[Zope-dev] Re: characters allowed in object IDs
Dieter Maurer wrote: yuppie wrote at 2006-3-10 20:20 +0100: ... To support WebDAV as widely as possible, I would prefer to get rid of all id restrictions. I do not like to see new restrictions emerging... You just don't like it or do you know a better alternative? We need a way to make sure that object IDs can't mask browser views and resources. The current solution in Zope 3 is to reserve names starting with '+' and '@' for resources and views. _ is already disallowed at the beginning of an id. Could you use it to mark views/ressources? It's more easy to customize that stuff in Zope 3 than in Zope 2, but I doubt the default names used in Zope 3 will be changed. And I don't think it would be a good idea to introduce different naming conventions in Zope 2. Compared to Zope 2.8.1 and earlier this is no new restriction. In order to support WebDAV as widely as possible, I have removed almost all id restrictions quite some time ago. I hope that this will happen in the official Zope as well. The current state of affairs is not really justified. To reach that goal more fundamental changes are necessary. While the subject of this thread is more general, I just want to fix a bug. And I doubt the fix I proposed will make the WebDAV support much worse. Cheers, Yuppie ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] Re: names starting with '@' are not reserved
Philipp von Weitershausen wrote: yuppie wrote: In Zope 3 the NameChooser makes sure you can't use content IDs starting with '+' or '@'. Zope 2 doesn't allow '+' in content IDs (actually the error message says the ID contains characters illegal in URLs), but you can use content IDs like '@@edit.html'. If the lookup order is changed as proposed (http://codespeak.net/pipermail/z3-five/2006q1/001186.html) this allows to override views with content objects. I guess this is a bug I wouldn't say that. It's just that something Five added (Zope 3 view lookup) doesn't work in all cases of legal Zope 2 object names. That's Five's problem, not Zope 2's (strictly speaking). I don't understand that differentiation. Five is part of Zope 2, so each Five issue is also a Zope 2 issue. and should be fixed in Zope 2.8, 2.9 and trunk. We'd be changing Zope 2's behaviour (not fixing a Five bug), I would therefore vote for making this change on the Zope 2 trunk only. Fixing a bug sometimes requires to change the behavior. Cheers, Yuppie ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] Re: names starting with '@' are not reserved
Hi! Philipp von Weitershausen wrote: Chris McDonough wrote: and should be fixed in Zope 2.8, 2.9 and trunk. We'd be changing Zope 2's behaviour (not fixing a Five bug), I would therefore vote for making this change on the Zope 2 trunk only. I'd be apt to not further restrict the set of identifiers an OFS content object can begin with as long as we can get away with it. If a user happens to enter one that starts with a view character, I suspect a developer could just choose to not allow this in at the application level if he cared (e.g. if he were using Five). It might be reasonable to add this to CMF instead of Zope, but IMO, it's a bad idea to put theis particular restriction in either place, as it will almost certainly break somebody. Yup. That's why we should do this change on the trunk IF at all. I doubt this will break a significant amount of code. The restriction was removed 5 months ago and AFAICS it was removed to allow email addresses as IDs. That use case will not be broken if we disallow again IDs starting with '@'. Note that even in Zope 3 the suggested behaviour is only the default and can be changed. Custom name chooser adapters may decide whether names are good or not based on whatever rule. Therefore, if we introduce this restriction, it should be pluggable like in Zope 3. If we ignore for a moment the fact that for the last 5 months the hole was open reserving '@' for views doesn't introduce any new restriction in Zope 2. '@' was always disallowed. Removing that restriction for the first character was a mistake. I just want to revert that part of the change until we have a pluggable solution. Here's what we could do: We factor the name validation part in ObjectManager (which is _checkId) out to a namechooser adapter. Five already has one in Five.browser.adding. This is obviously the Right Thing to do in the long term. But doesn't help us resolving the bug in Zope 2.8 and 2.9. Then, we can also provide an optional namechooser adapter that enforces the additional restrictions. People could decide to use this for their folder implementation, e.g. the CMF might want to do it for their folders. We already have @@manage_interfaces and Zope 2 containers will have more Zope 3 style views in the future. So I think the default in OFS should be the same as the default in Zope 3. Cheers, Yuppie ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] [svn.zope.org] How to change the From: address for checkin notifications
On 13 Mar 2006, at 15:15, Andreas Jung wrote: Due to some changes in my email configuration I would like to use another email address for checkin notifications email other than the current one. Is there a way to configure this on my own or do I have to beg before the svn admistrator? The address on your zope.org website account is used for that if I remember correctly. jens ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: names starting with '@' are not reserved
I doubt this will break a significant amount of code. The restriction was removed 5 months ago and AFAICS it was removed to allow email addresses as IDs. That use case will not be broken if we disallow again IDs starting with '@'. It seems that you can reasonably easily apply the @ restriction in your own app code under 2.8 and 2.9 until we get around to doing the right thing by making this pluggable via the namechooser thingy, no? I dunno. The current set of restrictions is too restrictive for real world use when you use Zope heavily as a fileserver, say via DAV. I wouldn't treat the existing or older restrictions as gospel as a result. I had actually been meaning to get around to unrestricting the set of identifiers in the trunk. Here's my current monkeypatch to Zope to unrestrict a good number of characters: def patch_objectmanager_badid(): Causes Zope to be less restrictive in the set of characters it accepts as valid within object identifiers. Added as acceptable: []*'!:@#=+$ import re acceptable = r'[^a-zA-Z0-9-_~,.$\(\)\[\]\*\'\!\:[EMAIL PROTECTED]\#\=\+\$ ]' bad_id = re.compile(acceptable).search import OFS.ObjectManager OFS.ObjectManager.bad_id = bad_id The projects that use this patch have been in use for several years; they predate Five. I of course don't mind continuing to do this, but I'd hate to have to change it temporarily (to fix this bug which actually isn't a bug for me because I don't use Five for these projects) and then change it again when we do the pluggable thing. I suppose I wouldn't care if the change was isolated to the bad_id regex, given that I replace it anyway. - C ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] [svn.zope.org] How to change the From: address for checkin notifications
Andreas Jung wrote: Due to some changes in my email configuration I would like to use another email address for checkin notifications email other than the current one. Is there a way to configure this on my own or do I have to beg before the svn admistrator? Just update your email address on zope.org. Subversion uses the ldap database that is updated when you update your member information. Jim -- Jim Fulton mailto:[EMAIL PROTECTED] Python Powered! CTO (540) 361-1714http://www.python.org Zope Corporation http://www.zope.com http://www.zope.org ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] Re: names starting with '@' are not reserved
Hi Chris! Chris McDonough wrote: I doubt this will break a significant amount of code. The restriction was removed 5 months ago and AFAICS it was removed to allow email addresses as IDs. That use case will not be broken if we disallow again IDs starting with '@'. It seems that you can reasonably easily apply the @ restriction in your own app code under 2.8 and 2.9 until we get around to doing the right thing by making this pluggable via the namechooser thingy, no? I dunno. The current set of restrictions is too restrictive for real world use when you use Zope heavily as a fileserver, say via DAV. I wouldn't treat the existing or older restrictions as gospel as a result. I had actually been meaning to get around to unrestricting the set of identifiers in the trunk. I'd like to see this improved. But I think we need a solution that works by default with Zope 3 style views. Here's my current monkeypatch to Zope to unrestrict a good number of characters: [..] The projects that use this patch have been in use for several years; they predate Five. I of course don't mind continuing to do this, but I'd hate to have to change it temporarily (to fix this bug which actually isn't a bug for me because I don't use Five for these projects) and then change it again when we do the pluggable thing. I suppose I wouldn't care if the change was isolated to the bad_id regex, given that I replace it anyway. I'm not concerned about my own app code. I know the problem and how to fix it. And I'm not concerned about people like you who monkeypatch that code. You know that monkeypatching is always on your own risk and you know how to modify your monkey patch even if more code is changed than 'bad_id'. I'm concerned about the people we encourage to use Five technology. Views are a major feature of Five. Should we warn people not to use views? Or instruct them how to patch Zope 2 to protect views against being masked by content IDs? Cheers, Yuppie ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: names starting with '@' are not reserved
On Mar 13, 2006, at 1:22 PM, Chris McDonough wrote: On Mar 13, 2006, at 1:06 PM, yuppie wrote: I'm not concerned about my own app code. I know the problem and how to fix it. And I'm not concerned about people like you who monkeypatch that code. You know that monkeypatching is always on your own risk and you know how to modify your monkey patch even if more code is changed than 'bad_id'. I'm concerned about the people we encourage to use Five technology. Views are a major feature of Five. Should we warn people not to use views? Or instruct them how to patch Zope 2 to protect views against being masked by content IDs? IMO, we should fix it right and live with the status quo until we do (which is that content ids can shadow views). I don't think it's worth it to hack it in the meantime. It just doesn't seem like that much of an emergency, IMO. Also, FWIW, it just occurs to me that even though I do use Five, I've never generated a @@ URL. It appears purely optional to use the @@ syntax in the URL to call a view. Most of the examples I've seen out there don't use it either. - C ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] Re: characters allowed in object IDs
yuppie wrote at 2006-3-13 10:07 +0100: ... In order to support WebDAV as widely as possible, I have removed almost all id restrictions quite some time ago. I hope that this will happen in the official Zope as well. The current state of affairs is not really justified. To reach that goal more fundamental changes are necessary. While the subject of this thread is more general, I just want to fix a bug. And I doubt the fix I proposed will make the WebDAV support much worse. It only is the wrong direction... It is a big deal to exchange local content with a CMS in a way as transparent as possible. WebDAV is the standard for this kind of integration. Many different tools may access the CMS via WebDAV and they have different ways to mark their temporary copies -- usually with some prefix or suffix. I do not know whether there are tools that use @ or + as prefix. However, I know that many different special characters are used for such purposes (., _, #, ...). Zope should have this way of integration (WebDAV) in mind and work towards its easy realization and not introduce things that are likely to make it more difficult (such as forbidding characters at the start of id). -- Dieter ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: names starting with '@' are not reserved
yuppie wrote at 2006-3-13 10:09 +0100: ... I don't understand that differentiation. Five is part of Zope 2, so each Five issue is also a Zope 2 issue. But you can fix this issue either in Five or in ObjectManager. You propose a change in ObjectManager which affects not Five use of Zope2. -- Dieter ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: names starting with '@' are not reserved
Chris McDonough wrote at 2006-3-13 10:21 -0500: ... silly id restrictions ... Here's my current monkeypatch to Zope to unrestrict a good number of characters: def patch_objectmanager_badid(): Causes Zope to be less restrictive in the set of characters it accepts as valid within object identifiers. Added as acceptable: []*'!:@#=+$ import re acceptable = r'[^a-zA-Z0-9-_~,.$\(\)\[\]\*\'\!\:[EMAIL PROTECTED]\#\=\+\$ ]' bad_id = re.compile(acceptable).search import OFS.ObjectManager OFS.ObjectManager.bad_id = bad_id The projects that use this patch have been in use for several years; they predate Five. I of course don't mind continuing to do this, but I'd hate to have to change it temporarily (to fix this bug which actually isn't a bug for me because I don't use Five for these projects) and then change it again when we do the pluggable thing. +1 Looks as if we had very similar project requirements... -- Dieter ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] Re: names starting with '@' are not reserved
On Mar 13, 2006, at 1:06 PM, yuppie wrote: I'm not concerned about my own app code. I know the problem and how to fix it. And I'm not concerned about people like you who monkeypatch that code. You know that monkeypatching is always on your own risk and you know how to modify your monkey patch even if more code is changed than 'bad_id'. I'm concerned about the people we encourage to use Five technology. Views are a major feature of Five. Should we warn people not to use views? Or instruct them how to patch Zope 2 to protect views against being masked by content IDs? IMO, we should fix it right and live with the status quo until we do (which is that content ids can shadow views). I don't think it's worth it to hack it in the meantime. It just doesn't seem like that much of an emergency, IMO. - C ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] PDBDebugMode 0.1 Release
http://www.zope.org/Members/rossp/PDBDebugMode PDBDebugMode - PDB post-mortem debugging on exceptions when debug-mode=on If a relevant error log object is found, exceptions included in the error log's ignored exception types will be ignored and the debugger won't be invoked. It also enables the import of the pdb module in unprotected code. On encountering an error, the port-mortem debugger is invoked with the error's traceback. Once in the debugger you can examine objects, variables, etc. at all levels of the call stack. This is, of course, extremely useful for debugging. Since it only does anything if the instance is running with debug-mode=on, I find this product useful not only for debugging on my development instances, but also for doing quick emergency debugging on a live production site. IOW, if the problem is only reproducable on the production site but not on my development instance, I'll restart the production instance in debug-mode with pdb in emacs, reproduce the error, inspect the call stack. Ross Patterson ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] Re: names starting with '@' are not reserved
Hi Paul! Paul Winkler wrote: On Mon, Mar 13, 2006 at 07:06:28PM +0100, yuppie wrote: I'm concerned about the people we encourage to use Five technology. Views are a major feature of Five. Should we warn people not to use views? Or instruct them how to patch Zope 2 to protect views against being masked by content IDs? Or just document a warning that content whose ids begin with @@ can mask views? I'm wondering if this is a case of Doctor, it hurts when I do this... It's quit common that normal users of Zope applications are allowed to add content. You can educate programmers, but you can't solve a problem like this by educating (sometimes untrusted) users. They can easily screw up a Zope app by overriding important views. And if they can do it some (untrusted) users will do it. Cheers, Yuppie ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] running unit tests for Zope 2.8
Hi -- I have a fix for http://www.zope.org/Collectors/Zope/2037 and would like to write a unit test for it. However, I don't seem to be able to run the existing unit tests for SiteAccess with zopectl test. I created a new instance, then in my instance run bin/zopectl test --dir=/opt/Zope-2.8/lib/python/Products/SiteAccess/tests/ which yields the following: Running tests via: /usr/local/bin/python /opt/Zope-2.8/bin/test.py -v --config-file /home/zope/zopefix/etc/zope.conf --libdir Products --dir=/opt/Zope-2.8/lib/python/Products/SiteAccess/tests/ Running unit tests at level 1 Running unit tests from /opt/Zope-2.8/lib/python/Products/SiteAccess/tests Parsing /home/zope/zopefix/etc/zope.conf -- Ran 0 tests in 0.000s Any idea as to why no tests run? Am I missing some special incantation to get zopectl test to run? Or should I be running the Zope tests some other way? Thanks Geoff ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] Re: running unit tests for Zope 2.8
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Geoff Davis wrote: Hi -- I have a fix for http://www.zope.org/Collectors/Zope/2037 and would like to write a unit test for it. However, I don't seem to be able to run the existing unit tests for SiteAccess with zopectl test. I created a new instance, then in my instance run bin/zopectl test --dir=/opt/Zope-2.8/lib/python/Products/SiteAccess/tests/ which yields the following: Running tests via: /usr/local/bin/python /opt/Zope-2.8/bin/test.py -v --config-file /home/zope/zopefix/etc/zope.conf --libdir Products --dir=/opt/Zope-2.8/lib/python/Products/SiteAccess/tests/ Running unit tests at level 1 Running unit tests from /opt/Zope-2.8/lib/python/Products/SiteAccess/tests Parsing /home/zope/zopefix/etc/zope.conf -- Ran 0 tests in 0.000s Any idea as to why no tests run? Am I missing some special incantation to get zopectl test to run? Or should I be running the Zope tests some other way? The usual drill for testing code in the SOFTWARE_HOME is to run its test.py without the rest of that (no zopectl involved). In your case: $ cd /opt/Zope-2.8/ $ /usr/local/bin/python bin/test.py -v Tres. - -- === Tres Seaver +1 202-558-7113 [EMAIL PROTECTED] Palladion Software Excellence by Designhttp://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFEFhTx+gerLs4ltQ4RAgw/AJ9fuNSW1TyDTPqUQIk8/PQBoln0ZwCfX6Mp N17oI9gUy7dshzn5Hnoo9Lo= =u/dE -END PGP SIGNATURE- ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Re: names starting with '@' are not reserved
Dieter Maurer wrote: Chris McDonough wrote at 2006-3-13 10:21 -0500: ... silly id restrictions ... Here's my current monkeypatch to Zope to unrestrict a good number of characters: def patch_objectmanager_badid(): Causes Zope to be less restrictive in the set of characters it accepts as valid within object identifiers. Added as acceptable: []*'!:@#=+$ import re acceptable = r'[^a-zA-Z0-9-_~,.$\(\)\[\]\*\'\!\:[EMAIL PROTECTED]\#\=\+\$ ]' bad_id = re.compile(acceptable).search import OFS.ObjectManager OFS.ObjectManager.bad_id = bad_id The projects that use this patch have been in use for several years; they predate Five. I of course don't mind continuing to do this, but I'd hate to have to change it temporarily (to fix this bug which actually isn't a bug for me because I don't use Five for these projects) and then change it again when we do the pluggable thing. +1 Looks as if we had very similar project requirements... Chris's and Dieter's requirements seem to even more confirm my proposal that we should propertly factor this out to a name chooser adapter that everyone can configure for themselves. Then this discussion what ObjectManager should do or not do will become irrelevant because it won't do anything anymore :). This is actually how Zope 3 containers work. They perform no name checks *at all*. It's the application (in particular, the adding view) that does it. Yuppie's concern are Zope versions 2.8 and 2.9. I say that we'd just have to live with the fact that objects can shadow views there. Applications like the CMF can make sure that they don't on an application-level, as Chris suggests, preferrably through a name chooser adapter. Philipp This message was sent using IMP, the Internet Messaging Program. ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] Re: running unit tests for Zope 2.8
Hi Geoff, On Mon, 13 Mar 2006 18:04:14 -0500, Geoff Davis wrote: bin/zopectl test --dir=/opt/Zope-2.8/lib/python/Products/SiteAccess/tests/ which yields the following: Running tests via: /usr/local/bin/python /opt/Zope-2.8/bin/test.py -v --config-file /home/zope/zopefix/etc/zope.conf --libdir Products --dir=/opt/Zope-2.8/lib/python/Products/SiteAccess/tests/ Running unit tests at level 1 Running unit tests from /opt/Zope-2.8/lib/python/Products/SiteAccess/tests Parsing /home/zope/zopefix/etc/zope.conf -- Ran 0 tests in 0.000s In my experience the --libdir must point to the *product* root and never to the test dir itself. It seems that the runner iterates through the test, ftest dirs under this root and in your case it finds none (since you are already inside it). So I would use bin/zopectl test --libdir=/opt/Zope-2.8/lib/python/Products/SiteAccess If I would want to run test from a specific file only, I would add the filename filter to the end like bin/zopectl test --libdir=/opt/Zope-2.8/lib/python/Products/SiteAccess \ Products/SiteAccess/tests/test_one.py and so on... -- Balazs Ree jabber + email: [EMAIL PROTECTED] ICQ: 75955071 AIM + skype: reebalazs ___ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
