[Zope-dev] Zope Tests: 5 OK

2008-07-10 Thread Zope Tests Summarizer
Summary of messages to the zope-tests list.
Period Wed Jul  9 11:00:00 2008 UTC to Thu Jul 10 11:00:00 2008 UTC.
There were 5 messages: 5 from Zope Tests.


Tests passed OK
---

Subject: OK : Zope-2.8 Python-2.3.6 : Linux
From: Zope Tests
Date: Wed Jul  9 21:00:51 EDT 2008
URL: http://mail.zope.org/pipermail/zope-tests/2008-July/009830.html

Subject: OK : Zope-2.9 Python-2.4.4 : Linux
From: Zope Tests
Date: Wed Jul  9 21:02:21 EDT 2008
URL: http://mail.zope.org/pipermail/zope-tests/2008-July/009831.html

Subject: OK : Zope-2.10 Python-2.4.4 : Linux
From: Zope Tests
Date: Wed Jul  9 21:03:51 EDT 2008
URL: http://mail.zope.org/pipermail/zope-tests/2008-July/009832.html

Subject: OK : Zope-2.11 Python-2.4.4 : Linux
From: Zope Tests
Date: Wed Jul  9 21:05:22 EDT 2008
URL: http://mail.zope.org/pipermail/zope-tests/2008-July/009833.html

Subject: OK : Zope-trunk Python-2.4.4 : Linux
From: Zope Tests
Date: Wed Jul  9 21:06:52 EDT 2008
URL: http://mail.zope.org/pipermail/zope-tests/2008-July/009834.html

___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] zope.app.authentication broken!

2008-07-10 Thread Christophe Combelles

Roger Ineichen a écrit :

hi

I'm pretty sure the container changes are not compatible because of
some bad __init__ methods in inherited classes in other packages.

But that's not the fault of the refactoring that is correct 
as far as I can see.


zope.app.authentication.groupfolder.py

class GroupFolder(BTreeContainer):



def __init__(self, prefix=u''):
self.prefix=prefix
super(BTreeContainer,self).__init__()



The *super(BTreeContainer,self).__init__()* will
not initialize the right thing here. right?

What was the reason of calling:
super(BTreeContainer,self).__init__()
instead of:
super(GroupFolder, self).__init__()

btw, did someone run the tests with all packages that depend
on zope.app.container?


I would like to do this. How can I know all the packages that depend on 
zope.app.container? What is the procedure? Then how can I run all the tests?


Christophe




Regards
Roger Ineichen
_
END OF MESSAGE

___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce

 http://mail.zope.org/mailman/listinfo/zope )




___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] zope.app.authentication broken!

2008-07-10 Thread Christophe Combelles

Christophe Combelles a écrit :

Roger Ineichen a écrit :

hi

I'm pretty sure the container changes are not compatible because of
some bad __init__ methods in inherited classes in other packages.

But that's not the fault of the refactoring that is correct as far as 
I can see.


zope.app.authentication.groupfolder.py

class GroupFolder(BTreeContainer):



def __init__(self, prefix=u''):
self.prefix=prefix
super(BTreeContainer,self).__init__()



The *super(BTreeContainer,self).__init__()* will
not initialize the right thing here. right?

What was the reason of calling:
super(BTreeContainer,self).__init__()
instead of:
super(GroupFolder, self).__init__()

btw, did someone run the tests with all packages that depend
on zope.app.container?


I would like to do this. How can I know all the packages that depend on 
zope.app.container? What is the procedure? Then how can I run all the 
tests?



ok, it's explained in zope.kgs




Christophe




Regards
Roger Ineichen
_
END OF MESSAGE

___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists -  http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )




___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )




___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )


AW: [Zope-dev] zope.app.authentication broken!

2008-07-10 Thread Roger Ineichen
Hi Chritophe

 Betreff: Re: [Zope-dev] zope.app.authentication broken!

[...]

  btw, did someone run the tests with all packages that depend on 
  zope.app.container?
  
  I would like to do this. How can I know all the packages 
 that depend 
  on zope.app.container? What is the procedure? Then how can 
 I run all 
  the tests?
 
 
 ok, it's explained in zope.kgs

Yeah, thanks!

I already released the zope.app.authentication package fix.

Regards
Roger Ineichen

  Christophe

___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] ZCatalog sorting issue

2008-07-10 Thread Martijn Jacobs

Wat denk je hiervan?


Hello.

In zope 2.10.5 (and probably 2.10.6 and 2.11 and, as I've read, all 
releases above 2.7) we've encountered a sorting bug in a dtml-in call

when querying the catalog. I don't think it's dtml only related, but I'm
not sure about that. It is the same bug as found on :

https://bugs.launchpad.net/zope2/+bug/143504

Adding

def __cmp__(self, other): return 0

to

Products.ZCatalog.CatalogBrains.AbstractCatalogBrain

seems to correct the problem though and I was wondering why this isn't
added in the zope core. Does it break other stuff or should the problem
fixed somewhere else? Somebody has some thoughts?



Regards,


Martijn

--
Martijn Jacobs
Four Digits, Internet Solutions

a: Willemsplein 15-1 6811 KB Arnhem NL
kvk: 09162137 | btw: 8161.22.234.B01
e-mail: [EMAIL PROTECTED] | web: http://www.fourdigits.nl
tel: +31 (0)26 44 22 700 | fax: +31 (0)84 22 06 117


___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] Proposal: add form support to zope.session.http.CookieClientIdManager

2008-07-10 Thread Jim Fulton


As it's name implies, the CookieClientIdManager manages HTTP client  
ids using HTTP cookies. Recently, I've found it to be useful to be  
able to get a client id via form data.  The reason is that flash  
programs don't send browser cookies.  This bit me when trying to use  
the YUI uploader, http://developer.yahoo.com/yui/uploader/, which uses  
a flash program to select and upload files.  I'm using session  
authentication and the only way I found to make it possible to upload  
files to protected pages was to pass the client id as form data.  I  
have a custom client id manager that gets the id from form data as  
well as from a cookie.  I propose to merge this with  
CookieClientIdManager.


Any objections?

Jim

--
Jim Fulton
Zope Corporation


___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )


AW: [Zope-dev] Proposal: add form support tozope.session.http.CookieClientIdManager

2008-07-10 Thread Roger Ineichen
Hi Jim

 Betreff: [Zope-dev] Proposal: add form support 
 tozope.session.http.CookieClientIdManager
 
 
 As it's name implies, the CookieClientIdManager manages HTTP 
 client ids using HTTP cookies. Recently, I've found it to be 
 useful to be able to get a client id via form data.  The 
 reason is that flash programs don't send browser cookies.  
 This bit me when trying to use the YUI uploader, 
 http://developer.yahoo.com/yui/uploader/, which uses a flash 
 program to select and upload files.  I'm using session 
 authentication and the only way I found to make it possible 
 to upload files to protected pages was to pass the client id 
 as form data.  I have a custom client id manager that gets 
 the id from form data as well as from a cookie.  I propose to 
 merge this with CookieClientIdManager.
 
 Any objections?

Does this bring in new dependencies to zope.session?
if not moreDependencies:
+1
else:
-1

btw, I hope it will be still possible to remove the 
zope.app.appsetup somedays from the zope.session package.

Regards
Roger Ineichen


 Jim
 
 --
 Jim Fulton
 Zope Corporation

___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] zope.testing releases on PyPI

2008-07-10 Thread Jim Fulton


On Jul 9, 2008, at 11:37 PM, Andreas Jung wrote:



Hi,

the zope.testing releases on PyPI are apparently a bit weird.

- zope.testing 3.5.1 has been the latest released version on PyPI
 last week
- I created V 3.5.2 on Sunday. Phillip granted me access to the
 zope.testing package on PyPI in order to upload 3.5.2 (which worked)
- I created V 3.5.3 yesterday morning. Uploading the egg was  
impossible

 because I had no longer rights (in fact permissions are currentl
 only granted to Jim and Fred Drake (not even Phillip)
- search for zope.testing on PyPI leads me to version 3.0 instead  
of 3.5.1


Does anyone know what happened here?



Of course not. :)

I suggest asking the catalog-sig.  I suspect someone restored the db  
from backup. That or database corruption of some sort. Relational DBs  
are s unreliable. ;)


Jim

--
Jim Fulton
Zope Corporation


___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )


Re: AW: [Zope-dev] Proposal: add form support tozope.session.http.CookieClientIdManager

2008-07-10 Thread Jim Fulton


On Jul 10, 2008, at 9:28 AM, Roger Ineichen wrote:


Hi Jim


Betreff: [Zope-dev] Proposal: add form support
tozope.session.http.CookieClientIdManager


As it's name implies, the CookieClientIdManager manages HTTP
client ids using HTTP cookies. Recently, I've found it to be
useful to be able to get a client id via form data.  The
reason is that flash programs don't send browser cookies.
This bit me when trying to use the YUI uploader,
http://developer.yahoo.com/yui/uploader/, which uses a flash
program to select and upload files.  I'm using session
authentication and the only way I found to make it possible
to upload files to protected pages was to pass the client id
as form data.  I have a custom client id manager that gets
the id from form data as well as from a cookie.  I propose to
merge this with CookieClientIdManager.

Any objections?


Does this bring in new dependencies to zope.session?


No.

Jim

--
Jim Fulton
Zope Corporation


___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] zope.testing releases on PyPI

2008-07-10 Thread Stephan Richter
On Wednesday 09 July 2008, Andreas Jung wrote:
  - search for zope.testing on PyPI leads me to version 3.0 instead of
 3.5.1

I think this is because all releases are visible. And it probably picks the 
first visible one and not the last. I do not have access zope.testing to 
verify that theory.

Regards,
Stephan
-- 
Stephan Richter
Web Software Design, Development and Training
Google me. Zope Stephan Richter
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists -
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] transaction.doom() and ZPublisher

2008-07-10 Thread Brian Sutherland
On Thu, Jul 10, 2008 at 12:12:06AM -0400, Paul Winkler wrote:
 Hi,
 
 I noticed that Zope 2.11 includes a recent version of the transaction
 module including the transaction.doom() method.  But I don't see any
 check for it in ZPublisher.
 
 So, if any code calls transaction.doom(), the publisher will raise a
 user-visible exception when it tries to call commit().  This seems
 less than useful :-)
 
 In the discussion I've seen of this method, eg.
 https://bugs.launchpad.net/zope3/+bug/98382 and
 http://markmail.org/message/3yshpmltvhevnrff it sounds like other
 people share my expectation... namely, that the developer should not
 have to do anything special after calling transaction.doom(); the
 transaction is not committed, and the user won't see an exception.

Yes.

 
 Is that the concensus? If so, there's an easy solution -
 apply something like the attached patch.
 
 Anybody disagree?

I havn't investigated properly, but it may be necessary to do the
isDoomed() check at a higher level where you can abort. Code running
after the commit() expects a new transaction and now will not get that.

Other than that, an explicit abort() if the transaction is doomed may be
sufficient.

Zope3 does:

 def afterCall(self, request, ob):
 txn = transaction.get()
if txn.isDoomed():
txn.abort()
else:
self.annotateTransaction(txn, request, ob)
txn.commit()

 
 
 -- 
 
 Paul Winkler
 http://www.slinkp.com

 --- Zope2/App/startup.py~ 2008-06-14 02:50:23.0 -0400
 +++ Zope2/App/startup.py  2008-07-10 00:08:02.0 -0400
 @@ -267,7 +267,8 @@
  transaction.begin()
  
  def commit(self):
 -transaction.commit()
 +if not transaction.isDoomed():
 +transaction.commit()
  
  def abort(self):
  transaction.abort()
 --- ZPublisher/Publish.py~2008-06-14 02:50:48.0 -0400
 +++ ZPublisher/Publish.py 2008-07-10 00:08:08.0 -0400
 @@ -314,7 +314,8 @@
  def begin(self):
  transaction.begin()
  def commit(self):
 -transaction.commit()
 +if not transaction.get().isDoomed():
 +transaction.commit()
  def abort(self):
  transaction.abort()
  def recordMetaData(self, object, request):
 --- ZPublisher/WSGIPublisher.py~  2008-06-14 02:50:48.0 -0400
 +++ ZPublisher/WSGIPublisher.py   2008-07-09 23:59:57.0 -0400
 @@ -401,7 +401,8 @@
  def begin(self):
  transaction.begin()
  def commit(self):
 -transaction.commit()
 +if not transaction.get().isDoomed():
 +transaction.commit()
  def abort(self):
  transaction.abort()
  def recordMetaData(self, object, request):

 ___
 Zope-Dev maillist  -  Zope-Dev@zope.org
 http://mail.zope.org/mailman/listinfo/zope-dev
 **  No cross posts or HTML encoding!  **
 (Related lists - 
  http://mail.zope.org/mailman/listinfo/zope-announce
  http://mail.zope.org/mailman/listinfo/zope )


-- 
Brian Sutherland
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] Re: Deprecation warnings from 2.11.0

2008-07-10 Thread Sidnei da Silva
On Fri, Jul 4, 2008 at 3:12 PM, Chris Withers [EMAIL PROTECTED] wrote:
 Did we as a community really release a stable version that emits deprecation
 warnings?! :-(

We did (/me hides).

-- 
Sidnei da Silva
Enfold Systems http://enfoldsystems.com
Fax +1 832 201 8856 Office +1 713 942 2377 Ext 214
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] zope.testing releases on PyPI

2008-07-10 Thread Wichert Akkerman
Previously Stephan Richter wrote:
 On Wednesday 09 July 2008, Andreas Jung wrote:
   - search for zope.testing on PyPI leads me to version 3.0 instead of
  3.5.1
 
 I think this is because all releases are visible. And it probably picks the 
 first visible one and not the last. I do not have access zope.testing to 
 verify that theory.

Pypi always marks the last upload as the only visible version, which
means Andreas's two uploads should have been visible. A quick peek at
http://pypi.python.org/simple/zope.testing/ shows that 3.5.2 really was
removed.

Wichert.


-- 
Wichert Akkerman [EMAIL PROTECTED]It is simple to make things.
http://www.wiggy.net/   It is hard to make things simple.
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] RestrictedPython implementation in zope2.

2008-07-10 Thread ranjith kannikara
Hello,

During the porting of zope2 to python2.5 I am in need and guidance on
doing the security auditing of RestrictedPython for python2.5 . Now a
person named Chris Withers had volunteered for helping. And I will be
happy to get guidance and help from Chris Withers.
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] Re: Zope3 installation on windows - how?

2008-07-10 Thread Philipp von Weitershausen

Hermann Himmelbauer wrote:

And there's once again this mingw32 problem.

4) Next, I tried zopeproject:
$ easy_install zopeproject
$ zopeproject HelloWorld

First, zopeproject does not install the packages into the Python 
site-packages,


That's *intended*. That's, in fact, much better than stuffing about a 
100 eggs into site-packages...


What can I do? Is there perhaps some precompiled Windows distribution for 
Zope-3.4 available?


All Zope 3.4 packages that have C extensions are available as Windows 
binaries, though perhaps not in all versions. The versions in the KGS 
should all be available as Windows binaries, though. Just include 
http://download.zope.org/zope3.4/versions.cfg in your buildout.cfg.


___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] PAULA: bringing Zope 3's authentication to Plone and beyond

2008-07-10 Thread Florian Friesdorf
Hi *,

within the scope of google summer of code I am integrating zope 3's PAU with
Plone's PAS and further enable (non-AT) content objects as source for users and
groups. All functionality is developed in pure zope3, the plone integration is
happening in a separate packages.

All documents describing the project, as well as links to the code can be found
here:

https://chaoflow.net/projects/gsoc2008/z3membrane-ldap

The code is not very interesting right now, but now would be the time to take
any influence on what will be created during the next month - I am planning to
continue to work on the project after the SoC.

I will keep you updated on major advancements of the code.

regards
florian


pgpzsuZPKGBBl.pgp
Description: PGP signature
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] PAULA: bringing Zope 3's authentication to Plone and beyond

2008-07-10 Thread Florian Friesdorf
Hi *,

within the scope of google summer of code I am integrating zope 3's PAU with
Plone's PAS and further enable (non-AT) content objects as source for users and
groups. All functionality is developed in pure zope3, the plone integration is
happening in a separate packages.

All documents describing the project, as well as links to the code can be found
here:

https://chaoflow.net/projects/gsoc2008/z3membrane-ldap

The code is not very interesting right now, but now would be the time to take
any influence on what will be created during the next month - I am planning to
continue to work on the project after the SoC.

I will keep you updated on major advancements of the code.

regards
florian


pgpcAnljBl3DE.pgp
Description: PGP signature
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] Re: [Plone-developers] PAULA: bringing Zope 3's authentication to Plone and beyond

2008-07-10 Thread Wichert Akkerman
Previously Florian Friesdorf wrote:
 Hi *,
 
 within the scope of google summer of code I am integrating zope 3's PAU with
 Plone's PAS and further enable (non-AT) content objects as source for users 
 and
 groups. All functionality is developed in pure zope3, the plone integration is
 happening in a separate packages.
 
 All documents describing the project, as well as links to the code can be 
 found
 here:
 
 https://chaoflow.net/projects/gsoc2008/z3membrane-ldap

The one thing I am missing is: why? PAS works fine and covers a lot more
functionality than PAU and there are more PAS plugins than PAU plugins.
It's also perfectly possible to use non-AT content as source for users
with PAS as well as tools such as b-org demonstrate.

Wichert.

-- 
Wichert Akkerman [EMAIL PROTECTED]It is simple to make things.
http://www.wiggy.net/   It is hard to make things simple.
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] Re: [Plone-developers] PAULA: bringing Zope 3's authentication to Plone and beyond

2008-07-10 Thread Wichert Akkerman
Previously Philipp von Weitershausen wrote:
 Wichert Akkerman wrote:
  Previously Florian Friesdorf wrote:
  Hi *,
 
  within the scope of google summer of code I am integrating zope 3's PAU 
  with
  Plone's PAS and further enable (non-AT) content objects as source for 
  users and
  groups. All functionality is developed in pure zope3, the plone 
  integration is
  happening in a separate packages.
 
  All documents describing the project, as well as links to the code can be 
  found
  here:
 
  https://chaoflow.net/projects/gsoc2008/z3membrane-ldap
  
  The one thing I am missing is: why? PAS works fine and covers a lot more
  functionality than PAU and there are more PAS plugins than PAU plugins.
  It's also perfectly possible to use non-AT content as source for users
  with PAS as well as tools such as b-org demonstrate.
 
 Exactly. I don't mean to pee on anybody's parade here, but IMHO Wichert 
 is right. To be constructive, I think it'd be much more interesting to 
 investigate hooking Plone up to an external authentication mechanism 
 such as repoze.who.

Doesn't repoze already have a PAS plugin to do just that?

Wichert.

-- 
Wichert Akkerman [EMAIL PROTECTED]It is simple to make things.
http://www.wiggy.net/   It is hard to make things simple.
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] Re: [Plone-developers] PAULA: bringing Zope 3's authentication to Plone and beyond

2008-07-10 Thread Philipp von Weitershausen

Wichert Akkerman wrote:

Previously Florian Friesdorf wrote:

Hi *,

within the scope of google summer of code I am integrating zope 3's PAU with
Plone's PAS and further enable (non-AT) content objects as source for users and
groups. All functionality is developed in pure zope3, the plone integration is
happening in a separate packages.

All documents describing the project, as well as links to the code can be found
here:

https://chaoflow.net/projects/gsoc2008/z3membrane-ldap


The one thing I am missing is: why? PAS works fine and covers a lot more
functionality than PAU and there are more PAS plugins than PAU plugins.
It's also perfectly possible to use non-AT content as source for users
with PAS as well as tools such as b-org demonstrate.


Exactly. I don't mean to pee on anybody's parade here, but IMHO Wichert 
is right. To be constructive, I think it'd be much more interesting to 
investigate hooking Plone up to an external authentication mechanism 
such as repoze.who.


___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] Re: PAULA: bringing Zope 3's authentication to Plone and beyond

2008-07-10 Thread Philipp von Weitershausen

Wichert Akkerman wrote:

Previously Philipp von Weitershausen wrote:

Wichert Akkerman wrote:

Previously Florian Friesdorf wrote:

Hi *,

within the scope of google summer of code I am integrating zope 3's PAU with
Plone's PAS and further enable (non-AT) content objects as source for users and
groups. All functionality is developed in pure zope3, the plone integration is
happening in a separate packages.

All documents describing the project, as well as links to the code can be found
here:

https://chaoflow.net/projects/gsoc2008/z3membrane-ldap

The one thing I am missing is: why? PAS works fine and covers a lot more
functionality than PAU and there are more PAS plugins than PAU plugins.
It's also perfectly possible to use non-AT content as source for users
with PAS as well as tools such as b-org demonstrate.
Exactly. I don't mean to pee on anybody's parade here, but IMHO Wichert 
is right. To be constructive, I think it'd be much more interesting to 
investigate hooking Plone up to an external authentication mechanism 
such as repoze.who.


Doesn't repoze already have a PAS plugin to do just that?


Ah, that's right: http://svn.agendaless.com/Products.whoopass. That 
doesn't mean it could be integrated better, though, for instance UI-wise...


___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] RestrictedPython implementation in zope2.

2008-07-10 Thread Stephan Richter
On Thursday 10 July 2008, ranjith kannikara wrote:
 During the porting of zope2 to python2.5 I am in need and guidance on
 doing the security auditing of RestrictedPython for python2.5 . Now a
 person named Chris Withers had volunteered for helping. And I will be
 happy to get guidance and help from Chris Withers.

Since I am heavily using Python 2.5 and RestrictedPython, I gave zope.proxy a 
good shake. I also looked at the safe builtins declarations and updated them. 
I have not yet reviewed the byte code hacks, which is the most complicated 
aspect. How much experience do you have with the Python AST implementation?

You basically need to find out how the AST changed from Python 2.4 to 2.5 and 
then make sure that every attribute and item access is overwritten with the 
secure lookup version.

Regards,
Stephan
-- 
Stephan Richter
Web Software Design, Development and Training
Google me. Zope Stephan Richter
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] RestrictedPython implementation in zope2.

2008-07-10 Thread Martijn Faassen
Hey Stephan,

It's good to know we have some eyes on this particular topic. Thanks
Stephan! I talked to Chris about this at the EuroPython conference
after Chris started offering free beer and even bottles of champagne
for people who could point out flaws (beer) and submit fixes with
tests (champagne). Unfortunately for everybody now suddenly hopeful
this offer has since expired (nobody took him up on it during
EuroPython :).

Hopefully we can distribute some hints and tips on this amongst us.
Being a summer of code student, the student is in there also for the
learning exercise after all, so perhaps this is an opportunity to
learn a little about the AST. That said, if Ranjith gets stuck we
would understand just fine, and just a report by Ranjith on the status
of his researches for be valuable for whoever comes and tries to fix
it after him (as this does need to get fixed in some way).

Regards,

Martijn
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] zope.testing 3.6.0 released

2008-07-10 Thread Benji York
3.6.0 of zope.testing is out with my subprocess parallelization branch
merged (plus I fixed a few bugs in the trunk).  There were several
other changes, here's the pertinent part of the release notes:

- Added -j option to parallel tests run in subprocesses.

- RENormalizer accepts plain Python callables.

- Added --slow-test option.

- Added --no-progress and --auto-progress options.

- Complete refactoring of the test runner into multiple code files and a
  more modular (pipeline-like) architecture.

- Unified unit tests with the layer support by introducing a real unit
  test layer.

- Added a doctest for ``zope.testing.module``. There were several bugs
  that were fixed:

  * ``README.txt`` was a really bad default argument for the module
name, as it is not a proper dotted name. The code would immediately
fail as it would look for the ``txt`` module in the ``README``
package. The default is now ``__main__``.

  * The tearDown function did not clean up the ``__name__`` entry in the
global dictionary.

  * Fix a bug that caused a SubprocessError to be generated if a
subprocess sent any output to stderr.

  * Fix a bug that caused the unit tests to be skipped if run in a
subprocess.

-- 
Benji York
Senior Software Engineer
Zope Corporation
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )