[Zope-dev] Re: Patch for attribute permisions problems in Zope 2.7.3

2005-02-21 Thread Santi Camps 
En/na Tres Seaver ha escrit:
|
| Now, accessed and container are always the same, and in some cases
| should be different.   I attach a patch to solve this case that works
| for me.  I'm not sure if my code is the best way to solve the problem
| but, as I said, it seems to work fine.
| Of course, If the patch is accepted, the same change should be done in
| the C version.
Jim and I worked through this, and ended up putting back the use of
'aq_acquire' to do the validation, precisely becuase *it* knows what the
real container is (from guarded_getattr, you have to guess).  Please
verify that the head of the 2.7 branch resolves the issues you found.
Yes, works fine for me !!  

Thanks very much for your work on this issue.  I'm sorry I let it slide
so long,
Tres.
No, thanks to you for your great work.  It's really impresive.   The 
minimum I could do is try to help when I can.

Regards
Santi Camps
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

RE: [Zope-dev] QueueCatalog Tool Inadvertantly Triggers Indexing

2005-02-21 Thread Ken Wasetis 
That's great.  So, in your case, what triggers the processing of the queue?
Did you write a cron job to run at a certain time?  Did you modify the
hardcoded sleep interval of the Processor.py?  Do you manually run it
through the ZMI using the portal_catalog 'Queue' tab?  Other?

-Original Message-
From: Dieter Maurer [mailto:[EMAIL PROTECTED]
Sent: Saturday, February 19, 2005 12:46 PM
To: Ken Wasetis
Cc: zope-dev@zope.org
Subject: Re: [Zope-dev] QueueCatalog Tool Inadvertantly Triggers
Indexing


Ken Wasetis wrote at 2005-2-18 12:07 -0600:
I've recently installed QueueCalalog (with PloneQueueCatalog) and either I
don't understand how it is intended to work (lacks documentation), or it
isn't working the way it's intended to.

We are using QueueCatalog (a slightly optimized version)
without problems.

--
Dieter

___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] method attribute __roles__ in Zope 2.8

2005-02-21 Thread Jim Fulton 
Andreas Jung wrote:
I can across the following problem while trying to fix the broken FTP 
service for Zope 2.8:

ObjectManager.manage_FTPstat() tries to access 
self.manage_FTPlist.__roles__ whose
value is ('Manager',') in Zope 2.7. In 2.8 this attribute is not 
available. Can someone  explain
how and where is attribute in set Zope 2.7 and why it is no longer 
available in Zope 2.8 (has
it anything to do with new-style classes in 2.8).
Dieter's response is right.  Classic extenstion classes
had a method-attribute mechanism that isn't available in new-style
extension classes.
There is a new API for getting the roles for an object:
  from AcessControl.ZopeSecurityPolicy import getRoles
Now, suppose we wanted the roles for attribute 'x' on an
object:
  roles = getRoles(ob, 'x', ob.x)
This works for methods *and* for other objects that
don't have their own '__roles__' attribute.  For example,
it could be used for attributes whos values are strings.
It means that you can now protect *any* attribute.  Technically,
there is no longer a need for unprotected subobjects.  In this
regard, Zope 2 has become a litte bit more like Zope 3.
It also works for objects that do have theor own __roles__
attribute.  It actually checkes for a __roles__ attribute on
the third object passed.
For now, this api is the prefered way to do what you want.
Jim
--
Jim Fulton   mailto:[EMAIL PROTECTED]   Python Powered!
CTO  (540) 361-1714http://www.python.org
Zope Corporation http://www.zope.com   http://www.zope.org
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] method attribute __roles__ in Zope 2.8

2005-02-21 Thread Jim Fulton 
You didn't use the getattr that Dieter suggested.
But see my other follow on note.
Jim
Andreas Jung wrote:

--On Sonntag, 20. Februar 2005 19:42 Uhr +0100 Dieter Maurer 
[EMAIL PROTECTED] wrote:

You can use the getattr above to resolve the attribute.

That really did not help:
- print getattr(self.manage_FTPlist, '__roles__')
(Pdb)
AttributeError: 'function' object has no attribute '__roles__'

/develop/sandboxes/Zope/Zope/lib/python/OFS/ObjectManager.py(669)manage_FTPstat() 

- print getattr(self.manage_FTPlist, '__roles__')
(Pdb) dir(self.manage_FTPlist)
['__call__', '__class__', '__cmp__', '__delattr__', '__doc__', 
'__get__', '__getattribute__', '__hash__', '__init__', '__new__', 
'__reduce__', '__reduce_ex__', '__repr__', '__setattr__', '__str__', 
'im_class', 'im_func', 'im_self']
(Pdb) self.manage_FTPlist
bound method Application.manage_FTPlist of OFS.Application.Application 
object at 0xb761fcec
(Pdb) self.manage_FTPlist.__dict__
{}

So there must be more magic involved get this code running again.
Andreas
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

--
Jim Fulton   mailto:[EMAIL PROTECTED]   Python Powered!
CTO  (540) 361-1714http://www.python.org
Zope Corporation http://www.zope.com   http://www.zope.org
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

__roles__ hack (was Re: [Zope-dev] method attribute __roles__ in Zope 2.8)

2005-02-21 Thread Jim Fulton 
Why do we have __roles__ in the first place?  After all, when we
declare protections for our classes, we do so with permissions.
The answer lies in a terrible mistake I made years ago.
Long before Principia, there was Bobo. Bobo originally had a security
model based on roles.  Objects had a __roles__ attribute and the security
model tried to determine if a user had any of the roles on that object.
Later, but still long before Principia, we added the concept of permissions.
Objects required permissions to access them.  Users were granted roles
and managers could map roles to permissions.  When this change was made,
we had lots of software that used the older __roles__ model.  To ease
transition, we created a computed roles attribute that:
- Determined the permission required by an object
- Looked at the role-permission map for that object and
  all of the acquired role-permission maps to compute the roles
  that had the permission and returned this set of roles
  as the value of the __roles__ attribute.
So far so good.
The terrible mistake was to never transition our software away from
this transitional hack.  Shame on me.  Note only did we perpetuate a hack,
but, I think, we made the security system more complicated than it should
have been.  After all, developers declared the permissions required to access
their objects, but the run-time system seemed to work with roles.
When doing the initial work on 2.8, I hoped to remove this hack, but I
wasn't able to.  I had enough to do to integrate new-style extension
class and I couldn't spend the extra time needed to clean this up.  I
do still think it would be good to clean this up, although I still
don't have time to do this myself.  I think Zope 2 will be with us for
a long time, so I think cleaning this up would be worthwhile.
I would also like to look at backporting the Zope 3 security system
to Zope 2.  I'm not certain that this will be feasible, but I'd like
to look at it for Zope 2.9.  The __roles__ hack doesn't exist in the
Zope 3 security model, so paorting the Zope 3 security system to Zope
2 would clean up the __roles__ hack.
I don't know if anyone is interested in working on either backporting the
Zope 3 security system, or on just cleaning up the Zope 2 security system.
If so, I'd be happy to provide advise.
Jim
--
Jim Fulton   mailto:[EMAIL PROTECTED]   Python Powered!
CTO  (540) 361-1714http://www.python.org
Zope Corporation http://www.zope.com   http://www.zope.org
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] method attribute __roles__ in Zope 2.8

2005-02-21 Thread Jim Fulton 
Andreas Jung wrote:
I can across the following problem while trying to fix the broken FTP 
service for Zope 2.8:

ObjectManager.manage_FTPstat() tries to access 
self.manage_FTPlist.__roles__ 
Why is it trying to do this?
Jim
--
Jim Fulton   mailto:[EMAIL PROTECTED]   Python Powered!
CTO  (540) 361-1714http://www.python.org
Zope Corporation http://www.zope.com   http://www.zope.org
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] method attribute __roles__ in Zope 2.8

2005-02-21 Thread Andreas Jung 

--On Montag, 21. Februar 2005 9:17 Uhr -0500 Jim Fulton [EMAIL PROTECTED] 
wrote:

Andreas Jung wrote:
I can across the following problem while trying to fix the broken FTP
service for Zope 2.8:
ObjectManager.manage_FTPstat() tries to access
self.manage_FTPlist.__roles__
Why is it trying to do this?
No idea :-)  But using getRoles() as you suggest it resolved the issue and 
the FTP
server is running fine again.

Andreas
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] zope and python2.3.5

2005-02-21 Thread Dieter Maurer 
Radosław Stachowiak wrote at 2005-2-20 22:09 +0100:
(Bzope-2.7.4 and zopex3-3.0.0 stops 'configure' with error on python 2.3.5.
(Bis it safe to force zope to use python 2.3.5 instead of 2.3.4 ?
(B
(BThat should be safe.
(B
(B-- 
(BDieter
(B___
(BZope-Dev maillist  -  Zope-Dev@zope.org
(Bhttp://mail.zope.org/mailman/listinfo/zope-dev
(B**  No cross posts or HTML encoding!  **
(B(Related lists - 
(B http://mail.zope.org/mailman/listinfo/zope-announce
(B http://mail.zope.org/mailman/listinfo/zope )

RE: [Zope-dev] QueueCatalog Tool Inadvertantly Triggers Indexing

2005-02-21 Thread Dieter Maurer 
Ken Wasetis wrote at 2005-2-21 07:41 -0600:
So, in your case, what triggers the processing of the queue?

We have an external queue processor.

Usually, it looks every second whether there is work to do
and if so, processes the queue.

-- 
Dieter
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] zope and python2.3.5

2005-02-21 Thread Radosław Stachowiak 
On Mon, 21 Feb 2005 19:50:49 +0100, Dieter Maurer [EMAIL PROTECTED] wrote:
 Radoslaw Stachowiak wrote at 2005-2-20 22:09 +0100:
 zope-2.7.4 and zopex3-3.0.0 stops 'configure' with error on python 2.3.5.
 is it safe to force zope to use python 2.3.5 instead of 2.3.4 ?
 
 That should be safe.

OK, so we will probably patch our build scripts to call configure with
--with-python=/usr/bin/python2.3 arg (Gentoo have python2.3 link to
current python2.3.* installed).

What about the future?
Will next releases (2.7.5+ and 3.0.1+) address this issue?

-- 
[EMAIL PROTECTED]
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] zope and python2.3.5

2005-02-21 Thread Radosław Stachowiak 
On Mon, 21 Feb 2005 21:08:01 +0100, Andreas Jung [EMAIL PROTECTED] wrote:
  zope-2.7.4 and zopex3-3.0.0 stops 'configure' with error on python 2.3.5.
  is it safe to force zope to use python 2.3.5 instead of 2.3.4 ?
 
 It does *not* force you to use 2.3.4. There is a --with-python option if
 you look carefully at the configure options. At the time of Zope 2.7.4 
 release there
 was no Python 2.3.4. That's why you can't expect support for Python 2.3.5.

I wrote about forcing zope, not forcing me :)

as for the option, as i wrote before we will use this approach.

Maybe zope configure shouldnt stop on newer, but from the same branch,
version of python?


-- 
radoslaw.
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] zope and python2.3.5

2005-02-21 Thread Andreas Jung 

--On Montag, 21. Februar 2005 21:23 Uhr +0100 Rados?aw Stachowiak 
[EMAIL PROTECTED] wrote:

On Mon, 21 Feb 2005 21:08:01 +0100, Andreas Jung [EMAIL PROTECTED]
wrote:
 zope-2.7.4 and zopex3-3.0.0 stops 'configure' with error on python
 2.3.5. is it safe to force zope to use python 2.3.5 instead of 2.3.4 ?
It does *not* force you to use 2.3.4. There is a --with-python option if
you look carefully at the configure options. At the time of Zope 2.7.4
release there was no Python 2.3.4. That's why you can't expect support
for Python 2.3.5.
I wrote about forcing zope, not forcing me :)
as for the option, as i wrote before we will use this approach.
Maybe zope configure shouldnt stop on newer, but from the same branch,
version of python?
Things are as they are and it is exhausting to discuss about advantages and 
disadvantages.
Python 2.3.5 will be officially recognized by Zope 2.7.5...nothing more to 
be added from my
side (as released manager).

-aj
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )