Re: [Zope-dev] Security/Acquisition Bug? (take two)

2000-11-12 Thread Charlie Wilkinson

On Sun, Nov 12, 2000 at 11:42:32PM +0100, Dieter Maurer waxed eloquent:
 
 I tried it on my ZopeCVS installation.
 The Python parts are quite new. The C-part is about 2 weeks old.
 
 I can not observe what you describe.
 "/index_html" can be viewed as "Annonymous" without any
 change in permissions.

Hi Dieter,
Thanks for investigating.  I also gave it another try, with the same
results as my previous attempts.  Maybe I'm doing something dumb?
I have followed exactly these steps (as a regular user):

1. mkdir Zope2

2. cvs -z7 -d :pserver:[EMAIL PROTECTED]:/cvs-repository checkout Zope2

3. cd Zope2

4. python wo_pcgi.py

5. python zpasswd.py -u XX -p XX access

6. Edit start file (for port change and stupid log):

#! /bin/sh
reldir=`dirname $0`
PYTHONHOME=`cd $reldir; pwd`
export PYTHONHOME
exec /usr/bin/python \
 $PYTHONHOME/z2.py -P 9000 \
 -D "$@" STUPID_LOG_FILE=$PYTHONHOME/zope.log

7. ./start 

8. Visit http://www.boinklabs.com:9080/index_html

8. Get BASICAUTH login box...  ??

Box is Redhat 6.0 with updates, Python 1.5.2 from source.  CVS is v1.10.5.
The only bit I left out was setting up the CVS login on a prior occasion:

cvs -d :pserver:[EMAIL PROTECTED]:/cvs-repository login

-cw-

-- 
~~~~~
Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ
Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer...
Visit the Radio For Peace International Website: http://www.rfpi.org/
~
CLOBBER INTERNET SPAM:  See!! http://spam.abuse.net/
   Join!! http://www.cauce.org/
~
QOTD:
Al Gore: Please, just concede.  I can't handle another four years of
whiney Republican bumper stickers!

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )




Re: [Zope-dev] Security/Acquisition Bug? (take two)

2000-11-12 Thread Charlie Wilkinson

I should have included this in my previous reply - this is the Zope
error I am getting after failing out of BASICAUTH login:

--
Zope Error

Zope has encountered an error while publishing this resource. 

Unauthorized

You are not authorized to access this resource.

No Authorization header found. 

Traceback (innermost last):
  File /share4/Zope2/lib/python/ZPublisher/Publish.py, line 222, in publish_module
  File /share4/Zope2/lib/python/ZPublisher/Publish.py, line 187, in publish
  File /share4/Zope2/lib/python/ZPublisher/Publish.py, line 162, in publish
  File /share4/Zope2/lib/python/ZPublisher/BaseRequest.py, line 463, in traverse
  File /share4/Zope2/lib/python/ZPublisher/HTTPResponse.py, line 569, in unauthorized
Unauthorized: (see above)
--

Does that provide any (additional) clues?

-cw-

-- 
~
Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ
Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer...
Visit the Radio For Peace International Website: http://www.rfpi.org/
~
CLOBBER INTERNET SPAM:  See!! http://spam.abuse.net/
   Join!! http://www.cauce.org/
~
QOTD:
Al Gore: Please, just concede.  I can't handle another four years of
whiney Republican bumper stickers!

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )




[Zope-dev] Security/Acquisition Bug? (take two)

2000-11-10 Thread Charlie Wilkinson

I had posted about this previously, but no one has tackled this one,
it seems to be a pretty serious issue, plus I've done a *lot* of poking
around and learned a few things since I first reported it.  What I have
*not* found (or been told) is that the below described behavior is normal.

First a simple exercise for those who would like to avoid my laborious
novice Zoper description and just ferret out the likely bug:

Create a fresh CVS copy of Zope on your *nix box.  Build it (python
wo_pcgi.py), configure 'start' with the ports of your choosing, set a
superuser password, start Zope and try to visit the /index_html page.

What I'm getting at that point is a BASICAUTH login box.  One has to
explicitly enable anonymous permissions on the index_html page in order
to view it without logging in.  I've read through all the security
model discussion I could find, but saw no discussion of this issue.
If somehow this behavior is intentional, I would greatly appreciate a clue
to that effect.  (Some response either way would be nice, actually...)

Based on my recent flailings with LoginManager and finally, stock
acl_users in Zope v2.2.cvs, it seems there this problem relates to the
"scope" of acl_users and/or its parent folder not including the objects
within.  The security settings of the parent folder are apparently not
regarded in determining access to objects within.  Instead, acl_users is
only impacting its sibling objects (and presumably their child objects).

Apologies if I'm making the wrong noises in the wrong place in the
wrong way.  Any help or pointers welcome.

-cw-

-- 
~
        Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ
Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer...
Visit the Radio For Peace International Website: http://www.rfpi.org/
~
CLOBBER INTERNET SPAM:  See!! http://spam.abuse.net/
   Join!! http://www.cauce.org/
~
QOTD:
"Bush is a big corporation disguised as a human being running for president."
-- Ralph Nader on David Letterman (9/28/00)

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )




Re: [Zope] why DTML confusing

2000-11-10 Thread Charlie Wilkinson

First Simon, thanks for your message.  Yours is one of the most articulate
explanations I've seen on this topic.

Simon Michael [EMAIL PROTECTED] writes:
 Irene Barg [EMAIL PROTECTED] writes:

[examples of DMTL confusion...]
 
 It is confusing. There are two systems of syntax in use here - DTML's
 and python's. Once you start using "" expressions, you have left DTML
 and you are in the python world. 

...or "the python world with some Zope limitations placed on it."

There's a third world of course, HTML.  Most of us probably have that
down solid, so we tend not to think of it in the context of "skills
needed to master Zope."  But whether it's wrapping data in an HTML
table, or how to create dynamic CGI forms, mastering the integration of
HTML and DTML is a critical skill that some apparently find difficult.
(I've seen HOWTO's for it...)

 - unfortunate reality #1: you have to use "" expressions to do any
 kind of comparison, so you are pretty much forced into dealing with
 these two worlds right from the beginning.

That's fine, but in the interests of good will and sanity, Zope should
probably have a big fat warning label saying "DO NOT VENTURE HERE IF
YOU DO NOT ALREADY KNOW, OR PLAN TO LEARN PYTHON."

I did know Zope was written in Python.  I did not expect that I would have
to learn it.  Maybe that was stupid on my part, but that's what I thought.

 Still, entering the python world would normally be a good thing, since
 syntax there is simple and consistent. But,
 
 - unfortunate reality #2: certain legacy zope variables contain "-" in
 their name. In the python world, this is illegal (or rather it means
 something different) and so you are forced to remember constructs like
 _['sequence-index'] all the time.
 
 It might be that fixing one or both of the above would reduce the DTML
 pain factor quite a bit. Certainly, it's time to do whatever it takes
 to banish these "-"-named variables, IMHO.

Yes, it would help a lot.  _[] is about as non-intuitive as you can get,
especially after mixing in all the single and double quotes.  Sure, if
you understand python and how DTML wraps around it, it all makes sense,
but that's a pretty narrow market and DMTL simply doesn't need to be
that obfuscated.  If the intended market is simply "people who grok
Python", then there's really no point in something as Point n' Click n'
GUI as Zope is.

I certainly don't have all the answers, but it seems a simple matter to
allow both sequence-index *and* sequence_index - i.e., create underscore
equivalents alongside all the legacy "hyphen" variables.  If I recall,
I've even seen some user-contributed patches on this list to do just that.

That's just one example of something in Zope that's "too difficult"
screaming for change.  But one of the practical advantages of making
that kind of change is that the people who contribute their valuable
time to help the newbies (and not-so-newbies) on this list won't spend
quite so much time saying

Try this:

dtml-in "AUTHENTICATED_USER.getRoles()"
  dtml-if "_['sequence-item'] == 'Admin'"
dtml-call "REQUEST.set('edit_ok','y')"
  /dtml-if
/dtml-in

That's an awful lot of weird syntax glue just to walk a list and set a
value based on values in the list.  If someone asked how to do that on a
Perl mailing list, they'd be RTFM'ed and run out of town.  Maybe that's
not an entirely fair comparison, but still, how much of that syntax
nightmare might be avoidable?  I really don't know enough to say.
Obviously *everything* has to be wrapped in something that at least
distinguishes DTML from HTML.  How quickly or deeply (or just *how*)
one should get into python after that is another matter.

Zope reminds me of NT in some ways (except that I *like* Zope).
Zope, like NT, presents this illusion of friendly, easy learning curve,
straight-forward "get the job done and move on" philosophy.  At least that
was my first impression.  Then reality struck and I'm still recovering!
What keeps me working with Zope is not so much what Zope is, but the
promise of what it can be.  (And the hope that when I'm finally a Python
ace and understand the Zope source code from nose to tail, I'll be ready
to work in DTML ;-)

-cw-

-- 
~
Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ
Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer...
Visit the Radio For Peace International Website: http://www.rfpi.org/
~
CLOBBER INTERNET SPAM:  See!! http://spam.abuse.net/
   Join!! http://www.cauce.org/

[Zope] Security and Acquistition Problem

2000-11-09 Thread Charlie Wilkinson

Greetings,
I had posted about this on Zope-dev because I'm running the CVS version,
but no response there.  Also more research has yielded more info.
I first discovered this issue with LoginManager, but the same problem
occurs with standard acl_users too.

First, 'Figure 1:'

/ (Root Folder)
/ acl_test (ACL Test Folder)
acl_users (User Folder)
index_html (Test Document)

Now, referring to figure 1, changes to security settings for the acl_test
folder are having no effect on access to index_html.  Only when I change
the security settings on index_html itself, can I control access to it.

So what this boils down to is that as of v2.2.whatever, an acl_users
folder apparently does not protect the folder it's in (parent folder),
but only it's sibling objects and below.  Meaning that instead of setting
permissions on the parent object and being done with it, one now has to
set permissions for each sibling.  In my case that's 50 or more objects
and I'm not done coding yet.  Ouch!  This *can't* be right, can it?
I know there's a lot that's happened with the security model, so I'm
really *really* hoping this is just a bug that's crept in.

Thanks for any clues,
Charlie

-- 
~
Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ
Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer...
Visit the Radio For Peace International Website: http://www.rfpi.org/
~
CLOBBER INTERNET SPAM:  See!! http://spam.abuse.net/
   Join!! http://www.cauce.org/
~
QOTD:
"Bush is a big corporation disguised as a human being running for president."
-- Ralph Nader on David Letterman (9/28/00)

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




[Zope] Security and Acquisition

2000-11-09 Thread Charlie Wilkinson

Greetings,
I know this a very busy list, but I'm hoping someone can take a moment to
address this.  I had posted about this on Zope-dev because I'm running the
CVS version, but no response.  Also more research has yielded more info.
I first discovered this issue with LoginManager, but the same problem
occurs with standard acl_users too.

First, 'Figure 1:'

/ (Root Folder)
/ acl_test (ACL Test Folder)
acl_users (User Folder)
index_html (Test Document)

Now, referring to figure 1 (above :-), changes to security settings
for the acl_test folder are having no effect on access to index_html.
Only when I change the security settings on index_html itself, can I
control access to it.

So what this seemingly boils down to is that as of v2.2.whatever,
an acl_users folder does not protect its siblings and their kids by
acquisition of security settings from the parent folder.  Instead,
sibling objects must have their security explicitly set.  Meaning that
instead of setting permissions on the parent object and being done
with it, one now has to set permissions for each and every sibling.
In my case that's over 50 objects and I'm not done coding yet.  Ouch!
This *can't* be right, can it?

Thanks for any clues,
Charlie

-- 
~
Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ
Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer...
Visit the Radio For Peace International Website: http://www.rfpi.org/
~
CLOBBER INTERNET SPAM:  See!! http://spam.abuse.net/
   Join!! http://www.cauce.org/
~
QOTD:
"Bush is a big corporation disguised as a human being running for president."
-- Ralph Nader on David Letterman (9/28/00)
-- 
~
        Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ
Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer...
Visit the Radio For Peace International Website: http://www.rfpi.org/
~
CLOBBER INTERNET SPAM:  See!! http://spam.abuse.net/
   Join!! http://www.cauce.org/
~
QOTD:
"Bush is a big corporation disguised as a human being running for president."
-- Ralph Nader on David Letterman (9/28/00)

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] Security and Acquisition

2000-11-09 Thread Charlie Wilkinson

 [Charlie Wilkinson]
 
 | Greetings,
 
 Hola!
 
 | Now, referring to figure 1 (above :-), changes to security settings
 | for the acl_test folder are having no effect on access to index_html.
 | Only when I change the security settings on index_html itself, can I
 | control access to it.
 
 Can it have something to do with acquirement of permission settings?
 (The leftmost column on the security tab).

Hi Morten,
Yes.  It's acting as if those little boxes were not checked! :)  As I was
replying to Jeff in a prior message, the mystery goes deeper.  I grabbed a
fresh copy of the latest CVS version, built it, set a superuser password
and ran it.  I then tried to visit the default index_html "Welcome to
Zope" page and was presented with a BASICAUTH type login box.  If I
explicitly set anonymous View permissions for the index_html (Welcome
to Zope) page, then I get in with no login as expected.  That isn't
normal is it?  Root folder objects would appear to be having the same
security setting acquisition problems as I was finding previously with
sub-folders and LoginManager.

I realize I'm on the bleeding edge of Zope running the CVS version,
but I heard the 2.2.3 version is due out RSN and figured maybe a little
"new version" pain now would be easier than upgrade pain later.  I'd sure
rather be saying "Here's a patch" than just "It's broke", but alas I
don't grok Python that well yet.  ("It's broke" still offers *some*
value, right?  :-)

To the Zope developers:  It seems pretty clear that Zope v2.2.cvs is
broken in regards to security settings acquisition.  Should I post to
zope-dev, or is there already a sufficient awareness/understanding of
the problem?

Thanks,
Charlie

-- 
~~~~~
Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ
Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer...
Visit the Radio For Peace International Website: http://www.rfpi.org/
~
CLOBBER INTERNET SPAM:  See!! http://spam.abuse.net/
   Join!! http://www.cauce.org/
~
QOTD:
"Bush is a big corporation disguised as a human being running for president."
-- Ralph Nader on David Letterman (9/28/00)

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




[Zope-dev] LoginManager Acquisition Problem

2000-11-05 Thread Charlie Wilkinson

Greetings Fellow ZoPeople,
I'm having some difficulty with Acquisition of security settings within
LoginManager protected folders.  I'm using the latest CVS of Zope and
LM 0.8.8b1 with the included ZPatterns and Plugins.  It was necessary
to apply a patch (from Luca Mearelli on this list) on HTTPRequest.py to
actually create the LM folder without raising a NameError exception on
'path.'  I previously worked all the wrinkles out of my UserSource,
etc., under Zope 2.1.2., so my difficulties in this case are purely
upgrade related.

Folders/Objects thusly:

/ (Root Folder)
test (Test Folder)
acl_users (LoginManager)
index_html (Test Page)

If I change the security settings on index_html to allow access from a
test account role, all works fine.  If however, I change the security
settings on the test folder instead of index_html, it does not have the
expected effect and I get the forbiddenpage, as if acquisition of these
settings were not working.  I did not turn off "Acquire Settings" on
index_html.  Pretty much all such settings have been left at the default
settings except for adding the new roles to the test folder and enabling
them in either the test folder or on the index_html object as indicated.

As with may other things Zope  Python, I don't understand yet how LM
interacts with the mechanics of acquistion and security settings.  Has
anyone else tackled this yet who could provide some insights and/or a fix?

Thanks in advance,
Charlie

-- 
~
        Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ
Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer...
Visit the Radio For Peace International Website: http://www.rfpi.org/
~
CLOBBER INTERNET SPAM:  See!! http://spam.abuse.net/
   Join!! http://www.cauce.org/
~
QOTD:
"Bush is a big corporation disguised as a human being running for president."
-- Ralph Nader on David Letterman (9/28/00)

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )




Re: [Zope] Zope, Threads and Signals

2000-10-07 Thread Charlie Wilkinson

"Knight" once said:
 
 cw,
 
 Are you spawning additional threads by chance? Or just the threads that
 Zope creates?

No, I'm a Python newbie who doesn't know of threads yet, so this is just
Zope threads working their magic. :-)

Right now I'm just shooting for a simple network client as a proof of
concept, though ultimately I need to take into account that the server
this client is talking to is *cough* single instance and single threaded
(i.e. only one client at a time).  So what I really need to do for the
long haul is set my client software up to hold a persistent connection
and multiplex/queue the requests.  I assume that means I'll need to
rewrite my External Method interface as a Zope Product?

Maybe I should try to grok one of the database connection products and
model after that?


The server is Rand McNally's Unix Resident MileMaker (URMM) milage
calculation software for shipping, if you were wondering (what to avoid?)

Thanks,
Charlie

-- 
~
        Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ
Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer...
Visit the Radio For Peace International Website: http://www.rfpi.org/
~
CLOBBER INTERNET SPAM:  See!! http://spam.abuse.net/
   Join!! http://www.cauce.org/
~
QOTD:
"Bush is a big corporation disguised as a human being running for president."
-- Ralph Nader on David Letterman (9/28/00)

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] Zope, Threads and Signals

2000-10-07 Thread Charlie Wilkinson

Michael Bernstein  [EMAIL PROTECTED] wrote:
  Wilkinson Charlie E wrote:
  
  It all began when I was a small child, but I'll skip ahead
  a bit 
 
 I almost hate to say this, since your post is an interesting
 one otherwise, but please don't send HTML email to the list.
 Some of the people here don't use HTML-capable mail clients.

RANT target="Microsoft"
[Charlie draws a deep breath and starts out softly]

I'm not a dummy.  I've been a UNIX application developer and SysAdmin
for ten years.  Really goofy hardware too.  Ever try and build Sendmail
on a Pyramid MIS-4?  For ten years before that I was an electronics
repair technician.  I've forgotten more technical details than most
people will ever know, and I relish that I can pick up some strange piece
of equipment and figure out how to operate it in a matter of minutes.
_And_ I'm a ham radio operator - we *love* buttons and knobs!

BUT I CAN'T SHUT OFF HTML IN OUTLOOK TO SAVE MY MISERABLE F*ING LIFE

Yes, yes, I've been through all the usual steps.  I even check the
format settings on the message before sending it to confirm that it is
in fact plaintext.  No matter.  It gets posted with f-ing HTML!  This is
despite the fact that I'm now stuck sending plaintext to everyone in
our organization!  My suspicion is that some well meaning but deranged
Exchange SMTP gateway server is doing the conversion, as there's a meta
tag that says the HTML generator is Exchange.  I've tried talking to
the people who run the servers, but they are clueless and keep saying
it's something I'm doing.

So I just try to avoid posting to the list from Outlook, but last night
at the office I was (and still am) desparate.  But now I'm home with
Linux/Mutt. Yay! :-)
/RANT

Sorry you had to read that.  (Where's my medication?)

-cw-

-- 
~
        Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ
Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer...
Visit the Radio For Peace International Website: http://www.rfpi.org/
~
CLOBBER INTERNET SPAM:  See!! http://spam.abuse.net/
   Join!! http://www.cauce.org/
~
QOTD:
"Bush is a big corporation disguised as a human being running for president."
-- Ralph Nader on David Letterman (9/28/00)

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




[Zope] Arrrgh!!! *Weird* SQLSession problem

2000-09-04 Thread Charlie Wilkinson

Ok, all weekend I've been chasing my tail.  Now I scream for help...

I cannot get SQLSession to insert values into the zsession_data table
to save my freeking life.  I'm not getting errors of any kind, just no
inserted session data.  However, the zsessions table shows the sessions
being created, so that table is working ok.  I mangled the SQL syntax for
sqlSetValue, *then* I got a pg. error, so sqlSetValue *is* running, yes?
I installed Logger and logged the values from sqlSetValue to the zope log.
I cut and pasted those values from the log into the test query screen for
sqlSetValues and when I submit the query it inserts just fine.  At that
point I can see the manually inserted values from session_test.dtml, so
sqlGetValues is working.  But if I try to insert values with session_test,
they show up in the very next screen, but are gone thereafter and of
course they do not show up in the database.  I'm really at quite a loss here.

I made sure to give SQLSession its very own ZPyGresQLDA connection.
After beating on that unsuccessfully for awhile, I installed ZPoPyDA,
and set SQLSession to use that, which of course didn't change anything.

Here's the version particulars:

Zope version: Zope 2.1.6 (source release, python 1.5.2, linux2) 
Python version: 1.5.2 (#1, Sep 17 1999, 20:15:36) [GCC egcs-2.91.66 19990314/Linux 
(egcs- 
System Platform: linux-i386 

ZPyGreSQLDA 0.3
ZPoPyDA 0.5.1
PoPy 1.3.2 beta
SQLSession 0.3.0
PostgreSQL 7.0.2

Other installed products (if it matters...):

ZPyGreSQLDA Fortune Calendar Logger Photo ZPatterns Confera LoginManager
SQLSession ZPoPyDA WorldPilot iTrack

Mild rant:

I've got a big, scary, and now behind schedule database-enabled website
to build for a client.  Most everything I've read, and even my earlier,
simpler experiences with Zope have been fantastic.  I've been going
on to my client about how great Zope is, rapid deployment, etc, blah.
So I committed, but after fighting with LM (It took weeks to get it
working once and I have not been able to duplicate that feat since), a
failed upgrade to Zope 2.2 (LM wouldn't work there yet(?), doh!), and now
SQLSession...  I'm *not* having an overall good feeling about all this.
I'm even starting to get thoughts of retreating to Perl or learning PHP3
and never looking back.  But I really want to get over what's probably
mostly newbie learning curve  lack of docs and make this work in Zope.
Please help!!!

-cw-

-- 
~
Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ
Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer...
Visit the Radio For Peace International Website: http://www.rfpi.org/
~
CLOBBER INTERNET SPAM:  See!! http://spam.abuse.net/
   Join!! http://www.cauce.org/
~
QOTD:
Failure is not an option. It's bundled with your software.

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




[Zope] Nevermind? (SQLSession problem...)

2000-09-04 Thread Charlie Wilkinson

In a last, desparate effort I downgraded to SQLSession 0.2.9a and it's
working fine.  Is this normal?

-cw-

-- 
~
Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ
Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer...
Visit the Radio For Peace International Website: http://www.rfpi.org/
~
CLOBBER INTERNET SPAM:  See!! http://spam.abuse.net/
   Join!! http://www.cauce.org/
~
QOTD:
Failure is not an option. It's bundled with your software.

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




[Zope] WorldPilot and UW-IMAP?

2000-07-04 Thread Charlie Wilkinson

Greets,
I'm experiencing an issue with WorldPilot not showing the body of messages
that have attachments.  I can only guess that this is because WorldPilot
was designed for use with the Cyrus IMAP server and I'm using it on a
stock RedHat system, which I presume sports UW-IMAP.

I've searched around and not found too much detail about UW vs. Cyrus
for WorldPilot.  Can anyone enlighten me as to whether or not my problems
are due to using UW-IMAP and generally whether it's worthwhile to suffer
a Cyrus install, vs. a hack or patch to WorldPilot?  I frankly don't
want or need what Cyrus has to offer.

I really like WorldPilot and I'm trying to push it on an office full of
people, but you can imagine how thrilled they are about not being able
to read select messages.  They are starting to make noises about wanting
to go back to Outlook now.  (shudder)

Thanks for any clues,
Charlie
-- 
~
Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ
Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer...
Visit the Radio For Peace International Website: http://www.rfpi.org/
~
CLOBBER INTERNET SPAM:  See!! http://spam.abuse.net/
   Join!! http://www.cauce.org/
~
QOTD:
Failure is not an option. It's bundled with your software.

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




Re: [Zope] Fun with Trees

2000-07-04 Thread Charlie Wilkinson

On Mon, Jul 03, 2000 at 10:38:27PM +0200, Dieter Maurer waxed eloquent:
 Charlie Wilkinson writes:
   On Mon, Jul 03, 2000 at 09:35:06AM +0200, Rik Hoekstra waxed eloquent:

Charlie Wilkinson writes:
   [...] 
I'm trying to use dtml-tree to create a selective menu of objects based
on whether or not the object has an "add_to_menu" property.
   [...]
[rh]
Try (yes, this is tested):
dtml-call "REQUEST.set('ret', '')"
 dtml-in "objectValues()" sort=id
 dtml-if "_.has_key('add_to_menu')"
   dtml-call "ret.append(id)" 
 /dtml-if
 /dtml-in
dtml-return ret

   The bigger problem seems to be the namespace issue that Dieter was
   speaking of.
 
 I found a solution that is much easier than hacking the
 TreeDisplay code:
 
   You do not plan to use REQUEST for information about the
   request but only as a container for a temporary list.
   This can be achieved without REQUEST
 
   dtml-with "_.namespace(r=[])"
 dtml-in "objectValues()" sort=id
   dtml-if "_.has_key('add_to_menu')"
  dtml-call "r.append(_.getitem('sequence-item'))"
   /dtml-if
 /dtml-in
 dtml-return r
   /dtml-with

Lots of good ideas, thanks guys!  However, I'm still getting an attribute
error on __getitem__.  I'm trying to figure out how namespaces get passed
around in Python to see if there's an easy way to fix this.

I've also found a workaround and pondered another:

- pass ['Folder','DTML Document'] to optionValues the normal way, i.e.:

dtml-tree branches_expr="objectValues(['Folder','DTML Document'])"
 skip_unauthorized="1"
IMG SRC="dtml-var SCRIPT_NAME/dtml-var icon"
  dtml-if "meta_type == 'Folder'"
dtml-var title_or_id
  dtml-else
A HREF="dtml-var tree-item-url" TARGET="main"dtml-var title_or_id/A
  /dtml-if
/dtml-tree

...and then simply use DTML Documents and *only* DTML Documents for
stuff I want in the tree menu, primarily CGI forms, some of which might
be dynamically generated.  I guess if I smack into any limitations with
DMTL Documents, I'll have a Document call a method.  It's not ideal, but
it seems workable enough.

The other alternative might be to use ZCatalog with the Tree tag somehow.
I think it might do what I need, but I haven't given it much thought.

That said, I still think the idea you and Rik have been helping me
with is the most "elegant", but I've got a big site to build and very
little time.  Would it be any easier if instead of a DTML Method I used
an ExternalMethod as a wrapper/filter around objectValues?

It's very frustrating, as I keep thinking there's *got* to be an easy
way to fix this if I only had a half a Zope/Python clue.  I'm already
reading about as fast as I can!

Regards,
Charlie

-- 
~
Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ
Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer...
Visit the Radio For Peace International Website: http://www.rfpi.org/
~
CLOBBER INTERNET SPAM:  See!! http://spam.abuse.net/
   Join!! http://www.cauce.org/
~
QOTD:
Failure is not an option. It's bundled with your software.

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




[Zope] Fun with Trees

2000-07-02 Thread Charlie Wilkinson

(I always wanted to be a lumberjack! :)

After RTFMing and flailing at DTML all night, I'm about stumped.
No pun intended.

I'm trying to use dtml-tree to create a selective menu of objects based
on whether or not the object has an "add_to_menu" property.  I've pretty
much figured out that I need a wrapper around objectValues that will
filter out the objects that don't have the "add_to_menu" property.
This wrapper would be called with dtml-tree's "branches" attribute.
I'm trying to do this wrapper in a DTML method and I've gotten all the
way to where I have to return a list of "actual objects", so says the
DTML Quick Reference.

Is there someone who could 'splain to me how to build a list of objects
in DTMLese?

Here's what I have so far (obviously not working):

dtml-call "REQUEST.set('ret', '')"
dtml-in "objectValues()" sort=id
dtml-if "_.has_key('add_to_menu')"
  dtml-call "REQUEST.set('ret', ret + ' ' + _['sequence-item'])"
/dtml-if
/dtml-in
dtml-return "_.string.split(ret)"

Right off the bat, Zope is giving me attribute errors about REQUEST,
but I'm not sure how else to do a set(), other than with REQUEST or
RESPONSE in front of it.

When I ran it stand-alone, I was *not* getting attribute errors and *was*
getting output that looked remotely like the guts of the desired objects.

Spare clues anyone?

TIA,
Charlie

-- 
~~~~~
Charlie Wilkinson - [EMAIL PROTECTED] - N3HAZ
Parental Unit, UNIX Admin, Homebrewer, Cat Lover, Spam Fighter, HAM, SWLer...
Visit the Radio For Peace International Website: http://www.rfpi.org/
~
CLOBBER INTERNET SPAM:  See!! http://spam.abuse.net/
   Join!! http://www.cauce.org/
~
QOTD:
Failure is not an option. It's bundled with your software.

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )




[Zope] Re: OT: Outlook sucks

2000-06-28 Thread Charlie Wilkinson - XM 202-283-3241

Test obviously failed.  :-/  Fine, I'll use a *proper* e-mail client.

(Did I mention Outlook sucks?)

Apologies again.  I've learned a valuable lession here today...

-cw-

-- 
|o|/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\|o|
|o|  Charlie Wilkinson   |o|
|o|  TRIS Development SysAdmin   |o|
|o|  [EMAIL PROTECTED] (w)   |o|
|o| [EMAIL PROTECTED] (h)   |o|
|o|/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\|o|


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )