[Zope-dev] Re: hack for refused authorization with virtual dataskin
"Phillip J. Eby" a écrit : > > It sounds to me like you need to be using the getId() method instead of the > .id attribute. I think that the id attribute is being phased out in favor > of getId(). I was already told about the getId but the problem goes further than access to the id. I get the same non authorized message when accessing other attributes computed by the skinscript. I do not understand why I have no problem (I mean do not need access_to_unprotected hack) with standard stored ZClass-dataskin instances but well with non stored instances... I suppose there is something different between the two cases going on during the construction of the instances but have not been able until now to get the point. My Python is not fluent enough to allow me to understand the following code of Rack.py : _v_itemConstructor = ComputedAttribute(lambda s, v=ComputedAttribute(_v_itemConstructor): v) > > > I'm somewhat reluctant to enable access to unprotected subobjects in the > DataSkin base class; it seems a little too broad of an access level. The > other alternative would be to allow SkinScript expressions free rein as > regards security - but that's too broad also. The optimum would be to > allow SkinScript expressions full access to the targeted DataSkin's direct > attributes, but normal (validated) access to everything else, but I'm not > sure how to do this safely. > > This is an example of why I consider ZPatterns a hack - too many places > where it depends on Zope innards like this. I get your point but I think that something a la ZPatterns should be integrated in the Zope core to separate logic and storage especially now that ZPT allow a very clean separation between logic and presentation. I would appreciate to know the position of DC about the design objectives of ZPatterns -- Godefroid Chapelle BubbleNet sprl rue Victor Horta, 30 1348 Louvain-la-Neuve Belgium Tel 010 457490 Mob 0477 363942 TVA 467 093 008 RC Niv 49849 ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] why is this more efficient
On Mon, 23 Apr 2001, Tim McLaughlin wrote: > Found this in the constructor for the File Product and I don't understand > why it is more efficient. (I want to subclass a File, so this does have > some purpose ;-)) Anybody got any ideas? > > # First, we create the file without data: > self._setObject(id, File(id,title,'',content_type, precondition)) > > # Now we "upload" the data. By doing this in two steps, we > # can use a database trick to make the upload more efficient. > self._getOb(id).manage_upload(file) It's more efficient because manage_upload commits subtransactions every N bytes and your main process memory doesn't grow to the size of the file. -Michel ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Plugable brains changed in 2.3x vs 2.2?
On 23 Apr 2001, at 14:45, Brad Clements wrote: > I've been using zope 2.2.2 with a plugable brain that does something like > this: > > > class Mybrain: >def __init__(self): >self.__dict['myvar'] = 'xyzzy' Uh, sorry, this should probably not be on zope-dev. anyway the answer is self.aq_parent.__dict__['myvar'] = 'xyzzy' I'm using the pluggable brain approach so I can get first-myvar in dtml-in Brad Clements,[EMAIL PROTECTED] (315)268-1000 http://www.murkworks.com (315)268-9812 Fax netmeeting: ils://ils.murkworks.com AOL-IM: BKClements ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] Re: hack for refused authorization with virtual dataskin
At 01:37 PM 4/23/01 +0200, Godefroid Chapelle wrote: >Hello, > > >After rereading the ZopeSecurityPolicy source code, I tried the >following hack. > >I add in the skinscript : > >WITH 1 COMPUTE __allow_access_to_unprotected_subobjects__=RESULT > >which does work : it fools the security mechanism. > >I can live with it but feel that there is only a slight problem which >could allow me to avoid the hack. > >I hope this can hint some of you to help me to understand what is badly >settled in my installation. It sounds to me like you need to be using the getId() method instead of the .id attribute. I think that the id attribute is being phased out in favor of getId(). I'm somewhat reluctant to enable access to unprotected subobjects in the DataSkin base class; it seems a little too broad of an access level. The other alternative would be to allow SkinScript expressions free rein as regards security - but that's too broad also. The optimum would be to allow SkinScript expressions full access to the targeted DataSkin's direct attributes, but normal (validated) access to everything else, but I'm not sure how to do this safely. This is an example of why I consider ZPatterns a hack - too many places where it depends on Zope innards like this. ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] Plugable brains changed in 2.3x vs 2.2?
I've been using zope 2.2.2 with a plugable brain that does something like this: class Mybrain: def __init__(self): self.__dict['myvar'] = 'xyzzy' I just moved to the latest 2.3 beta and get an error that "__dict__" doesn't exist. Anyone have a quick pointer for a fix, I have 60 minutes to make this work. thanks Brad Clements,[EMAIL PROTECTED] (315)268-1000 http://www.murkworks.com (315)268-9812 Fax netmeeting: ils://ils.murkworks.com AOL-IM: BKClements ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] has_role vs. hasRole
Hi, a developer who's working with me has been bitten by the following fact today, one year after me. There are two methods on objects BasicUser. One is called "has_role" and has the following docstring: """Check to see if a user has a given role or roles.""" The other one is called hasRole, is an alias on another method that's called "allowed" and has the following docstring: """Check whether the user has access to object, assuming that object.__roles__ is the given roles.""" (The Zope Book doesn't say anything on "has_role" (why?) but says about "hasRole": hasRole(object, roles) -- Return a value that is true if the user has the given roles on the given object and return false otherwise.) I understand that those two methods have differents signatures and different uses, but I think that the names are too similar to not induce confusion. S. -- Stéfane Fermigier, Tel: +33 (0)6 63 04 12 77 (mobile). http://nuxeo.com/ & http://portalux.com/ & http://aful.org/ "Amazon: we patent the dot in .com" ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] CoreSessionTracking
Chris McDonough wrote: > > > Nothing like good documentation ;-) Where can I find otu about that? > > http://www.zope.org/Members/michel/Projects/Interfaces/DTMLSecurityAPI > It's also in the security chapter of the Zope Book *embarrassed grinz* "Randall F. Kern" wrote: > > as for simplifying _.SecurityGetUser().getUserName(), BasicUser defines > __str__ to return getUserName(), so should > result in the same output as expr="_.SecurityGetUser().getUserName()"> And in PS, I guess x + `_.SecurityGetUser()` + y would work when x and y are strings? Cool :-) cheers, Chris ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
RE: [Zope-dev] CoreSessionTracking
The documentation is in lib/python/AccessControl/DTML.py :) > From: Chris Withers [mailto:[EMAIL PROTECTED]] > as for simplifying _.SecurityGetUser().getUserName(), BasicUser defines __str__ to return getUserName(), so should result in the same output as -Randy ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] CoreSessionTracking
> Nothing like good documentation ;-) Where can I find otu about that? http://www.zope.org/Members/michel/Projects/Interfaces/DTMLSecurityAPI > > Is there an equivalent of: > > This works. ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] CoreSessionTracking
"Randall F. Kern" wrote: > > _.SecurityGetUser() Nothing like good documentation ;-) Where can I find otu about that? Is there an equivalent of: Something like: ...would be great. cheers, Chris ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] ZPatterns AttributeProvider question
Hi! So here's more :) > >def _objectAdding(self,client, > >_tmap={ None:AddedStatus, > >DeletedStatus:ChangedStatus, > >ChangedStatus:AddedStatus > >} > >): > >t = client._getTokenFor(self) > >s = t.status > >t.status = _tmap.get(s,s) > > > ># we need to do a commit here in order to store the record into > the database! > > # and we need to have it stored as an AttributeFor() of the primary key will > > # return None otherwise (as this also just makes a query). > >client.commitSubtransaction() > > This is broken. Don't do this! commitSubtransaction() is an > application-level operation. Only. If you have to use it inside of > provider-level code or code called from SkinScript, chances are that you > are doing something horribly wrong. You run the risk of causing a > recursive commit operation in the Zope transaction machinery. Don't do this! well, it always looked no-good to me, I just didn't know how to solve my problem. So my problem I was trying to fix was actually the following: - When creating a new object via newItem(), the Rack checks if self.loadAttrib is defined before creating a new one. if loadAttrib is returned by the attribute provider then the Rack assumes it already exists and raises an exception. - My Attribute Provider now does not know if an object exists or not before looking into the database (I tried different ways to check it but somehow they haven't worked). So it does that. If it finds a record with the given id it returns it, if not it returns the default value (which means "does not exist" to the rack). - When adding a new object in my provider it does an insert via an ZSQL method to store it inside the database. This is done in _objectAdded(). Unfortunately this is too late as before this is called, we already need to have it in the database as the request to my primary key will return the default still. So I moved this insert to _objectAdding(). Unfortunately this new record seems not to appear in the database before commit() (dunno why, maybe some new transaction code in ZMySQLDA? haven't checked this). That's why I did a commit() there which then called _objectAdded(). So my problem is basically that I need to know in _AttributeFor() whether this object is already created or not.. I will check now again with asking the status of the client but I think I also tried this before. The best would be to collect all data before _objectAdded() and store it at once and not as it's done now by first creating an empty record and doing the rest via _objectChanged(). But I am open for any other idea :) > >def _SetAttributeFor(self,client,name,value): > >"""Set the attribute and return true if successful""" > > # attribs stores the attributes we care about > >if name in self._attribs.keys(): > >client._getCache()[name]=value > >client.__dict__[name]=value; > > client._p_changed = 1 > >return 1 > >return None > > This also looks broken to me. Why are you changing both the cache and the > persistent state? There's no reason to do both. ok, this is old code where I wanted to test some other solution to fix my problem. I will remove the additional line.. (__dict__ might be all I need, it's already a cache if I remember right?!?) > I think you're seriously over-engineering this. I don't see anything that > you're doing here that couldn't be done more easily with SkinScript > statements. If all you want to do is store the data in an SQL database, a > few SkinScript triggers would suffice. Well, as mailed yesterday I know this. I've also done this a lot but was then tired of always typing those paramater lists (for each ZSQL method, for each SkinScript call twice, ...). This is of course always the tradeoff between easy to use plugins which are somehow restricted and the more flexible ones which do need lots of configuration. I would like to have the first one for the day-to-day-stuff and the latter for more advanced operations, like linking specialists together etc. > Now, if you're trying to get a row to be inserted in an SQL database at the > actual time of the newItem() call, there is a trick you can use to do that > from SkinScript also. Do this: > > INITIALIZE OBJECT WITH someAttr1=default1, > someAttr2=default2,...,dummyAttributeName=myInsertQuery(primaryKey=self.id) > > Where myInsertQuery() is an SQL insert query that takes primaryKey as a > parameter, and dummyAttributeName is some attribute name you don't care > about. You should also set any default values for fields that will be > inserted. Your insert query will be called, initializing the row in the > database, and then use something like this: > > WHEN OBJECT ADDED,CHANGED STORE foo,bar,baz USING > UpdateMethod(widget_id=self.id, foo_field=self.foo, wbar=self.bar) > > > To update t
RE: [Zope-dev] CoreSessionTracking
_.SecurityGetUser() -Randy ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] why is this more efficient
Found this in the constructor for the File Product and I don't understand why it is more efficient. (I want to subclass a File, so this does have some purpose ;-)) Anybody got any ideas? # First, we create the file without data: self._setObject(id, File(id,title,'',content_type, precondition)) # Now we "upload" the data. By doing this in two steps, we # can use a database trick to make the upload more efficient. self._getOb(id).manage_upload(file) ___ Tim McLaughlin BCSwebservices.net Director, Technical Group 1950 Old Gallows Road tel: (703) 790.8081 x111 Suite 201 [EMAIL PROTECTED] Vienna, VA 22182 www .bcswebservices. net ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] CoreSessionTracking
RE: [Zope-dev] CoreSessionTrackingThat's it! Except from DTML. ;-) - Original Message - From: Adrian Hungate To: 'Chris Withers' ; Chris McDonough Cc: Magnus Heino (Rivermen) ; [EMAIL PROTECTED] Sent: Monday, April 23, 2001 12:00 PM Subject: RE: [Zope-dev] CoreSessionTracking Do you mean: from AccessControl import getSecurityManager security = getSecurityManager() user = security.getUser() userName = user.getUserName() ??? Adrian... -Original Message- From: Chris Withers [mailto:[EMAIL PROTECTED]] Sent: Monday, 23 April 2001 16:57 To: Chris McDonough Cc: Magnus Heino (Rivermen); [EMAIL PROTECTED] Subject: Re: [Zope-dev] CoreSessionTracking Chris McDonough wrote: > > Alternately (and this will be in the next CST release), add this to the > session data object class (SessionData.SessionData): > > __guarded_setitem__ = __setitem__ OK, that'll teach me to read the whole thread before I post :-) > As far as finding the currently logged in user's name, try this: > > context.REQUEST['AUTHENTICATED_USER'].getUserName() > > This is a deprecated API, however. The new one I can't find at the moment, > though. ;-) When you find out, can you let us know :-S Chris ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope ) ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
RE: [Zope-dev] CoreSessionTracking
Title: RE: [Zope-dev] CoreSessionTracking Do you mean: from AccessControl import getSecurityManager security = getSecurityManager() user = security.getUser() userName = user.getUserName() ??? Adrian... -Original Message- From: Chris Withers [mailto:[EMAIL PROTECTED]] Sent: Monday, 23 April 2001 16:57 To: Chris McDonough Cc: Magnus Heino (Rivermen); [EMAIL PROTECTED] Subject: Re: [Zope-dev] CoreSessionTracking Chris McDonough wrote: > > Alternately (and this will be in the next CST release), add this to the > session data object class (SessionData.SessionData): > > __guarded_setitem__ = __setitem__ OK, that'll teach me to read the whole thread before I post :-) > As far as finding the currently logged in user's name, try this: > > context.REQUEST['AUTHENTICATED_USER'].getUserName() > > This is a deprecated API, however. The new one I can't find at the moment, > though. ;-) When you find out, can you let us know :-S Chris ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] ZCatalog waaaagh!: The Error
Chris McDonough wrote: > > Can you give me something that reproduces this? I already gave you more than I should have ;-) 2.3.2b2 solves this so I think moving to that might be easier than fixing this. All the tests seem to have miraculously started passing today (wtf?!!) so I'm more confused but not as worried... cheers, Chris ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] CoreSessionTracking
Chris McDonough wrote: > > Alternately (and this will be in the next CST release), add this to the > session data object class (SessionData.SessionData): > > __guarded_setitem__ = __setitem__ OK, that'll teach me to read the whole thread before I post :-) > As far as finding the currently logged in user's name, try this: > > context.REQUEST['AUTHENTICATED_USER'].getUserName() > > This is a deprecated API, however. The new one I can't find at the moment, > though. ;-) When you find out, can you let us know :-S Chris ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] CoreSessionTracking
Chris McDonough wrote: > > Darn. Security nails us once again. :-( > > I'll need to figure out how to allow __setitem__ to be called on session > data objects from within a Python Script. Add a line below your definition of __setitem__ that reads: __guarded_setitem__ = __setitem__ cheers, Chris ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] CoreSessionTracking
Alternately (and this will be in the next CST release), add this to the session data object class (SessionData.SessionData): __guarded_setitem__ = __setitem__ As far as finding the currently logged in user's name, try this: context.REQUEST['AUTHENTICATED_USER'].getUserName() This is a deprecated API, however. The new one I can't find at the moment, though. ;-) - Original Message - From: "Magnus Heino (Rivermen)" <[EMAIL PROTECTED]> To: "'Chris McDonough'" <[EMAIL PROTECTED]>; "Magnus Heino (Rivermen)" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Monday, April 23, 2001 10:48 AM Subject: SV: [Zope-dev] CoreSessionTracking > > > In the meantime, use the .set method of the session data > > object, e.g. in the > > onStart function: > > > > sdo.set('Username', 'Foobar') > > > > .. or use an external method. > > Ok, works now. Thanks. > > How to I access things like the DTML AUTHENTICATED_USER.getUserName() from a > python script? > > /Magnus > ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
SV: [Zope-dev] CoreSessionTracking
> In the meantime, use the .set method of the session data > object, e.g. in the > onStart function: > > sdo.set('Username', 'Foobar') > > .. or use an external method. Ok, works now. Thanks. How to I access things like the DTML AUTHENTICATED_USER.getUserName() from a python script? /Magnus ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] CoreSessionTracking
Darn. Security nails us once again. :-( I'll need to figure out how to allow __setitem__ to be called on session data objects from within a Python Script. In the meantime, use the .set method of the session data object, e.g. in the onStart function: sdo.set('Username', 'Foobar') .. or use an external method. - Original Message - From: "Magnus Heino (Rivermen)" <[EMAIL PROTECTED]> To: "'Chris McDonough'" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Monday, April 23, 2001 10:37 AM Subject: SV: [Zope-dev] CoreSessionTracking > This onStart method... > > sdo['date'] = context.ZopeTime() > > ...gives this error: > > -- > 2001-04-23T14:36:32 PROBLEM(100) Session Tracking session event failed > The call to function onStart failed. Traceback: > Traceback (innermost last): > File > /usr/home/magnus/www/Zope-2.3.1-src/lib/python/Products/CoreSessionTracking/ > SessionDataManager.py, line 451, in __call__ > (Object: ) > File > /usr/home/magnus/www/Zope-2.3.1-src/lib/python/Shared/DC/Scripts/Bindings.py > , line 324, in __call__ > (Object: onStart) > File > /usr/home/magnus/www/Zope-2.3.1-src/lib/python/Shared/DC/Scripts/Bindings.py > , line 354, in _bindAndExec > (Object: onStart) > File > /usr/home/magnus/www/Zope-2.3.1-src/lib/python/Products/PythonScripts/Python > Script.py, line 336, in > _exec > (Object: onStart) > (Info: ({'script': , 'context': > , 'container': , > 'traverse_subpath': []}, ({},), {}, None)) > File Script (Python), line 2, in onStart > File > /usr/home/magnus/www/Zope-2.3.1-src/lib/python/Products/PythonScripts/zbytec > odehacks/VSExec.py, line 430, in __setitem__ > TypeError: object does not support item assignment > ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
SV: [Zope-dev] CoreSessionTracking
This onStart method... sdo['date'] = context.ZopeTime() ...gives this error: -- 2001-04-23T14:36:32 PROBLEM(100) Session Tracking session event failed The call to function onStart failed. Traceback: Traceback (innermost last): File /usr/home/magnus/www/Zope-2.3.1-src/lib/python/Products/CoreSessionTracking/ SessionDataManager.py, line 451, in __call__ (Object: ) File /usr/home/magnus/www/Zope-2.3.1-src/lib/python/Shared/DC/Scripts/Bindings.py , line 324, in __call__ (Object: onStart) File /usr/home/magnus/www/Zope-2.3.1-src/lib/python/Shared/DC/Scripts/Bindings.py , line 354, in _bindAndExec (Object: onStart) File /usr/home/magnus/www/Zope-2.3.1-src/lib/python/Products/PythonScripts/Python Script.py, line 336, in _exec (Object: onStart) (Info: ({'script': , 'context': , 'container': , 'traverse_subpath': []}, ({},), {}, None)) File Script (Python), line 2, in onStart File /usr/home/magnus/www/Zope-2.3.1-src/lib/python/Products/PythonScripts/zbytec odehacks/VSExec.py, line 430, in __setitem__ TypeError: object does not support item assignment ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] ZCatalog waaaagh!
Sorry, I meant UnIndex.py! Doh! There is a more comprehensive fix checked in to 2.3.2b2. > > > > In the meantime, if you're desperate, here's a temporary fix... > > > > replace the items method of the UnTextIndex class in UnTextIndex.py. The > > current method looks something like this: > > > > def items(self): > > reurn self._index.items() > > > > change it to: > > > > def items(self): > > items = [] > > for k, v in self._index.items(): > > if type(v) is type(1): > > v = IITreeSet((v,)) > > items.append((k,v)) > > return tuple(items) > > Urm... UnTextIndex.py doesn't appear to have an items method in 2.3.1 or > 2.3.1b1. > > I tried changing the one in UnIndex.py, but it didn't make any difference. I'm > still getting the error at the end when searching. > > I'm having loads of problems right now (Zope hanging, not crashing, not racing, > just hanging) and testsuites that used to run now suddenly not running on _some_ > (ugh!) of the machines they used to so I'm not in a position to move to 2.3.2bx > (maybe 2.3.2 final ;-) where I know this is fixed. Ugh. You can try to replace the UnIndex.py from your copy with the 2.3.2b2 CVS copy if that helps any. You can probably also replace ZCatalog/Catalog.py. > *sigh* > > Any help would be very much appreciated ;-) > > cheers, > > Chris > ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
SV: [Zope-dev] CoreSessionTracking
> The onStart method will be called when a session data object > is created. > Neither of the calls you show here create a session data > object. Something > like "Session.getSessionData()" would, however. Ah. I read "when a session starts, you may call an external method or PythonScrip" and thought that the session started when I received a new token... Thanks! /Magnus ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] ZCatalog waaaagh!: The Error
Can you give me something that reproduces this? - Original Message - From: "Chris Withers" <[EMAIL PROTECTED]> To: "Chris McDonough" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Monday, April 23, 2001 8:32 AM Subject: Re: [Zope-dev] ZCatalog wgh!: The Error > d'oh! > > Error type: TypeError > Error value: unsubscriptable object > > Traceback (innermost last): > File E:\Zope\2379A4~1.1\lib\python\ZPublisher\Publish.py, line 223, in > publish_module > File E:\Zope\2379A4~1.1\lib\python\ZPublisher\Publish.py, line 187, in publish > File E:\Zope\2379A4~1.1\lib\python\Zope\__init__.py, line 221, in > zpublisher_exception_hook > (Object: Traversable) > File E:\Zope\2379A4~1.1\lib\python\ZPublisher\Publish.py, line 171, in publish > File E:\Zope\2379A4~1.1\lib\python\ZPublisher\mapply.py, line 160, in mapply > (Object: reset) > File E:\Zope\2379A4~1.1\lib\python\ZPublisher\Publish.py, line 112, in > call_object > (Object: reset) > File E:\Zope\2379A4~1.1\lib\python\OFS\DTMLMethod.py, line 189, in __call__ > (Object: reset) > File E:\Zope\2379A4~1.1\lib\python\DocumentTemplate\DT_String.py, line 538, in > __call__ > (Object: reset) > File E:\Zope\current\Products\ZDebug\DTMLDebug.py, line 259, in > debug_render_blocks > File E:\Zope\current\Products\ZDebug\DTMLDebug.py, line 239, in debugException > File E:\Zope\current\Products\ZDebug\DTMLDebug.py, line 256, in > debug_render_blocks > File E:\Zope\current\Products\GenericCases\CasesFolder.py, line 136, in > reset_cases > (Object: Traversable) > File E:\Zope\current\Products\GenericCases\CasesFolder.py, line 187, in > create_case > (Object: Traversable) > File E:\Zope\current\Products\GenericCases\Case.py, line 451, in update > File E:\Zope\current\Products\GenericCases\Case.py, line 323, in set_field > File E:\Zope\current\Products\GenericCases\CasesFolder.py, line 306, in > get_cases > (Object: Traversable) > File E:\Zope\current\Products\GenericCases\scripting.py, line 389, in search > (Object: Traversable) > File E:\Zope\2.3.1\lib\python\Products\ZCatalog\Lazy.py, line 224, in > __getitem__ > TypeError: (see above) > ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] CoreSessionTracking
> Is onStart and onEnd broken in the CoreSessionTracking (0.8) product? (Or am > I broken? :-)) I hope neither ;-) > > I have a folder /Radio > > Within that folder I have a "Session ID Manager" and a "Session Data > Manager" named Session. > > "Session onStart method path" of the "Session ID Manager" is set to > /Radio/onStart > > I have an external method /Radio/onStart that does work if called > standalone, > > from zLOG import LOG, WARNING > def onStart(sdo): > LOG('session started', WARNING, 'session started') > > but it never gets called when I call my index_html; > > > > > Token is new. > > Token is not new. > > The onStart method will be called when a session data object is created. Neither of the calls you show here create a session data object. Something like "Session.getSessionData()" would, however. > Ths index_html method does return 'Token is new', but no onStart method is > being called. > > What am I missing??? I have read the helpfile over and over again, but it > still doesn't work. > > ? > > /Magnus > > ___ > Zope-Dev maillist - [EMAIL PROTECTED] > http://lists.zope.org/mailman/listinfo/zope-dev > ** No cross posts or HTML encoding! ** > (Related lists - > http://lists.zope.org/mailman/listinfo/zope-announce > http://lists.zope.org/mailman/listinfo/zope ) > ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] CoreSessionTracking
Is onStart and onEnd broken in the CoreSessionTracking (0.8) product? (Or am I broken? :-)) I have a folder /Radio Within that folder I have a "Session ID Manager" and a "Session Data Manager" named Session. "Session onStart method path" of the "Session ID Manager" is set to /Radio/onStart I have an external method /Radio/onStart that does work if called standalone, from zLOG import LOG, WARNING def onStart(sdo): LOG('session started', WARNING, 'session started') but it never gets called when I call my index_html; Token is new. Token is not new. Ths index_html method does return 'Token is new', but no onStart method is being called. What am I missing??? I have read the helpfile over and over again, but it still doesn't work. ? /Magnus ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] ZCatalog waaaagh!: The Error
d'oh! Error type: TypeError Error value: unsubscriptable object Traceback (innermost last): File E:\Zope\2379A4~1.1\lib\python\ZPublisher\Publish.py, line 223, in publish_module File E:\Zope\2379A4~1.1\lib\python\ZPublisher\Publish.py, line 187, in publish File E:\Zope\2379A4~1.1\lib\python\Zope\__init__.py, line 221, in zpublisher_exception_hook (Object: Traversable) File E:\Zope\2379A4~1.1\lib\python\ZPublisher\Publish.py, line 171, in publish File E:\Zope\2379A4~1.1\lib\python\ZPublisher\mapply.py, line 160, in mapply (Object: reset) File E:\Zope\2379A4~1.1\lib\python\ZPublisher\Publish.py, line 112, in call_object (Object: reset) File E:\Zope\2379A4~1.1\lib\python\OFS\DTMLMethod.py, line 189, in __call__ (Object: reset) File E:\Zope\2379A4~1.1\lib\python\DocumentTemplate\DT_String.py, line 538, in __call__ (Object: reset) File E:\Zope\current\Products\ZDebug\DTMLDebug.py, line 259, in debug_render_blocks File E:\Zope\current\Products\ZDebug\DTMLDebug.py, line 239, in debugException File E:\Zope\current\Products\ZDebug\DTMLDebug.py, line 256, in debug_render_blocks File E:\Zope\current\Products\GenericCases\CasesFolder.py, line 136, in reset_cases (Object: Traversable) File E:\Zope\current\Products\GenericCases\CasesFolder.py, line 187, in create_case (Object: Traversable) File E:\Zope\current\Products\GenericCases\Case.py, line 451, in update File E:\Zope\current\Products\GenericCases\Case.py, line 323, in set_field File E:\Zope\current\Products\GenericCases\CasesFolder.py, line 306, in get_cases (Object: Traversable) File E:\Zope\current\Products\GenericCases\scripting.py, line 389, in search (Object: Traversable) File E:\Zope\2.3.1\lib\python\Products\ZCatalog\Lazy.py, line 224, in __getitem__ TypeError: (see above) ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] ZCatalog waaaagh!
Chris McDonough wrote: > > In the meantime, if you're desperate, here's a temporary fix... > > replace the items method of the UnTextIndex class in UnTextIndex.py. The > current method looks something like this: > > def items(self): > reurn self._index.items() > > change it to: > > def items(self): > items = [] > for k, v in self._index.items(): > if type(v) is type(1): > v = IITreeSet((v,)) > items.append((k,v)) > return tuple(items) Urm... UnTextIndex.py doesn't appear to have an items method in 2.3.1 or 2.3.1b1. I tried changing the one in UnIndex.py, but it didn't make any difference. I'm still getting the error at the end when searching. I'm having loads of problems right now (Zope hanging, not crashing, not racing, just hanging) and testsuites that used to run now suddenly not running on _some_ (ugh!) of the machines they used to so I'm not in a position to move to 2.3.2bx (maybe 2.3.2 final ;-) where I know this is fixed. *sigh* Any help would be very much appreciated ;-) cheers, Chris ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] hack for refused authorization with virtual dataskin
Hello, After rereading the ZopeSecurityPolicy source code, I tried the following hack. I add in the skinscript : WITH 1 COMPUTE __allow_access_to_unprotected_subobjects__=RESULT which does work : it fools the security mechanism. I can live with it but feel that there is only a slight problem which could allow me to avoid the hack. I hope this can hint some of you to help me to understand what is badly settled in my installation. -- Godefroid Chapelle BubbleNet sprl rue Victor Horta, 30 1348 Louvain-la-Neuve Belgium Tel 010 457490 Mob 0477 363942 TVA 467 093 008 RC Niv 49849 ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [OT] Re: [Zope-dev] Introducing a New Concept on Advanced Garbage Treatment Process
On Fri, Apr 20, 2001 at 02:02:01PM -0700, Andy McKay wrote: > > > Introducing a new concept on advanced garbage treatment process, and > licensing patents > > > For details, please reference the web site: > > The patent is flawed obviously since it doesn't garbage collect itself... Shows you how we geeks think... The patent did not have anything to do with Zope or Python at all. It didn't even have anything to do with computers, unless you were about to dump your old 486 on the scapheap.. I reported the email to spamcop, to be garbage collected. -- Martijn Pieters | Software Engineer mailto:[EMAIL PROTECTED] | Digital Creations http://www.digicool.com/ | Creators of Zope http://www.zope.org/ - ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )