Re: [Zope] dtml-sqlvar problem with large strings?
--On 21. November 2005 16:30:10 +1100 Joshua Burvill <[EMAIL PROTECTED]> wrote: Using zope 2.6.4 on win32 with kinterbasdbda (not sure what version), firebird 1.0 This sounds like a bug in the kinterbasedbda. Since this is DA is not used widely I would recommend to buzz the author of the DA directly. When you are on Windows you could consider switching to mxODBC in case your database supports ODBC. -aj pgpJvaUW6bW2A.pgp Description: PGP signature ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] dtml-sqlvar problem with large strings?
Hello All, I am uploading and encoding files and then trying to insert the file content into a database. It works fine for small files (under about 20KB), but fails for larger ones with the error: Error Type: ProgrammingError Error Value: (-104, 'execute.isc_dsql_prepare: Dynamic SQL Error. SQL error code = -104. Unexpected end of command. ') See below for traceback etc. Using zope 2.6.4 on win32 with kinterbasdbda (not sure what version), firebird 1.0 It sounds like the sql command is getting trucated or something with the larger strings. Can anybody offer suggestions? Many Thanks, Josh # I have a form to upload a file: A script to process the file: from Products.PythonScripts.standard import html_quote request = container.REQUEST RESPONSE = request.RESPONSE fil = request.quote_file data = fil.read() ct = fil.headers['Content-Type'] encdata = context.encode(data) print ct print len(data) context.insert(quote_file_data=encdata, quote_content_type=ct, shipment_id=request.shipment_id) return printed A zsql method: insert into quote_files (quote_file_data, quote_content_type, shipment_id) values (, , ) External methods (encode_decode.py) for encoding and decoding the possibly binary file contents: def encode(bindata): from base64 import encodestring return encodestring(bindata) def decode(strdata): from base64 import decodestring return decodestring(strdata) My database table: CREATE TABLE QUOTE_FILES ( QUOTE_FILE_ID INTEGER NOT NULL, QUOTE_CONTENT_TYPE VARCHAR(50) CHARACTER SET NONE, SHIPMENT_ID INTEGER, FILENAMEVARCHAR(500) CHARACTER SET NONE, QUOTE_FILE_DATA BLOB SUB_TYPE 3 SEGMENT SIZE 1 ); Exception traceback Time 2005/11/21 16:01:45.513 GMT+11 User Name (User Id) josh (josh) Request URL http://mrisydney:8080/Bigbird/shipments/admin3/quotes/upload_process Exception Type ProgrammingError Exception Value (-104, 'execute.isc_dsql_prepare: Dynamic SQL Error. SQL error code = -104. Unexpected end of command. ') Traceback (innermost last): . Module ZPublisher.Publish, line 98, in publish . Module ZPublisher.mapply, line 88, in mapply . Module ZPublisher.Publish, line 39, in call_object . Module Shared.DC.Scripts.Bindings, line 306, in __call__ . Module Shared.DC.Scripts.Bindings, line 343, in _bindAndExec . Module Products.PythonScripts.PythonScript, line 307, in _exec . Module None, line 16, in upload_process Line 16 . Module Shared.DC.ZRDB.DA, line 428, in __call__ . Module Products.kinterbasdbDA.db, line 198, in query . Module Products.kinterbasdbDA.kinterbasdb, line 585, in execute ProgrammingError: (-104, 'execute.isc_dsql_prepare: Dynamic SQL Error. SQL error code = -104. Unexpected end of command. ') Display traceback as text REQUEST form quote_file shipment_id '13096' cookies lazy items SESSION > other AUTHENTICATION_PATH 'Bigbird' traverse_subpath [] SERVER_URL 'http://mrisydney:8080' shipment_id '13096' PUBLISHED URL 'http://mrisydney:8080/Bigbird/shipments/admin3/quotes/upload_process' AUTHENTICATED_USER josh TraversalRequestNameStack [] quote_file URL0 http://mrisydney:8080/Bigbird/shipments/admin3/quotes/upload_process URL1 http://mrisydney:8080/Bigbird/shipments/admin3/quotes URL2 http://mrisydney:8080/Bigbird/shipments/admin3 URL3 http://mrisydney:8080/Bigbird/shipments URL4 http://mrisydney:8080/Bigbird URL5 http://mrisydney:8080 BASE0 http://mrisydney:8080 BASE1 http://mrisydney:8080 BASE2 http://mrisydney:8080/Bigbird BASE3 http://mrisydney:8080/Bigbird/shipments BASE4 http://mrisydney:8080/Bigbird/shipments/admin3 BASE5 http://mrisydney:8080/Bigbird/shipments/admin3/quotes BASE6 http://mrisydney:8080/Bigbird/shipments/admin3/quotes/upload_process environ HTTP_ACCEPT_ENCODING 'gzip, deflate' CONTENT_TYPE 'multipart/form-data; boundary=---7d5bb2a201dc' PATH_TRANSLATED '\\Bigbird\\shipments\\admin3\\quotes\\upload_process' HTTP_ACCEPT 'image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*' GATEWAY_INTERFACE 'CGI/1.1' HTTP_ACCEPT_LANGUAGE 'en-au' REMOTE_ADDR '192.168.2.37' SERVER_PORT '8080' HTTP_USER_AGENT 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)' CONTENT_LENGTH '72706' channel.creation_time 1132549273 SERVER_PROTOCOL 'HTTP/1.1' PATH_INFO '/Bigbird/shipments/admin3/quotes/upload_process' HTTP_HOST 'mrisydney:8080' REQUEST_METHOD 'POST' SCRIPT_NAME '' SERVER_SOFTWARE 'Zope/(Zope 2.6.4 (binary release, python 2.1, win32-x86), python 2.1.3, win32) ZServer/1.1b1' HTTP_CACHE_CONTROL 'no-cache' CONNECTION_TYPE 'Keep-Alive' HTTP_REFERER 'http://mrisydney:8080/Bigbird/shipments/admin3/quotes/upload_form?shipment_ id=13096' SERVER_NAME 'mrisydney.sydney.mri.com.au' ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zop
[Zope] Re: Zope 2.8.4 external methods do not autorefresh
Dennis Allison wrote: > To adopt the code for the modified method the external method needs > to be resaved. > > Is this a bug or a feature? Feature unless you had debug mode switched on. Debug mode is off by default in Zope 2.8 (as it should). Martijn Pieters ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Re: Zope 2.8.4 compilation error
Tres Seaver escribió: > Gusti Gonzalez wrote: > > >>>Does anybody know what Debian (3.1) packages are required in order to compile >>>zope 2.8.4? >>> >>>Or, my only option is to download python from source and compile it as well? > > > I *think* that you need the following (I don't run 3.1, but it seems > enough on Ubuntu): python2.3, python2.3-devel, zlib-devel apt-get install libc6-dev # resolved the problem! Thanks Gusti. > > Note that using the distro-provided Python has caused occasional > problems in the past; I almost always build a separate Python from > source for running Zope (you still want zlib-devel in that case). > > > Tres. > -- > === > Tres Seaver +1 202-558-7113 [EMAIL PROTECTED] > Palladion Software "Excellence by Design"http://palladion.com ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev ) ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] minimizing conflict errors
On Nov 20, 2005, at 12:16 PM, Dennis Allison wrote:
The structure of the naviagation method is simple enough.
Everything is
wrapped in a which sets a number of parameters mostly by
reading them from the SESSION (with an interface function) or plucking
them from the relational database with a query.
In the scope of the let is dtml code which, when rendered, provides
the
various navigation links. In various sections there are additional
blocks and additional queries to the relational database
and several loops.
Looking at the code, I don't understand why I am seeing conflicts.
As I understand things, neither variables in the space nor
the REQUEST/RESPONSE space are stored in the ZODB so modifications to
them don't look like writes to the conflict mechanism. Am I incorrect
in my understanding?
Yes, but that's understandable. It's not exactly obvious.
The sessioning machinery is one of the few places in Zope where it's
necessary for the code to do what's known as a "write on read" in the
ZODB database.
Even if you're just "reading" from a session, looking up a session,
or doing anything otherwise related to sessioning, it's possible for
your code to generate a ZODB write.
This is why you get conflicts even if you're "just reading"; whenever
you access the sessioning machinery, you are potentially (but not
always) causing a ZODB write. All writes can potentially cause a
conflict error.
While this might sound fantastic, it's pretty much impossible to
avoid when using ZODB as a sessioning backend. The sessioning
machinery has been tuned to generate as few conflicts as possible,
and you can help it by doing your own timeout, resolution, and
housekeeping tuning as has been suggested. MVCC gets rid of read
conflicts. But it's not possible to completely avoid write conflicts
under the current design.
Here's why. The sessioning machinery is composed of three major data
structures:
- an index of "timeslice" to "bucket". A timeslice is an integer
representing
some range of time (the range of time is variable, depending on the
"resolution", but out of the box, it represents 20 seconds).
This mapping
is an IOBTree.
- A "bucket" is a mapping from a browser id to "session data
object" (aka
transient object). This mapping is an OOBTree.
- three "increasers" which mark the "last" timeslice in which
something was done
(called the garbage collector, called the finalizer, etc).
The point of sessioning is to provide a writable namespace assigned
to a single user that expires after some period of inactivity by that
user. To this end, we need to keep track of when the last time the
user "accessed" the session was. This is the point of the index.
When a user accesses his session, we may need to move his session
data object (identified by his browser id) from one bucket
(representing an older timeslice) to another (representing a newer
timeslice). This needs to happen *even if your code doesn't write
anything to his session*, because it represents a session access, and
the session is defined by total inactivity (not just write
inactivity). Likewise, when a user runs code that requires access to
a session, but that user does not yet have a session data object, a
write may need to occur. So seemingly innocuous accesses to session
data can cause a write. Consider, in a Python script:
req = context.REQUEST
REQUEST.SESSION
Looks pretty harmless and unlikely to cause a write. However, that's
not true. If the "bucket" in which the user's session data object is
found is not associated with the "current" timeslice, we need to move
his data object to the bucket that *is* associated with the current
timeslice, which is a write operation in order to make note of the
fact that his session is now "current".
Likewise with:
req = context.REQUEST
a = REQUEST.SESSION.get('foo')
Even though this appears to be "only a read", the sessioning
machinery itself may need to perform a write operation to move the
user's data object to the current bucket.
Jacking up the resolution time increases the period of time
represented by a single timeslice, so fewer total writes need to be
performed to keep a session "current". Turning on "external
housekeeping" doesn't prevent this normal movement of data objects
between buckets, it just causes another process that cleans up
"stale" data from happening during normal sessioning operations.
The sessioning machinery attempts to minimize conflicts. The 2.8
version of the temporarystorage does MVCC, which essentially
eliminates read conflict errors. The transience machinery includes
significantly complicated logic to attempt to prevent conflict errors
from occurring including code that attempts to prevent two threads
from doing housekeeping at once as well as application level conflict
resolution for simultaneous writes to the same session data object.
Re: [Zope] Re: session variables in the presence of conflicts
Sorry, I noticed in another email you said that you're using 2.0.9 (which appears to be in beta) and I confirmed that the traceback matches that source. The note in the product's CHANGES.txt about this is: Wrap queries with a lock to prevent multiple threads from using the connection simultaneously (this may or may not be happening). If transactional, then there is an additional transaction lock, acquired at the beginning of the transaction and released when either finished or aborted. The last sentence is the meaningful one in your case. I'm not sure if this is a bug fix but you may want to try 2.0.8 if you haven't already because it doesn't use a transaction lock (or any other lock). It seems as if the logic in 2.0.9b to obtain the transaction lock fails to take some corner case into account, although it's not obvious from the code what that is. On Nov 20, 2005, at 1:55 PM, Chris McDonough wrote: Hi Dennis, I notice that line 389 of db.py of the most recent ZMySQLDA (2.0.8) doesn't match the traceback you show. No mutex locking at all is done in the 2.0.8 version of that module (or any other module in that product). Are you using an older version? - C On Nov 20, 2005, at 9:57 AM, Dennis Allison wrote: Florent, There were, of course, tracebacks. Any assist you can provide would be appreciated. -D -- 2005-11-18T12:50:16 ERROR txn.3075 Error in tpc_abort() on manager at 0x450431cc> at 1190763820> Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 462, in _cleanup rm.tpc_abort(self) File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 548, in tpc_abort self.manager.tpc_abort(txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/ TM.py", line 64, in abort try: self._abort() File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort self._tlock.release() error: release unlocked lock -- 2005-11-18T12:50:16 ERROR txn.3075 Error in tpc_abort() on manager at 0x41487acc> at 1190774252> Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 462, in _cleanup rm.tpc_abort(self) File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 548, in tpc_abort self.manager.tpc_abort(txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/ TM.py", line 64, in abort try: self._abort() File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort self._tlock.release() error: release unlocked lock -- 2005-11-18T12:50:16 INFO ZODB conflict error at /courses/topics/ navigation_box (55 conflicts since startup at 2005-11-18T12:13:38) -- 2005-11-18T12:50:16 ERROR txn.3075 Failed to abort object: Surrogate oid= Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 562, in abort self.manager.abort(o, txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/ TM.py", line 64, in abort try: self._abort() File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort self._tlock.release() error: release unlocked lock -- 2005-11-18T12:50:16 ERROR txn.3075 Failed to abort resource manager: instance at 0x450431cc> at 1190763820> Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 489, in abort rm.abort(self) File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 562, in abort self.manager.abort(o, txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/ TM.py", line 64, in abort try: self._abort() File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort self._tlock.release() error: release unlocked lock -- 2005-11-18T12:50:16 ERROR txn.3075 Failed to abort object: Surrogate oid= Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 562, in abort self.manager.abort(o, txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/ TM.py", line 64, in abort try: self._abort() File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort self._tlock.release() error: release unlocked lock -- 2005-11-18T12:50:16 ERROR txn.3075 Failed to abort resource manager: instance at 0x41487acc> at 1190774252> Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 489, in abort rm.abort(self) File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 562, in abort self.manager.abort(o, txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/ TM.py", line 64, in abort try: self._abort() File "/opt/zope/zp
Re: [Zope] Re: session variables in the presence of conflicts
Hi Dennis, I notice that line 389 of db.py of the most recent ZMySQLDA (2.0.8) doesn't match the traceback you show. No mutex locking at all is done in the 2.0.8 version of that module (or any other module in that product). Are you using an older version? - C On Nov 20, 2005, at 9:57 AM, Dennis Allison wrote: Florent, There were, of course, tracebacks. Any assist you can provide would be appreciated. -D -- 2005-11-18T12:50:16 ERROR txn.3075 Error in tpc_abort() on manager at 0x450431cc> at 1190763820> Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 462, in _cleanup rm.tpc_abort(self) File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 548, in tpc_abort self.manager.tpc_abort(txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/ TM.py", line 64, in abort try: self._abort() File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort self._tlock.release() error: release unlocked lock -- 2005-11-18T12:50:16 ERROR txn.3075 Error in tpc_abort() on manager at 0x41487acc> at 1190774252> Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 462, in _cleanup rm.tpc_abort(self) File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 548, in tpc_abort self.manager.tpc_abort(txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/ TM.py", line 64, in abort try: self._abort() File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort self._tlock.release() error: release unlocked lock -- 2005-11-18T12:50:16 INFO ZODB conflict error at /courses/topics/ navigation_box (55 conflicts since startup at 2005-11-18T12:13:38) -- 2005-11-18T12:50:16 ERROR txn.3075 Failed to abort object: Surrogate oid= Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 562, in abort self.manager.abort(o, txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/ TM.py", line 64, in abort try: self._abort() File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort self._tlock.release() error: release unlocked lock -- 2005-11-18T12:50:16 ERROR txn.3075 Failed to abort resource manager: instance at 0x450431cc> at 1190763820> Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 489, in abort rm.abort(self) File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 562, in abort self.manager.abort(o, txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/ TM.py", line 64, in abort try: self._abort() File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort self._tlock.release() error: release unlocked lock -- 2005-11-18T12:50:16 ERROR txn.3075 Failed to abort object: Surrogate oid= Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 562, in abort self.manager.abort(o, txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/ TM.py", line 64, in abort try: self._abort() File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort self._tlock.release() error: release unlocked lock -- 2005-11-18T12:50:16 ERROR txn.3075 Failed to abort resource manager: instance at 0x41487acc> at 1190774252> Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 489, in abort rm.abort(self) File "/usr/local/src/zope/Zope2.8/lib/python/transaction/ _transaction.py", line 562, in abort self.manager.abort(o, txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/ TM.py", line 64, in abort try: self._abort() File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort self._tlock.release() error: release unlocked lock -- On Sat, 19 Nov 2005, Florent Guillaume wrote: Dennis Allison wrote: We are using MySQL but are fully transactional using innodb. The sort of problems we are seeing are (cruft removed) are things like: 2005-11-18T12:50:16 ERROR txn.3075 Error in tpc_abort() on manager at 1190763820> There should be a traceback here, or if there's none you should patch _transaction.py to make it produced. Seeing that traceback is important and would point to an error somewhere in MySQLDA's code I expect. 2005-11-18T12:50:16 ERROR txn.3075 Failed to abort resource manager: at 1190763820> 2005-11-18T12:50:16 ERROR txn.3075 Failed to abort object: Surrogate oid= 2005-11-18T12:50:16 ERROR txn.3075 Failed to abort resource manager: at 1190774252> Same here, the traceback is important. Florent -- _
Re: [Zope] MD5 Python Zope Plone
--On 20. November 2005 12:54:58 -0500 D Washburn <[EMAIL PROTECTED]> wrote: When I do this and I attempt to test it - my ZOPE/Plone instance pops up the login screen (even though I am logged in already). I tried logging in but it just kept asking for my username/password. FAQ: read lib/python/Products/PythonScripts/README.txt -aj pgplUbSj3ASGw.pgp Description: PGP signature ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] MD5 Python Zope Plone
Am Sonntag, den 20.11.2005, 12:54 -0500 schrieb D Washburn:
> I have a need to encrypt a parameter passed on a URL to another
> website using Python and MD5 encryption. I tried to set up a test
> python script:
>
> I am running ZOPE and Plone. I have made other Python scripts that
> work.
> ***
> import md5
>
> print "This is the", script.meta_type, '"%s"' % script.getId(),
> if script.title:
> print "(%s)" % html_quote(script.title),
> print "in", container.absolute_url()
>
> hash1 = md5.new("Hello world").digest()
> print "hash=",hash1
>
> return printed
> **
> When I do this and I attempt to test it - my ZOPE/Plone instance pops
> up the login screen (even though I am logged in already). I tried
> logging in but it just kept asking for my username/password.
>
> Suggestions? Anyone got a simple example of a Python script that can
> be passed a piece of text and return an encrypted string?
You would need either an external method where you use md5
or a simple product (basically just an __init__.py derived
from Products/PythonScripts/module_access_examples.py )
Btw, md5() does not encrypt. Its a hash. (You cannot
get the original text from it)
HTH
Tino
___
Zope maillist - Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] MD5 Python Zope Plone
On 20 Nov 2005, at 18:54, D Washburn wrote: I have a need to encrypt a parameter passed on a URL to another website using Python and MD5 encryption. I tried to set up a test python script: This is a FAQ. Python scripts provide a *restricted* execution environment. You cannot just import any old Python module. See the README inside the PythonScripts folder under /lib/python/ Products for more information. jens ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] minimizing conflict errors
Am Sonntag, den 20.11.2005, 09:16 -0800 schrieb Dennis Allison: > I have a DTML method which provides the primary navigation control in a > portion of our system and so is very heavily used. It is a primary source > of conflict errors and so is being rethought. > > Zope 2.8.4, ZEO 3.4.2, ZODB 3.4.2, Python 2.4.2 or 2.3.5 > MySQL 4.0.20, MySQL-Python 1.2.0, MYSQLDA 2.0.9 > > ZODB 3.4.2 does not raise a conflict error on a read-read conflict, one of > the reasons fr moving to Zope 2.8.4. > > The structure of the naviagation method is simple enough. Everything is > wrapped in a which sets a number of parameters mostly by > reading them from the SESSION (with an interface function) or plucking > them from the relational database with a query. > > In the scope of the let is dtml code which, when rendered, provides the > various navigation links. In various sections there are additional > blocks and additional queries to the relational database > and several loops. > > Looking at the code, I don't understand why I am seeing conflicts. > As I understand things, neither variables in the space nor > the REQUEST/RESPONSE space are stored in the ZODB so modifications to > them don't look like writes to the conflict mechanism. Am I incorrect > in my understanding? For what are you using the SESSION storage and for what do you need the ZSQL method calls in your navigation? What is in your ZODB? Regards Tino ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] External Methods, Proxy Roles, and Executable Security
On 20 Nov 2005, at 18:47, George Lee wrote: Great, thanks much. Is there much buzz about this in CMF developer land? It seems like proper proxy roles handling, and like you said what Zope 3 security will do to it, are pretty important and will come up quite often (all I was doing, after all, was trying to move an object upon workflow change!). IMHO proxy roles should be used extremely sparingly, if at all. They are a last resort and I personally never use them. Matter of fact I believe having to use them means the application design could use some improvement... If something needs to be done with elevated privileges it should be in filesystem product code or, if that is not feasible, in an external method. At least that's my philosophy ;) jens ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] MD5 Python Zope Plone
I have a need to encrypt a parameter passed
on a URL to another website using Python and MD5 encryption. I tried to
set up a test python script:
I am running ZOPE and Plone. I have made other Python scripts that work.
***
import md5
print "This is the", script.meta_type, '"%s"' % script.getId(),
if script.title:
print "(%s)" % html_quote(script.title),
print "in", container.absolute_url()
hash1 = md5.new("Hello world").digest()
print "hash=",hash1
return printed
**
When I do this and I attempt to test it - my ZOPE/Plone instance pops
up the login screen (even though I am logged in already). I tried
logging in but it just kept asking for my username/password.
Suggestions? Anyone got a simple example of a Python script that can be
passed a piece of text and return an encrypted string?
Thanks,
David
___
Zope maillist - Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] External Methods, Proxy Roles, and Executable Security
Great, thanks much.
Is there much buzz about this in CMF developer land? It seems like
proper proxy roles handling, and like you said what Zope 3 security
will do to it, are pretty important and will come up quite often (all
I was doing, after all, was trying to move an object upon workflow
change!).
Peace,
George
On 11/19/05, Dieter Maurer <[EMAIL PROTECTED]> wrote:
> George Lee wrote at 2005-11-19 00:46 -0500:
> >In CMFCore 1.5.4:
> >
> >If a low-security-clearance user calls an external method that pastes
> >an object from a PortalFolder, he gets an error because the following
> >line in CMFCore.PortalFolder fails:
> >
> >if not sm.checkPermission(DeleteObjects, parent):
> > raise AccessControl_Unauthorized
> >
> >This is even the case if "sm.checkPermission" is changed to
> >"_checkPermission", which takes into account proxy roles. The external
> >method does not allow proxy roles attached, so I can't just add a
> >"Manager" proxy role.
> >
> >Because I called the pasting in an external method, I expected it to
> >go through without security problems! Is this a right expectation /
> >and a bug, or a wrong expectation?
>
> It is the fate induced by explicit security checks.
> It will get much worse when the Zope 3 security comes into
> Zope 2 land: then even trusted code will have to deal with
> security proxied objects.
>
>
> We currently work around the problem that trusted code
> cannot have proxy roles with the following class:
>
> class ProxyContext:
> def __init__(self, proxy_roles):
> self._proxy_roles = tuple(proxy_roles)
>
> def getOwner(self): return None
> getWrappedOwner = getOwner
>
> This class emulates an object with proxy roles and can be pushed
> onto the "SecurityManager"s "context" stack like so:
>
> sm = getSecurityManager()
> context = ProxyContext(proxy_roles)
> sm.addContext(context)
> try:
> # do something with "proxy_roles"
> ...
> finally: sm.removeContext(context)
>
>
> Note, that I had to fix (in a local copy) CMF's "_checkPermission"
> for this to work:
>
>It had decided to emulate Zope's proxy role checking only
>approximately -- incorrectly for a "None" owner.
>
> My fix looks like this:
>
> security.declarePrivate('_checkPermission')
> def _checkPermission(permission, obj):
> """ Check if the current user has the permission on the given object.
> """
> # this code is ported from ZopeSecurityPolicy.checkPermission
> roles = rolesForPermissionOn(permission, obj)
> if isinstance(roles, basestring):
> roles = [roles]
> context = getSecurityManager()._context
>
> # check executable owner and proxy roles
> # this code is ported from ZopeSecurityPolicy.validate
> stack = context.stack
> if stack:
> eo = stack[-1]
> owner = eo.getOwner()
> if owner is not None:
> if not owner.allowed(obj, roles):
> return 0
> # DM 2005-09-07: no reason to do it differently from Zope
> # It accepts "proxy_roles" even for a None owner
> ##proxy_roles = getattr(eo, '_proxy_roles', None)
> ##if proxy_roles:
> ##if obj is not aq_base(obj):
> ##if not owner._check_context(obj):
> ##return 0
> ##for r in proxy_roles:
> ##if r in roles:
> ## return 1
> ##return 0
> proxy_roles = getattr(eo, '_proxy_roles', None)
> if proxy_roles:
> if obj is not aq_base(obj):
> # DM 2005-09-07: do it as Zope does
> #if not owner._check_context(obj):
> if owner is not None and not owner._check_context(obj):
> return 0
> for r in proxy_roles:
> if r in roles:
> return 1
> return 0
>
> return context.user.allowed(obj, roles)
>
>
> If you are interested in using this approach, you
> should probably file another CMF bug report about the
> wrong handling of proxy roles in "_checkPermission".
> I explicitely allow you to attach the fix given above.
>
>
> --
> Dieter
>
___
Zope maillist - Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] minimizing conflict errors
I have a DTML method which provides the primary navigation control in a portion of our system and so is very heavily used. It is a primary source of conflict errors and so is being rethought. Zope 2.8.4, ZEO 3.4.2, ZODB 3.4.2, Python 2.4.2 or 2.3.5 MySQL 4.0.20, MySQL-Python 1.2.0, MYSQLDA 2.0.9 ZODB 3.4.2 does not raise a conflict error on a read-read conflict, one of the reasons fr moving to Zope 2.8.4. The structure of the naviagation method is simple enough. Everything is wrapped in a which sets a number of parameters mostly by reading them from the SESSION (with an interface function) or plucking them from the relational database with a query. In the scope of the let is dtml code which, when rendered, provides the various navigation links. In various sections there are additional blocks and additional queries to the relational database and several loops. Looking at the code, I don't understand why I am seeing conflicts. As I understand things, neither variables in the space nor the REQUEST/RESPONSE space are stored in the ZODB so modifications to them don't look like writes to the conflict mechanism. Am I incorrect in my understanding? ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Re: session variables in the presence of conflicts
That was my conclusion long ago, but I have not been able to track it down. It only occurs under heavy load when backing out of a conflict error. I have not been successful at creating a test set that triggers it. I suppose it is time to again read the ZMySQLDA code... There are a few comments on the net about problems with MySQLDA which may also be related. On Sun, 20 Nov 2005, Florent Guillaume wrote: > Dennis Allison wrote: > > Florent, > > There were, of course, tracebacks. Any assist you can provide would be > > appreciated. -D > > > > -- > > 2005-11-18T12:50:16 ERROR txn.3075 Error in tpc_abort() on manager > > > 0x450431cc> at 1190763820> > > Traceback (most recent call last): > > File > > "/usr/local/src/zope/Zope2.8/lib/python/transaction/_transaction.py", line > > 462, in _cleanup > > rm.tpc_abort(self) > > File > > "/usr/local/src/zope/Zope2.8/lib/python/transaction/_transaction.py", line > > 548, in tpc_abort > > self.manager.tpc_abort(txn) > > File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/TM.py", line > > 64, in abort > > try: self._abort() > > File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort > > self._tlock.release() > > error: release unlocked lock > > Well undoubtedly the bug is in ZMySQLDA... > > Florent > > > -- ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Re: session variables in the presence of conflicts
Dennis Allison wrote: Florent, There were, of course, tracebacks. Any assist you can provide would be appreciated. -D -- 2005-11-18T12:50:16 ERROR txn.3075 Error in tpc_abort() on manager at 1190763820> Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/_transaction.py", line 462, in _cleanup rm.tpc_abort(self) File "/usr/local/src/zope/Zope2.8/lib/python/transaction/_transaction.py", line 548, in tpc_abort self.manager.tpc_abort(txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/TM.py", line 64, in abort try: self._abort() File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort self._tlock.release() error: release unlocked lock Well undoubtedly the bug is in ZMySQLDA... Florent -- Florent Guillaume, Nuxeo (Paris, France) Director of R&D +33 1 40 33 71 59 http://nuxeo.com [EMAIL PROTECTED] ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] CMF 1.5.5 released
The CMF developer community and Zope Corporation are pleased to announce the release of version 1.5.5 of the Zope Content Management Framework (CMF). This release marks the latest stable release in the CMF 1.5 series and should be suitable for production use. What is the CMF? The Zope Content Management Framework provides a set of services and content objects useful for building highly dynamic, content-oriented portal sites. As packaged, the CMF generates a site much like the Zope.org site. The CMF is intended to be easily customizable, in terms of both the types of content used and the policies and services it provides. Where do I get it? Download it from http://zope.org/Products/CMF/CMF-1.5.5 Points of interest include: - "Windows ZIP file", http://zope.org/Products/CMF/CMF-1.5.5/CMF-1.5.5.zip - "Unix tar/gzip archive", http://zope.org/Products/CMF/CMF-1.5.5/CMF-1.5.5.tar.gz - "Release notes", http://zope.org/Products/CMF/CMF-1.5.5/README.txt - "Change history", http://zope.org/Products/CMF/CMF-1.5.5/CHANGES.txt - "Installation instructions", http://zope.org/Products/CMF/CMF-1.5.5/INSTALL.txt Where do I go to learn more? The "CMF mailing list":mailto:[EMAIL PROTECTED] has many participants who are active in supporting the CMF. ...to report bugs? The "CMF Collector":http://zope.org/Collectors/CMF is ths place to report bugs (please search for existing reports of your issue first!) - Jens Vagelpohl [EMAIL PROTECTED] ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Re: session variables in the presence of conflicts
Florent, There were, of course, tracebacks. Any assist you can provide would be appreciated. -D -- 2005-11-18T12:50:16 ERROR txn.3075 Error in tpc_abort() on manager at 1190763820> Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/_transaction.py", line 462, in _cleanup rm.tpc_abort(self) File "/usr/local/src/zope/Zope2.8/lib/python/transaction/_transaction.py", line 548, in tpc_abort self.manager.tpc_abort(txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/TM.py", line 64, in abort try: self._abort() File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort self._tlock.release() error: release unlocked lock -- 2005-11-18T12:50:16 ERROR txn.3075 Error in tpc_abort() on manager at 1190774252> Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/_transaction.py", line 462, in _cleanup rm.tpc_abort(self) File "/usr/local/src/zope/Zope2.8/lib/python/transaction/_transaction.py", line 548, in tpc_abort self.manager.tpc_abort(txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/TM.py", line 64, in abort try: self._abort() File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort self._tlock.release() error: release unlocked lock -- 2005-11-18T12:50:16 INFO ZODB conflict error at /courses/topics/navigation_box (55 conflicts since startup at 2005-11-18T12:13:38) -- 2005-11-18T12:50:16 ERROR txn.3075 Failed to abort object: Surrogate oid= Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/_transaction.py", line 562, in abort self.manager.abort(o, txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/TM.py", line 64, in abort try: self._abort() File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort self._tlock.release() error: release unlocked lock -- 2005-11-18T12:50:16 ERROR txn.3075 Failed to abort resource manager: at 1190763820> Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/_transaction.py", line 489, in abort rm.abort(self) File "/usr/local/src/zope/Zope2.8/lib/python/transaction/_transaction.py", line 562, in abort self.manager.abort(o, txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/TM.py", line 64, in abort try: self._abort() File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort self._tlock.release() error: release unlocked lock -- 2005-11-18T12:50:16 ERROR txn.3075 Failed to abort object: Surrogate oid= Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/_transaction.py", line 562, in abort self.manager.abort(o, txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/TM.py", line 64, in abort try: self._abort() File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort self._tlock.release() error: release unlocked lock -- 2005-11-18T12:50:16 ERROR txn.3075 Failed to abort resource manager: at 1190774252> Traceback (most recent call last): File "/usr/local/src/zope/Zope2.8/lib/python/transaction/_transaction.py", line 489, in abort rm.abort(self) File "/usr/local/src/zope/Zope2.8/lib/python/transaction/_transaction.py", line 562, in abort self.manager.abort(o, txn) File "/usr/local/src/zope/Zope2.8/lib/python/Shared/DC/ZRDB/TM.py", line 64, in abort try: self._abort() File "/opt/zope/zproducts/standard/ZMySQLDA/db.py", line 389, in _abort self._tlock.release() error: release unlocked lock -- On Sat, 19 Nov 2005, Florent Guillaume wrote: > Dennis Allison wrote: > > We are using MySQL but are fully transactional using innodb. > > > > The sort of problems we are seeing are (cruft removed) are things like: > > > > 2005-11-18T12:50:16 ERROR txn.3075 Error in tpc_abort() on manager > > > 0x450431cc> at 1190763820> > > There should be a traceback here, or if there's none you should patch > _transaction.py to make it produced. Seeing that traceback is important > and would point to an error somewhere in MySQLDA's code I expect. > > > 2005-11-18T12:50:16 ERROR txn.3075 Failed to abort resource manager: > > > 0x450431cc> at 1190763820> > > 2005-11-18T12:50:16 ERROR txn.3075 Failed to abort object: Surrogate > > oid= > > 2005-11-18T12:50:16 ERROR txn.3075 Failed to abort resource manager: > > > 0x41487acc> at 1190774252> > > Same here, the traceback is important. > > Florent > > -- ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
