[Zope] Upgrading from 2.10 to 2.13
Hi, I am trying to upgrade an old 2.10 instance to 2.13, and I appear to be having trouble with the Psycopg connection and ZSQL methods. First of all, it took some work to uncover that I had to download the source code for Psycopg in order to get the ZPsycopgDA zope product (easy_install psycopg2 didn't give it to me). Second, it took some more work to uncover that I had to separately install the ZSQLMethods product. I think it would be helpful if these facts would be mentioned at http://docs.zope.org/zope2/zope2book/RelationalDatabases.html which just says PostgreSQL: The newest and prefered DA is ZPsycopgDA included in psycopg. However, I've gotten past that stage, and I can create database connections and ZSQL methods which seem to work. However, the existing ZSQL methods and/or database connection in my (copied over) old Data.fs are still causing problems. Whenever I try to view a page which calls one of those methods, or even try to navigate in the ZMI to the folder *containing* them, I get the error TypeError: ('argument list must be a tuple', class 'Shared.DC.ZRDB.DA.SQL', None) The only help I've been able to find online is this brief exchange: http://comments.gmane.org/gmane.comp.web.zope.general/63079 which might be helpful to me if I knew what _p_changed = 1 or some such meant. Can anyone help? Thanks! Mike ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Upgrading from 2.10 to 2.13
I have my new Zope 2.13 installed in a virtualenv, as the docs suggest, and inside of that I said bin/easy_install Products.ZSQLMethods which seemed to work (at least, it changed the error message I was getting). Mike On Fri, Sep 2, 2011 at 5:46 PM, Fernando Martins ferna...@cmartins.nl wrote: On 09/02/2011 11:12 PM, Michael Shulman wrote: Second, it took some more work to uncover that I had to separately install the ZSQLMethods product. Michael, I can't help you with your issue but I got stuck in the upgrade since I didn't manage to install the ZSQLMethods. Can you tell which procedure did you follow? Regards, Fernando ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev ) ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] content headers wrong after upload
I wrote: I just noticed that when I submit a form to a zope script(python) that includes a file upload, the content-type and content-length headers of the response are incorrectly set to those of the uploaded file, rather than those of what the script actually returns. Any ideas why this could be happening? I'm running zope 2.9.6 on Debian etch. Okay, I managed to reproduce it; apparently it depended on saving the uploaded file with ExtFile. I also noticed that my version of ExtFile was out of date, and upgrading to ExtFile v1.5 appears to have fixed the problem. Still not sure what was causing it though. Sorry to bother y'all. Mike ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] content headers wrong after upload
I just noticed that when I submit a form to a zope script(python) that includes a file upload, the content-type and content-length headers of the response are incorrectly set to those of the uploaded file, rather than those of what the script actually returns. Any ideas why this could be happening? I'm running zope 2.9.6 on Debian etch. Thanks, Mike ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] content headers wrong after upload
On Tue, Mar 18, 2008 at 2:52 PM, Andreas Jung [EMAIL PROTECTED] wrote: I just noticed that when I submit a form to a zope script(python) that includes a file upload, the content-type and content-length headers of the response are incorrectly set to those of the uploaded file, rather than those of what the script actually returns. Any ideas why this could be happening? I'm running zope 2.9.6 on Debian etch. How to reproduce? This is deep in a complicated setup and so far I have failed to reproduce it with small test scripts. I know that isn't so helpful, sorry. I'll keep trying to reproduce it, but I wonder if anyone has experienced anything at all similar or has any hints about where the problem *might* be, to point my efforts in a more likely direction? Thanks, Mike ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Generic SQL insert
Robert (Jamie) Munro [EMAIL PROTECTED] wrote: I'd much rather have a dictionary of fields and values, and just throw it at the DB, not having to make those queries for every table. I have acheived it like so: I have achieved a similar result, although for update methods in my case, in what I think is a slightly better way (although probably people on this list will tell me I'm wrong). Rather than having a single generic ZSQL method, I have one ZSQL method for each table, but intsead of writing them all by hand I have a single script which generates/regenerates them from inspection of the columns in the database, like so: # select some arbitrary record from the table into table_data, then: fields = table_data.data_dictionary() arguments = comma = print update %s set % table types = {'s':nb, 'd':nb, 'i':int, 'n':nb} for field in fields.keys(): arguments = arguments + field + type = types[fields[field][type]] print%s%s = dtml-if expr=\%s is None\nulldtml-elsedtml-sqlvar %s type=\%s\ optional/dtml-if % (comma, field, field, field, type) comma = , print where %s = dtml-sqlvar %s type=\int\ % (id_field, id_field) # update_zsql is the ZSQL update method I am creating/updating update_zsql.manage_edit('','database_name',arguments,printed) This way, all the columns are assigned the correct type, but the calling script doesn't have to handle types or casts, since all the types are assigned by inspecting the actual database. Also, this way the update/insert will fail if any fields are missing. Actually, given how object-oriented Zope is in general, I was surprised to find that its database interface (ZSQL methods) still requires the user to write SQL code essentially by hand, rather than using an object-relational mapper like SQLObject. There appears to be a toolkit called sqlos for using SQLObject with Zope 3, but I haven't yet tried it out. mydict = {field1:value1 , field2:value2 ,...} (fields,values)=zip(*myDict.items()) context.genericInsert(table='table name',fields=fields,values=values) Where generic insert is the following ZSQL method: insert into dtml-var table (dtml-in expr=fieldsdtml-var sequence-itemdtml-if sequence-enddtml-else,/dtml-if/dtml-in) values (dtml-in expr=valuesdtml-sqlvar sequence-item type=stringdtml-if sequence-enddtml-else,/dtml-if/dtml-in); with parameters: * table - table name * fields - list of fieldnames * values - list of values in the same order What do other people think of this? Is it a really bad idea? Robert Munro ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] nested records
Am I correct that zope's item.subitem:record facility for form submission does not extend to nesting such things? If I have a form of the sort: input name=item.subitem.subsubitem:record I would like it to show up in the request as a record 'item' with an element named 'subitem' that is itself a record containing an element named 'subsubitem'. This doesn't seem to happen. Is this supposed to work and I'm making some other mistake, or is this not part of the functionality? If it isn't, it would be useful to have... Mike ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] nested records
I don't *think* that page answers my question... if it does, can you point me to where? On 3/11/06, Jonathan [EMAIL PROTECTED] wrote: Have a look at: http://www.zope.org/Members/Zen/howto/FormVariableTypes Jonathan - Original Message - From: Michael Shulman [EMAIL PROTECTED] To: zope@zope.org Sent: Saturday, March 11, 2006 6:27 PM Subject: [Zope] nested records Am I correct that zope's item.subitem:record facility for form submission does not extend to nesting such things? If I have a form of the sort: input name=item.subitem.subsubitem:record I would like it to show up in the request as a record 'item' with an element named 'subitem' that is itself a record containing an element named 'subsubitem'. This doesn't seem to happen. Is this supposed to work and I'm making some other mistake, or is this not part of the functionality? If it isn't, it would be useful to have... Mike ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev ) ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Re: restricting permissions for direct access only
I don't understand what inheriting proxy roles from callers has to do with allowing users to access protected resources above their user folders. They seem like totally different questions to me. Could you please explain? On 2/16/06, Tres Seaver [EMAIL PROTECTED] wrote: But... it's still not working for my real site. I think the issue is this. If script1 has proxy role Manager, and script2 has view permissions set only for Manager, then script1 can call script2, no problem. But if script1 instead calls script3, which then calls script2, it doesn't work unless script3 *also* has proxy role Manager. Yes, this was a deliberate change made a few major releases ago. I've never mich liked it myself for exactly the reason you describe. I wonder if anyone who knows could point out why this change was made, I'm sure the reasons were good... Even if the reasons were good, it would be nice to have an option to turn it on or off, even if the default is off. At the very least, it would be nice if this fact were documented. (Is it somewhere and I just missed it?) It surprised me very much, and it would have surprised and frustrated me even more if I'd written a site which worked and then later on decided to split off the functionality of some private script into a secondary one, unsuspecting that it would break the proxy roles setup. The prior behavior (allowing users to access protected resources above the domain of their user folders) was a security hole caused by a bug, and was never documented as allowable: correcting it was a matter for a rather urgent fix, as it broke the explicitly-documented model. The fact that folks wrote applications which relied on the hole is unfortunate; breaking them is better than leaving the sites built around the defined model vulnerable to abuse. ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Re: Zope Digest, Vol 21, Issue 24
On 2/16/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: The only change I recall to how proxy roles work is that proxy roles used to *augment* a users' roles; now they *replace* them. I don't know that the case you are talking about (S1 has proxy roles, calls protected S2 fine, but fails when calling PR-less S3 which calls S2) ever worked under either scenario. Proxy roles have always only been checked for the topmost object on the executable stack (S1 in the first example, S2 in the second). Regardless of whether it used to work, I think it would be nice if it did. Is there a reason for it not to be made to work? E.g. do something like walk backwards through the call stack and as soon as you find something that has proxy roles, use those, while if you don't find any, use the user's roles. Mike ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] restricting permissions for direct access only
On 2/15/06, Chris Withers [EMAIL PROTECTED] wrote: But... it's still not working for my real site. I think the issue is this. If script1 has proxy role Manager, and script2 has view permissions set only for Manager, then script1 can call script2, no problem. But if script1 instead calls script3, which then calls script2, it doesn't work unless script3 *also* has proxy role Manager. Yes, this was a deliberate change made a few major releases ago. I've never mich liked it myself for exactly the reason you describe. I wonder if anyone who knows could point out why this change was made, I'm sure the reasons were good... Even if the reasons were good, it would be nice to have an option to turn it on or off, even if the default is off. At the very least, it would be nice if this fact were documented. (Is it somewhere and I just missed it?) It surprised me very much, and it would have surprised and frustrated me even more if I'd written a site which worked and then later on decided to split off the functionality of some private script into a secondary one, unsuspecting that it would break the proxy roles setup. Mike ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] restricting permissions for direct access only
Okay, I must be the most moronic user ever. The default text in a newly created Python Script, which I did not bother to change for my test case, accesses meta_type, but I did not notice this; thus I was confused. (Just out of curiosity, what permissions are required to access meta_type?) But... it's still not working for my real site. I think the issue is this. If script1 has proxy role Manager, and script2 has view permissions set only for Manager, then script1 can call script2, no problem. But if script1 instead calls script3, which then calls script2, it doesn't work unless script3 *also* has proxy role Manager. Is there a way to make scripts inherit proxy roles from their callers? Or am I confused once again? mike On 2/14/06, Chris Withers [EMAIL PROTECTED] wrote: Michael Shulman wrote: Thanks Lennart! Proxy roles do sound like the answer, but I cannot get them working. When I restrict my private script so that only Managers have View permissions and give my public script Manager proxy roles, I am still prompted for a login box when I try to view the public script. When I cancel, I get the following error: Error Type: Unauthorized Error Value: You are not allowed to access 'meta_type' in this context On what line in either of your scripts do you access meta_type? What does it mean and how do I fix it? I means something tried to access an object's meta_type but didn't have the necessary roles to do so. You may wish to look at the verbose-security options in zope.conf... cheers, Chris -- Simplistix - Content Management, Zope Python Consulting - http://www.simplistix.co.uk ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] restricting permissions for direct access only
Hi, I am new to Zope, and so far I like it very much. But I think I am confused about how security works, or is supposed to work. Specifically I want to know the following. Is there a way in Zope to restrict permissions for direct access only (i.e. calling an object through the web) but still allow indirect access (i.e. executing an object that was called by another object that was called through the web)? I have many Zope scripts but most of them are only auxiliary functions; only a few are designed to be accessed by a user through a URL. I don't want users to be able to call my auxiliary scripts directly, only the ones that are designed to be published. But changing the security settings on the auxiliary scripts (e.g. removing View access from Anonymous role) prevents anonymous users from executing them even indirectly, so the public objects which depend on those auxiliary methods also stop working. Feel free to tell me that I am misunderstanding the way security works, or is supposed to work, in Zope, or that if this is something I need to do I am designing my site incorrectly from the point of view of Zope security (and if so, what is the correct way to design it?). Thanks!! Mike ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )