subject:"\[Zope\-dev\] AUTHENTICATION_USER in standard_error

Re: [Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error

2001-01-10 Thread Tim Ansell


I appears last night i didn't test the diff...

This one should work without any editing...

Mithro

Tim Ansell wrote:

> Forgot to attach the diff
>
> Forgive me it's 4:52am here
>
> Mithro
>
> Tim Ansell wrote:
>
> > Oppps, just realised i've been replying only to myself :)
> >
> > Umm okay here is the diff, it is from version 2.2.4 but should apply to most
> > versions
> > I have removed all the "print" debugging and cleaned up the formatting.
> >
> > Could people look it over and tell me if there are any hidden problems with it?
> > Is it done the right way?
> >
> > There seems to be a lot of repeated code between zpublisher_exception_hook and
> > ZPublisher.BaseRequest, maybe you want to put the auth stuff into it's own
> > function and work that way? Just an idea...
> >
> > Mithro
> >
> > > Tim Ansell wrote:
> > >
> > > > No further investigation i have found out that the part i really want to
> > > > modify is
> > > >
> > > >  zpublisher_exception_hook, which gets called when the error occurs
> > > >
> > > > Inside this functions there is a
> > > >
> > > > if REQUEST.get('AUTHENTICATED_USER', None) is None:
> > > > REQUEST['AUTHENTICATED_USER']=AccessControl.User.nobody
> > > >
> > > > which seems to explain why i'm getting the anonymous user for the errors.
> > > >
> > > > Is there anyway to add to this function the authentication routines so that
> > > > is AUTHENTICATED_USER is none it authentication is check with
> > > > standard_error_message being the object checked against?
> > > >
> > > > Am i making any sense?
> > > >
> > > > I'm going to give it a go and see what happen...
> > > >
> > > > Mithro
> > > >
> > > > Tim Ansell wrote:
> > > >
> > > > > 
> > > > >
> > > > > Hello.
> > > > >
> > > > > I've been using zope for a couple of months, i have found zope to be a
> > > > > great product and thank you for creating it. Currently i have run into a
> > > > > problem, i need to access the AUTHENTICATED_USER in a
> > > > > standard_error_message called by notFoundError in BaseRequest.
> > > > >
> > > > > I was wondering if the authentication routine can be added before the
> > > > > authentication routine in BaseRequest? Or if this is not possible it
> > > > > could be split into a function and and call it before the notFoundError
> > > > > call as well?
> > > > >
> > > > > There are many reasons you might want to do this, i have listed some
> > > > > below:
> > > > >
> > > > > * You want list possible urls the reader could have meant but don't want
> > > > > to show let Anonymous users see possible privileged urls
> > > > >
> > > > > * You want to provided different error messages for different people,
> > > > > i.e. a more advanced error for coders, a simple error for html writer, a
> > > > > special error for normal people
> > > > >
> > > > > * You wanted errors to only be reported it they where caused by certain
> > > > > users
> > > > >
> > > > > and the list could go on
> > > > >
> > > > > Mithro
> > > > >
> > > > > 
> > > > >
> > > > > ___


--- ./__init__.py.original  Wed Jan 10 23:13:53 2001
+++ ./__init__.py   Wed Jan 10 23:45:28 2001
@@ -162,6 +162,9 @@
 class RequestContainer(ExtensionClass.Base):
 def __init__(self,r): self.REQUEST=r
 
+from ZPublisher.BaseRequest import old_validation
+UNSPECIFIED_ROLES=''
+
 def zpublisher_exception_hook(
 published, REQUEST, t, v, traceback,
 # static
@@ -208,11 +211,79 @@
 break
 
 client=published
+
+   auth=REQUEST._auth
+
+user=groups=None
+
+while 1:
+   if REQUEST.get('AUTHENTICATED_USER', None) is None:
+# Do authentication here
+   r = getattr(client, '__roles__', UNSPECIFIED_ROLES)
+   if r is not UNSPECIFIED_ROLES:
+roles = r
+elif not got:
+roles = getattr(client, entry_name+'__roles__', roles)
+
+if roles:
+if hasattr(client, '__allow_groups__'):
+groups=client.__allow_groups__
+
+if hasattr(groups, 'validate'): v=groups.validate
+else: v=old_validation
+
+if v is old_validation and roles is UNSPECIFIED_ROLES:
+print "Validation and UNSEPCIFIED_ROLES is okay"
+# No roles, so if we have a named group, get roles from
+# group keys
+if hasattr(groups,'keys'): roles=groups.keys()
+else:
+try: groups=groups()
+except: pass
+try: roles=groups.keys()
+except: pass
+
+   if groups is None:
+

Re: [Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error

2001-01-10 Thread Tim Ansell


Forgot to attach the diff

Forgive me it's 4:52am here

Mithro

Tim Ansell wrote:

> Oppps, just realised i've been replying only to myself :)
>
> Umm okay here is the diff, it is from version 2.2.4 but should apply to most
> versions
> I have removed all the "print" debugging and cleaned up the formatting.
>
> Could people look it over and tell me if there are any hidden problems with it?
> Is it done the right way?
>
> There seems to be a lot of repeated code between zpublisher_exception_hook and
> ZPublisher.BaseRequest, maybe you want to put the auth stuff into it's own
> function and work that way? Just an idea...
>
> Mithro
>
> > Tim Ansell wrote:
> >
> > > No further investigation i have found out that the part i really want to
> > > modify is
> > >
> > >  zpublisher_exception_hook, which gets called when the error occurs
> > >
> > > Inside this functions there is a
> > >
> > > if REQUEST.get('AUTHENTICATED_USER', None) is None:
> > > REQUEST['AUTHENTICATED_USER']=AccessControl.User.nobody
> > >
> > > which seems to explain why i'm getting the anonymous user for the errors.
> > >
> > > Is there anyway to add to this function the authentication routines so that
> > > is AUTHENTICATED_USER is none it authentication is check with
> > > standard_error_message being the object checked against?
> > >
> > > Am i making any sense?
> > >
> > > I'm going to give it a go and see what happen...
> > >
> > > Mithro
> > >
> > > Tim Ansell wrote:
> > >
> > > > 
> > > >
> > > > Hello.
> > > >
> > > > I've been using zope for a couple of months, i have found zope to be a
> > > > great product and thank you for creating it. Currently i have run into a
> > > > problem, i need to access the AUTHENTICATED_USER in a
> > > > standard_error_message called by notFoundError in BaseRequest.
> > > >
> > > > I was wondering if the authentication routine can be added before the
> > > > authentication routine in BaseRequest? Or if this is not possible it
> > > > could be split into a function and and call it before the notFoundError
> > > > call as well?
> > > >
> > > > There are many reasons you might want to do this, i have listed some
> > > > below:
> > > >
> > > > * You want list possible urls the reader could have meant but don't want
> > > > to show let Anonymous users see possible privileged urls
> > > >
> > > > * You want to provided different error messages for different people,
> > > > i.e. a more advanced error for coders, a simple error for html writer, a
> > > > special error for normal people
> > > >
> > > > * You wanted errors to only be reported it they where caused by certain
> > > > users
> > > >
> > > > and the list could go on
> > > >
> > > > Mithro
> > > >
> > > > 
> > > >
> > > > ___
> > > > Zope-Dev maillist  -  [EMAIL PROTECTED]
> > > > http://lists.zope.org/mailman/listinfo/zope-dev
> > > > **  No cross posts or HTML encoding!  **
> > > > (Related lists -
> > > >  http://lists.zope.org/mailman/listinfo/zope-announce
> > > >  http://lists.zope.org/mailman/listinfo/zope )
>
> ___
> Zope-Dev maillist  -  [EMAIL PROTECTED]
> http://lists.zope.org/mailman/listinfo/zope-dev
> **  No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope )


--- ./__init__.py.org   Thu Jan 11 04:39:25 2001
+++ ./__init__.py   Thu Jan 11 04:37:24 2001
@@ -162,6 +162,9 @@
 class RequestContainer(ExtensionClass.Base):
 def __init__(self,r): self.REQUEST=r
 
+from ZPublisher.BaseRequest import old_validation
+UNSPECIFIED_ROLES=''
+
 def zpublisher_exception_hook(
 published, REQUEST, t, v, traceback,
 # static
@@ -208,11 +211,79 @@
 break
 
 client=published
+
+   auth=REQUEST._auth
+
+user=groups=None
+
+while 1:
+   if REQUEST.get('AUTHENTICATED_USER', None) is None:
+# Do authentication here
+   r = getattr(client, '__roles__', UNSPECIFIED_ROLES)
+   if r is not UNSPECIFIED_ROLES:
+roles = r
+elif not got:
+roles = getattr(client, entry_name+'__roles__', roles)
+
+if roles:
+if hasattr(client, '__allow_groups__'):
+groups=client.__allow_groups__
+
+if hasattr(groups, 'validate'): v=groups.validate
+else: v=old_validation
+
+if v is old_validation and roles is UNSPECIFIED_ROLES:
+print "Validation and UNSEPCIFIED_ROLES is okay"
+# No roles, so if we have a named group, get roles from
+# group keys
+if hasattr(groups,'keys'): roles=groups.keys()
+

Re: [Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error

2001-01-10 Thread Tim Ansell



Oppps, just realised i've been replying only to myself :)


Umm okay here is the diff, it is from version 2.2.4 but should apply to most
versions
I have removed all the "print" debugging and cleaned up the formatting.

Could people look it over and tell me if there are any hidden problems with it?
Is it done the right way?

There seems to be a lot of repeated code between zpublisher_exception_hook and
ZPublisher.BaseRequest, maybe you want to put the auth stuff into it's own
function and work that way? Just an idea...

Mithro

> Tim Ansell wrote:
>
> > No further investigation i have found out that the part i really want to
> > modify is
> >
> >  zpublisher_exception_hook, which gets called when the error occurs
> >
> > Inside this functions there is a
> >
> > if REQUEST.get('AUTHENTICATED_USER', None) is None:
> > REQUEST['AUTHENTICATED_USER']=AccessControl.User.nobody
> >
> > which seems to explain why i'm getting the anonymous user for the errors.
> >
> > Is there anyway to add to this function the authentication routines so that
> > is AUTHENTICATED_USER is none it authentication is check with
> > standard_error_message being the object checked against?
> >
> > Am i making any sense?
> >
> > I'm going to give it a go and see what happen...
> >
> > Mithro
> >
> > Tim Ansell wrote:
> >
> > > 
> > >
> > > Hello.
> > >
> > > I've been using zope for a couple of months, i have found zope to be a
> > > great product and thank you for creating it. Currently i have run into a
> > > problem, i need to access the AUTHENTICATED_USER in a
> > > standard_error_message called by notFoundError in BaseRequest.
> > >
> > > I was wondering if the authentication routine can be added before the
> > > authentication routine in BaseRequest? Or if this is not possible it
> > > could be split into a function and and call it before the notFoundError
> > > call as well?
> > >
> > > There are many reasons you might want to do this, i have listed some
> > > below:
> > >
> > > * You want list possible urls the reader could have meant but don't want
> > > to show let Anonymous users see possible privileged urls
> > >
> > > * You want to provided different error messages for different people,
> > > i.e. a more advanced error for coders, a simple error for html writer, a
> > > special error for normal people
> > >
> > > * You wanted errors to only be reported it they where caused by certain
> > > users
> > >
> > > and the list could go on
> > >
> > > Mithro
> > >
> > > 
> > >
> > > ___
> > > Zope-Dev maillist  -  [EMAIL PROTECTED]
> > > http://lists.zope.org/mailman/listinfo/zope-dev
> > > **  No cross posts or HTML encoding!  **
> > > (Related lists -
> > >  http://lists.zope.org/mailman/listinfo/zope-announce
> > >  http://lists.zope.org/mailman/listinfo/zope )


___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

[Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error

2001-01-10 Thread Tim Ansell




Hello.

I've been using zope for a couple of months, i have found zope to be a
great product and thank you for creating it. Currently i have run into a
problem, i need to access the AUTHENTICATED_USER in a
standard_error_message called by notFoundError in BaseRequest.

I was wondering if the authentication routine can be added before the
authentication routine in BaseRequest? Or if this is not possible it
could be split into a function and and call it before the notFoundError
call as well?

There are many reasons you might want to do this, i have listed some
below:

* You want list possible urls the reader could have meant but don't want
to show let Anonymous users see possible privileged urls

* You want to provided different error messages for different people,
i.e. a more advanced error for coders, a simple error for html writer, a
special error for normal people

* You wanted errors to only be reported it they where caused by certain
users

and the list could go on


Mithro




___
Zope-Dev maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope )

Re: [Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error

Re: [Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error

Re: [Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error

[Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error

4 matches

Site Navigation

Mail list logo

Footer information