, depending of when you want the properties from
the transparent folder to be aqcuirable you might be able to wrap the object
by calling __of__ instead of overriding it.
Best Regards
Lennart Regebro, Torped
http://www.easypublisher.com/
___
Zope-Dev
I couldn't find the documentation on what -S does as a parameter to z2.py.
From reading the source it seems that it adds the restart button in the Zope
control panel. Is that correct?
Best Regards
Lennart Regebro, Torped
http://www.easypublisher.com
From: Craeg K Strong [EMAIL PROTECTED]
Does anyone know how to change the current AUTHENTICATED_USER
programmatically?
This may be possible with cookie based authentication.
___
Zope-Dev maillist - [EMAIL PROTECTED]
From: Andreas Kostyrka [EMAIL PROTECTED]
To: Lennart Regebro [EMAIL PROTECTED]
You shouldn't, really.
Why not?
Because that's not how it's supposed to work. You can override __getattr__
to have special magick attributes. Acquisition is not a special magick
attribute. __getattr__ is only
From: Andreas Kostyrka [EMAIL PROTECTED]
But my attributes are not normal. So I should generate them by
__getattr__. Only by noticing that I could get the same effect by
putting my attribute source in front of my object in the acquisition
chain.
The question is still, how does one a
on it yet.
Best Regards
Lennart Regebro, Torped
http://www.easypublisher.com/
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org
will '-' be used.
Best Regards
Lennart Regebro
Torped Strategi och Kommunikation AB
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org
credit points. An explanation to why
the first version works gets 100 points! :-)
Best Regards
Lennart Regebro, Torped
http://www.easypublisher.com/
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
From: Casey Duncan [EMAIL PROTECTED]
This is in no way a defense of the release tactics for 2.6.0, but
these types of changes should be done on their own branch and
then merged in atomically to avoid exactly this type of issue.
They were. There were two independant, but related, bugs. Both
, reading in RFC 2822, the origination date-field is required, which
means that the header munging done in MailHost should also look for a date
header and add it if it doesn't exist.
Best Regards
Lennart Regebro, Torped
http://www.easypublisher.com
From: Lennart Regebro [EMAIL PROTECTED]
Indeed, reading in RFC 2822, the origination date-field is required, which
means that the header munging done in MailHost should also look for a date
header and add it if it doesn't exist.
A simple addition of:
if not mo.getheader('Date
Lennart Regebro, Torped
http://www.easypublisher.com/
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope
From: John Barratt [EMAIL PROTECTED]
Do you mean it only gets [called] when standard (instance class based)
searching methods fail?
Yes. At least, this is what the documentation sais, and it seems to be true
as far as I can see.
Object Manager doesn't specifically, but Implicit does, you can
involved.
Best Regards
Lennart Regebro
http://www.easypublisher.com/
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman
From: Clemens Robbenhaar [EMAIL PROTECTED]
I guessed a little hint about this incompatibility in the release notes
would have been nice, but I can find nothing in this regard.
I don't think anybody really was aware of it... :-/
It has to be fixed to 2.6.1 of course.
The question is: Should
From: Andreas Jung [EMAIL PROTECTED]
Someone posted already a fix for this problem. It should not be hard to
fix
this single problem by exchanging the DateTime.py file on your sites
Yep, it's on http://www.zope.org/Members/regebro/ somewhere.
But I agree that it's time for a bugfix release
From: Chris McDonough [EMAIL PROTECTED]
Sometimes
going through the CVS logs for the module in which the bug is in, you
can tell who has most recently been involved in that code and send them
an email about the bug.
Heh. Never worked for me. Ah well, now I can fix things myself instead. :-)
.
Best Regards
Lennart Regebro
Torped Strategi och Kommunikation AB
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo
What would the arguments be for sticking with Zope 2.1.3 for Zope 2.7? I
feel most people want to use the latest and greatest versions, usually...
Or?
Of course, if the requirement could be 2.1.3 *or* 2.2.2, that would be nice,
but is that realistic?
It's true, you know. Zope and python does reduce my rate of new grey hair
addition. :-)
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
From: maxm [EMAIL PROTECTED]
Usually a private method is used purely as a mean of implementation. And
should never be called from other objects. This is not the case here, as
the method is clearly a part of the api.
Well, no, it isn't really, since it starts with _. However, python do not in
From: Max M [EMAIL PROTECTED]
Sorry but I don't see that. How on earth are you suposed to add an
object to an objectmanager, if you don't use _setObject() ??
You use another method that in turn calls _setObject.
Now you may argue that there should be a public method that does the same,
but
John Ziniti wrote:
Any ZODB developers read this article at /. and the accompanying
one at developerWorks? Would anyone care to comment about
the relevance/comparisons of prevalence to the concepts of
persistence used in ZODB and/or ZEO?
Steve Alexander wrote:
This is possible. But, the problem remains that both a and b (in your
example above) are evaluated.
I don't see the problem with that, unless a or b actually do stuff, and
modify stuff, and if it does, in ZPT it should then be put into a
script, since the template
My answer to this is:
1. Protecting yourself from your users:
Zope fine grained acces control means that you can set up access
restrictions that do exactly what you want and let user do what they
need, and prevents them from doing what they should not.
Obviously you can also make everybody do
[EMAIL PROTECTED] wrote:
When I run the Zope install script on a freshly installed Zope, and my
Product is already there, it complains that the *.py scripts (aimed for
import) would be invalid, because there are return-, but no def statements.
Thus, installation fails; I must first remove my
Leonardo Rochael Almeida wrote:
Hi people,
It's been some time now since we last had a bug day. Should we have
another one?
I'd like one. :)
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross
Chris Withers wrote:
Leonardo Rochael Almeida wrote:
How about the next Wed after that (9/4)?
That works for me :-)
I'm fine with any of it. (Although the first wednesday is slightly better).
___
Zope-Dev maillist - [EMAIL PROTECTED]
Brad Clements wrote:
Sorry if is OT.
I'd like ZODB and Zope to support Revisions. That is, historical copies that do not get
removed when ZODB is packed.
Does the Version mechanism contribute to this kind of functionality?
No, not really. Maybe it can be coached into doing it, but not without
Paul Winkler wrote:
To anyone not following the Problem committing zope 'version' objects
thread on [EMAIL PROTECTED]: It's been proposed that Versions should be
at least stamped in the ZMI with big warnings, or possibly disabled
altogether. Numerous users have been bit by the fact that
Shane Hathaway wrote:
I really wouldn't mind if we just disabled version support altogether,
with a configuration option to re-enable it. Perhaps users would
appreciate having less to worry about.
I still think this is the best idea. If this is not possible, then at
least removing it from the
Brian Lloyd wrote:
Hi all -
We had been planning to make a Zope 2.7a1 release on Friday,
and another 2.6.2 beta soon as well. Someone noted (rightly!)
that it would be ideal if we could have a bugday first.
So I'll propose next Tuesday the 16th be bug day, and we'll
plan to make both
Hi guys!
I've been hacking around a bit with Zope to try to support some
non-ascii characters in the id's. Yes, I know it looks ugly in the URL's
but when you go via WebDAV, that is not an issue. :)
Anyhow, getting your Zope-object to accept non-ascii characters is not
that hard, of course.
Leonardo Rochael Almeida wrote:
If you set the management_page_charset property to utf-8 in a folder
(even the root folder) then Zope will inform the browser that the
charset of the management pages of this folder and all subobjects is
utf-8 and the IDs in the folder listing page will look right.
I've been fiddling around with Zope and WebDAV and have some questions.
1. UTF-8 support.
WebDAV requires UTF-8 support. I've been using Litmus
(http://www.webdav.org/neon/litmus/) to test the Zope access, and by
default it doesn't accept UTF-8 names. How does people for example in
China and
Hiya everyone!
I didn't get any response on my last post, so I'm charging ahead full speed.
The fact that litmus complains about Zope's inability to accept UTF-8
filenames is something I view as a bug. It can be fixed simply by
changing the default _checkid() implementation to allow extended
Andreas Jung wrote:
This issue has been discussed several times in the past.
Probably, but infortunately I can't find anything about it.
Toby Dickenson wrote:
On Monday 20 October 2003 15:01, Lennart Regebro wrote:
The fact that litmus complains about Zope's inability to accept UTF-8
filenames
With Zope 2.6, you get an unhelpful error message about manage_FTPget
not existing. With the changes I have just checked in, you now instead
get an attribute error for most objects. (If the object does not inherit
from webdav.Resource you still get an not found message).
Nobody is relying on
Hi all!
I'm gonna try to verbalize my thoughts on this subject, but they are
still quite fuzzy, so bear with me if I sound confused. :) And sorry for
the length of tha mail...
Today there are many parts involved in the Member Data Waltz (or is it a
two-step). There is the user folder, of
Miles Waller wrote:
AFAICS, CMFMember covers two sets of requirements:
- put members through a workflow
Very useful.
- use archetypes to configure member objects which behave like
normal zope objects
I'm not familiar enough with archetypes to tell what the actual benefits
of this is.
Sidnei da Silva wrote:
One of the benefits is to be able to plug your own storage
layer. There is a SQLStorage layer provided by default.
As I understand it, this would be useful if you want one field from an
SQL server and one from LAP, for example, but not if you want one user
from LDAP and
Gregory Dudek wrote:
Is there no way to provide a workaround or option akin to my patch for
those who want to support those non-compliant browsers.
Well, you can patch your instance so that all 500 errors is made into
something else. I wouldn't recommend it though.
Not doing anything will
CookieCrumbler doesn't seem to allow cookie authenticifation over
WebDAV. It stops authentication if the request is not PUT, GET or POST
and also it stops anything over the webdav source port.
Anybody knows WHY?
I took this code for my Cookie Identification plugin for
PLuggableUserFolder, so
Casey Duncan wrote:
CookieCrumbler is expressly designed for interactive login with a
human through a web browser. It steps out of the way for WebDAV
because it is not appropriate to subvert the normal HTTP
authentication mechanism in that case. WebDAV clients cannot display
the HTML login form
From: Yuppie [EMAIL PROTECTED]
1.) absolute_url(relative=1) behaves different
--
'relative' was changed from 'relative to site object' to 'relative to
server root'. This is an API change and breaks Products like CMF.
See
Please excuse my impatiance, but sometimes I just think it's obvious that
I'm right, and that people don't listen.
My experience of this is that I'm wrong in at least half of the cases, so
that is probably what has happened now too.
However, I took a look at the issue, and ended up with the
From: Yuppie [EMAIL PROTECTED]
Quick?
Yeah, yeah. I was fast once I actually did it. :-)
Please be careful with method names that might already be in use in some
products. Google says Silva uses a getVirtualRoot() method.
And EasyPublisher uses all of these already.
Why not using REQUEST
From: Clemens Robbenhaar [EMAIL PROTECTED]
Please be careful with method names that might already be in use in
some
products. Google says Silva uses a getVirtualRoot() method.
... which is defined in an adapter-style class which is not
implementing Traversable itself, so there is no
From: robert [EMAIL PROTECTED]
when I give a local role to a folder, this local role is inheritet in the
subfolders. Can I prevent this?
No.
Or yes. :-)
There is a patch available that lest you do this:
http://zope.org/Members/regebro/LRBlacklist
Warning, it's quite old and not tested with
From: robert [EMAIL PROTECTED]
it is a pity that zope does not work like that.
Yes. One of the ideas of the PluggableUserFolder that I have developed is to
make the user folder so flexible that several features like this can be
build and coexist. It should be possible to write a local roles
I'm having serious trouble in getting HEAD running in Windows. Obviously,
configure doesn't work. :-)
I found something on zope.org telling me to run python inst\configure.py
and in in turn tells me to run nmake build. This builds Zope, but creates no
z2.py or runzope.py or anything like that.
Leonardo Rochael Almeida wrote:
IMHO, this is broken behaviour. If you try to use an URL to locate an
object, the only sane behaviour is to feed this URL to an URL api
(probably in the REQUEST object) to get it mapped to a physical path.
(Un)RestrictedTraverse can do this, right? Or does that
Paul Winkler wrote:
As a frequent (ab)user of '/'+absolute_url(1), which did indeed
bite me when i deployed to an inside out apache setup,
I thought I'd try this out... I think you
meant BASEPATH1+'/'+absolute_url(1)?
I would like to know:
1. Exactly what is an inside out apache setup.
2. What is
Paul Winkler wrote:
See the About tab on VHM.
OK, good.
Inside out is mentioned
numerous times in this thread.
Yeah, I know, but I was getting confused to what it actually ment.
The result that I got by doing BASEPATH1+'/'+absolute_url(1)
as described in my previous message. I thought that was
Eric Roby wrote:
We are trying to make a 'folderish' (WebDAV Collection) class appear as
a WebDAV Resource to WebDAV clients. I won't go into the reasons why we
want to do this unless someone is interested. We have made several
attempts at this but have been unsuccessful to date. Rather than go
From: Evan Simpson [EMAIL PROTECTED]
Lennart proposed additional methods, but I'm going to work on that in
the post-2.7 branches, since I really want to clean up this mess
properly, and beta 3 isn't the time.
I totally agree. This is new features, introducing that in a beta3 seems
very bad. I
OK, I think I found the trick!
Heres the steps:
C:\Python23\python.exe inst\configure.py
Edit the Makefile.
nmake install
C:\Python23\python.exe bin\mkzopeinstance.py
___
Zope-Dev maillist - [EMAIL PROTECTED]
I just checked in (on regebro-esmpt_support-branch) support for setting a
username and password on the mailhost. Very nice and easy fix, and lot's of
people want it.
But I realized that what you actually might want is to have different login
and password for each user, that is a possibility to
Done (HEAD only of course). Enjoy.
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
I have to agree with the recommendations of never running Zope with the OS
Python. In fact, I usually don't even get it to work, since the OS Python
have a tendency to not include modules included in the standard Python
distribution, or behave weridly in some other way. For example, OpenBSD's
John Poltorak wrote:
I woulde be interested in converting an existing web site with numerous
fairly static pages into one managed by Zope.
How would I go about doing this?
It seems pretty tedious having to upload each file individually, which is
the only way I have found of doing it so far.
Douwe Osinga wrote:
Do other people recognize this pattern? Other solutions?
With DTML this is indeed the way to go. The other solution with be to
use ZPT.
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
**
From: Chris McDonough [EMAIL PROTECTED]
Installing 2.7.0rc2 windows zope installer, i noticed that it uses
hard-coded value for instance directory. The proposed value is
C:\Zope-Instance. However, some users (me :) don't have C: drive. For
some reasons windows choose G: letter for boot
From: Chris McDonough [EMAIL PROTECTED]
The old installer didn't create an instance home, it just created a
software home. The software home is still put into program files by the
new installer.
Ah. Well, I'm not sure I think C:\ is such a good place for the default
anyway. I'll test things
From: Dieter Maurer [EMAIL PROTECTED]
Maybe, we have a memory corruption.
I have seen objects magically becoming None in
Python versions with memory corruption problems (Python 2.1.1).
Also, loads of objects can become None when you do a refresh, because of
some strange bug in the refresh
From: Dieter Maurer [EMAIL PROTECTED]
Lennart Regebro wrote at 2004-2-9 11:04 +0100:
From: Dieter Maurer [EMAIL PROTECTED]
... objects turned into None ...
Also, loads of objects can become None when you do a refresh, because of
some strange bug in the refresh support that has been
*Scratches head*. Isn't it possible to just timestamp every request in a
list of running requests, and in the beginning of each request check how
long the currently processing requests have been running, and if that sum is
above a specified time, fail?
OK, you get the problem that images may not
From: panjunyong [EMAIL PROTECTED]
And now I am more interested in the 2nd product. What is the status?
It was fine when I checked it in a month or two ago.
compatible with zope 2.7? stable to use?
(It doesn't work with my zope2.7 too :-( )
I haven't tried it with 2.7, but the change is so
From: Jim Fulton [EMAIL PROTECTED]
Initially, I propose to move just the repository heads. Maintenamce
branches (e.g. Zope 2.6 and Zope 2.7) will remain in CVS.
What is the rationale behind not moving it all?
___
Zope-Dev maillist - [EMAIL
From: Shane Hathaway [EMAIL PROTECTED]
Making cookie authentication secure is surprisingly difficult, and you've
barely taken one step. I don't want CookieCrumbler to go in this
direction at all. A much more fruitful endeavor would be to simply add
digest authentication support to Zope's
I would like to see the following functionality when it comes to unit
testing:
1. An easy consistent way to run ONE unit test, no matter if it's made for
Zope, or CMF, and no matter it it's done with straight unittest or
ZopeTestCase.
2. An easy and consistent way to run all unit test in a
From: Andreas Jung [EMAIL PROTECTED]
When I look through the Zope HEAD code then you are using e.g.
'zodb.conn' or 'zodb.storage' but also 'Zope' as loggername. Do we
have to agree on some common usage of the logger names?
E.g. for logging calls in the reST packagebetter using 'Zope' or
From: Andreas Jung [EMAIL PROTECTED]
Keep the product name as it is...means Products/ should use
Zope. as logger name. No need to introduce a new mapping. Keep it
simple.
Yeah, but is it reasonable to think that people who write new products will
do this? A rule that most people will
From: Sidnei da Silva [EMAIL PROTECTED]
- Move component-architecture packages out of 'zope' into 'ca', and
then we don't have the 'zope' vs 'Zope' issue anymore.
'ca' feels weird. Canada? caca? I don't like it. 'z' is better then. Of
course that means that suddenly the component
From: Chris Withers [EMAIL PROTECTED]
This discussion smells like that string should be computed from
introspection.
Why can't it be computed from introspecting whatever code called the log
method?
Well, first of all, how? __name__ should always be available, but that is
the name of the file
From: Jim Fulton [EMAIL PROTECTED]
Year checkins people
2002 7090 33
2003 5276 34
2004 1103 24 # First 3 1/2 months
There is some decline, as one would expect in a mature
product.
Also, I expect most people is like me. I only fix bugs if they bite me, and
I understand them OR
On Wed, Apr 21, 2004 at 10:41:27AM -0400, Casey Duncan wrote:
I agree that bugs deserve more attention. We need to have more bug days.
I meant to suggest a date last week, but I got diverted. How would
people feel about next Thursday, April 29?
Stop feeling and do it! No, I can't join, because
From: Chris Withers [EMAIL PROTECTED]
Any chance ZopeWiki.org could become the master location for the book?
It's gonna be hard to get a printable book out of a Wiki...
___
Zope-Dev maillist - [EMAIL PROTECTED]
From: Chris Withers [EMAIL PROTECTED]
Whatever happened to the plan to have a monthly bug day on the last monday
of
each month or somesuch?
Nothing, as usual, I guess. Even since bugdays where first thought of, more
of then and more regular bugdays have been promised, but it doesn't happen.
From: Dieter Maurer [EMAIL PROTECTED]
I do not believe you.
But I believe him. :-)
If Zope has a steep lurning curve, that's nothing compared with CMF. There
are many good things with CMF, the actions are a good idea, DCWorkflow of
course, and some more. But
portal_skins are a
From: Jim Fulton [EMAIL PROTECTED]
I found this to be so unbelievable, that I had to resoearch it myself.
[...]
unbelievable, I couldn't help it.
I think we'll have to develop a standard set of config file settings
like
that for committers to add to their personal svn configs --
Eh.
Jim Fulton wrote:
Thoughts?
Only that the Subversion people are wrong. Ad-hoc is not good enough. It
must be able to be configurable on the server.
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
** No
Dieter Maurer wrote:
Casey Duncan wrote at 2004-4-29 22:19 -0400:
I'm happy to report a successful bug day with a final tally of almost 40
issues closed. The specific issues we squashed were:
#28,#181,#321,#340,#349,#439,#444,#495,#511,#532,#540,#543,
Chris Withers wrote:
Tim Peters wrote:
svn's story is much better (perfect, in fact) when forgetting to add
eol-style: regardless of which kind of platform did the commit, the
property can be added after the fact by anyone, and svn will
automatically
repair working copies on all platforms.
From: Ken Manheimer [EMAIL PROTECTED]
All the actions are verbs, won't fix is not a verb. Can you suggest a
verb the more clearly indicates the result is won't fix?
Tough one...
Live with
Ignore
Keep this bug as is
Zenify
Featurize (as in This is not a bug, it's a feature)
Shove under
Or maybe Deny as a action? Sounds less angry than reject and refuse.
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
From: Chris Withers [EMAIL PROTECTED]
How about removing the ability for people to post bugs withotu specifying
n
email address? And, if they do specify an email address, using that to
contact
them by sending notification mails to it?
At least, warning them that bugs without email adresses are
Shane Hathaway wrote:
On Friday 09 July 2004 11:50 am, Casey Duncan wrote:
On Fri, 9 Jul 2004 16:22:17 +0200
Dieter Maurer [EMAIL PROTECTED] wrote:
[..]
The hasattr replacement in Python's __builtin__ could look like:
_marker = []
def hasattr(obj, attr):
return getattr(obj, attr,
Ian Beatty wrote:
However, I don't know how to do this. Is it as simple as using a
PersistentMapping where I'd normally use a standard Python dictionary?
Well, yes.
Or shall I wrap each one in a custom class that subclasses Persistent?
That is usually an even better idea. And for big dictionaries,
Chris McDonough wrote:
These definitions are how I've understood them since the inception of
the collector.
What I think Chris wants to do is to have a state that means pending
rejection. He has defined deferred to mean this. I would prefer an
explicit pending rejection state, FWIW.
I made a
Oh, and I think deferred as saying this should be fixed but is not
important clashes with the Importance field.
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related
I have finally realized that the way tests are run in 2.7 is different
from earlier version of Zope, and I'm trying to get them to run.
It's Zope 2.7.2 on Debian. Python 2.3.4 and 2.3.2, so I guess 2.3.3
would give the same error. Could it be a side effect of the compiling or
something?
Here
Lennart Regebro wrote:
I have finally realized that the way tests are run in 2.7 is different
from earlier version of Zope, and I'm trying to get them to run.
It's Zope 2.7.2 on Debian. Python 2.3.4 and 2.3.2, so I guess 2.3.3
would give the same error. Could it be a side effect
OK, I got test.py running. But if I run
bin/python test.py Products
it will happily try to run the tests in all products. But if I type
bin/python test.py Products/Productname
It will find no tests at all.
bin/python test.py Products/Productname/tests
is no better.
BUT!
If I type
Lennart Regebro wrote:
OK, I got test.py running. But if I run
bin/python test.py Products
it will happily try to run the tests in all products. But if I type
bin/python test.py Products/Productname
It will find no tests at all.
bin/python test.py Products/Productname/tests
is no better
In TransientObject __guarded_setitem__ is just set to __setitem__.
This means, that everything you set in the session dictionary is
changeable through user code. Is there a good reason for this?
I think it would be nice if I could set secret things in the session,
mainly authentication
Chris McDonough wrote:
REQUEST.SESSION.set('__ac_username', 'root')
Nothing magic about __guarded_setitem__ unfortunately.
Ah, so in fact __guarded_setitem__ is not much point at all...Hum.
For this particular case maybe just don't trust __ac_username in the
session; just put the credentials in
Lennart Regebro wrote:
Another idea: Maybe I could make an object that does not have public
access, and store that in the session?
That seems to work!
Here is the class:
class ProtectedUsername:
An object where the username is not accessible from user code.
def _setUsername(self, username
I just made a very neat plugin for PAS. I added it and activated it for
everything it can do. It is now the *only* plugin active for Extraction,
Challenge and Reset Credentials.
The problem is howvere, that nothing happens. None of the methods in the
plugin gets called, ever!
So, eh, has
Florent Guillaume wrote:
class ProtectedUsername:
An object where the username is not accessible from user code.
def _setUsername(self, username):
self.__username = username
def _getUsername(self):
return self.__username
Very simple indeed.
Even a traceback will not
101 - 200 of 752 matches
Mail list logo