Re: [Zope3-Users] container protectName
i have both stephan and phillip's books... but they're on loan to friends i'm trying to convert to zope ;) thanks again! On 3/30/06, Michael Howitz <[EMAIL PROTECTED]> wrote: > Am Mittwoch, den 29.03.2006, 12:22 -0500 schrieb Pete Taylor: > > That worked immediately... Thank you sir. > > > > other than "being really smart", how did you know to look at that? > > I had the same problem some time ago. ;) > > > I > > guess I don't understand some of the implied permissions, esp when > > they contradict what I put in the zcml. is there a writeup of the > > security chain on the zope3 application server startup somewhere that > > I can read through to have a better idea of how that works? > > I don't know ... maybe in Stephan's or Phillip's book ... > http://www.zope.org/Wikis/DevSite/Projects/ComponentArchitecture/Zope3Book/secureobjects.html > > mac > > -- "All guilt is relative, loyalty counts, and never let your conscience be your guide." - Lucas Buck, American Gothic ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] container protectName
Am Mittwoch, den 29.03.2006, 12:22 -0500 schrieb Pete Taylor: > That worked immediately... Thank you sir. > > other than "being really smart", how did you know to look at that? I had the same problem some time ago. ;) > I > guess I don't understand some of the implied permissions, esp when > they contradict what I put in the zcml. is there a writeup of the > security chain on the zope3 application server startup somewhere that > I can read through to have a better idea of how that works? I don't know ... maybe in Stephan's or Phillip's book ... http://www.zope.org/Wikis/DevSite/Projects/ComponentArchitecture/Zope3Book/secureobjects.html mac ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] container protectName
That worked immediately... Thank you sir.
other than "being really smart", how did you know to look at that? I
guess I don't understand some of the implied permissions, esp when
they contradict what I put in the zcml. is there a writeup of the
security chain on the zope3 application server startup somewhere that
I can read through to have a better idea of how that works? I hate
sending questions to the list if I could have just read it myself
somewhere.
On 3/29/06, Michael Howitz <[EMAIL PROTECTED]> wrote:
> Am Mittwoch, den 29.03.2006, 01:56 -0500 schrieb Pete Taylor:
> > Hi all (yet again ;) ),
> > I ran into this issue on a project I worked on before, but I ended up
> > changing the design before it became a significant issue. this time
> > around, i don't see a way by it.
> >
> > i have a class that derives from Folder (or BTreeContainer, it doesn't
> > really matter for this). in configure.zcml, i set it up as follows:
> >
> > >
> > interface="zope.app.annotation.interfaces.IAttributeAnnotatable"
> > />
> > > permission="zope.ManageContent"
> > interface="zope.app.container.interfaces.IReadContainer"
> > />
> > > permission="zope.ManageContent"
> > interface="zope.app.container.interfaces.IWriteContainer"
> > />
> > > permission="zope.ManageContent"
> > interface=".interfaces.consumer.IConsumer"
> > />
> > > permission="zope.ManageContent"
> > set_schema=".interfaces.consumer.IConsumer"
> > />
> >
> >
> > this doesn't work. putting in the third-down require statement breaks
> [ ... ]
> > I've put the traceback below...
> >
> > Traceback (most recent call last):
> > File "bin/runzope", line 48, in ?
> > run()
> > File "bin/runzope", line 44, in run
> > main(["-C", CONFIG_FILE] + sys.argv[1:])
> > File "/opt/zope3//lib/python/zope/app/twisted/main.py", line 74, in main
> > service = setup(load_options(args))
> > File "/opt/zope3//lib/python/zope/app/twisted/main.py", line 139, in setup
> > zope.app.appsetup.config(options.site_definition, features=features)
> > File "/opt/zope3//lib/python/zope/app/appsetup/appsetup.py", line
> > 110, in config
> > context = xmlconfig.file(file, context=context, execute=execute)
> > File "/opt/zope3//lib/python/zope/configuration/xmlconfig.py", line
> > 556, in file
> > context.execute_actions()
> > File "/opt/zope3//lib/python/zope/configuration/config.py", line
> > 606, in execute_actions
> > for action in resolveConflicts(self.actions):
> > File "/opt/zope3//lib/python/zope/configuration/config.py", line
> > 1511, in resolveConflicts
> > raise ConfigurationConflictError(conflicts)
> > zope.configuration.config.ConfigurationConflictError: Conflicting
> > configuration actions
> > For: ('protectName', , '__contains__')
> > File "/usr/lib/python2.4/site-packages/petetest/configure.zcml",
> [ ... ]
>
> This is because your Interface IConsumer extends the
> IContainer-Interface. In Zope3 security declarations can only be done
> once on a content class, but if you extend from IContainer in both
> require statements (for IConsumer and IReadContainer) a permission is
> declared.
>
> Solution: Let ICustomer extend zope.interface.Interface. Because your
> implementation of ICustomer extends BTreeContainer it also interhits the
> implements statement for IContainer.
>
> HTH,
> mac
>
>
--
"All guilt is relative, loyalty counts, and never let your conscience
be your guide."
- Lucas Buck, American Gothic
___
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] container protectName
Am Mittwoch, den 29.03.2006, 01:56 -0500 schrieb Pete Taylor:
> Hi all (yet again ;) ),
> I ran into this issue on a project I worked on before, but I ended up
> changing the design before it became a significant issue. this time
> around, i don't see a way by it.
>
> i have a class that derives from Folder (or BTreeContainer, it doesn't
> really matter for this). in configure.zcml, i set it up as follows:
>
>
> interface="zope.app.annotation.interfaces.IAttributeAnnotatable"
> />
> permission="zope.ManageContent"
> interface="zope.app.container.interfaces.IReadContainer"
> />
> permission="zope.ManageContent"
> interface="zope.app.container.interfaces.IWriteContainer"
> />
> permission="zope.ManageContent"
> interface=".interfaces.consumer.IConsumer"
> />
> permission="zope.ManageContent"
> set_schema=".interfaces.consumer.IConsumer"
> />
>
>
> this doesn't work. putting in the third-down require statement breaks
[ ... ]
> I've put the traceback below...
>
> Traceback (most recent call last):
> File "bin/runzope", line 48, in ?
> run()
> File "bin/runzope", line 44, in run
> main(["-C", CONFIG_FILE] + sys.argv[1:])
> File "/opt/zope3//lib/python/zope/app/twisted/main.py", line 74, in main
> service = setup(load_options(args))
> File "/opt/zope3//lib/python/zope/app/twisted/main.py", line 139, in setup
> zope.app.appsetup.config(options.site_definition, features=features)
> File "/opt/zope3//lib/python/zope/app/appsetup/appsetup.py", line
> 110, in config
> context = xmlconfig.file(file, context=context, execute=execute)
> File "/opt/zope3//lib/python/zope/configuration/xmlconfig.py", line
> 556, in file
> context.execute_actions()
> File "/opt/zope3//lib/python/zope/configuration/config.py", line
> 606, in execute_actions
> for action in resolveConflicts(self.actions):
> File "/opt/zope3//lib/python/zope/configuration/config.py", line
> 1511, in resolveConflicts
> raise ConfigurationConflictError(conflicts)
> zope.configuration.config.ConfigurationConflictError: Conflicting
> configuration actions
> For: ('protectName', , '__contains__')
> File "/usr/lib/python2.4/site-packages/petetest/configure.zcml",
[ ... ]
This is because your Interface IConsumer extends the
IContainer-Interface. In Zope3 security declarations can only be done
once on a content class, but if you extend from IContainer in both
require statements (for IConsumer and IReadContainer) a permission is
declared.
Solution: Let ICustomer extend zope.interface.Interface. Because your
implementation of ICustomer extends BTreeContainer it also interhits the
implements statement for IContainer.
HTH,
mac
___
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users
[Zope3-Users] container protectName
Hi all (yet again ;) ),
I ran into this issue on a project I worked on before, but I ended up
changing the design before it became a significant issue. this time
around, i don't see a way by it.
i have a class that derives from Folder (or BTreeContainer, it doesn't
really matter for this). in configure.zcml, i set it up as follows:
this doesn't work. putting in the third-down require statement breaks
it, throwing me a traceback that says something about protectName.
i've looked through zope.app.security.protectclass (where protectName
comes from), and i just honestly don't see what the issue is. i've
even tried it with removing the I{Read/Write}Container bits... the
only difference between this class and any other just class
MyClass(Persistent) style is just that it happens to be a container.
is there something about Folder or BTreeContainer that invokes a
different kind of security checking than a simple Persistent class
derivative?
the issue is that I want/need to be able to both have the class
contain other persistent objects, while simultaneously have it be able
to have a view on it that allows the update and modification of
certain attributes... like the following:
consumer.full_name
consumer['preferences'] = Preferences()
there are, obviously, ways around this. i can redesign the way i'm
attempting to use the object, if necessary. but it works from the
interactive interpreter, it just fails in the zcml. and if i leave
out the relevant zcml bit, it just throws me "Unauthorized" errors.
anyone have any ideas?
I've put the traceback below...
Traceback (most recent call last):
File "bin/runzope", line 48, in ?
run()
File "bin/runzope", line 44, in run
main(["-C", CONFIG_FILE] + sys.argv[1:])
File "/opt/zope3//lib/python/zope/app/twisted/main.py", line 74, in main
service = setup(load_options(args))
File "/opt/zope3//lib/python/zope/app/twisted/main.py", line 139, in setup
zope.app.appsetup.config(options.site_definition, features=features)
File "/opt/zope3//lib/python/zope/app/appsetup/appsetup.py", line
110, in config
context = xmlconfig.file(file, context=context, execute=execute)
File "/opt/zope3//lib/python/zope/configuration/xmlconfig.py", line
556, in file
context.execute_actions()
File "/opt/zope3//lib/python/zope/configuration/config.py", line
606, in execute_actions
for action in resolveConflicts(self.actions):
File "/opt/zope3//lib/python/zope/configuration/config.py", line
1511, in resolveConflicts
raise ConfigurationConflictError(conflicts)
zope.configuration.config.ConfigurationConflictError: Conflicting
configuration actions
For: ('protectName', , '__contains__')
File "/usr/lib/python2.4/site-packages/petetest/configure.zcml",
line 7.3-27.2
File "/usr/lib/python2.4/site-packages/personium/configure.zcml",
line 7.3-27.2
--
"All guilt is relative, loyalty counts, and never let your conscience
be your guide."
- Lucas Buck, American Gothic
___
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users
