Re: [Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error
I appears last night i didn't test the diff... This one should work without any editing... Mithro Tim Ansell wrote: > Forgot to attach the diff > > Forgive me it's 4:52am here > > Mithro > > Tim Ansell wrote: > > > Oppps, just realised i've been replying only to myself :) > > > > Umm okay here is the diff, it is from version 2.2.4 but should apply to most > > versions > > I have removed all the "print" debugging and cleaned up the formatting. > > > > Could people look it over and tell me if there are any hidden problems with it? > > Is it done the right way? > > > > There seems to be a lot of repeated code between zpublisher_exception_hook and > > ZPublisher.BaseRequest, maybe you want to put the auth stuff into it's own > > function and work that way? Just an idea... > > > > Mithro > > > > > Tim Ansell wrote: > > > > > > > No further investigation i have found out that the part i really want to > > > > modify is > > > > > > > > zpublisher_exception_hook, which gets called when the error occurs > > > > > > > > Inside this functions there is a > > > > > > > > if REQUEST.get('AUTHENTICATED_USER', None) is None: > > > > REQUEST['AUTHENTICATED_USER']=AccessControl.User.nobody > > > > > > > > which seems to explain why i'm getting the anonymous user for the errors. > > > > > > > > Is there anyway to add to this function the authentication routines so that > > > > is AUTHENTICATED_USER is none it authentication is check with > > > > standard_error_message being the object checked against? > > > > > > > > Am i making any sense? > > > > > > > > I'm going to give it a go and see what happen... > > > > > > > > Mithro > > > > > > > > Tim Ansell wrote: > > > > > > > > > > > > > > > > > > > Hello. > > > > > > > > > > I've been using zope for a couple of months, i have found zope to be a > > > > > great product and thank you for creating it. Currently i have run into a > > > > > problem, i need to access the AUTHENTICATED_USER in a > > > > > standard_error_message called by notFoundError in BaseRequest. > > > > > > > > > > I was wondering if the authentication routine can be added before the > > > > > authentication routine in BaseRequest? Or if this is not possible it > > > > > could be split into a function and and call it before the notFoundError > > > > > call as well? > > > > > > > > > > There are many reasons you might want to do this, i have listed some > > > > > below: > > > > > > > > > > * You want list possible urls the reader could have meant but don't want > > > > > to show let Anonymous users see possible privileged urls > > > > > > > > > > * You want to provided different error messages for different people, > > > > > i.e. a more advanced error for coders, a simple error for html writer, a > > > > > special error for normal people > > > > > > > > > > * You wanted errors to only be reported it they where caused by certain > > > > > users > > > > > > > > > > and the list could go on > > > > > > > > > > Mithro > > > > > > > > > > > > > > > > > > > > ___ --- ./__init__.py.original Wed Jan 10 23:13:53 2001 +++ ./__init__.py Wed Jan 10 23:45:28 2001 @@ -162,6 +162,9 @@ class RequestContainer(ExtensionClass.Base): def __init__(self,r): self.REQUEST=r +from ZPublisher.BaseRequest import old_validation +UNSPECIFIED_ROLES='' + def zpublisher_exception_hook( published, REQUEST, t, v, traceback, # static @@ -208,11 +211,79 @@ break client=published + + auth=REQUEST._auth + +user=groups=None + +while 1: + if REQUEST.get('AUTHENTICATED_USER', None) is None: +# Do authentication here + r = getattr(client, '__roles__', UNSPECIFIED_ROLES) + if r is not UNSPECIFIED_ROLES: +roles = r +elif not got: +roles = getattr(client, entry_name+'__roles__', roles) + +if roles: +if hasattr(client, '__allow_groups__'): +groups=client.__allow_groups__ + +if hasattr(groups, 'validate'): v=groups.validate +else: v=old_validation + +if v is old_validation and roles is UNSPECIFIED_ROLES: +print "Validation and UNSEPCIFIED_ROLES is okay" +# No roles, so if we have a named group, get roles from +# group keys +if hasattr(groups,'keys'): roles=groups.keys() +else: +try: groups=groups() +except: pass +try: roles=groups.keys() +except: pass + + if groups is None: +
Re: [Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error
Forgot to attach the diff Forgive me it's 4:52am here Mithro Tim Ansell wrote: > Oppps, just realised i've been replying only to myself :) > > Umm okay here is the diff, it is from version 2.2.4 but should apply to most > versions > I have removed all the "print" debugging and cleaned up the formatting. > > Could people look it over and tell me if there are any hidden problems with it? > Is it done the right way? > > There seems to be a lot of repeated code between zpublisher_exception_hook and > ZPublisher.BaseRequest, maybe you want to put the auth stuff into it's own > function and work that way? Just an idea... > > Mithro > > > Tim Ansell wrote: > > > > > No further investigation i have found out that the part i really want to > > > modify is > > > > > > zpublisher_exception_hook, which gets called when the error occurs > > > > > > Inside this functions there is a > > > > > > if REQUEST.get('AUTHENTICATED_USER', None) is None: > > > REQUEST['AUTHENTICATED_USER']=AccessControl.User.nobody > > > > > > which seems to explain why i'm getting the anonymous user for the errors. > > > > > > Is there anyway to add to this function the authentication routines so that > > > is AUTHENTICATED_USER is none it authentication is check with > > > standard_error_message being the object checked against? > > > > > > Am i making any sense? > > > > > > I'm going to give it a go and see what happen... > > > > > > Mithro > > > > > > Tim Ansell wrote: > > > > > > > > > > > > > > > Hello. > > > > > > > > I've been using zope for a couple of months, i have found zope to be a > > > > great product and thank you for creating it. Currently i have run into a > > > > problem, i need to access the AUTHENTICATED_USER in a > > > > standard_error_message called by notFoundError in BaseRequest. > > > > > > > > I was wondering if the authentication routine can be added before the > > > > authentication routine in BaseRequest? Or if this is not possible it > > > > could be split into a function and and call it before the notFoundError > > > > call as well? > > > > > > > > There are many reasons you might want to do this, i have listed some > > > > below: > > > > > > > > * You want list possible urls the reader could have meant but don't want > > > > to show let Anonymous users see possible privileged urls > > > > > > > > * You want to provided different error messages for different people, > > > > i.e. a more advanced error for coders, a simple error for html writer, a > > > > special error for normal people > > > > > > > > * You wanted errors to only be reported it they where caused by certain > > > > users > > > > > > > > and the list could go on > > > > > > > > Mithro > > > > > > > > > > > > > > > > ___ > > > > Zope-Dev maillist - [EMAIL PROTECTED] > > > > http://lists.zope.org/mailman/listinfo/zope-dev > > > > ** No cross posts or HTML encoding! ** > > > > (Related lists - > > > > http://lists.zope.org/mailman/listinfo/zope-announce > > > > http://lists.zope.org/mailman/listinfo/zope ) > > ___ > Zope-Dev maillist - [EMAIL PROTECTED] > http://lists.zope.org/mailman/listinfo/zope-dev > ** No cross posts or HTML encoding! ** > (Related lists - > http://lists.zope.org/mailman/listinfo/zope-announce > http://lists.zope.org/mailman/listinfo/zope ) --- ./__init__.py.org Thu Jan 11 04:39:25 2001 +++ ./__init__.py Thu Jan 11 04:37:24 2001 @@ -162,6 +162,9 @@ class RequestContainer(ExtensionClass.Base): def __init__(self,r): self.REQUEST=r +from ZPublisher.BaseRequest import old_validation +UNSPECIFIED_ROLES='' + def zpublisher_exception_hook( published, REQUEST, t, v, traceback, # static @@ -208,11 +211,79 @@ break client=published + + auth=REQUEST._auth + +user=groups=None + +while 1: + if REQUEST.get('AUTHENTICATED_USER', None) is None: +# Do authentication here + r = getattr(client, '__roles__', UNSPECIFIED_ROLES) + if r is not UNSPECIFIED_ROLES: +roles = r +elif not got: +roles = getattr(client, entry_name+'__roles__', roles) + +if roles: +if hasattr(client, '__allow_groups__'): +groups=client.__allow_groups__ + +if hasattr(groups, 'validate'): v=groups.validate +else: v=old_validation + +if v is old_validation and roles is UNSPECIFIED_ROLES: +print "Validation and UNSEPCIFIED_ROLES is okay" +# No roles, so if we have a named group, get roles from +# group keys +if hasattr(groups,'keys'): roles=groups.keys() +
Re: [Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error
Oppps, just realised i've been replying only to myself :) Umm okay here is the diff, it is from version 2.2.4 but should apply to most versions I have removed all the "print" debugging and cleaned up the formatting. Could people look it over and tell me if there are any hidden problems with it? Is it done the right way? There seems to be a lot of repeated code between zpublisher_exception_hook and ZPublisher.BaseRequest, maybe you want to put the auth stuff into it's own function and work that way? Just an idea... Mithro > Tim Ansell wrote: > > > No further investigation i have found out that the part i really want to > > modify is > > > > zpublisher_exception_hook, which gets called when the error occurs > > > > Inside this functions there is a > > > > if REQUEST.get('AUTHENTICATED_USER', None) is None: > > REQUEST['AUTHENTICATED_USER']=AccessControl.User.nobody > > > > which seems to explain why i'm getting the anonymous user for the errors. > > > > Is there anyway to add to this function the authentication routines so that > > is AUTHENTICATED_USER is none it authentication is check with > > standard_error_message being the object checked against? > > > > Am i making any sense? > > > > I'm going to give it a go and see what happen... > > > > Mithro > > > > Tim Ansell wrote: > > > > > > > > > > > Hello. > > > > > > I've been using zope for a couple of months, i have found zope to be a > > > great product and thank you for creating it. Currently i have run into a > > > problem, i need to access the AUTHENTICATED_USER in a > > > standard_error_message called by notFoundError in BaseRequest. > > > > > > I was wondering if the authentication routine can be added before the > > > authentication routine in BaseRequest? Or if this is not possible it > > > could be split into a function and and call it before the notFoundError > > > call as well? > > > > > > There are many reasons you might want to do this, i have listed some > > > below: > > > > > > * You want list possible urls the reader could have meant but don't want > > > to show let Anonymous users see possible privileged urls > > > > > > * You want to provided different error messages for different people, > > > i.e. a more advanced error for coders, a simple error for html writer, a > > > special error for normal people > > > > > > * You wanted errors to only be reported it they where caused by certain > > > users > > > > > > and the list could go on > > > > > > Mithro > > > > > > > > > > > > ___ > > > Zope-Dev maillist - [EMAIL PROTECTED] > > > http://lists.zope.org/mailman/listinfo/zope-dev > > > ** No cross posts or HTML encoding! ** > > > (Related lists - > > > http://lists.zope.org/mailman/listinfo/zope-announce > > > http://lists.zope.org/mailman/listinfo/zope ) ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] AUTHENTICATION_USER in standard_error_message cause by NotFound error
Hello. I've been using zope for a couple of months, i have found zope to be a great product and thank you for creating it. Currently i have run into a problem, i need to access the AUTHENTICATED_USER in a standard_error_message called by notFoundError in BaseRequest. I was wondering if the authentication routine can be added before the authentication routine in BaseRequest? Or if this is not possible it could be split into a function and and call it before the notFoundError call as well? There are many reasons you might want to do this, i have listed some below: * You want list possible urls the reader could have meant but don't want to show let Anonymous users see possible privileged urls * You want to provided different error messages for different people, i.e. a more advanced error for coders, a simple error for html writer, a special error for normal people * You wanted errors to only be reported it they where caused by certain users and the list could go on Mithro ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )