Re: [Zope3-Users] Security Roles and custom authenticators and scarcely-persistent apps (HELP!)
On 4/26/06, Bernd Dorn [EMAIL PROTECTED] wrote: On 27.04.2006, at 02:44, Jeff Shell wrote: So I spent the day writing an IAuthenticator utility that loads principals out of an RDBMS (via a SQLAlchemy mapper based model). I got that working. All I want right now is to have my site, 'presenters', have view access restricted to the role 'app.Presenters'. The site is persistent and the authenticator is a local utility. I set up the site on load to disallow the 'zope.View' and 'zope.app.dublincore.view' (not really needed, I guess, since I'm not using dublin core anywhere) for the 'zope.Anonymous' role, and allow it for 'app.Presenters' and 'zope.Manager'. It's just a simple / blanket security policy, I know. But something similar has been in place on the Zope 2 based version of this app for a number of years now and has worked fine for this use case. But.. I have no idea how to do this in Zope 3 land. It took me all day to write my authenticator, At the end of the day I saw it working in so far as it obviously retrieved a user record out of the database, validated the password, and returned a dirt simple principal object. I could tell this by the login form giving me a different message this time (you're not allowed to do that operation). I tried looking at the Principal-Role map and... I don't understand it. just plug your own implementation in adapter factory=.your.security.RoleMapImplementation provides=zope.app.securitypolicy.interfaces.IPrincipalRoleMap for=.interfaces.IYourSiteOrSo trusted=true / just for granting local roles on the site it's inough to implement def getRolesForPrincipal(principal_id): Get the roles granted to a principal. Return the list of (role id, setting) assigned or removed from this principal. If no roles have been assigned to this principal, then the empty list is returned. but you have to set your authenticator somewhere, so that you can see if the principal is from your authenticator by comparing ids Thanks for the response. After some snooping around tonight, I was suspecting that'd be the option to use. But then I decided to try using IGroupedPrincipal instead. So now when my site configurator sets up this particular site/app, it: - Denies permission 'zope.View' to role 'zope.Anybody' - Grants permission 'zope.View' to principal 'presenter.group' My authenticator recognizes that and returns an IGroup. All of the presenters returned have a groups attribute with the value ['presenter.group']. Seems to work so far, and I'm breathing a sigh of relief tonight. Sure beats hoping I don't mess up an IPrincipalRoleMap when I've got so much other work to do and am so far behind as it is. Wheee, life! -- Jeff Shell ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] error headache: __init__() takes exactly 1 argument (3 given)
did you override the constructor in vine.vinePackage.VinePackage or one of its superclasses? iv yes, then you need def __init__(self,context,request): ... as constructor, you can test it by just removing the class attribute of your page directive On 27.04.2006, at 21:08, Jachin Rupe wrote: hi there I've got an error I've been stuck on for several hours now and I know the problem has got to be a very simple one but the error message I'm getting is not helping. I'm just trying to create a view for a very simple object. Here's the error I'm getting: 2006-04-27T13:58:09 ERROR SiteError http://localhost:8080/ VinePackage/@@details.html Traceback (most recent call last): File /usr/local/Zope-3.2.1/lib/python/zope/publisher/ publish.py, line 135, in publish object = request.traverse(object) File /usr/local/Zope-3.2.1/lib/python/zope/publisher/ browser.py, line 500, in traverse ob = super(BrowserRequest, self).traverse(object) File /usr/local/Zope-3.2.1/lib/python/zope/publisher/http.py, line 451, in traverse ob = super(HTTPRequest, self).traverse(object) File /usr/local/Zope-3.2.1/lib/python/zope/publisher/base.py, line 289, in traverse subobject = publication.traverseName( File /usr/local/Zope-3.2.1/lib/python/zope/app/publication/ publicationtraverse.py, line 46, in traverseName ob2 = namespaceLookup(ns, nm, ob, request) File /usr/local/Zope-3.2.1/lib/python/zope/app/traversing/ namespace.py, line 121, in namespaceLookup return traverser.traverse(name, ()) File /usr/local/Zope-3.2.1/lib/python/zope/app/traversing/ namespace.py, line 363, in traverse name=name) File /usr/local/Zope-3.2.1/lib/python/zope/component/ __init__.py, line 165, in queryMultiAdapter return sitemanager.queryMultiAdapter(objects, interface, name, default) File /usr/local/Zope-3.2.1/lib/python/zope/component/site.py, line 75, in queryMultiAdapter default) File /usr/local/Zope-3.2.1/lib/python/zope/interface/ adapter.py, line 475, in queryMultiAdapter return factory(*objects) TypeError: __init__() takes exactly 1 argument (3 given) None of code I have written is in that trace so I have no idea where the problem is. Everything else I try to do with the object I'm trying to create a new view for works so I'm assuming the problem is in the ZCML for the view: page name=details.html for=vine.interfaces.IVinePackage class=vine.vinePackage.VinePackage template=vinePackage.pt permission=zope.Public menu=zmi_views title=Preview / The only other file I can think of that might be the cause of the problem is vinePackage.pt I took out all of the parts that refer to the Content Object in case the problem was there so I removed stuff until it was just a static html page and I was still getting the error. As far as I can tell I'm following the message board example in the Zope book pretty closely. If anyone has any suggestions on where I should look for the problem I would really appreciate it. thanks -jachin ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] error headache: __init__() takes exactly 1 argument (3 given)
hi there Thanks for the reply. Removing the class attribute from the page directive got rid of the error. However I'm not overriding the VinePackage class. class VinePackage(BTreeContainer): implements(IVinePackage) title = u Since it is inheriting from BTreeContainer, perhaps that overrides the constructor? I'll look into it and if I find an answer before someone else offers one I'll post it. -jachin On Apr 27, 2006, at 3:35 PM, Bernd Dorn wrote: did you override the constructor in vine.vinePackage.VinePackage or one of its superclasses? iv yes, then you need def __init__(self,context,request): ... as constructor, you can test it by just removing the class attribute of your page directive On 27.04.2006, at 21:08, Jachin Rupe wrote: hi there I've got an error I've been stuck on for several hours now and I know the problem has got to be a very simple one but the error message I'm getting is not helping. I'm just trying to create a view for a very simple object. Here's the error I'm getting: 2006-04-27T13:58:09 ERROR SiteError http://localhost:8080/ VinePackage/@@details.html Traceback (most recent call last): File /usr/local/Zope-3.2.1/lib/python/zope/publisher/ publish.py, line 135, in publish object = request.traverse(object) File /usr/local/Zope-3.2.1/lib/python/zope/publisher/ browser.py, line 500, in traverse ob = super(BrowserRequest, self).traverse(object) File /usr/local/Zope-3.2.1/lib/python/zope/publisher/http.py, line 451, in traverse ob = super(HTTPRequest, self).traverse(object) File /usr/local/Zope-3.2.1/lib/python/zope/publisher/base.py, line 289, in traverse subobject = publication.traverseName( File /usr/local/Zope-3.2.1/lib/python/zope/app/publication/ publicationtraverse.py, line 46, in traverseName ob2 = namespaceLookup(ns, nm, ob, request) File /usr/local/Zope-3.2.1/lib/python/zope/app/traversing/ namespace.py, line 121, in namespaceLookup return traverser.traverse(name, ()) File /usr/local/Zope-3.2.1/lib/python/zope/app/traversing/ namespace.py, line 363, in traverse name=name) File /usr/local/Zope-3.2.1/lib/python/zope/component/ __init__.py, line 165, in queryMultiAdapter return sitemanager.queryMultiAdapter(objects, interface, name, default) File /usr/local/Zope-3.2.1/lib/python/zope/component/site.py, line 75, in queryMultiAdapter default) File /usr/local/Zope-3.2.1/lib/python/zope/interface/ adapter.py, line 475, in queryMultiAdapter return factory(*objects) TypeError: __init__() takes exactly 1 argument (3 given) None of code I have written is in that trace so I have no idea where the problem is. Everything else I try to do with the object I'm trying to create a new view for works so I'm assuming the problem is in the ZCML for the view: page name=details.html for=vine.interfaces.IVinePackage class=vine.vinePackage.VinePackage template=vinePackage.pt permission=zope.Public menu=zmi_views title=Preview / The only other file I can think of that might be the cause of the problem is vinePackage.pt I took out all of the parts that refer to the Content Object in case the problem was there so I removed stuff until it was just a static html page and I was still getting the error. As far as I can tell I'm following the message board example in the Zope book pretty closely. If anyone has any suggestions on where I should look for the problem I would really appreciate it. thanks -jachin ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
