Re: AW: [Zope3-Users] Disabling authentication for resources
On Jul 10, 2008, at 6:47 AM, andrew wrote: On Thu, 2008-07-10 at 02:44 +0200, Roger Ineichen wrote: I guess bypass the authentication process is not supported for zope.Public protected objects. Zope does authenticate the user. And later it checks security for the object based on that user (authorization). zope.Public is correct for public access, but it doesn't mean the user get not authenticated. Remember authentication and authorization are two different things. I'm not really sure. But I guess without authentication, Zope doesn't know if even zope.Public is allowed for this user because you can deny permissions. But I'm also not sure without to introspect the code if zope.Public can set as deny. Hope that gives some hints for deep into the internals of IAuthentication. If you need a simpler implementation, take a look at z3c.authenticator. That's great, thanks Roger. That's a good point that authentication and authorization are different things. So, it would seem that there's no easy way to avoid the authentication process altogether, so I'll just hope that the overhead is not too great :-) we have a special IAuthentication plugin that accepts regular expressions for public urls, if the regex matches we just return None in authenticate - so the principal is the anonymous user. No principal lookup needs to be done. sorry, but the code is not open-source, but it should be easy to implement cheers, bernd Cheers, Andrew. ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users smime.p7s Description: S/MIME cryptographic signature ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
[Zope3-Users] Set List constraints
When constraining the membership of zope.schema List and Set; is it valid to say that this will work: value=List( title=uValue, constraint=classProvides(IMyClass) ) where IMyClass defines the schema for the MyClass and is the only objects allowed in the List? Thanks, Tim -- ** Join the OSHIP project. It is the standards based, open source healthcare application platform in Python. Home page: https://launchpad.net/oship/ Wiki: http://www.openehr.org/wiki/display/dev/Python+developer%27s+page ** signature.asc Description: This is a digitally signed message part ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] Set List constraints
Am 10.07.2008 um 16:44 schrieb Tim Cook: When constraining the membership of zope.schema List and Set; is it valid to say that this will work: value=List( title=uValue, constraint=classProvides(IMyClass) ) where IMyClass defines the schema for the MyClass and is the only objects allowed in the List? I would rather say: value=List( title=uValue, value_type=Object(schema=IMyClass) ) Anyhow, such a constraint is of limited use only, since it does not prevent you from adding any object you like to the list *after* it got assigned to the 'value' attribute. Regards, Markus Kemmerling ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
[Zope3-Users] buildout recipe for ReportLab
Hi, I'd like to ask if anybody is using a buildout recipe to install ReportLab in the buildout. Best regards Lorenzo ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] Set List constraints
On Thu, 2008-07-10 at 16:59 +0200, Markus Kemmerling wrote: I would rather say: value=List( title=uValue, value_type=Object(schema=IMyClass) ) Can you elaborate why? Anyhow, such a constraint is of limited use only, since it does not prevent you from adding any object you like to the list *after* it got assigned to the 'value' attribute. Okay, but that would be badly behaved code; correct? In my implementation I am creating instances and committing them to a ZODB repository. My thoughts were that copies of those instances would continue to constrain the types allowed in that attribute. Is that incorrect? Cheers, Tim -- ** Join the OSHIP project. It is the standards based, open source healthcare application platform in Python. Home page: https://launchpad.net/oship/ Wiki: http://www.openehr.org/wiki/display/dev/Python+developer%27s+page ** signature.asc Description: This is a digitally signed message part ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
[Zope3-Users] PAULA: bringing Zope 3's authentication to Plone and beyond
Hi *, within the scope of google summer of code I am integrating zope 3's PAU with Plone's PAS and further enable (non-AT) content objects as source for users and groups. All functionality is developed in pure zope3, the plone integration is happening in a separate packages. All documents describing the project, as well as links to the code can be found here: https://chaoflow.net/projects/gsoc2008/z3membrane-ldap The code is not very interesting right now, but now would be the time to take any influence on what will be created during the next month - I am planning to continue to work on the project after the SoC. I will keep you updated on major advancements of the code. regards florian pgpaNzf2Eoiw3.pgp Description: PGP signature ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
[Zope3-Users] Re: meta.zcml from configure.zcml
Jean-François Roche wrote: Design question, is it considered bad practice to include a meta.zcml from a configure.zcml file ? e.g Package A depends on package B My package A requires some meta defined in package B before loading configure of package B so I do in configure.zcml of package A: configure xmlns=http://namespaces.zope.org/zope; ... include·package=B·file=meta.zcml·/ include package=B / /configure Bad ? Ok ? No, it's ok. If B's meta.zcml were already included earlier on (which may have been necessary), then ZCML will simply ignore it the second time. Normally, we include all metas first, then the configures. But if you want to make a package work in isolation (e.g. when the package itself describes an application), it makes sense to load meta as well. ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
[Zope3-Users] zc.buildout and easy_install.pth
Hi all, I am looking for some guidance on a particular issue I am having. I don't think it is a bug, I think it's merely a lack of understanding on my behalf. I have started developing a Zope3 application, I created a virtualenv and then used zopeproject to create the skeleton of my application. I then checked all of that into subversion so that another developer could check out the app and run a buildout and setup their own environment with the packages they need. The issue I am having is that when buildout runs, it installs all of the eggs I need into site-packages, however the easy_install.pth file is not updated with references to these. This means that when I launch the python interpreter, the packages which have been installed by buildout are not visible. The [project]-ctl and [project]-debug scripts to start zope are configured with the correct links to these packages however. For example, if I fire up python2.4 after running a fresh buildout, and try the following I get an import error: from persistent import Persistent How can I make sure that buildout installs dependencies for the whole virtualenv and not just for the zope instance? Thanks, Chris ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
[Zope3-Users] Re: zc.buildout and easy_install.pth
Chris Stoyles wrote: I have started developing a Zope3 application, I created a virtualenv and then used zopeproject to create the skeleton of my application. I then checked all of that into subversion so that another developer could check out the app and run a buildout and setup their own environment with the packages they need. The issue I am having is that when buildout runs, it installs all of the eggs I need into site-packages, That's not really how zc.buildout works. buildout-based sandboxes are isolated from each other, eggs are either installed within the sandbox itself or into a central eggs location, but never into site-packages (unless you tell zc.buildout to do this, but why would you?). however the easy_install.pth file is not updated with references to these. Right. zc.buildout isn't easy_install. This means that when I launch the python interpreter, the packages which have been installed by buildout are not visible. That's exactly intended. Your Python installation hasn't been affected at all. The [project]-ctl and [project]-debug scripts to start zope are configured with the correct links to these packages however. Indeed, because they have been generated by zc.buildout. For example, if I fire up python2.4 after running a fresh buildout, and try the following I get an import error: from persistent import Persistent How can I make sure that buildout installs dependencies for the whole virtualenv and not just for the zope instance? You don't. The point of zc.buildout is to have isolated sandboxes. It will never taint the global Python installation (in this case, your virtualenv is the global one to zc.buildout). ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] Set List constraints
Am 10.07.2008 um 21:56 schrieb Tim Cook: On Thu, 2008-07-10 at 16:59 +0200, Markus Kemmerling wrote: I would rather say: value=List( title=uValue, value_type=Object(schema=IMyClass) ) Can you elaborate why? You want to restrict the elements of a list to instances that provide a given interface IMyClass, right? That's exactly what a field's value_type attribute is for: It validates every element in a sequence or, more generally, a collection, before setting it. When you set the value_type to Object(schema=IMyClass) a validation error, SchemaNotProvided, will be raised for every list element not providing IMyClass (which in turn will raise a WrongContainedType error for the list itself). The (rarely used) classProvides you used in your code example: value=List( title=uValue, constraint=classProvides(IMyClass) ) is meant to be used in class definitions to declare that a class itself -- not is instances -- provides a given interface. Anyhow, such a constraint is of limited use only, since it does not prevent you from adding any object you like to the list *after* it got assigned to the 'value' attribute. Okay, but that would be badly behaved code; correct? Probably. But then I would consider using a tuple instead of a list (and a frozenset instead of a set). In my implementation I am creating instances and committing them to a ZODB repository. My thoughts were that copies of those instances would continue to constrain the types allowed in that attribute. Is that incorrect? I am not sure if I get this. If you set an instance of a mutable type like a list as an attribute of some other instance described by a schema, it will be validated, but still remain mutable (finally your other object only holds a reference to your mutable). It doesn't matter if it is persistent or not, or if it was copied before. But I might misunderstand your intention here. Regards, Markus Kemmerling ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users