[Zope-dev] Re: RFC: backward compatibility of ps bindings RESOLUTION

2004-01-21 Thread Brian Lloyd 
 Jeremy Hylton wrote:
  What if you used a special object that would produce a useful error
  message if the user tries to access the container.
 
 I like this.  Make it a singleton, and put it in the global namespace 
 for Scripts, so that we can write:
 
if context is Inaccessible:
  # Do without access to context

I've checked in the changes to the 2.6 branch, 2.7 branch and the head
to change the binding behavior for 'container' and 'context':

  - If the user does not have access to the item, the script 
will bind an UnauthorizedBinding object instead of the 
real object, rather than throw an exception at binding 
time.

  - Any attribute or item access on the UnauthorizedBinding will 
throw an Unauthorized, including the name of the binding 
that the user didn't have access to.

The result is that if you have scripts where the script container 
is inaccessible to the users of the script:

  - If the script does not reference 'container' in its code, 
things will work without any action on the part of the site 
admin

  - If the script *does* reference 'container' then a meaningful 
Unauthorized error will be raised. Site admins can either 
give users the appropriate roles on the script container or 
give appropriate proxy roles to the scripts to fix any 
problems.

Note that I *didn't* put the UnauthorizedBinding in the script 
globals to implement the Inaccessible idea above, because: 

  - it is kind of 'featurish', at least in that it really should 
have some associated documentation etc.

  - I want to make only absolutely necessary changes at this 
point and get 2.6.4 and 2.7.0 finalized.

If any of the Plone folk who have been running into this issue 
can try the changes from cvs, I'd appreciate it.

thx,


Brian Lloyd[EMAIL PROTECTED]
V.P. Engineering   540.361.1716  
Zope Corporation   http://www.zope.com 


___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] Re: RFC: backward compatibility of ps bindings RESOLUTION

2004-01-21 Thread Paul Winkler 
On Wed, Jan 21, 2004 at 02:06:24PM -0500, Brian Lloyd wrote:
 I've checked in the changes to the 2.6 branch, 2.7 branch and the head
 to change the binding behavior for 'container' and 'context':
 
   - If the user does not have access to the item, the script 
 will bind an UnauthorizedBinding object instead of the 
 real object, rather than throw an exception at binding 
 time.
 
   - Any attribute or item access on the UnauthorizedBinding will 
 throw an Unauthorized, including the name of the binding 
 that the user didn't have access to.

This sounds reasonable.
Are you going to do another set of RC releases?
I'd like to run our dev environment on 2.6.4-RCx
for a day or two but I don't know when I'll be able
to set it up. 

-- 

Paul Winkler
http://www.slinkp.com
Look! Up in the sky! It's IN TEMPESTUOUS LEGIONAIRE!
(random hero from isometric.spaceninja.com)

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] Re: RFC: backward compatibility of ps bindings RESOLUTION

2004-01-21 Thread robert rottermann 
Brian Lloyd wrote:

Jeremy Hylton wrote:
   

What if you used a special object that would produce a useful error
message if the user tries to access the container.
 

I like this.  Make it a singleton, and put it in the global namespace 
for Scripts, so that we can write:

  if context is Inaccessible:
# Do without access to context
   

I've checked in the changes to the 2.6 branch, 2.7 branch and the head
to change the binding behavior for 'container' and 'context':
 - If the user does not have access to the item, the script 
   will bind an UnauthorizedBinding object instead of the 
   real object, rather than throw an exception at binding 
   time.

 - Any attribute or item access on the UnauthorizedBinding will 
   throw an Unauthorized, including the name of the binding 
   that the user didn't have access to.

The result is that if you have scripts where the script container 
is inaccessible to the users of the script:

 - If the script does not reference 'container' in its code, 
   things will work without any action on the part of the site 
   admin

 - If the script *does* reference 'container' then a meaningful 
   Unauthorized error will be raised. Site admins can either 
   give users the appropriate roles on the script container or 
   give appropriate proxy roles to the scripts to fix any 
   problems.

Note that I *didn't* put the UnauthorizedBinding in the script 
globals to implement the Inaccessible idea above, because: 

 - it is kind of 'featurish', at least in that it really should 
   have some associated documentation etc.

 - I want to make only absolutely necessary changes at this 
   point and get 2.6.4 and 2.7.0 finalized.
   
If any of the Plone folk who have been running into this issue 
can try the changes from cvs, I'd appreciate it.

thx,

Brian Lloyd[EMAIL PROTECTED]
V.P. Engineering   540.361.1716  
Zope Corporation   http://www.zope.com 

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

 

I did check with a fresh 2.6 xx
A DCWorkflow script that was not not called with the version from a few 
hours ago is now called but produces the following traceback

This happens when the container binding is set to container and also 
when it is cleared.

Traceback (innermost last):
 Module ZPublisher.Publish, line 98, in publish
 Module ZPublisher.mapply, line 88, in mapply
 Module ZPublisher.Publish, line 39, in call_object
 Module Products.CMFCore.FSPythonScript, line 92, in __call__
 Module Shared.DC.Scripts.Bindings, line 298, in __call__
 Module Shared.DC.Scripts.Bindings, line 329, in _bindAndExec
 Module Products.CMFCore.FSPythonScript, line 126, in _exec
  - __traceback_info__: ({'traverse_subpath': [], 'container': PloneSite instance at 95efa58, 
'context': PloneFolder instance at 9615280, 'script': FSPythonScript at 
/zehnder/zehnder/createObject used for /zehnder/zehnder/tasklist/Task.2004-01-21.1914/Attachments}, 
(None, 'File', None), {}, (None, None, None))
 Module None, line 12, in createObject
 Module Products.CMFCore.PortalFolder, line 362, in invokeFactory
 Module Products.CMFCore.TypesTool, line 824, in constructContent
 Module Products.CMFCore.TypesTool, line 516, in constructInstance
 Module Products.CMFCore.TypesTool, line 420, in _finishConstruction
 Module Products.CMFCore.CMFCatalogAware, line 101, in notifyWorkflowCreated
 Module Products.CMFPlone.WorkflowTool, line 26, in notifyCreated
 Module Products.CMFCore.WorkflowTool, line 362, in notifyCreated
 Module Products.DCWorkflow.DCWorkflow, line 367, in notifyCreated
 Module Products.DCWorkflow.DCWorkflow, line 440, in _changeStateOf
 Module Products.DCWorkflow.DCWorkflow, line 543, in _executeTransition
 Module Shared.DC.Scripts.Bindings, line 298, in __call__
 Module Shared.DC.Scripts.Bindings, line 329, in _bindAndExec
 Module Products.PythonScripts.PythonScript, line 311, in _exec
 Module None, line 1, in setTaskOwner
  - PythonScript at /zehnder/zehnder/portal_workflow/ZWorkflow/scripts/setTaskOwner
  - Line 1
AttributeError: StateChangeInfo instance has no attribute 'getPhysicalRoot'
Robert



___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )