[Zope-dev] ZopeSecurityPolicy global manipulation
Hi, AccessControl.ZopeSecurityPolicy contains this code: from types import MethodType # AccessControl.Implementation inserts: # ZopeSecurityPolicy, getRoles, rolesForPermissionOn from AccessControl.SimpleObjectPolicies import _noroles rolesForPermissionOn = None # XXX: avoid import loop tuple_or_list = tuple, list def getRoles(container, name, value, default): global rolesForPermissionOn # XXX: avoid import loop if rolesForPermissionOn is None: from PermissionRole import rolesForPermissionOn roles = getattr(value, '__roles__', _noroles) if roles is _noroles: if not name or not isinstance(name, basestring): return default if type(value) is MethodType: container = value.im_self cls = getattr(container, '__class__', None) if cls is None: return default roles = getattr(cls, name+'__roles__', _noroles) if roles is _noroles: return default value = container if roles is None or isinstance(roles, tuple_or_list): return roles rolesForPermissionOn = getattr(roles, 'rolesForPermissionOn', None) if rolesForPermissionOn is not None: roles = rolesForPermissionOn(value) return roles Look carefully at how ``rolesForPermissionOn`` is used both at the top, to lazily set a global to avoid an import loop, and the bottom, as an attribute of the ``roles`` object. I'm pretty sure this is wrong™ on many levels, but most importantly, it seems the global is being overwritten each time execution gets down to that last block. I know this module gets munged by Implementation, but I'm pretty sure ImplPython doesn't define getRoles() at least, and I'm not even sure the C implementation does either. To prove it to myself, I made a frivolous equivalent that used 'datetime.date' as the importable. It's a bit ugly, but you get the idea: date = None class C(object): ... def __init__(self, d): ... self.date = d ... c1 = C(lambda: 'x') c2 = C(lambda: 'y') def get(c): ... global date ... if date is None: ... from datetime import date ... date = getattr(c, 'date', None) ... if date is not None: ... print date() ... date is None True get(c1) x date function lambda at 0x10dac8140 get(c2) y date function lambda at 0x10dac8cf8 Surely, this is all evil volatile? Maybe the global bit just needs to go away? It doesn't seem to be used in that function, and I'm pretty sure the implementation ends up overwriting the global anyway. Cheers, Martin ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] ZopeSecurityPolicy
Hi, I had some conversation with Tres about the SecurityPolicy implementation. I would like to clean up following problem: The method validate is not very clear about when it will raise an exception and when it will return a boolean. This results in code that expects it to return a boolean, and makes conclusions about exceptions that are wrong by catching the anonymously, transforming them all (e.g. AttributeError) into Unauthorized. This shadows the real source of a problem, also the code that calls validate probably shouldn't raise Unauthorized on it's own. But there's where my problem starts: could we get it somewhat clear who should raise Unauthorized, what can be expected from validate and where should only boolean values be returned? I would like to see some discussion, wrap it up in a proposal, and deliver the code on a branch. Thanks for listening, Christian -- Christian Theune, gocept gmbh co.kg phone: +49-3641-233526 mobile: +49-179-7808366 mail: [EMAIL PROTECTED] ___ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] ZopeSecurityPolicy
Christian Theune wrote at 2003-3-11 17:11 +0100: The method validate is not very clear about when it will raise an exception and when it will return a boolean. This results in code that expects it to return a boolean, and makes conclusions about exceptions that are wrong by catching the anonymously, transforming them all (e.g. AttributeError) into Unauthorized. This shadows the real source of a problem, also the code that calls validate probably shouldn't raise Unauthorized on it's own. But there's where my problem starts: could we get it somewhat clear who should raise Unauthorized, what can be expected from validate and where should only boolean values be returned? In my view, validate should return true or false and never raise Unauthorized. At the places where validate is used in an immediate access check, the caller raises Unauthorized when validate returns false. The opposite is almost as acceptable: validate returns None (if access is granted) or raises Unauthorized otherwise. Callers that only want to check but not access can catch the exception. The current behaviour where access denied is sometimes represented as false and sometimes as Unauthorized is not optimal. Dieter ___ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
[Zope-dev] ZopeSecurityPolicy this()
Hi Zopists,
I have now problem with executable content where this() is called.
My problem:
I have this structure in ZODB
/
|_ acl_users (Zope default)
|_ dalmatin (ISNG Folder) * ownes user who is in role Manager from /dalmatin/acl_users
|_ acl_users (Modified LDAPAdapter)
|_ index (ISNG Document) ** ownes user who is in role Manager from
/dalmatin/acl_users
* ISNG Folder is my python product which is created from Folder
( ISNGFolder(Folder) )
** ISNG Document is my python product, it is created from DTML Document
( ISNGDocument(DTMLDocument) )
In index I call this:
dtml-if "AUTHENTICATED_USER.hasRole('nextra.cz', this())"
...
and when I try to execute index also when I am in role Manager from
/dalmatin/acl_users, an Zope error is raised that I am not autorized to
access object this.
Zope Error
Zope has encountered an error while publishing this resource.
Unauthorized
You are not authorized to access this.
Traceback (innermost last):
File /usr/local/Zope-2.3.0-src/lib/python/ZPublisher/Publish.py, line 222, in
publish_module
File /usr/local/Zope-2.3.0-src/lib/python/ZPublisher/Publish.py, line 187, in
publish
File /usr/local/Zope-2.3.0-src/lib/python/ZPublisher/Publish.py, line 171, in
publish
File /usr/local/Zope-2.3.0-src/lib/python/ZPublisher/mapply.py, line 160, in mapply
(Object: index)
File /usr/local/Zope-2.3.0-src/lib/python/ZPublisher/Publish.py, line 112, in
call_object
(Object: index)
File /usr/local/Zope-2.3.0-src/lib/python/OFS/DTMLDocument.py, line 189, in __call__
(Object: index)
File /usr/local/Zope-2.3.0-src/lib/python/DocumentTemplate/DT_String.py, line 538,
in __call__
(Object: index)
File /usr/local/Zope-2.3.0-src/lib/python/DocumentTemplate/DT_Util.py, line 328, in
eval
(Object: AUTHENTICATED_USER.hasRole('nextra.cz', this()))
(Info: this)
File /usr/local/Zope-2.3.0-src/lib/python/OFS/DTMLMethod.py, line 261, in validate
(Object: index)
File /usr/local/Zope-2.3.0-src/lib/python/AccessControl/SecurityManager.py, line
144, in validate
File /usr/local/Zope-2.3.0-src/lib/python/AccessControl/ZopeSecurityPolicy.py, line
199, in validate
Unauthorized: (see above)
Can somebody help me to solve my problem with ZopeSecurityPolicy?
Zope 2.3.0 (compiled from sources) on Debian
--
Petr Knpek
NEXTRA Czech Republic, s.r.o., Hlinky 114, 603 00 Brno, Czech Republic
e-mail: mailto:[EMAIL PROTECTED]
tel:+420-5-43 554 150
FAX:+420-5-43 554 214
"Perl is worse than Python because people wanted it worse."
Larry Wall, 14 Oct 1998
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope )
