Re: [Zope3-Users] container protectName
i have both stephan and phillip's books... but they're on loan to friends i'm trying to convert to zope ;) thanks again! On 3/30/06, Michael Howitz <[EMAIL PROTECTED]> wrote: > Am Mittwoch, den 29.03.2006, 12:22 -0500 schrieb Pete Taylor: > > That worked immediately... Thank you sir. > > > > other than "being really smart", how did you know to look at that? > > I had the same problem some time ago. ;) > > > I > > guess I don't understand some of the implied permissions, esp when > > they contradict what I put in the zcml. is there a writeup of the > > security chain on the zope3 application server startup somewhere that > > I can read through to have a better idea of how that works? > > I don't know ... maybe in Stephan's or Phillip's book ... > http://www.zope.org/Wikis/DevSite/Projects/ComponentArchitecture/Zope3Book/secureobjects.html > > mac > > -- "All guilt is relative, loyalty counts, and never let your conscience be your guide." - Lucas Buck, American Gothic ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] container protectName
Am Mittwoch, den 29.03.2006, 12:22 -0500 schrieb Pete Taylor: > That worked immediately... Thank you sir. > > other than "being really smart", how did you know to look at that? I had the same problem some time ago. ;) > I > guess I don't understand some of the implied permissions, esp when > they contradict what I put in the zcml. is there a writeup of the > security chain on the zope3 application server startup somewhere that > I can read through to have a better idea of how that works? I don't know ... maybe in Stephan's or Phillip's book ... http://www.zope.org/Wikis/DevSite/Projects/ComponentArchitecture/Zope3Book/secureobjects.html mac ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] container protectName
That worked immediately... Thank you sir. other than "being really smart", how did you know to look at that? I guess I don't understand some of the implied permissions, esp when they contradict what I put in the zcml. is there a writeup of the security chain on the zope3 application server startup somewhere that I can read through to have a better idea of how that works? I hate sending questions to the list if I could have just read it myself somewhere. On 3/29/06, Michael Howitz <[EMAIL PROTECTED]> wrote: > Am Mittwoch, den 29.03.2006, 01:56 -0500 schrieb Pete Taylor: > > Hi all (yet again ;) ), > > I ran into this issue on a project I worked on before, but I ended up > > changing the design before it became a significant issue. this time > > around, i don't see a way by it. > > > > i have a class that derives from Folder (or BTreeContainer, it doesn't > > really matter for this). in configure.zcml, i set it up as follows: > > > > > > > interface="zope.app.annotation.interfaces.IAttributeAnnotatable" > > /> > > > permission="zope.ManageContent" > > interface="zope.app.container.interfaces.IReadContainer" > > /> > > > permission="zope.ManageContent" > > interface="zope.app.container.interfaces.IWriteContainer" > > /> > > > permission="zope.ManageContent" > > interface=".interfaces.consumer.IConsumer" > > /> > > > permission="zope.ManageContent" > > set_schema=".interfaces.consumer.IConsumer" > > /> > > > > > > this doesn't work. putting in the third-down require statement breaks > [ ... ] > > I've put the traceback below... > > > > Traceback (most recent call last): > > File "bin/runzope", line 48, in ? > > run() > > File "bin/runzope", line 44, in run > > main(["-C", CONFIG_FILE] + sys.argv[1:]) > > File "/opt/zope3//lib/python/zope/app/twisted/main.py", line 74, in main > > service = setup(load_options(args)) > > File "/opt/zope3//lib/python/zope/app/twisted/main.py", line 139, in setup > > zope.app.appsetup.config(options.site_definition, features=features) > > File "/opt/zope3//lib/python/zope/app/appsetup/appsetup.py", line > > 110, in config > > context = xmlconfig.file(file, context=context, execute=execute) > > File "/opt/zope3//lib/python/zope/configuration/xmlconfig.py", line > > 556, in file > > context.execute_actions() > > File "/opt/zope3//lib/python/zope/configuration/config.py", line > > 606, in execute_actions > > for action in resolveConflicts(self.actions): > > File "/opt/zope3//lib/python/zope/configuration/config.py", line > > 1511, in resolveConflicts > > raise ConfigurationConflictError(conflicts) > > zope.configuration.config.ConfigurationConflictError: Conflicting > > configuration actions > > For: ('protectName', , '__contains__') > > File "/usr/lib/python2.4/site-packages/petetest/configure.zcml", > [ ... ] > > This is because your Interface IConsumer extends the > IContainer-Interface. In Zope3 security declarations can only be done > once on a content class, but if you extend from IContainer in both > require statements (for IConsumer and IReadContainer) a permission is > declared. > > Solution: Let ICustomer extend zope.interface.Interface. Because your > implementation of ICustomer extends BTreeContainer it also interhits the > implements statement for IContainer. > > HTH, > mac > > -- "All guilt is relative, loyalty counts, and never let your conscience be your guide." - Lucas Buck, American Gothic ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] container protectName
Am Mittwoch, den 29.03.2006, 01:56 -0500 schrieb Pete Taylor: > Hi all (yet again ;) ), > I ran into this issue on a project I worked on before, but I ended up > changing the design before it became a significant issue. this time > around, i don't see a way by it. > > i have a class that derives from Folder (or BTreeContainer, it doesn't > really matter for this). in configure.zcml, i set it up as follows: > > > interface="zope.app.annotation.interfaces.IAttributeAnnotatable" > /> > permission="zope.ManageContent" > interface="zope.app.container.interfaces.IReadContainer" > /> > permission="zope.ManageContent" > interface="zope.app.container.interfaces.IWriteContainer" > /> > permission="zope.ManageContent" > interface=".interfaces.consumer.IConsumer" > /> > permission="zope.ManageContent" > set_schema=".interfaces.consumer.IConsumer" > /> > > > this doesn't work. putting in the third-down require statement breaks [ ... ] > I've put the traceback below... > > Traceback (most recent call last): > File "bin/runzope", line 48, in ? > run() > File "bin/runzope", line 44, in run > main(["-C", CONFIG_FILE] + sys.argv[1:]) > File "/opt/zope3//lib/python/zope/app/twisted/main.py", line 74, in main > service = setup(load_options(args)) > File "/opt/zope3//lib/python/zope/app/twisted/main.py", line 139, in setup > zope.app.appsetup.config(options.site_definition, features=features) > File "/opt/zope3//lib/python/zope/app/appsetup/appsetup.py", line > 110, in config > context = xmlconfig.file(file, context=context, execute=execute) > File "/opt/zope3//lib/python/zope/configuration/xmlconfig.py", line > 556, in file > context.execute_actions() > File "/opt/zope3//lib/python/zope/configuration/config.py", line > 606, in execute_actions > for action in resolveConflicts(self.actions): > File "/opt/zope3//lib/python/zope/configuration/config.py", line > 1511, in resolveConflicts > raise ConfigurationConflictError(conflicts) > zope.configuration.config.ConfigurationConflictError: Conflicting > configuration actions > For: ('protectName', , '__contains__') > File "/usr/lib/python2.4/site-packages/petetest/configure.zcml", [ ... ] This is because your Interface IConsumer extends the IContainer-Interface. In Zope3 security declarations can only be done once on a content class, but if you extend from IContainer in both require statements (for IConsumer and IReadContainer) a permission is declared. Solution: Let ICustomer extend zope.interface.Interface. Because your implementation of ICustomer extends BTreeContainer it also interhits the implements statement for IContainer. HTH, mac ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
[Zope3-Users] container protectName
Hi all (yet again ;) ), I ran into this issue on a project I worked on before, but I ended up changing the design before it became a significant issue. this time around, i don't see a way by it. i have a class that derives from Folder (or BTreeContainer, it doesn't really matter for this). in configure.zcml, i set it up as follows: this doesn't work. putting in the third-down require statement breaks it, throwing me a traceback that says something about protectName. i've looked through zope.app.security.protectclass (where protectName comes from), and i just honestly don't see what the issue is. i've even tried it with removing the I{Read/Write}Container bits... the only difference between this class and any other just class MyClass(Persistent) style is just that it happens to be a container. is there something about Folder or BTreeContainer that invokes a different kind of security checking than a simple Persistent class derivative? the issue is that I want/need to be able to both have the class contain other persistent objects, while simultaneously have it be able to have a view on it that allows the update and modification of certain attributes... like the following: consumer.full_name consumer['preferences'] = Preferences() there are, obviously, ways around this. i can redesign the way i'm attempting to use the object, if necessary. but it works from the interactive interpreter, it just fails in the zcml. and if i leave out the relevant zcml bit, it just throws me "Unauthorized" errors. anyone have any ideas? I've put the traceback below... Traceback (most recent call last): File "bin/runzope", line 48, in ? run() File "bin/runzope", line 44, in run main(["-C", CONFIG_FILE] + sys.argv[1:]) File "/opt/zope3//lib/python/zope/app/twisted/main.py", line 74, in main service = setup(load_options(args)) File "/opt/zope3//lib/python/zope/app/twisted/main.py", line 139, in setup zope.app.appsetup.config(options.site_definition, features=features) File "/opt/zope3//lib/python/zope/app/appsetup/appsetup.py", line 110, in config context = xmlconfig.file(file, context=context, execute=execute) File "/opt/zope3//lib/python/zope/configuration/xmlconfig.py", line 556, in file context.execute_actions() File "/opt/zope3//lib/python/zope/configuration/config.py", line 606, in execute_actions for action in resolveConflicts(self.actions): File "/opt/zope3//lib/python/zope/configuration/config.py", line 1511, in resolveConflicts raise ConfigurationConflictError(conflicts) zope.configuration.config.ConfigurationConflictError: Conflicting configuration actions For: ('protectName', , '__contains__') File "/usr/lib/python2.4/site-packages/petetest/configure.zcml", line 7.3-27.2 File "/usr/lib/python2.4/site-packages/personium/configure.zcml", line 7.3-27.2 -- "All guilt is relative, loyalty counts, and never let your conscience be your guide." - Lucas Buck, American Gothic ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users