[Zope-dev] Re: SVN: Zope/branches/ajung-zpt-end-game/lib/python/Products/PageTemplates/tests/testExpressions.py Fix a test that was testing wrong behaviour: primitive types

2006-05-25 Thread Philipp von Weitershausen 
Tres Seaver wrote:
 If a subexpression returns a callable, you're telling me that you think
 the top-level expression is supposed to call it?  That's nuts!  The
 spec[1] says:
 
 When a TALES path expression is evaluated, it attempts to traverse
 each path, from left to right, until it succeeds or runs out of
 paths. To traverse a path, it first fetches the object stored in the
 variable. For each path segment, it traverses from the current object
 to the subobject named by the path segment.

 Once a path has been successfully traversed, the resulting object is
 the value of the expression. If it is a callable object, such as a
 method or class, it is called. The semantics of traversal (and what it
 means to be callable) are implementation-dependent.

 If a traversal step fails, evaluation immediately proceeds to the
 next path. If there are no further paths, an error results.
 
 Calling the callable happens *before* attempting alternate expressions,
 not after.  That is partly because the *call* might be what triggers
 the alternation.
 
 [1]
 http://www.zope.org/Wikis/DevSite/Projects/ZPT/TALES%20Specification%201.3

You're absolutely right. I filed a collector issue for Zope 3:
http://www.zope.org/Collectors/Zope3-dev/638

This will be fixed soon in Zope 3.

Philipp

___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

[Zope-dev] Re: Not authorized to access binding

2006-05-25 Thread Tres Seaver 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Antonio Beamud Montero wrote:
 Hi all:
 I'm using Zope 2.7. I have created a product that inherits from Folder.
 The security assertions are::
 
 security = ClassSecurityInfo()
 security.declareObjectProtected('View management screens')
 
 But I need to publish some ZPT methods public. I have declared them:
 
 security.declarePublic('my_stations')
 my_stations = PageTemplateFile('wsdl/my_stations.wsdl.zpt',
 globals())
 my_stations.content_type = 'text/xml'
 
 And 'wsdl/my_stations.wsdl.zpt' has only a reference to absolute_url in:
 ---
 ...
  port binding=tns:StationsBinding name=port
 soap:address tal:attributes=location here/absolute_url
 location=http://localhost:8000/ccx/StationsService/
 /port
 ...
 
 The problem is trying to access to this method as anonymous user gives
 me:
 
 ...
 Module Products.PageTemplates.Expressions, line 189, in _eval
 Module Products.PageTemplates.Expressions, line 145, in _eval
 __traceback_info__: here
 
 Module Products.PageTemplates.Expressions, line 323, in restrictedTraverse
 __traceback_info__: {'path': [u'absolute_url'], 'TraversalRequestNameStack': 
 []}
 
 Module Shared.DC.Scripts.Bindings, line 176, in __getattr__
 Module Shared.DC.Scripts.Bindings, line 182, in __you_lose/li
 Unauthorized: Not authorized to access binding: context (Also, an error 
 occurred while attempting to render the standard error message.)
 
 With other methods declared publics all works ok (like published via SOAP)... 
 Can any one help me?

Your template uses 'here', which is and alias for the 'context' binding,
i.e. the object through which the template was acquired.  That object
has permission settings which prevent anonymous access *to the object*,
which makes its use in a path expression impossible, even though the
'absolute_url' method of that object *would* be accessible by anonymous.

If this template needs to be renderable by anonymous users even for
contexts to which they do not have access, then you can give the
template a proxy role which *does* have access.  Use with caution, and
double check that the template won't expose any data which *should* be
protected.


Tres.
- --
===
Tres Seaver  +1 202-558-7113  [EMAIL PROTECTED]
Palladion Software   Excellence by Designhttp://palladion.com
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFEdeA0+gerLs4ltQ4RAh8NAJ4x4u6UZ1L56x60f6gaXUzV/yX6igCcCEFV
2ug9atblCMjSgqPiYtU6nOI=
=2Cnb
-END PGP SIGNATURE-

___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

[Zope-dev] Zope 2.8.7 release with ZODB 3.4.3?

2006-05-25 Thread Andreas Jung 


Hi all,

there is some demand in the community for 2.8.7. No problem at all.

From what I've heard several ZODB bugs were fixed lately since the 3.4.2

release. I suggest to tag the current ZODB 3.4 branch as internal 3.4.3
release (I won't take over any responsibility for an official ZODB 3.4.3
release) and release Zope as soon as possible using ZODB 3.4.3.

Any objections?

Andreas

pgpBIkMVY6AY3.pgp
Description: PGP signature
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )