Re: [Zope-dev] acquisition, traversal, __roles__(, and zpt?)
Hey Chris. Thanks for the response. From: Chris McDonough [EMAIL PROTECTED] Maybe silly questions, but: Do you call InitializeGlobals() on ObjectX's class (usually at the end of the module where it's defined)? Hmm. No...do you mean Globals.InitializeClass? I do that. Does ObjectX actually have a portal_url method defined on it (or inherited)? if you are asking if I have masked the CMF portal_url, the answer is no. I'm mucking about with pdb, and the portal_url I'm working with is definitely the correct CMF object. I'm encountering some very odd behavior while messing around with the CMFSite in the pdb that makes me wonder if the CMF skinned object manager __of__ or __getattr__ is not quite functioning as it should in the context of returning portal tools from the main CMFSite instance. Take a gander at this pdb dialog excerpt and see if it implies something is rotten in the state of Denmark (I'll move this over to the CMF list if this does seem to be something I should pursue as a possible error). Keep an eye out for the '***' attribute errors, and the odd behavior of some tools having a __roles__ property and some tools not... By the way, 'ObjectX' is an 'Alias' object in the below. 'modernsongs' is the name of my CMF instance. (this is running on a Zope 2.5 with CMF 1.2 on a win 2k laptop.) [the end of pdb 'where'...] C:\Program Files\ZopeSongs\lib\python\Products\PageTemplates\Expressions.py(32 2)restrictedTraverse() - pdb.set_trace() (Pdb) l 317 elif (has(get(object, 'aq_base', object), name) 318 and get(object, name) == o): 319 container = object 320 if not validate(object, container, name, o): 321 import pdb 322 - pdb.set_trace() 323 raise Unauthorized, name 324 else: 325 o=get(object, name, M) 326 if o is not M: 327 # Check security. (Pdb) args self = Alias instance at 01885340 path = [] securityManager = AccessControl.SecurityManager.SecurityManager instance at 01B 3586C get = built-in function getattr has = built-in function hasattr N = None M = [] TupleType = type 'tuple' (Pdb) o MembershipTool instance at 01887188 (Pdb) o.__roles__ *** AttributeError: __roles__ (Pdb) o.aq_chain [MembershipTool instance at 01886D58, Alias instance at 01885340, CMFSite instance at 017CF128, OrderedFolder instance at 017A3128, Application instance at 017A19E8, RequestContainer instance at 017D60D8] (Pdb) testObj=o.aq_chain[4] (Pdb) testObj Application instance at 017A19E8 (Pdb) testObj=testObj.modernsongs (Pdb) testObj CMFSite instance at 017CF128 (Pdb) testObj.__roles__ ('Manager', 'Anonymous') (Pdb) testObj.Members PortalFolder instance at 0188C7D0 (Pdb) testObj.Members.__roles__ ('Manager', 'Anonymous') (Pdb) testObj.portal_url URLTool instance at 0188A6C8 (Pdb) testObj.portal_url.__roles__ *** AttributeError: __roles__ (Pdb) testObj.portal_catalog.__roles__ ('Manager', 'Anonymous') (Pdb) testObj.portal_membership.__roles__ *** AttributeError: __roles__ (Pdb) testObj.portal_actions.__roles__ *** AttributeError: __roles__ (Pdb) testObj.portal_workflow WorkflowTool instance at 0188BC48 (Pdb) testObj.portal_workflow.__roles__ ('Manager', 'Anonymous') (Pdb) testObj.portal_actions.__roles__ *** AttributeError: __roles__ I did various other tests as well of course, but again I'm aiming for as much brevity here as possible... ;) Thanks Gary ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] acquisition, traversal, __roles__(, and zpt?)
Hi everyone. OK. I'm stumped. I'm doing funky tricks here to create an alias functionality somewhat similar to a transparent folder. In the belief that brevity begets more possibility for answers, I won't tell you more, but just get straight to the chase: Zope 2.5, CMF 1.2 (but I'm using the dev list rather than the ptk or zpt lists because it has to do with internals more, I think) During traversal, I have (intentionally) created an acquisition chain like this: pageTemplate OBJECT X CMF root Zope root request in which OBJECT X is an alien object inserted after the CMF root. By alien I mean it is not an actual child of the CMF root, nor the actual parent of the pageTemplate. The pageTemplate itself is arbitrarily stored *outside* of the CMF, and also inserted during traversal. OBJECT X was unwrapped (aq_base) and then wrapped __of__(CMF root), and the pageTemplate also unwrapped and then wrapped __of__(OBJECT X). Everything seems mostly fine with this with basic DTML stuff, even so far as the DTML using CMF skins. However, ZPT pages give me security errors if I try to use a skin. I have traced this down, through the Products.PageTemplates.Expressions.RestrictedTraverse function, through security validation, to the fact that if the page template asks for an object like nocall here/portal_url, and then traverses to get the portal_url, the portal_url is found but has no __roles__. __roles__ appear to be deep magic (AccessControl.PermissionRole). I don't quite understand how this property exists: I figure it must also have functional elements in the C acquisition code somewhere (which I have not worked through). OBJECT X has both __allow_access_to_unprotected_subobjects__ and security.declareObjectPublic(). I've tried not removing the real wrappers of OBJECT X and the page template, to no avail. Heh. Any ideas? Thanks Crazy Gary ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] acquisition, traversal, __roles__(, and zpt?)
Maybe silly questions, but: Do you call InitializeGlobals() on ObjectX's class (usually at the end of the module where it's defined)? Does ObjectX actually have a portal_url method defined on it (or inherited)? - Original Message - From: Gary Poster [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, February 05, 2002 11:36 AM Subject: [Zope-dev] acquisition, traversal, __roles__(, and zpt?) Hi everyone. OK. I'm stumped. I'm doing funky tricks here to create an alias functionality somewhat similar to a transparent folder. In the belief that brevity begets more possibility for answers, I won't tell you more, but just get straight to the chase: Zope 2.5, CMF 1.2 (but I'm using the dev list rather than the ptk or zpt lists because it has to do with internals more, I think) During traversal, I have (intentionally) created an acquisition chain like this: pageTemplate OBJECT X CMF root Zope root request in which OBJECT X is an alien object inserted after the CMF root. By alien I mean it is not an actual child of the CMF root, nor the actual parent of the pageTemplate. The pageTemplate itself is arbitrarily stored *outside* of the CMF, and also inserted during traversal. OBJECT X was unwrapped (aq_base) and then wrapped __of__(CMF root), and the pageTemplate also unwrapped and then wrapped __of__(OBJECT X). Everything seems mostly fine with this with basic DTML stuff, even so far as the DTML using CMF skins. However, ZPT pages give me security errors if I try to use a skin. I have traced this down, through the Products.PageTemplates.Expressions.RestrictedTraverse function, through security validation, to the fact that if the page template asks for an object like nocall here/portal_url, and then traverses to get the portal_url, the portal_url is found but has no __roles__. __roles__ appear to be deep magic (AccessControl.PermissionRole). I don't quite understand how this property exists: I figure it must also have functional elements in the C acquisition code somewhere (which I have not worked through). OBJECT X has both __allow_access_to_unprotected_subobjects__ and security.declareObjectPublic(). I've tried not removing the real wrappers of OBJECT X and the page template, to no avail. Heh. Any ideas? Thanks Crazy Gary ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope ) ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )