Re: [Zope3-Users] Securitypolicy issues when moving to eggs

[Markus Kemmerling]

Hi Jesper,

Am 06.11.2007 um 13:02 schrieb Jesper Petersen:


Hi,
I recently moved my webapp from z3.3.1 tarball to all eggs. It's  
working great except for my
securitypolicy, which seems to sort of half-work. For example,  
earlier an authenticated member
could view http://myhost/mysite/@@footest.html with and without the  
@@ but now it's only viewable

with them.


Note that with the @@ you traverse the view via the 'view'  
namespace traverser defined by the zope.traversing package, without  
them Zope uses the ItemTraverser defined by the zope.app.container  
package. Both traversers perform an adapter lookup for your view  
'footest.html'. One possible reason for your problem might be that  
the security declarations for the traversers themselves differ.


Regards,
Markus Kemmerling___
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users

[Zope3-Users] Securitypolicy issues when moving to eggs

[Jesper Petersen]

Hi,I recently moved my webapp from z3.3.1 tarball to all eggs. It's working
great except for my
securitypolicy, which seems to sort of half-work. For example, earlier an
authenticated member
could view http://myhost/mysite/@@footest.html with and without the @@ but
now it's only viewable
with them. It's hard to pinpoint what does work and what doesn't but for
authenticated users, most
actions will redirect (but shouldn't) to the loginform. Security checks for
unauthenticated users seem to work as
before without problems (they can have the foo.Visitor role defined in my
roles.zcml).

In my tarball version I've setup authentication and user management pretty
much like in the latest
Worldcookery book. I.e, security settings in my package's roles.zcml and
permissions.zcml, and
a grant of the foo.Visitor role the zope.anybody principal in
etc/principals.zcml.

In my sandbox the grant of the old etc/principals.zcml was put at the end in
site.zcml. At first I got
a deprecation warning on zope.app.securitypolicy but it was easily solved by
using
zope.securitypolicy instead. I later, of course, updated configuration.zcmland
setup.py to use
zope.securitypolicy instead (with file=meta.zcml). Another deprecation I
got was for zope.configuration:

SNIP.../buildout-eggs/zope.configuration-3.4.0-py2.4.egg/zope/configuration/config.py:197:
DeprecationWarning: ZopeSecurityPolicy is deprecated. It has moved to
zope.securitypolicy.zopepolicy  This reference will be removed somedays
  obj = getattr(mod, oname)


Not sure if this is what's causing my authenticated users to fail on
accessing stuff that should
be accessible. I'm kind of stumped because don't really know what to do :)


Let me know if you need any more info

/Jesper

BTW, here's how i setup my sandbox:
$ python virtualenv env
$ cd env
$ ./bin/easy_install zopeproject
$ ./bin/easy_install zc.buildout
$ ./bin/zopeproject --no-buildout Hello
$ cd Hello
$ (Add the package index and comment out find-links):
#find-links = http://download.zope.org/distribution/
index = http://download.zope.org/zope3.4
$ ../bin/buildout bootstrap
$ ./bin/buildout

I also tried it with letting zopeproject handle the buildout and using the
default find-links in
buildout.cfg but I end up with the same problems
___
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users