[Zope] AUTHENTICATED_USER
Please could someone tell me why AUTHENTICATED_USER was deprecated in favour of the python security module? A quick google says because it can be replaced..but this isn't really a good in depth explanation? If a request was manipulated to include another AUTHENTICATED_USER, wouldn't Zope just error out anyway? Cheers ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] AUTHENTICATED_USER
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/13/2011 03:36 PM, Richard Harley wrote: Please could someone tell me why AUTHENTICATED_USER was deprecated in favour of the python security module? A quick google says because it can be replaced..but this isn't really a good in depth explanation? If a request was manipulated to include another AUTHENTICATED_USER, wouldn't Zope just error out anyway? What makes you say that AUTHENTICATED_USER is deprecated? ZPublisher sets and uses the variable in the environment without any deprecations. Tres. - -- === Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software Excellence by Designhttp://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk3NjKUACgkQ+gerLs4ltQ5RiQCfVWCiOZ7mmfkaZIYLv9JFQsF/ XtEAoJcqmxc9+4YBvzxTP23Sjq8fVhlN =MhRQ -END PGP SIGNATURE- ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] AUTHENTICATED_USER
Hmmm, I just stumbled upon some deprecation warnings in a google for authenticated_user and that security getUser...equivalent should be used instead. Something like this - http://www.mail-archive.com/zope@zope.org/msg21432.html Quoting Tres Seaver tsea...@palladion.com: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/13/2011 03:36 PM, Richard Harley wrote: Please could someone tell me why AUTHENTICATED_USER was deprecated in favour of the python security module? A quick google says because it can be replaced..but this isn't really a good in depth explanation? If a request was manipulated to include another AUTHENTICATED_USER, wouldn't Zope just error out anyway? What makes you say that AUTHENTICATED_USER is deprecated? ZPublisher sets and uses the variable in the environment without any deprecations. Tres. - -- === Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software Excellence by Designhttp://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk3NjKUACgkQ+gerLs4ltQ5RiQCfVWCiOZ7mmfkaZIYLv9JFQsF/ XtEAoJcqmxc9+4YBvzxTP23Sjq8fVhlN =MhRQ -END PGP SIGNATURE- ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev ) ___ Zope maillist - Zope@zope.org https://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] AUTHENTICATED_USER (or something) making me crazy
If I inspect REQUEST by inserting a dtml-var REQUEST in my dtml I can see that AUTHENTICATED_USER is set to Anonymous User. Yet when I insert the following code, it never displays Guest. It takes the else branch and then, perversely, displays Anonymous User. Please point out my stupid mistake. dtml-if "AUTHENTICATED_USER=='Anonymous User'" Guest dtml-else dtml-var AUTHENTICATED_USER /dtml-if Thanks. Maybe I shouldn't work on Saturdays. Zope 2.2.2 roughly, Python 1.5.2, RH 6.2 -- Dennis Nichols [EMAIL PROTECTED] ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] AUTHENTICATED_USER (or something) making me crazy
You can check the username of AUTHENTICATED_USER as in dtml-if "AUTHENTICATED_USER.getUserName()=='Anonymous User'" (To all the people who complained about me using _.str(...)) or you might want to check the role as in dtml-if "AUTHENTICATED_USER.has_role('Anonymous User')". - Original Message - From: "Dennis Nichols" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, October 07, 2000 3:40 PM Subject: [Zope] AUTHENTICATED_USER (or something) making me crazy If I inspect REQUEST by inserting a dtml-var REQUEST in my dtml I can see that AUTHENTICATED_USER is set to Anonymous User. Yet when I insert the following code, it never displays Guest. It takes the else branch and then, perversely, displays Anonymous User. Please point out my stupid mistake. dtml-if "AUTHENTICATED_USER=='Anonymous User'" Guest dtml-else dtml-var AUTHENTICATED_USER /dtml-if Thanks. Maybe I shouldn't work on Saturdays. Zope 2.2.2 roughly, Python 1.5.2, RH 6.2 -- Dennis Nichols [EMAIL PROTECTED] ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev ) ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] AUTHENTICATED_USER (or something) making me crazy
Dennis, try: dtml-if "AUTHENTICATED_USER.getUserName() == 'Anonymous User'" Guest dtml-else dtml-var AUTHENTICATED_USER /dtml-if Zope is 'celver' enough to realise that you must mean the username when you do: dtml-var AUTHENTICATED_USER but 'stupid' enough not to realise when you do: dtml-if "AUTHENTICATED_USER=='Anonymous User'" Basic rule of thumb is that anythin in quotes is Python, and since AU is an object, it must be treated as such. btw, if you haven't yet got the Zope Quick Reference, get it now! you still here, what you waiting for! - go get it now! 8¬) http://zdp.zope.org hth Phil - Original Message - From: "Dennis Nichols" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Saturday, October 07, 2000 11:40 PM Subject: [Zope] AUTHENTICATED_USER (or something) making me crazy If I inspect REQUEST by inserting a dtml-var REQUEST in my dtml I can see that AUTHENTICATED_USER is set to Anonymous User. Yet when I insert the following code, it never displays Guest. It takes the else branch and then, perversely, displays Anonymous User. Please point out my stupid mistake. dtml-if "AUTHENTICATED_USER=='Anonymous User'" Guest dtml-else dtml-var AUTHENTICATED_USER /dtml-if Thanks. Maybe I shouldn't work on Saturdays. Zope 2.2.2 roughly, Python 1.5.2, RH 6.2 -- Dennis Nichols [EMAIL PROTECTED] ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev ) ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] AUTHENTICATED_USER (or something) making me crazy
Dennis, You might benefit from reading some of the general HOWTO's at http://www.zope.org. Consider searching for "AUTHENTICATED_USER" or "user manager". A quick answer to your problem though: AUTHENTICATED_USER is actually a class object (meaning it contains variables of it's own, as well as functions). To _properly_ access the data in the AUTHENTICATED_USER, you need to call upon the methods (functions) that perform the task you want. In this case, you want to compare the current user to some other value. In that case, you want to call the getUserName method of AUTHENTICATED_USER. Your code modified to work would be: dtml-if "AUTHENTICATED_USER.getUserName()=='Anonymous User'" Guest dtml-else dtml-var "AUTHENTICATED_USER.getUserName()" /dtml-if Regards, Knight [EMAIL PROTECTED] On Sat, 7 Oct 2000, Dennis Nichols wrote: If I inspect REQUEST by inserting a dtml-var REQUEST in my dtml I can see that AUTHENTICATED_USER is set to Anonymous User. Yet when I insert the following code, it never displays Guest. It takes the else branch and then, perversely, displays Anonymous User. Please point out my stupid mistake. dtml-if "AUTHENTICATED_USER=='Anonymous User'" Guest dtml-else dtml-var AUTHENTICATED_USER /dtml-if Thanks. Maybe I shouldn't work on Saturdays. Zope 2.2.2 roughly, Python 1.5.2, RH 6.2 -- Dennis Nichols [EMAIL PROTECTED] ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev ) ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )