.py (working copy) @@ -27,6 +27,10 @@ from Globals import InitializeClass from OFS.ObjectManager import ObjectManager from ZODB.POSException import ConflictError +from zExceptions import NotFound +import webdav +from zope.interface import implements, Interface +from zope.component import queryMultiAdapter logger = logging.getLogger('CMFCore.Skinnable') @@ -94,6 +98,56 @@ if superGetAttr is None: raise AttributeError, name return superGetAttr(self, name) + +def __bobo_traverse__(self, REQUEST, name): +''' +Ensures that views are traversed before skin objects +''' +resource = _marker = _MARKER + +# Look up unskinned objects +unskinned = super(SkinnableObjectManager, aq_base(self)) +next = getattr(unskinned, name, _marker) +if next is _marker: +try: +try: +next = self[name] +# The item lookup may return a NullResource, +# if this is the case we save it and return it +# if all other lookups fail. +if isinstance(next, + webdav.NullResource.NullResource): +resource = next +raise KeyError(name) +except (TypeError, AttributeError): +# Raise NotFound for easier debugging +# instead of AttributeError: __getitem__ +raise NotFound(name) + +except (AttributeError, NotFound, KeyError), e: +# Try to look for a view +next = queryMultiAdapter((self, self.REQUEST), + Interface, name) +if next is not None: +return next.__of__(self) + +# Lookup skin objects +next = getattr(aq_base(self), name, _marker) +if next is not _marker: +return next + +# Try acquired attributes +next = getattr(self, name, _marker) +if next is not _marker: +return next + +if next is _marker: +# If we have a NullResource from earlier use it. +next = resource +if next is _marker: +# Nothing found re-raise error +raise e +return next security.declarePrivate('getSkin') def getSkin(self, name=None): ___ Zope-CMF maillist - Zope-CMF@lists.zope.org http://mail.zope.org/mailman/listinfo/zope-cmf See http://collector.zope.org/CMF for bug reports and feature requests
[Zope-CMF] Re: Inconstancy with CA traversal
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Laurence Rowe wrote: Laurence Rowe wrote: To fix this we need to add a __bobo__traverse__ method to Skinnable that looks up objects in the order: 1. getattr(aq_base(obj), name), but excluding skin objects 2. views 3. getattr(aq_base(obj), name), including skin objects 4. getattr(obj, name) Hmm. It looks as if the __bobo_traverse__ method will require access to the `restricted` argument to unrestrictedTraverse. I can't see any way to access this other than: sys._getframe(1).f_locals['restricted'] Which is more than a little ugly. I don't get it: why isn't OFS.Traversable's check sufficient? __bobo_traverse__ has a bad enough (insane, actually) contract, without adding security checking to it. Tres. - -- === Tres Seaver +1 540-429-0999 [EMAIL PROTECTED] Palladion Software Excellence by Designhttp://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIZldK+gerLs4ltQ4RAqvWAJ4zkDSAUzHLIfUqPtnCqCM1wTkHowCgwVs4 6zMF1gUxD7qVZ4y/i8dSHy4= =vy5T -END PGP SIGNATURE- ___ Zope-CMF maillist - Zope-CMF@lists.zope.org http://mail.zope.org/mailman/listinfo/zope-cmf See http://collector.zope.org/CMF for bug reports and feature requests
[Zope-CMF] Re: Inconstancy with CA traversal
Wichert Akkerman wrote: Previously Dylan Jay wrote: I've observed an unexpected effect that you can override a skin based template or python script with a browser view in a sub folder but not at the portal root. I'm trying to get my head round all the various traversal code in zope/five and would appreciate any tips from someone who knows this code well. For some unknown reason CMF explicitly encoded that behaviour in __bobo_traverse__. It's bitten Plone as well. So how do we change it? ___ Zope-CMF maillist - Zope-CMF@lists.zope.org http://mail.zope.org/mailman/listinfo/zope-cmf See http://collector.zope.org/CMF for bug reports and feature requests
[Zope-CMF] Re: Inconstancy with CA traversal
Wichert Akkerman wrote: Previously Dylan Jay wrote: I've observed an unexpected effect that you can override a skin based template or python script with a browser view in a sub folder but not at the portal root. I'm trying to get my head round all the various traversal code in zope/five and would appreciate any tips from someone who knows this code well. For some unknown reason CMF explicitly encoded that behaviour in __bobo_traverse__. It's bitten Plone as well. ??? Only DiscussionItemContainer has a __bobo_traverse__ method. Five was changed a while ago to make sure views don't mask attributes: http://codespeak.net/pipermail/z3-five/2006q1/001186.html Skin methods are attributes of the portal root (see __getattr__ of SkinnableObjectManager), but not of sub folders. Views are looked up after attributes but before acquired attributes. HTH, Yuppie ___ Zope-CMF maillist - Zope-CMF@lists.zope.org http://mail.zope.org/mailman/listinfo/zope-cmf See http://collector.zope.org/CMF for bug reports and feature requests
[Zope-CMF] Re: Inconstancy with CA traversal
Wichert Akkerman wrote: Previously Dylan Jay wrote: I've observed an unexpected effect that you can override a skin based template or python script with a browser view in a sub folder but not at the portal root. I'm trying to get my head round all the various traversal code in zope/five and would appreciate any tips from someone who knows this code well. For some unknown reason CMF explicitly encoded that behaviour in __bobo_traverse__. It's bitten Plone as well. As far as I can tell, it's not actually encoded in __bobo_traverse__ but in the interactions between Skinnable.__getattr__ and OFS.Traversable. OFS.Traversable.unrestrictedTraverse looks up objects in the following order: 1. namespaces (@@ and ++) 2. bobo_traverse 3. getattr(aq_base(obj), name) # no acquisition 4. views 5. getattr(obj, name) # with acquisition The difference in behaviour occurs because at the portal root skin objects get picked up at number 3, whereas in other places they get picked up at number 5, after views. To fix this we need to add a __bobo__traverse__ method to Skinnable that looks up objects in the order: 1. getattr(aq_base(obj), name), but excluding skin objects 2. views 3. getattr(aq_base(obj), name), including skin objects 4. getattr(obj, name) Laurence ___ Zope-CMF maillist - Zope-CMF@lists.zope.org http://mail.zope.org/mailman/listinfo/zope-cmf See http://collector.zope.org/CMF for bug reports and feature requests
[Zope-CMF] Re: Inconstancy with CA traversal
Laurence Rowe wrote: To fix this we need to add a __bobo__traverse__ method to Skinnable that looks up objects in the order: 1. getattr(aq_base(obj), name), but excluding skin objects 2. views 3. getattr(aq_base(obj), name), including skin objects 4. getattr(obj, name) Hmm. It looks as if the __bobo_traverse__ method will require access to the `restricted` argument to unrestrictedTraverse. I can't see any way to access this other than: sys._getframe(1).f_locals['restricted'] Which is more than a little ugly. Laurence ___ Zope-CMF maillist - Zope-CMF@lists.zope.org http://mail.zope.org/mailman/listinfo/zope-cmf See http://collector.zope.org/CMF for bug reports and feature requests