date:20010110

Re: [Zope-dev] Re: ComputedAttribute

2001-01-10 Thread Martijn Pieters

On Wed, Jan 10, 2001 at 11:37:55PM -, Chris Withers wrote:
> > Chris Withers writes:
> 
> >  > with this class, your_attribute isn't going to play in Persistence,
> >  > is it? (so I can update it lots without worrying about ZODB size
> >  > growing... :-)
> 
> > But, as I understand it, it is only updated in the thread
> > that did the update. Your next request may get a different
> > thread and see a different value.
> 
> Huh?
> 
> If I change self._v_your_attribute it's only going to get updated in one
> thread?
> That's a bit sucky :-S
> 
> Doesn't matter in this _particular_ case 'cos this var gets set at the start
> of every request, but I'm a bit concerned about its general use...
> 
> any help is good help :-)

The whole threading spiel in Zope works because of ZODB persistence; any
thread accessing an object whose variables have been changed has to retry
with a fresh copy from the ODB.

But because _v_* variables don't get pickled, another thread will never
see them. If you want non-persisting (volatile) variables shared between
threads, you'll have to devise your own mechanism for assuring the
thread-safety of those variables.

-- 
Martijn Pieters
| Software Engineer  mailto:[EMAIL PROTECTED]
| Digital Creations  http://www.digicool.com/
| Creators of Zope   http://www.zope.org/
-

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] Re: ComputedAttribute

2001-01-10 Thread Martijn Pieters


On Wed, Jan 10, 2001 at 11:09:43PM +0100, Dieter Maurer wrote:
> Chris Withers writes:
>  > Now I think I know the answer to this one, but I'll ask just to be sure:
>  > 
>  > class MyClass(Persistent Acquisition.Explicit):
>  > 
>  >  def _set_your_attribute (self,value):
>  >self._v_your_attribute = value
>  > 
>  >  def _get_your_attribute (self):
>  >  return self._v_your_attribute
>  > 
>  >  your_attribute = ComputedAttribute(_get_your_attribute)
>  > 
>  > with this class, your_attribute isn't going to play in Persistence,
>  > is it? (so I can update it lots without worrying about ZODB size
>  > growing... :-)
> But, as I understand it, it is only updated in the thread
> that did the update. Your next request may get a different
> thread and see a different value.

Indeed, only persistent variables are shared between threads (and globals
of course, which creates a need for some kind of protection).

-- 
Martijn Pieters
| Software Engineer  mailto:[EMAIL PROTECTED]
| Digital Creations  http://www.digicool.com/
| Creators of Zope   http://www.zope.org/
-

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error

2001-01-10 Thread Tim Ansell


I appears last night i didn't test the diff...

This one should work without any editing...

Mithro

Tim Ansell wrote:

> Forgot to attach the diff
>
> Forgive me it's 4:52am here
>
> Mithro
>
> Tim Ansell wrote:
>
> > Oppps, just realised i've been replying only to myself :)
> >
> > Umm okay here is the diff, it is from version 2.2.4 but should apply to most
> > versions
> > I have removed all the "print" debugging and cleaned up the formatting.
> >
> > Could people look it over and tell me if there are any hidden problems with it?
> > Is it done the right way?
> >
> > There seems to be a lot of repeated code between zpublisher_exception_hook and
> > ZPublisher.BaseRequest, maybe you want to put the auth stuff into it's own
> > function and work that way? Just an idea...
> >
> > Mithro
> >
> > > Tim Ansell wrote:
> > >
> > > > No further investigation i have found out that the part i really want to
> > > > modify is
> > > >
> > > >  zpublisher_exception_hook, which gets called when the error occurs
> > > >
> > > > Inside this functions there is a
> > > >
> > > > if REQUEST.get('AUTHENTICATED_USER', None) is None:
> > > > REQUEST['AUTHENTICATED_USER']=AccessControl.User.nobody
> > > >
> > > > which seems to explain why i'm getting the anonymous user for the errors.
> > > >
> > > > Is there anyway to add to this function the authentication routines so that
> > > > is AUTHENTICATED_USER is none it authentication is check with
> > > > standard_error_message being the object checked against?
> > > >
> > > > Am i making any sense?
> > > >
> > > > I'm going to give it a go and see what happen...
> > > >
> > > > Mithro
> > > >
> > > > Tim Ansell wrote:
> > > >
> > > > > 
> > > > >
> > > > > Hello.
> > > > >
> > > > > I've been using zope for a couple of months, i have found zope to be a
> > > > > great product and thank you for creating it. Currently i have run into a
> > > > > problem, i need to access the AUTHENTICATED_USER in a
> > > > > standard_error_message called by notFoundError in BaseRequest.
> > > > >
> > > > > I was wondering if the authentication routine can be added before the
> > > > > authentication routine in BaseRequest? Or if this is not possible it
> > > > > could be split into a function and and call it before the notFoundError
> > > > > call as well?
> > > > >
> > > > > There are many reasons you might want to do this, i have listed some
> > > > > below:
> > > > >
> > > > > * You want list possible urls the reader could have meant but don't want
> > > > > to show let Anonymous users see possible privileged urls
> > > > >
> > > > > * You want to provided different error messages for different people,
> > > > > i.e. a more advanced error for coders, a simple error for html writer, a
> > > > > special error for normal people
> > > > >
> > > > > * You wanted errors to only be reported it they where caused by certain
> > > > > users
> > > > >
> > > > > and the list could go on
> > > > >
> > > > > Mithro
> > > > >
> > > > > 
> > > > >
> > > > > ___


--- ./__init__.py.original  Wed Jan 10 23:13:53 2001
+++ ./__init__.py   Wed Jan 10 23:45:28 2001
@@ -162,6 +162,9 @@
 class RequestContainer(ExtensionClass.Base):
 def __init__(self,r): self.REQUEST=r
 
+from ZPublisher.BaseRequest import old_validation
+UNSPECIFIED_ROLES=''
+
 def zpublisher_exception_hook(
 published, REQUEST, t, v, traceback,
 # static
@@ -208,11 +211,79 @@
 break
 
 client=published
+
+   auth=REQUEST._auth
+
+user=groups=None
+
+while 1:
+   if REQUEST.get('AUTHENTICATED_USER', None) is None:
+# Do authentication here
+   r = getattr(client, '__roles__', UNSPECIFIED_ROLES)
+   if r is not UNSPECIFIED_ROLES:
+roles = r
+elif not got:
+roles = getattr(client, entry_name+'__roles__', roles)
+
+if roles:
+if hasattr(client, '__allow_groups__'):
+groups=client.__allow_groups__
+
+if hasattr(groups, 'validate'): v=groups.validate
+else: v=old_validation
+
+if v is old_validation and roles is UNSPECIFIED_ROLES:
+print "Validation and UNSEPCIFIED_ROLES is okay"
+# No roles, so if we have a named group, get roles from
+# group keys
+if hasattr(groups,'keys'): roles=groups.keys()
+else:
+try: groups=groups()
+except: pass
+try: roles=groups.keys()
+except: pass
+
+   if groups is None:
+

[Zope-dev] first zope-2.3.0a2 bug :-)

2001-01-10 Thread Jephte CLAIN


well, this one is easy.

8<--
--- lib/python/Shared/DC/ZRDB/Aqueduct.py.origThu Jan 11 10:59:42
2001
+++ lib/python/Shared/DC/ZRDB/Aqueduct.py Thu Jan 11 10:58:01 2001
@@ -272,7 +272,7 @@
 
 
 custom_default_report_src=DocumentTemplate.File(
-os.path.join(dtml_dir,'customDefaultReport.dtml'))
+os.path.join(dtml_dir,'dtml/customDefaultReport.dtml'))
 
 def custom_default_report(id, result, action='', no_table=0,
   goofy=regex.compile('[^a-zA-Z0-9_]').search
8<--

without this patch, sql methods cannot we tested because
customDefaultReport cannot be found (it moved in the dtml subfolder)

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] New UI for 2.3

2001-01-10 Thread Michael Bernstein

Steve Alexander wrote:
> 
> I think the new UI for 2.3 is great improvement over 2.2.
> 
> I'm already finding the sorted tables of folder contents useful, and
> having the add new items select at the top saves time.
> 
> However, I do not like the 3-frame interface. I feel that the top frame
> is wasted space. The Zope logo and "Logged in as username | Logout"
> could as easily go at the bottom of the tree-view frame on the left.
> This would leave extra screen space for doing work.
> 
> I also much prefer blue to black as a background colour for the tabs and
> the "Root Folder" link. The black seems a bit overbearing.

Hmm. I haven't checked out the new interface myself yet, but
I wonder if DC did any usability testing on their new UI?

Cheers,

Michael Bernstein.

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] ZPatterns, ZClasses, Specialists: Assigningresponsibilities

2001-01-10 Thread Itai Tavor


Phillip J. Eby wrote:

>At 05:13 PM 12/21/00 +1100, Itai Tavor wrote:
>>>
>>>I think you're right about this being an OrderLineItem.  A couple of fine
>>>points, however...  First, I don't think there needs to be an
>>>"OrderLineItemsWithGraphic" specialist, since there is nothing else that
>>>would talk to it.  It's fine in this case to have the line item classes
>>>(either with graphic or without) handle their own UI snippets.  UI
>>>delegation is for when an object needs to display UI for some *other*
>>>object than itself, since you can always use class extenders and other
>>>techniques to reshape the apparent class of an object retrieved from a
>>>specialist.  The interface which other objects deal with is
>>>"OrderLineItem", and they simply expect a portion of the form to be
>>>rendered, and it's okay for the class to handle that.
>>
>>I got a bit confused here... the UI snippet for uploading a graphic
>>actually comes from the Graphics Specialist.
>
>That's fine, but it should be by way of an object that's filling the
>OrderLineItem role, yes?

But how can this work? If I ask for the graphic in 
Product.addMeToOrderForm, an OrderLineItem object doesn't exist yet. 
So Product has to ask the OrderLineItems Specialist for the UI 
snippet, and OrderLineItems gets it from the Graphics Specialist. 
Then Product.addMeToOrder can create a new OrderLineItem and hand it 
the form fields for the graphic. Although, to make it cleaner, 
Product would add  OrderLineItems.newLineItemSnippet to the form, and 
OrderLineItems would decide what needs to be included in the form - 
so Product doesn't have to explicitly ask for a Graphic upload form.


>  >Or I could
>>eliminate the problem by uploading the graphic from a form displayed
>>by the order line item after it has been added.
>
>That's actually what I thought you were doing/intending.

This is probably the best way... but it wasn't my original plan. I 
need to ask for a quantity for every added product, so I was going to 
have Product.addMeToOrderForm ask for quantity and for a graphic. But 
instead, I can add a quantity field to the product display page, next 
to the "Add to Order" button. Then addMeToOrderForm isn't needed at 
all, Product.addMeToOrder will create a new OrderLineItem object, 
which will then ask for the graphic if it's needed.


>  >>Here's the question...  how many behaviors are different in the order line
>>>item itself?  Are you also using fulfillment line items?  If the only
>>>difference to the order line item is that it references some additional
>>>data, then I'd say a single class would be fine.  Most of the behavior
>>>probably comes in on the fulfillment line item, yes?  Again, you can ask
>>>your FulfillmentLineItems specialist to create
>>>"newLineItemFor(orderLineItem)" and let it decide what kind of
>>>implementation to hand back.  In this case, it probably will be a different
>>>class, while for the order line items, it may or may not buy you anything.
>>
>>I haven't thought of using fulfillment line items... not sure what
>>they are for? An order is considered fulfilled once all items have
>>been shipped, so order line items are responsible for tracking
>>everything that happens until a ShipmentLineItem is created. The
>>order line item for a customizable product tracks the product using
>>state values like 'sent to factory', 'received from factory', etc. So
>>it needs a new set of state values, as well as methods like
>>'sendManufacturingOrderToFactory'.
>>
>>What exactly does the fulfillment role you're referring to do? Does
>>it do more than a shipment role?
>
>Fulfillment would be between ordering and shipping, covering such things as
>pulling items from the warehouse to customizing them with the graphic.  I
>assumed that an order line item was only meaningful until you have a
>completed order.  You may not need the complexity, but to me it seems like
>a seperate phase with a very different set of behaviors than what I would
>think of as an order line item.  If I were doing an app like this, I'd at
>least have some sort of state/status objects to delegate these different
>behaviors to.  But I'd say this could be left to the taste of the chef.  :)

This is confusing... because in all the E-com designs I've looked at, 
the order state machine covers everything up to 'order fulfilled'... 
you're suggesting stopping the order states at 'order authorized' and 
moving the fulfillment states to the fulfillment object? Also, what 
do you mean when you say 'state/status objects'? I can understand 
having OrderLineItem, FulfillmentLineItem and ShippingLineItem where 
each covers a different range of states, but are you suggesting 
having separate objects just for tracking the state?
-- 
Itai Tavor"Je sautille, donc je suis."
C3Works[EMAIL PROTECTED]  - Kermit the Frog

"If you haven't got your health, you haven't got anything"


___
Zope-Dev maillist  -

Re: [Zope-dev] Re: ComputedAttribute

2001-01-10 Thread Chris Withers

> Chris Withers writes:

>  > with this class, your_attribute isn't going to play in Persistence,
>  > is it? (so I can update it lots without worrying about ZODB size
>  > growing... :-)

> But, as I understand it, it is only updated in the thread
> that did the update. Your next request may get a different
> thread and see a different value.

Huh?

If I change self._v_your_attribute it's only going to get updated in one
thread?
That's a bit sucky :-S

Doesn't matter in this _particular_ case 'cos this var gets set at the start
of every request, but I'm a bit concerned about its general use...

any help is good help :-)

Chris

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] New UI for 2.3

2001-01-10 Thread Casey Duncan

--- Steve Alexander <[EMAIL PROTECTED]> wrote:
> However, I do not like the 3-frame interface. I feel
> that the top frame 
> is wasted space. The Zope logo and "Logged in as
> username | Logout" 
> could as easily go at the bottom of the tree-view
> frame on the left. 
> This would leave extra screen space for doing work.
> 

I agree 100%. please change this! I like the look of
it, but it serves little purpose for the space it
uses.

> 
> I also much prefer blue to black as a background
> colour for the tabs and 
> the "Root Folder" link. The black seems a bit
> overbearing.
> 

I agree here as well. Why does the root folder need to
look different anyway? Just labelling it "Root Folder"
is sufficient IMHO. I think it will cause confusion
for it to look so different.

=
| Casey Duncan
| Kaivo, Inc.
| [EMAIL PROTECTED]
`->

__
Do You Yahoo!?
Yahoo! Photos - Share your holiday photos online!
http://photos.yahoo.com/

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] Re: ComputedAttribute

2001-01-10 Thread Dieter Maurer


Chris Withers writes:
 > Martijn Pieters wrote:
 > Now I think I know the answer to this one, but I'll ask just to be sure:
 > 
 > class MyClass(Persistent Acquisition.Explicit):
 > 
 >  def _set_your_attribute (self,value):
 >  self._v_your_attribute = value
 > 
 >  def _get_your_attribute (self):
 >  return self._v_your_attribute
 > 
 >  your_attribute = ComputedAttribute(_get_your_attribute)
 > 
 > with this class, your_attribute isn't going to play in Persistence,
 > is it? (so I can update it lots without worrying about ZODB size
 > growing... :-)
But, as I understand it, it is only updated in the thread
that did the update. Your next request may get a different
thread and see a different value.


Dieter

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] ZCatalog and 'fuzzy logic'

2001-01-10 Thread Dieter Maurer

Morten W. Petersen writes:
 > It seems I misunderstood the term fuzzy logic myself.  Fuzzy logic means
 > if I search for a word, for example 'programmer', it will return matches
 > to the words 'program', 'programming','programmable' etc.
This, usually, is called "stemming".
Though, your examples indicate quite a strong form of it.

If you have some tool, maybe LinguistX, that map from a word
to its stem and then from the stem to all words with this as
stem (or directly give the stem equivalence class of a word),
then it is quite easy to incorporate that in Zope's catalog.

However, to do that cleanly, you will need good algorithms
and/or large dictionaries. This, usually, is not free of
charge.

Dieter

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

[Zope-dev] ANNOUNCE: Zope 2.3.0 alpha 2 released

2001-01-10 Thread Brian Lloyd


Hello all, 

  Zope 2.3.0 alpha 2 is now available. You can download it 
  from Zope.org:

  http://www.zope.org/Products/Zope/2.3.0a2/

  This release contains a number of new features, including:

- SiteAccess is now a part of the Zope core

- Shane Hathaway's CacheManager support and two cache manager 
  implementations have been added

- SQLMethods can now be edited using FTP and DAV aware tools

- Catalogs have been improved to work much better in virtual 
  host environments

- Changes to the Web management interface designed to improve 
  productivity, consistency and aesthetics


  For more information on what is new in this release, see the 
  CHANGES.txt and HISTORY.txt files for the release:

- http://www.zope.org/Products/Zope/2.3.0a2/CHANGES.txt
- http://www.zope.org/Products/Zope/2.3.0a2/HISTORY.txt

  **Please note** that we do not build binary distributions for 
  alpha releases - the alpha is available as a source release only. 
  When we move into the beta period for 2.3, we will build and 
  distribute binary releases.


Brian Lloyd[EMAIL PROTECTED]
Software Engineer  540.371.6909  
Digital Creations  http://www.digicool.com 




___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

[Zope-dev] New UI for 2.3

2001-01-10 Thread Steve Alexander


I think the new UI for 2.3 is great improvement over 2.2.

I'm already finding the sorted tables of folder contents useful, and 
having the add new items select at the top saves time.


However, I do not like the 3-frame interface. I feel that the top frame 
is wasted space. The Zope logo and "Logged in as username | Logout" 
could as easily go at the bottom of the tree-view frame on the left. 
This would leave extra screen space for doing work.

I realize that I can make the frame smaller by dragging it with my 
mouse. I do a lot of TTW development, and I think I might find that 
cumbersome, so I guess I'll be hacking the top frame out of my 
management interface :-)

I also much prefer blue to black as a background colour for the tabs and 
the "Root Folder" link. The black seems a bit overbearing.

--
Steve Alexander
Software Engineer
Cat-Box limited
http://www.cat-box.net


___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] z'python script

2001-01-10 Thread David Kankiewicz

Zope mailing lists wrote:
> Hmm.  All kidding aside, Chris is right.  This *is* the problem
> with "python script" that was pointed out during the name discussion.
> My use of "python script" is the traditional Unix/OS one: "a [shell]
> script written in python".

This is continuing well beyond amusement, :)! Name it Z'Python Script /
z'python script. It's pronounceable (Sounds cool, slightly german),
looks distinctive, and, well, would end the naming problems for Zope
specific uses of, otherwise general, terminology

Z'Terminology of the *Z* Object Publishing Environment:

z'python script, or Z'Python Script if you like capping ;),
z'perl script,
z'python programs (makes sense for Zope programs...),
z'poorly named language Thingy.

Zope is always z'cool!

-Dave

> Oh, well...fortunately the users most likely to be confused are the
> ones least likely to be using scripts at the os level.
> 
> --RDM

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] Aquisition.Acquired

2001-01-10 Thread Chris Withers

Shane Hathaway wrote:
> 
> There's a (much) simpler way:
> 
> class MyClass(Acquisition.Explicit):
> your_attribute = Acquisition.Acquired
> 
> # index_html isn't
> index_html = None
> 
> "Acquired" is a special object that the acquisition module looks for.

Just noticed you can do this also:

class MyClass: # note lack of base class ;-)
 your_attribute = Acquisition.Acquired

...got the idea from Traversable.py

Now if I could just figure out how to make non-SimpleItem classes aware
of security (see my other recent post :-S)

cheers,

Chris

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error

2001-01-10 Thread Tim Ansell


Forgot to attach the diff

Forgive me it's 4:52am here

Mithro

Tim Ansell wrote:

> Oppps, just realised i've been replying only to myself :)
>
> Umm okay here is the diff, it is from version 2.2.4 but should apply to most
> versions
> I have removed all the "print" debugging and cleaned up the formatting.
>
> Could people look it over and tell me if there are any hidden problems with it?
> Is it done the right way?
>
> There seems to be a lot of repeated code between zpublisher_exception_hook and
> ZPublisher.BaseRequest, maybe you want to put the auth stuff into it's own
> function and work that way? Just an idea...
>
> Mithro
>
> > Tim Ansell wrote:
> >
> > > No further investigation i have found out that the part i really want to
> > > modify is
> > >
> > >  zpublisher_exception_hook, which gets called when the error occurs
> > >
> > > Inside this functions there is a
> > >
> > > if REQUEST.get('AUTHENTICATED_USER', None) is None:
> > > REQUEST['AUTHENTICATED_USER']=AccessControl.User.nobody
> > >
> > > which seems to explain why i'm getting the anonymous user for the errors.
> > >
> > > Is there anyway to add to this function the authentication routines so that
> > > is AUTHENTICATED_USER is none it authentication is check with
> > > standard_error_message being the object checked against?
> > >
> > > Am i making any sense?
> > >
> > > I'm going to give it a go and see what happen...
> > >
> > > Mithro
> > >
> > > Tim Ansell wrote:
> > >
> > > > 
> > > >
> > > > Hello.
> > > >
> > > > I've been using zope for a couple of months, i have found zope to be a
> > > > great product and thank you for creating it. Currently i have run into a
> > > > problem, i need to access the AUTHENTICATED_USER in a
> > > > standard_error_message called by notFoundError in BaseRequest.
> > > >
> > > > I was wondering if the authentication routine can be added before the
> > > > authentication routine in BaseRequest? Or if this is not possible it
> > > > could be split into a function and and call it before the notFoundError
> > > > call as well?
> > > >
> > > > There are many reasons you might want to do this, i have listed some
> > > > below:
> > > >
> > > > * You want list possible urls the reader could have meant but don't want
> > > > to show let Anonymous users see possible privileged urls
> > > >
> > > > * You want to provided different error messages for different people,
> > > > i.e. a more advanced error for coders, a simple error for html writer, a
> > > > special error for normal people
> > > >
> > > > * You wanted errors to only be reported it they where caused by certain
> > > > users
> > > >
> > > > and the list could go on
> > > >
> > > > Mithro
> > > >
> > > > 
> > > >
> > > > ___
> > > > Zope-Dev maillist  -  [EMAIL PROTECTED]
> > > > http://lists.zope.org/mailman/listinfo/zope-dev
> > > > **  No cross posts or HTML encoding!  **
> > > > (Related lists -
> > > >  http://lists.zope.org/mailman/listinfo/zope-announce
> > > >  http://lists.zope.org/mailman/listinfo/zope )
>
> ___
> Zope-Dev maillist  -  [EMAIL PROTECTED]
> http://lists.zope.org/mailman/listinfo/zope-dev
> **  No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope )


--- ./__init__.py.org   Thu Jan 11 04:39:25 2001
+++ ./__init__.py   Thu Jan 11 04:37:24 2001
@@ -162,6 +162,9 @@
 class RequestContainer(ExtensionClass.Base):
 def __init__(self,r): self.REQUEST=r
 
+from ZPublisher.BaseRequest import old_validation
+UNSPECIFIED_ROLES=''
+
 def zpublisher_exception_hook(
 published, REQUEST, t, v, traceback,
 # static
@@ -208,11 +211,79 @@
 break
 
 client=published
+
+   auth=REQUEST._auth
+
+user=groups=None
+
+while 1:
+   if REQUEST.get('AUTHENTICATED_USER', None) is None:
+# Do authentication here
+   r = getattr(client, '__roles__', UNSPECIFIED_ROLES)
+   if r is not UNSPECIFIED_ROLES:
+roles = r
+elif not got:
+roles = getattr(client, entry_name+'__roles__', roles)
+
+if roles:
+if hasattr(client, '__allow_groups__'):
+groups=client.__allow_groups__
+
+if hasattr(groups, 'validate'): v=groups.validate
+else: v=old_validation
+
+if v is old_validation and roles is UNSPECIFIED_ROLES:
+print "Validation and UNSEPCIFIED_ROLES is okay"
+# No roles, so if we have a named group, get roles from
+# group keys
+if hasattr(groups,'keys'): roles=groups.keys()
+

Re: [Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error

2001-01-10 Thread Tim Ansell



Oppps, just realised i've been replying only to myself :)


Umm okay here is the diff, it is from version 2.2.4 but should apply to most
versions
I have removed all the "print" debugging and cleaned up the formatting.

Could people look it over and tell me if there are any hidden problems with it?
Is it done the right way?

There seems to be a lot of repeated code between zpublisher_exception_hook and
ZPublisher.BaseRequest, maybe you want to put the auth stuff into it's own
function and work that way? Just an idea...

Mithro

> Tim Ansell wrote:
>
> > No further investigation i have found out that the part i really want to
> > modify is
> >
> >  zpublisher_exception_hook, which gets called when the error occurs
> >
> > Inside this functions there is a
> >
> > if REQUEST.get('AUTHENTICATED_USER', None) is None:
> > REQUEST['AUTHENTICATED_USER']=AccessControl.User.nobody
> >
> > which seems to explain why i'm getting the anonymous user for the errors.
> >
> > Is there anyway to add to this function the authentication routines so that
> > is AUTHENTICATED_USER is none it authentication is check with
> > standard_error_message being the object checked against?
> >
> > Am i making any sense?
> >
> > I'm going to give it a go and see what happen...
> >
> > Mithro
> >
> > Tim Ansell wrote:
> >
> > > 
> > >
> > > Hello.
> > >
> > > I've been using zope for a couple of months, i have found zope to be a
> > > great product and thank you for creating it. Currently i have run into a
> > > problem, i need to access the AUTHENTICATED_USER in a
> > > standard_error_message called by notFoundError in BaseRequest.
> > >
> > > I was wondering if the authentication routine can be added before the
> > > authentication routine in BaseRequest? Or if this is not possible it
> > > could be split into a function and and call it before the notFoundError
> > > call as well?
> > >
> > > There are many reasons you might want to do this, i have listed some
> > > below:
> > >
> > > * You want list possible urls the reader could have meant but don't want
> > > to show let Anonymous users see possible privileged urls
> > >
> > > * You want to provided different error messages for different people,
> > > i.e. a more advanced error for coders, a simple error for html writer, a
> > > special error for normal people
> > >
> > > * You wanted errors to only be reported it they where caused by certain
> > > users
> > >
> > > and the list could go on
> > >
> > > Mithro
> > >
> > > 
> > >
> > > ___
> > > Zope-Dev maillist  -  [EMAIL PROTECTED]
> > > http://lists.zope.org/mailman/listinfo/zope-dev
> > > **  No cross posts or HTML encoding!  **
> > > (Related lists -
> > >  http://lists.zope.org/mailman/listinfo/zope-announce
> > >  http://lists.zope.org/mailman/listinfo/zope )


___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

[Zope-dev] Security Machinery doesn't work on some objects?

2001-01-10 Thread Chris Withers


Hi there,

I'm slightly confused by a class I have:

class X(Persistent, Acquisition.Explicit):

This class has no __roles__, no __ac_permissions__, no nothing...
Instances of this class are stored within a special folderish class, Y.

This folderish class has a __bobo_traverse__ which returns X objects,
wrapped in context, from it's self._xs BTree using something along the
lines of:

def __bobo_traverse__(self, REQUEST, name):
ob = getattr(self, name, _marker)
if ob == _marker:
ob = 
return self._xs[name].__of__(self)

Now, it appears no methods or other attributes of this class are
protected by the security machinery, even though the instances involved
are wrapped. The DocString stuff still applies but, once a method has a
docstring, any anonymous user who can traverse to one of these objects,
can execute any method (attributes whinge about a missing docstring, how
bizarre, attepting to traverse to __init__ complains the method starts
with a _ ;-) of that instance which is more than a little disturbing ;-)

I thought Zope's security policy had changed to be disallow by default,
but that really doesn't seem to be the case here :-S
What am I missing out on? Is there some mixin class I need or something
I need to acquire to make the security machinery check these objects?

confusedly and worriedly,

Chris

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] Re: ComputedAttribute

2001-01-10 Thread Martijn Pieters


On Wed, Jan 10, 2001 at 05:07:07PM +, Chris Withers wrote:
> > If you want _set_your_attribute to be called, you
> > need to override __setattr__:
> > 
> > def __setattr__(self, name, value):
> > setter = getattr(self, '_set_' + name, None)
> > if setter:
> > setter(value)
> > else:
> > raise AttributeError, "no such attribute: " + `name`
> 
> Hmmm... how would you change this to call the __setattr__ that was there
> before you overrode it, if a setter could not be found?

The same way you call any overridden method, by calling it on the class
you inherit it from.

So:

  class Foo:
  def __setattr__(self, name, value):
  # Whatever
  pass

  class Bar(Foo):
  def __setattr__(self, name, value):
  Foo.__setattr__(self, name, value)
  # More whatever

-- 
Martijn Pieters
| Software Engineer  mailto:[EMAIL PROTECTED]
| Digital Creations  http://www.digicool.com/
| Creators of Zope   http://www.zope.org/
-

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] python script

2001-01-10 Thread Zope mailing lists

On Tue, 9 Jan 2001 [EMAIL PROTECTED] wrote:
> Damnnation, Chris, everyone knows that it is supposed to be spelled
> Python Thingy.
> 
> "I recently released 'zopectl', a Python Thingy"...
> 
> 'Please go wash your hands before your shake hands with me!'

Hmm.  All kidding aside, Chris is right.  This *is* the problem
with "python script" that was pointed out during the name discussion.
My use of "python script" is the traditional Unix/OS one: "a [shell]
script written in python".

Oh, well...fortunately the users most likely to be confused are the
ones least likely to be using scripts at the os level.

--RDM

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] Re: ComputedAttribute

2001-01-10 Thread Chris Withers

Martijn Pieters wrote:
> 
> > ...with this class, your_attribute isn't going to play in Persistence,
> > is it? (so I can update it lots without worrying about ZODB size
> > growing... :-)
> 
> Yup, this allows you to alias your_attribute to _v_your_attribute without
> creating an attribute that *will* persist in the process.

yay! :-)

> your_attribute is set to one instead of the ComputedAttribute instance and
> concequently persisted. 

d'Oh... of course...

> If you want _set_your_attribute to be called, you
> need to override __setattr__:
> 
> def __setattr__(self, name, value):
> setter = getattr(self, '_set_' + name, None)
> if setter:
> setter(value)
> else:
> raise AttributeError, "no such attribute: " + `name`

Hmmm... how would you change this to call the __setattr__ that was there
before you overrode it, if a setter could not be found?

cheers for all the help, this thread might make quite god docs for
ComputedAttribute ;-)

Chris

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] ZCatalog and 'fuzzy logic'

2001-01-10 Thread Casey Duncan

--- "Morten W. Petersen" <[EMAIL PROTECTED]> wrote:
[snip]
> 
> It seems I misunderstood the term fuzzy logic
> myself.  Fuzzy logic means
> if I search for a word, for example 'programmer', it
> will return matches
> to the words 'program', 'programming','programmable'
> etc.
> 
> I.e., it will somewhat intelligently return words
> that are similar in
> what they mean, using grammar rules (chopping off
> endings of words and
> making them match others).
> 
> Hmm.
> 
> Cheers,
> 
> Morten
> 

ZCatalog TextIndexes support this type of "wildcard"
searching. I posted a message a couple of weeks ago
that describes the query syntax. Search the mailing
list archives for it.

=
| Casey Duncan
| Kaivo, Inc.
| [EMAIL PROTECTED]
`->

__
Do You Yahoo!?
Yahoo! Photos - Share your holiday photos online!
http://photos.yahoo.com/

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] Re: ComputedAttribute

2001-01-10 Thread Martijn Pieters


On Wed, Jan 10, 2001 at 04:13:49PM +, Chris Withers wrote:
> Martijn Pieters wrote:
> > 
> > Erm. The ExtensionClass.stx documentation hints at a ComputedAttribute
> > class (but as an example of how you could use an ExtensionClass). The
> > current C implementation of ComputedAttribute is not, as far as I can see,
> > documented.
> 
> Now I think I know the answer to this one, but I'll ask just to be sure:
> 
> class MyClass(Persistent Acquisition.Explicit):
> 
>  def _set_your_attribute (self,value):
>   self._v_your_attribute = value
> 
>  def _get_your_attribute (self):
>  return self._v_your_attribute
> 
>  your_attribute = ComputedAttribute(_get_your_attribute)
> 
> ...with this class, your_attribute isn't going to play in Persistence,
> is it? (so I can update it lots without worrying about ZODB size
> growing... :-)

Yup, this allows you to alias your_attribute to _v_your_attribute without
creating an attribute that *will* persist in the process.

> Hmm... more questions:
> 
> If I do:
> 
> x = MyClass()
> x.your_attribute = 1
> 
> ...what happens?

your_attribute is set to one instead of the ComputedAttribute instance and
concequently persisted. If you want _set_your_attribute to be called, you
need to override __setattr__:

def __setattr__(self, name, value):
setter = getattr(self, '_set_' + name, None)
if setter:
setter(value)
else:
raise AttributeError, "no such attribute: " + `name`

> Where do you import the ComputedAttribute module from?

from ComputedAttribute import ComputedAttribute

-- 
Martijn Pieters
| Software Engineer  mailto:[EMAIL PROTECTED]
| Digital Creations  http://www.digicool.com/
| Creators of Zope   http://www.zope.org/
-

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] Re: ComputedAttribute

2001-01-10 Thread Chris Withers

Martijn Pieters wrote:
> 
> Erm. The ExtensionClass.stx documentation hints at a ComputedAttribute
> class (but as an example of how you could use an ExtensionClass). The
> current C implementation of ComputedAttribute is not, as far as I can see,
> documented.

Now I think I know the answer to this one, but I'll ask just to be sure:

class MyClass(Persistent Acquisition.Explicit):

 def _set_your_attribute (self,value):
self._v_your_attribute = value

 def _get_your_attribute (self):
 return self._v_your_attribute

 your_attribute = ComputedAttribute(_get_your_attribute)

...with this class, your_attribute isn't going to play in Persistence,
is it? (so I can update it lots without worrying about ZODB size
growing... :-)

Hmm... more questions:

If I do:

x = MyClass()
x.your_attribute = 1

...what happens?

Where do you import the ComputedAttribute module from?

cheers,

Chris

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

[Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error

2001-01-10 Thread Tim Ansell




Hello.

I've been using zope for a couple of months, i have found zope to be a
great product and thank you for creating it. Currently i have run into a
problem, i need to access the AUTHENTICATED_USER in a
standard_error_message called by notFoundError in BaseRequest.

I was wondering if the authentication routine can be added before the
authentication routine in BaseRequest? Or if this is not possible it
could be split into a function and and call it before the notFoundError
call as well?

There are many reasons you might want to do this, i have listed some
below:

* You want list possible urls the reader could have meant but don't want
to show let Anonymous users see possible privileged urls

* You want to provided different error messages for different people,
i.e. a more advanced error for coders, a simple error for html writer, a
special error for normal people

* You wanted errors to only be reported it they where caused by certain
users

and the list could go on


Mithro




___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] ZCatalog and 'fuzzy logic'

2001-01-10 Thread Ken Manheimer

On Wed, 10 Jan 2001, Morten W. Petersen wrote:

> > I do not think that "fuzzy logic" is strongly related to "regexp-like".
> > Anyway.
> > 
> > Fuzzy searching often means "finding matches with characters omitted,
> > replaced or inserted".
> 
> It seems I misunderstood the term fuzzy logic myself.  Fuzzy logic means
> if I search for a word, for example 'programmer', it will return matches
> to the words 'program', 'programming','programmable' etc.

I think your talking about something else.  Last i checked, "fuzzy logic"
was a logical algebra based on the existence of intermediate truth states,
between "true" and "false".  It has little or nothing to do with
aproximate searching, though i guess you could use it to make assertions
about the aproximations.  I think what you all are talking about is "fuzzy
matching".

> I.e., it will somewhat intelligently return words that are similar in
> what they mean, using grammar rules (chopping off endings of words and
> making them match others).

There are also matching mechanisms like soundex, that account for
misspelling by translating words to phonetic-equivalent normalized codes,
and comparing on that basis.

Ken
[EMAIL PROTECTED]

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

[Zope-dev] patch to bring ZPatterns UI in line with 2.3 from CVS

2001-01-10 Thread Steve Alexander


If you're using ZPatterns or PlugIns with Zope 2.3 from CVS, you can 
update most of the ZPatterns user-interface to the new style be 
replacing lib/python/Products/PlugIns/www/main.dtml with this file:

   http://www.cat-box.net/steve/main.dtml

--
Steve Alexander
Software Engineer
Cat-Box limited
http://www.cat-box.net


___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] ZCatalog and 'fuzzy logic'

2001-01-10 Thread Morten W. Petersen


> I do not think that "fuzzy logic" is strongly related to "regexp-like".
> Anyway.
> 
> Fuzzy searching often means "finding matches with characters omitted,
> replaced or inserted".

It seems I misunderstood the term fuzzy logic myself.  Fuzzy logic means
if I search for a word, for example 'programmer', it will return matches
to the words 'program', 'programming','programmable' etc.

I.e., it will somewhat intelligently return words that are similar in
what they mean, using grammar rules (chopping off endings of words and
making them match others).

Hmm.

Cheers,

Morten


___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

[Zope-dev] How does a subclass call its ancestor's method in zope?

2001-01-10 Thread Dirksen


Here is a ZClass testa, with a dtml method 'do'. Its subclass testb
overrides do. How does testb call its ancestor's 'do'? In python, it can be done as
'testa.do()', but what's the equivallent in zope? 

Dirksen



__
Do You Yahoo!?
Yahoo! Photos - Share your holiday photos online!
http://photos.yahoo.com/

___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] Re: ComputedAttribute

Re: [Zope-dev] Re: ComputedAttribute

Re: [Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error

[Zope-dev] first zope-2.3.0a2 bug :-)

Re: [Zope-dev] New UI for 2.3

Re: [Zope-dev] ZPatterns, ZClasses, Specialists: Assigningresponsibilities

Re: [Zope-dev] Re: ComputedAttribute

Re: [Zope-dev] New UI for 2.3

Re: [Zope-dev] Re: ComputedAttribute

Re: [Zope-dev] ZCatalog and 'fuzzy logic'

[Zope-dev] ANNOUNCE: Zope 2.3.0 alpha 2 released

[Zope-dev] New UI for 2.3

Re: [Zope-dev] z'python script

Re: [Zope-dev] Aquisition.Acquired

Re: [Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error

Re: [Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error

[Zope-dev] Security Machinery doesn't work on some objects?

Re: [Zope-dev] Re: ComputedAttribute

Re: [Zope-dev] python script

Re: [Zope-dev] Re: ComputedAttribute

Re: [Zope-dev] ZCatalog and 'fuzzy logic'

Re: [Zope-dev] Re: ComputedAttribute

Re: [Zope-dev] Re: ComputedAttribute

[Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error

Re: [Zope-dev] ZCatalog and 'fuzzy logic'

[Zope-dev] patch to bring ZPatterns UI in line with 2.3 from CVS

Re: [Zope-dev] ZCatalog and 'fuzzy logic'

[Zope-dev] How does a subclass call its ancestor's method in zope?

28 matches

Site Navigation

Mail list logo

Footer information