Re: [Zope-dev] Re: ComputedAttribute
On Wed, Jan 10, 2001 at 11:37:55PM -, Chris Withers wrote: > > Chris Withers writes: > > > > with this class, your_attribute isn't going to play in Persistence, > > > is it? (so I can update it lots without worrying about ZODB size > > > growing... :-) > > > But, as I understand it, it is only updated in the thread > > that did the update. Your next request may get a different > > thread and see a different value. > > Huh? > > If I change self._v_your_attribute it's only going to get updated in one > thread? > That's a bit sucky :-S > > Doesn't matter in this _particular_ case 'cos this var gets set at the start > of every request, but I'm a bit concerned about its general use... > > any help is good help :-) The whole threading spiel in Zope works because of ZODB persistence; any thread accessing an object whose variables have been changed has to retry with a fresh copy from the ODB. But because _v_* variables don't get pickled, another thread will never see them. If you want non-persisting (volatile) variables shared between threads, you'll have to devise your own mechanism for assuring the thread-safety of those variables. -- Martijn Pieters | Software Engineer mailto:[EMAIL PROTECTED] | Digital Creations http://www.digicool.com/ | Creators of Zope http://www.zope.org/ - ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: ComputedAttribute
On Wed, Jan 10, 2001 at 11:09:43PM +0100, Dieter Maurer wrote: > Chris Withers writes: > > Now I think I know the answer to this one, but I'll ask just to be sure: > > > > class MyClass(Persistent Acquisition.Explicit): > > > > def _set_your_attribute (self,value): > >self._v_your_attribute = value > > > > def _get_your_attribute (self): > > return self._v_your_attribute > > > > your_attribute = ComputedAttribute(_get_your_attribute) > > > > with this class, your_attribute isn't going to play in Persistence, > > is it? (so I can update it lots without worrying about ZODB size > > growing... :-) > But, as I understand it, it is only updated in the thread > that did the update. Your next request may get a different > thread and see a different value. Indeed, only persistent variables are shared between threads (and globals of course, which creates a need for some kind of protection). -- Martijn Pieters | Software Engineer mailto:[EMAIL PROTECTED] | Digital Creations http://www.digicool.com/ | Creators of Zope http://www.zope.org/ - ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error
I appears last night i didn't test the diff... This one should work without any editing... Mithro Tim Ansell wrote: > Forgot to attach the diff > > Forgive me it's 4:52am here > > Mithro > > Tim Ansell wrote: > > > Oppps, just realised i've been replying only to myself :) > > > > Umm okay here is the diff, it is from version 2.2.4 but should apply to most > > versions > > I have removed all the "print" debugging and cleaned up the formatting. > > > > Could people look it over and tell me if there are any hidden problems with it? > > Is it done the right way? > > > > There seems to be a lot of repeated code between zpublisher_exception_hook and > > ZPublisher.BaseRequest, maybe you want to put the auth stuff into it's own > > function and work that way? Just an idea... > > > > Mithro > > > > > Tim Ansell wrote: > > > > > > > No further investigation i have found out that the part i really want to > > > > modify is > > > > > > > > zpublisher_exception_hook, which gets called when the error occurs > > > > > > > > Inside this functions there is a > > > > > > > > if REQUEST.get('AUTHENTICATED_USER', None) is None: > > > > REQUEST['AUTHENTICATED_USER']=AccessControl.User.nobody > > > > > > > > which seems to explain why i'm getting the anonymous user for the errors. > > > > > > > > Is there anyway to add to this function the authentication routines so that > > > > is AUTHENTICATED_USER is none it authentication is check with > > > > standard_error_message being the object checked against? > > > > > > > > Am i making any sense? > > > > > > > > I'm going to give it a go and see what happen... > > > > > > > > Mithro > > > > > > > > Tim Ansell wrote: > > > > > > > > > > > > > > > > > > > Hello. > > > > > > > > > > I've been using zope for a couple of months, i have found zope to be a > > > > > great product and thank you for creating it. Currently i have run into a > > > > > problem, i need to access the AUTHENTICATED_USER in a > > > > > standard_error_message called by notFoundError in BaseRequest. > > > > > > > > > > I was wondering if the authentication routine can be added before the > > > > > authentication routine in BaseRequest? Or if this is not possible it > > > > > could be split into a function and and call it before the notFoundError > > > > > call as well? > > > > > > > > > > There are many reasons you might want to do this, i have listed some > > > > > below: > > > > > > > > > > * You want list possible urls the reader could have meant but don't want > > > > > to show let Anonymous users see possible privileged urls > > > > > > > > > > * You want to provided different error messages for different people, > > > > > i.e. a more advanced error for coders, a simple error for html writer, a > > > > > special error for normal people > > > > > > > > > > * You wanted errors to only be reported it they where caused by certain > > > > > users > > > > > > > > > > and the list could go on > > > > > > > > > > Mithro > > > > > > > > > > > > > > > > > > > > ___ --- ./__init__.py.original Wed Jan 10 23:13:53 2001 +++ ./__init__.py Wed Jan 10 23:45:28 2001 @@ -162,6 +162,9 @@ class RequestContainer(ExtensionClass.Base): def __init__(self,r): self.REQUEST=r +from ZPublisher.BaseRequest import old_validation +UNSPECIFIED_ROLES='' + def zpublisher_exception_hook( published, REQUEST, t, v, traceback, # static @@ -208,11 +211,79 @@ break client=published + + auth=REQUEST._auth + +user=groups=None + +while 1: + if REQUEST.get('AUTHENTICATED_USER', None) is None: +# Do authentication here + r = getattr(client, '__roles__', UNSPECIFIED_ROLES) + if r is not UNSPECIFIED_ROLES: +roles = r +elif not got: +roles = getattr(client, entry_name+'__roles__', roles) + +if roles: +if hasattr(client, '__allow_groups__'): +groups=client.__allow_groups__ + +if hasattr(groups, 'validate'): v=groups.validate +else: v=old_validation + +if v is old_validation and roles is UNSPECIFIED_ROLES: +print "Validation and UNSEPCIFIED_ROLES is okay" +# No roles, so if we have a named group, get roles from +# group keys +if hasattr(groups,'keys'): roles=groups.keys() +else: +try: groups=groups() +except: pass +try: roles=groups.keys() +except: pass + + if groups is None: +
[Zope-dev] first zope-2.3.0a2 bug :-)
well, this one is easy. 8<-- --- lib/python/Shared/DC/ZRDB/Aqueduct.py.origThu Jan 11 10:59:42 2001 +++ lib/python/Shared/DC/ZRDB/Aqueduct.py Thu Jan 11 10:58:01 2001 @@ -272,7 +272,7 @@ custom_default_report_src=DocumentTemplate.File( -os.path.join(dtml_dir,'customDefaultReport.dtml')) +os.path.join(dtml_dir,'dtml/customDefaultReport.dtml')) def custom_default_report(id, result, action='', no_table=0, goofy=regex.compile('[^a-zA-Z0-9_]').search 8<-- without this patch, sql methods cannot we tested because customDefaultReport cannot be found (it moved in the dtml subfolder) ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] New UI for 2.3
Steve Alexander wrote: > > I think the new UI for 2.3 is great improvement over 2.2. > > I'm already finding the sorted tables of folder contents useful, and > having the add new items select at the top saves time. > > However, I do not like the 3-frame interface. I feel that the top frame > is wasted space. The Zope logo and "Logged in as username | Logout" > could as easily go at the bottom of the tree-view frame on the left. > This would leave extra screen space for doing work. > > I also much prefer blue to black as a background colour for the tabs and > the "Root Folder" link. The black seems a bit overbearing. Hmm. I haven't checked out the new interface myself yet, but I wonder if DC did any usability testing on their new UI? Cheers, Michael Bernstein. ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] ZPatterns, ZClasses, Specialists: Assigningresponsibilities
Phillip J. Eby wrote: >At 05:13 PM 12/21/00 +1100, Itai Tavor wrote: >>> >>>I think you're right about this being an OrderLineItem. A couple of fine >>>points, however... First, I don't think there needs to be an >>>"OrderLineItemsWithGraphic" specialist, since there is nothing else that >>>would talk to it. It's fine in this case to have the line item classes >>>(either with graphic or without) handle their own UI snippets. UI >>>delegation is for when an object needs to display UI for some *other* >>>object than itself, since you can always use class extenders and other >>>techniques to reshape the apparent class of an object retrieved from a >>>specialist. The interface which other objects deal with is >>>"OrderLineItem", and they simply expect a portion of the form to be >>>rendered, and it's okay for the class to handle that. >> >>I got a bit confused here... the UI snippet for uploading a graphic >>actually comes from the Graphics Specialist. > >That's fine, but it should be by way of an object that's filling the >OrderLineItem role, yes? But how can this work? If I ask for the graphic in Product.addMeToOrderForm, an OrderLineItem object doesn't exist yet. So Product has to ask the OrderLineItems Specialist for the UI snippet, and OrderLineItems gets it from the Graphics Specialist. Then Product.addMeToOrder can create a new OrderLineItem and hand it the form fields for the graphic. Although, to make it cleaner, Product would add OrderLineItems.newLineItemSnippet to the form, and OrderLineItems would decide what needs to be included in the form - so Product doesn't have to explicitly ask for a Graphic upload form. > >Or I could >>eliminate the problem by uploading the graphic from a form displayed >>by the order line item after it has been added. > >That's actually what I thought you were doing/intending. This is probably the best way... but it wasn't my original plan. I need to ask for a quantity for every added product, so I was going to have Product.addMeToOrderForm ask for quantity and for a graphic. But instead, I can add a quantity field to the product display page, next to the "Add to Order" button. Then addMeToOrderForm isn't needed at all, Product.addMeToOrder will create a new OrderLineItem object, which will then ask for the graphic if it's needed. > >>Here's the question... how many behaviors are different in the order line >>>item itself? Are you also using fulfillment line items? If the only >>>difference to the order line item is that it references some additional >>>data, then I'd say a single class would be fine. Most of the behavior >>>probably comes in on the fulfillment line item, yes? Again, you can ask >>>your FulfillmentLineItems specialist to create >>>"newLineItemFor(orderLineItem)" and let it decide what kind of >>>implementation to hand back. In this case, it probably will be a different >>>class, while for the order line items, it may or may not buy you anything. >> >>I haven't thought of using fulfillment line items... not sure what >>they are for? An order is considered fulfilled once all items have >>been shipped, so order line items are responsible for tracking >>everything that happens until a ShipmentLineItem is created. The >>order line item for a customizable product tracks the product using >>state values like 'sent to factory', 'received from factory', etc. So >>it needs a new set of state values, as well as methods like >>'sendManufacturingOrderToFactory'. >> >>What exactly does the fulfillment role you're referring to do? Does >>it do more than a shipment role? > >Fulfillment would be between ordering and shipping, covering such things as >pulling items from the warehouse to customizing them with the graphic. I >assumed that an order line item was only meaningful until you have a >completed order. You may not need the complexity, but to me it seems like >a seperate phase with a very different set of behaviors than what I would >think of as an order line item. If I were doing an app like this, I'd at >least have some sort of state/status objects to delegate these different >behaviors to. But I'd say this could be left to the taste of the chef. :) This is confusing... because in all the E-com designs I've looked at, the order state machine covers everything up to 'order fulfilled'... you're suggesting stopping the order states at 'order authorized' and moving the fulfillment states to the fulfillment object? Also, what do you mean when you say 'state/status objects'? I can understand having OrderLineItem, FulfillmentLineItem and ShippingLineItem where each covers a different range of states, but are you suggesting having separate objects just for tracking the state? -- Itai Tavor"Je sautille, donc je suis." C3Works[EMAIL PROTECTED] - Kermit the Frog "If you haven't got your health, you haven't got anything" ___ Zope-Dev maillist -
Re: [Zope-dev] Re: ComputedAttribute
> Chris Withers writes: > > with this class, your_attribute isn't going to play in Persistence, > > is it? (so I can update it lots without worrying about ZODB size > > growing... :-) > But, as I understand it, it is only updated in the thread > that did the update. Your next request may get a different > thread and see a different value. Huh? If I change self._v_your_attribute it's only going to get updated in one thread? That's a bit sucky :-S Doesn't matter in this _particular_ case 'cos this var gets set at the start of every request, but I'm a bit concerned about its general use... any help is good help :-) Chris ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] New UI for 2.3
--- Steve Alexander <[EMAIL PROTECTED]> wrote: > However, I do not like the 3-frame interface. I feel > that the top frame > is wasted space. The Zope logo and "Logged in as > username | Logout" > could as easily go at the bottom of the tree-view > frame on the left. > This would leave extra screen space for doing work. > I agree 100%. please change this! I like the look of it, but it serves little purpose for the space it uses. > > I also much prefer blue to black as a background > colour for the tabs and > the "Root Folder" link. The black seems a bit > overbearing. > I agree here as well. Why does the root folder need to look different anyway? Just labelling it "Root Folder" is sufficient IMHO. I think it will cause confusion for it to look so different. = | Casey Duncan | Kaivo, Inc. | [EMAIL PROTECTED] `-> __ Do You Yahoo!? Yahoo! Photos - Share your holiday photos online! http://photos.yahoo.com/ ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: ComputedAttribute
Chris Withers writes: > Martijn Pieters wrote: > Now I think I know the answer to this one, but I'll ask just to be sure: > > class MyClass(Persistent Acquisition.Explicit): > > def _set_your_attribute (self,value): > self._v_your_attribute = value > > def _get_your_attribute (self): > return self._v_your_attribute > > your_attribute = ComputedAttribute(_get_your_attribute) > > with this class, your_attribute isn't going to play in Persistence, > is it? (so I can update it lots without worrying about ZODB size > growing... :-) But, as I understand it, it is only updated in the thread that did the update. Your next request may get a different thread and see a different value. Dieter ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] ZCatalog and 'fuzzy logic'
Morten W. Petersen writes: > It seems I misunderstood the term fuzzy logic myself. Fuzzy logic means > if I search for a word, for example 'programmer', it will return matches > to the words 'program', 'programming','programmable' etc. This, usually, is called "stemming". Though, your examples indicate quite a strong form of it. If you have some tool, maybe LinguistX, that map from a word to its stem and then from the stem to all words with this as stem (or directly give the stem equivalence class of a word), then it is quite easy to incorporate that in Zope's catalog. However, to do that cleanly, you will need good algorithms and/or large dictionaries. This, usually, is not free of charge. Dieter ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] ANNOUNCE: Zope 2.3.0 alpha 2 released
Hello all, Zope 2.3.0 alpha 2 is now available. You can download it from Zope.org: http://www.zope.org/Products/Zope/2.3.0a2/ This release contains a number of new features, including: - SiteAccess is now a part of the Zope core - Shane Hathaway's CacheManager support and two cache manager implementations have been added - SQLMethods can now be edited using FTP and DAV aware tools - Catalogs have been improved to work much better in virtual host environments - Changes to the Web management interface designed to improve productivity, consistency and aesthetics For more information on what is new in this release, see the CHANGES.txt and HISTORY.txt files for the release: - http://www.zope.org/Products/Zope/2.3.0a2/CHANGES.txt - http://www.zope.org/Products/Zope/2.3.0a2/HISTORY.txt **Please note** that we do not build binary distributions for alpha releases - the alpha is available as a source release only. When we move into the beta period for 2.3, we will build and distribute binary releases. Brian Lloyd[EMAIL PROTECTED] Software Engineer 540.371.6909 Digital Creations http://www.digicool.com ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] New UI for 2.3
I think the new UI for 2.3 is great improvement over 2.2. I'm already finding the sorted tables of folder contents useful, and having the add new items select at the top saves time. However, I do not like the 3-frame interface. I feel that the top frame is wasted space. The Zope logo and "Logged in as username | Logout" could as easily go at the bottom of the tree-view frame on the left. This would leave extra screen space for doing work. I realize that I can make the frame smaller by dragging it with my mouse. I do a lot of TTW development, and I think I might find that cumbersome, so I guess I'll be hacking the top frame out of my management interface :-) I also much prefer blue to black as a background colour for the tabs and the "Root Folder" link. The black seems a bit overbearing. -- Steve Alexander Software Engineer Cat-Box limited http://www.cat-box.net ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] z'python script
Zope mailing lists wrote: > Hmm. All kidding aside, Chris is right. This *is* the problem > with "python script" that was pointed out during the name discussion. > My use of "python script" is the traditional Unix/OS one: "a [shell] > script written in python". This is continuing well beyond amusement, :)! Name it Z'Python Script / z'python script. It's pronounceable (Sounds cool, slightly german), looks distinctive, and, well, would end the naming problems for Zope specific uses of, otherwise general, terminology Z'Terminology of the *Z* Object Publishing Environment: z'python script, or Z'Python Script if you like capping ;), z'perl script, z'python programs (makes sense for Zope programs...), z'poorly named language Thingy. Zope is always z'cool! -Dave > Oh, well...fortunately the users most likely to be confused are the > ones least likely to be using scripts at the os level. > > --RDM ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Aquisition.Acquired
Shane Hathaway wrote: > > There's a (much) simpler way: > > class MyClass(Acquisition.Explicit): > your_attribute = Acquisition.Acquired > > # index_html isn't > index_html = None > > "Acquired" is a special object that the acquisition module looks for. Just noticed you can do this also: class MyClass: # note lack of base class ;-) your_attribute = Acquisition.Acquired ...got the idea from Traversable.py Now if I could just figure out how to make non-SimpleItem classes aware of security (see my other recent post :-S) cheers, Chris ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error
Forgot to attach the diff Forgive me it's 4:52am here Mithro Tim Ansell wrote: > Oppps, just realised i've been replying only to myself :) > > Umm okay here is the diff, it is from version 2.2.4 but should apply to most > versions > I have removed all the "print" debugging and cleaned up the formatting. > > Could people look it over and tell me if there are any hidden problems with it? > Is it done the right way? > > There seems to be a lot of repeated code between zpublisher_exception_hook and > ZPublisher.BaseRequest, maybe you want to put the auth stuff into it's own > function and work that way? Just an idea... > > Mithro > > > Tim Ansell wrote: > > > > > No further investigation i have found out that the part i really want to > > > modify is > > > > > > zpublisher_exception_hook, which gets called when the error occurs > > > > > > Inside this functions there is a > > > > > > if REQUEST.get('AUTHENTICATED_USER', None) is None: > > > REQUEST['AUTHENTICATED_USER']=AccessControl.User.nobody > > > > > > which seems to explain why i'm getting the anonymous user for the errors. > > > > > > Is there anyway to add to this function the authentication routines so that > > > is AUTHENTICATED_USER is none it authentication is check with > > > standard_error_message being the object checked against? > > > > > > Am i making any sense? > > > > > > I'm going to give it a go and see what happen... > > > > > > Mithro > > > > > > Tim Ansell wrote: > > > > > > > > > > > > > > > Hello. > > > > > > > > I've been using zope for a couple of months, i have found zope to be a > > > > great product and thank you for creating it. Currently i have run into a > > > > problem, i need to access the AUTHENTICATED_USER in a > > > > standard_error_message called by notFoundError in BaseRequest. > > > > > > > > I was wondering if the authentication routine can be added before the > > > > authentication routine in BaseRequest? Or if this is not possible it > > > > could be split into a function and and call it before the notFoundError > > > > call as well? > > > > > > > > There are many reasons you might want to do this, i have listed some > > > > below: > > > > > > > > * You want list possible urls the reader could have meant but don't want > > > > to show let Anonymous users see possible privileged urls > > > > > > > > * You want to provided different error messages for different people, > > > > i.e. a more advanced error for coders, a simple error for html writer, a > > > > special error for normal people > > > > > > > > * You wanted errors to only be reported it they where caused by certain > > > > users > > > > > > > > and the list could go on > > > > > > > > Mithro > > > > > > > > > > > > > > > > ___ > > > > Zope-Dev maillist - [EMAIL PROTECTED] > > > > http://lists.zope.org/mailman/listinfo/zope-dev > > > > ** No cross posts or HTML encoding! ** > > > > (Related lists - > > > > http://lists.zope.org/mailman/listinfo/zope-announce > > > > http://lists.zope.org/mailman/listinfo/zope ) > > ___ > Zope-Dev maillist - [EMAIL PROTECTED] > http://lists.zope.org/mailman/listinfo/zope-dev > ** No cross posts or HTML encoding! ** > (Related lists - > http://lists.zope.org/mailman/listinfo/zope-announce > http://lists.zope.org/mailman/listinfo/zope ) --- ./__init__.py.org Thu Jan 11 04:39:25 2001 +++ ./__init__.py Thu Jan 11 04:37:24 2001 @@ -162,6 +162,9 @@ class RequestContainer(ExtensionClass.Base): def __init__(self,r): self.REQUEST=r +from ZPublisher.BaseRequest import old_validation +UNSPECIFIED_ROLES='' + def zpublisher_exception_hook( published, REQUEST, t, v, traceback, # static @@ -208,11 +211,79 @@ break client=published + + auth=REQUEST._auth + +user=groups=None + +while 1: + if REQUEST.get('AUTHENTICATED_USER', None) is None: +# Do authentication here + r = getattr(client, '__roles__', UNSPECIFIED_ROLES) + if r is not UNSPECIFIED_ROLES: +roles = r +elif not got: +roles = getattr(client, entry_name+'__roles__', roles) + +if roles: +if hasattr(client, '__allow_groups__'): +groups=client.__allow_groups__ + +if hasattr(groups, 'validate'): v=groups.validate +else: v=old_validation + +if v is old_validation and roles is UNSPECIFIED_ROLES: +print "Validation and UNSEPCIFIED_ROLES is okay" +# No roles, so if we have a named group, get roles from +# group keys +if hasattr(groups,'keys'): roles=groups.keys() +
Re: [Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error
Oppps, just realised i've been replying only to myself :) Umm okay here is the diff, it is from version 2.2.4 but should apply to most versions I have removed all the "print" debugging and cleaned up the formatting. Could people look it over and tell me if there are any hidden problems with it? Is it done the right way? There seems to be a lot of repeated code between zpublisher_exception_hook and ZPublisher.BaseRequest, maybe you want to put the auth stuff into it's own function and work that way? Just an idea... Mithro > Tim Ansell wrote: > > > No further investigation i have found out that the part i really want to > > modify is > > > > zpublisher_exception_hook, which gets called when the error occurs > > > > Inside this functions there is a > > > > if REQUEST.get('AUTHENTICATED_USER', None) is None: > > REQUEST['AUTHENTICATED_USER']=AccessControl.User.nobody > > > > which seems to explain why i'm getting the anonymous user for the errors. > > > > Is there anyway to add to this function the authentication routines so that > > is AUTHENTICATED_USER is none it authentication is check with > > standard_error_message being the object checked against? > > > > Am i making any sense? > > > > I'm going to give it a go and see what happen... > > > > Mithro > > > > Tim Ansell wrote: > > > > > > > > > > > Hello. > > > > > > I've been using zope for a couple of months, i have found zope to be a > > > great product and thank you for creating it. Currently i have run into a > > > problem, i need to access the AUTHENTICATED_USER in a > > > standard_error_message called by notFoundError in BaseRequest. > > > > > > I was wondering if the authentication routine can be added before the > > > authentication routine in BaseRequest? Or if this is not possible it > > > could be split into a function and and call it before the notFoundError > > > call as well? > > > > > > There are many reasons you might want to do this, i have listed some > > > below: > > > > > > * You want list possible urls the reader could have meant but don't want > > > to show let Anonymous users see possible privileged urls > > > > > > * You want to provided different error messages for different people, > > > i.e. a more advanced error for coders, a simple error for html writer, a > > > special error for normal people > > > > > > * You wanted errors to only be reported it they where caused by certain > > > users > > > > > > and the list could go on > > > > > > Mithro > > > > > > > > > > > > ___ > > > Zope-Dev maillist - [EMAIL PROTECTED] > > > http://lists.zope.org/mailman/listinfo/zope-dev > > > ** No cross posts or HTML encoding! ** > > > (Related lists - > > > http://lists.zope.org/mailman/listinfo/zope-announce > > > http://lists.zope.org/mailman/listinfo/zope ) ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] Security Machinery doesn't work on some objects?
Hi there, I'm slightly confused by a class I have: class X(Persistent, Acquisition.Explicit): This class has no __roles__, no __ac_permissions__, no nothing... Instances of this class are stored within a special folderish class, Y. This folderish class has a __bobo_traverse__ which returns X objects, wrapped in context, from it's self._xs BTree using something along the lines of: def __bobo_traverse__(self, REQUEST, name): ob = getattr(self, name, _marker) if ob == _marker: ob = return self._xs[name].__of__(self) Now, it appears no methods or other attributes of this class are protected by the security machinery, even though the instances involved are wrapped. The DocString stuff still applies but, once a method has a docstring, any anonymous user who can traverse to one of these objects, can execute any method (attributes whinge about a missing docstring, how bizarre, attepting to traverse to __init__ complains the method starts with a _ ;-) of that instance which is more than a little disturbing ;-) I thought Zope's security policy had changed to be disallow by default, but that really doesn't seem to be the case here :-S What am I missing out on? Is there some mixin class I need or something I need to acquire to make the security machinery check these objects? confusedly and worriedly, Chris ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: ComputedAttribute
On Wed, Jan 10, 2001 at 05:07:07PM +, Chris Withers wrote: > > If you want _set_your_attribute to be called, you > > need to override __setattr__: > > > > def __setattr__(self, name, value): > > setter = getattr(self, '_set_' + name, None) > > if setter: > > setter(value) > > else: > > raise AttributeError, "no such attribute: " + `name` > > Hmmm... how would you change this to call the __setattr__ that was there > before you overrode it, if a setter could not be found? The same way you call any overridden method, by calling it on the class you inherit it from. So: class Foo: def __setattr__(self, name, value): # Whatever pass class Bar(Foo): def __setattr__(self, name, value): Foo.__setattr__(self, name, value) # More whatever -- Martijn Pieters | Software Engineer mailto:[EMAIL PROTECTED] | Digital Creations http://www.digicool.com/ | Creators of Zope http://www.zope.org/ - ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] python script
On Tue, 9 Jan 2001 [EMAIL PROTECTED] wrote: > Damnnation, Chris, everyone knows that it is supposed to be spelled > Python Thingy. > > "I recently released 'zopectl', a Python Thingy"... > > 'Please go wash your hands before your shake hands with me!' Hmm. All kidding aside, Chris is right. This *is* the problem with "python script" that was pointed out during the name discussion. My use of "python script" is the traditional Unix/OS one: "a [shell] script written in python". Oh, well...fortunately the users most likely to be confused are the ones least likely to be using scripts at the os level. --RDM ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: ComputedAttribute
Martijn Pieters wrote: > > > ...with this class, your_attribute isn't going to play in Persistence, > > is it? (so I can update it lots without worrying about ZODB size > > growing... :-) > > Yup, this allows you to alias your_attribute to _v_your_attribute without > creating an attribute that *will* persist in the process. yay! :-) > your_attribute is set to one instead of the ComputedAttribute instance and > concequently persisted. d'Oh... of course... > If you want _set_your_attribute to be called, you > need to override __setattr__: > > def __setattr__(self, name, value): > setter = getattr(self, '_set_' + name, None) > if setter: > setter(value) > else: > raise AttributeError, "no such attribute: " + `name` Hmmm... how would you change this to call the __setattr__ that was there before you overrode it, if a setter could not be found? cheers for all the help, this thread might make quite god docs for ComputedAttribute ;-) Chris ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] ZCatalog and 'fuzzy logic'
--- "Morten W. Petersen" <[EMAIL PROTECTED]> wrote: [snip] > > It seems I misunderstood the term fuzzy logic > myself. Fuzzy logic means > if I search for a word, for example 'programmer', it > will return matches > to the words 'program', 'programming','programmable' > etc. > > I.e., it will somewhat intelligently return words > that are similar in > what they mean, using grammar rules (chopping off > endings of words and > making them match others). > > Hmm. > > Cheers, > > Morten > ZCatalog TextIndexes support this type of "wildcard" searching. I posted a message a couple of weeks ago that describes the query syntax. Search the mailing list archives for it. = | Casey Duncan | Kaivo, Inc. | [EMAIL PROTECTED] `-> __ Do You Yahoo!? Yahoo! Photos - Share your holiday photos online! http://photos.yahoo.com/ ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: ComputedAttribute
On Wed, Jan 10, 2001 at 04:13:49PM +, Chris Withers wrote: > Martijn Pieters wrote: > > > > Erm. The ExtensionClass.stx documentation hints at a ComputedAttribute > > class (but as an example of how you could use an ExtensionClass). The > > current C implementation of ComputedAttribute is not, as far as I can see, > > documented. > > Now I think I know the answer to this one, but I'll ask just to be sure: > > class MyClass(Persistent Acquisition.Explicit): > > def _set_your_attribute (self,value): > self._v_your_attribute = value > > def _get_your_attribute (self): > return self._v_your_attribute > > your_attribute = ComputedAttribute(_get_your_attribute) > > ...with this class, your_attribute isn't going to play in Persistence, > is it? (so I can update it lots without worrying about ZODB size > growing... :-) Yup, this allows you to alias your_attribute to _v_your_attribute without creating an attribute that *will* persist in the process. > Hmm... more questions: > > If I do: > > x = MyClass() > x.your_attribute = 1 > > ...what happens? your_attribute is set to one instead of the ComputedAttribute instance and concequently persisted. If you want _set_your_attribute to be called, you need to override __setattr__: def __setattr__(self, name, value): setter = getattr(self, '_set_' + name, None) if setter: setter(value) else: raise AttributeError, "no such attribute: " + `name` > Where do you import the ComputedAttribute module from? from ComputedAttribute import ComputedAttribute -- Martijn Pieters | Software Engineer mailto:[EMAIL PROTECTED] | Digital Creations http://www.digicool.com/ | Creators of Zope http://www.zope.org/ - ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: ComputedAttribute
Martijn Pieters wrote: > > Erm. The ExtensionClass.stx documentation hints at a ComputedAttribute > class (but as an example of how you could use an ExtensionClass). The > current C implementation of ComputedAttribute is not, as far as I can see, > documented. Now I think I know the answer to this one, but I'll ask just to be sure: class MyClass(Persistent Acquisition.Explicit): def _set_your_attribute (self,value): self._v_your_attribute = value def _get_your_attribute (self): return self._v_your_attribute your_attribute = ComputedAttribute(_get_your_attribute) ...with this class, your_attribute isn't going to play in Persistence, is it? (so I can update it lots without worrying about ZODB size growing... :-) Hmm... more questions: If I do: x = MyClass() x.your_attribute = 1 ...what happens? Where do you import the ComputedAttribute module from? cheers, Chris ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error
Hello. I've been using zope for a couple of months, i have found zope to be a great product and thank you for creating it. Currently i have run into a problem, i need to access the AUTHENTICATED_USER in a standard_error_message called by notFoundError in BaseRequest. I was wondering if the authentication routine can be added before the authentication routine in BaseRequest? Or if this is not possible it could be split into a function and and call it before the notFoundError call as well? There are many reasons you might want to do this, i have listed some below: * You want list possible urls the reader could have meant but don't want to show let Anonymous users see possible privileged urls * You want to provided different error messages for different people, i.e. a more advanced error for coders, a simple error for html writer, a special error for normal people * You wanted errors to only be reported it they where caused by certain users and the list could go on Mithro ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] ZCatalog and 'fuzzy logic'
On Wed, 10 Jan 2001, Morten W. Petersen wrote: > > I do not think that "fuzzy logic" is strongly related to "regexp-like". > > Anyway. > > > > Fuzzy searching often means "finding matches with characters omitted, > > replaced or inserted". > > It seems I misunderstood the term fuzzy logic myself. Fuzzy logic means > if I search for a word, for example 'programmer', it will return matches > to the words 'program', 'programming','programmable' etc. I think your talking about something else. Last i checked, "fuzzy logic" was a logical algebra based on the existence of intermediate truth states, between "true" and "false". It has little or nothing to do with aproximate searching, though i guess you could use it to make assertions about the aproximations. I think what you all are talking about is "fuzzy matching". > I.e., it will somewhat intelligently return words that are similar in > what they mean, using grammar rules (chopping off endings of words and > making them match others). There are also matching mechanisms like soundex, that account for misspelling by translating words to phonetic-equivalent normalized codes, and comparing on that basis. Ken [EMAIL PROTECTED] ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] patch to bring ZPatterns UI in line with 2.3 from CVS
If you're using ZPatterns or PlugIns with Zope 2.3 from CVS, you can update most of the ZPatterns user-interface to the new style be replacing lib/python/Products/PlugIns/www/main.dtml with this file: http://www.cat-box.net/steve/main.dtml -- Steve Alexander Software Engineer Cat-Box limited http://www.cat-box.net ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] ZCatalog and 'fuzzy logic'
> I do not think that "fuzzy logic" is strongly related to "regexp-like". > Anyway. > > Fuzzy searching often means "finding matches with characters omitted, > replaced or inserted". It seems I misunderstood the term fuzzy logic myself. Fuzzy logic means if I search for a word, for example 'programmer', it will return matches to the words 'program', 'programming','programmable' etc. I.e., it will somewhat intelligently return words that are similar in what they mean, using grammar rules (chopping off endings of words and making them match others). Hmm. Cheers, Morten ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] How does a subclass call its ancestor's method in zope?
Here is a ZClass testa, with a dtml method 'do'. Its subclass testb overrides do. How does testb call its ancestor's 'do'? In python, it can be done as 'testa.do()', but what's the equivallent in zope? Dirksen __ Do You Yahoo!? Yahoo! Photos - Share your holiday photos online! http://photos.yahoo.com/ ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )