Re: [Zope] restricting permissions for direct access only

2006-02-15 Thread Chris Withers
Michael Shulman wrote: Okay, I must be the most moronic user ever. The default text in a newly created Python Script, which I did not bother to change for my test case, accesses meta_type, but I did not notice this; thus I was confused. (Just out of curiosity, what permissions are required to

Re: [Zope] Advice needed before settling on Zope

2006-02-15 Thread Lennart Regebro
On 2/15/06, Rainsford, David [EMAIL PROTECTED] wrote: Our client is quite specific about what they require and how they want it to be presented, so ease of customisation and extensibility is a major factor. We have looked around at existing CMSes but have not found one that fulfills all of our

Re: [Zope] Re: Re: major problems placing authentication on an extranet site-security flaw?

2006-02-15 Thread michael nt milne
Chris, back to throwing personal insults eh. I'll refrain from going down that line as it's tedious and un-professional. You've obviously not listened to the advice of your fellow peers on that front. Everyone can take on a little advice and I've remarked previously that I was wrong in my initial

Re: [Zope] Advice needed before settling on Zope

2006-02-15 Thread bruno desthuilliers
Lennart Regebro wrote: On 2/15/06, Rainsford, David [EMAIL PROTECTED] wrote: Our client is quite specific about what they require and how they want it to be presented, so ease of customisation and extensibility is a major factor. We have looked around at existing CMSes but have not found one

[Zope] Memory Leak Debugging

2006-02-15 Thread Jonathan Bowlas
Hi All, We're having serious problems with performance running Silva CMS on Zope 2.7.8-final, python 2.3.5, linux2 set up on a machine with 2.5GB RAM. There are currently only about 65 users and around 2000 documents in the CMS but it seems to run for a week, then the RAM fills up and crashes so

[Zope] Memory Leak Debugging

2006-02-15 Thread Jonathan Bowlas
Hi All, We're having serious problems with performance running Silva CMS on Zope 2.7.8-final, python 2.3.5, linux2 set up on a machine with 2.5GB RAM. There are currently only about 65 users and around 2000 documents in the CMS but it seems to run for a week, then the RAM fills up and

RE: [Zope] Memory Leak Debugging

2006-02-15 Thread Jonathan Bowlas
And now in plain text, sorry for the HTML. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jonathan Bowlas Sent: 15 February 2006 11:47 To: zope@zope.org Subject: [Zope] Memory Leak Debugging Hi All, We're having serious problems with

Re: [Zope] Memory Leak Debugging

2006-02-15 Thread Peter Bengtsson
Hi, I'm NOT an expert and I hope that someone else who is an expert gives you better advise but here's a start... Do you have any recursive loops with lists that doesn't reset the list? Perhaps something like this: def findAllImages(self, placetolook, append2): for o in

[Zope] Re: AW: Re: Zope won't start on Windows XP

2006-02-15 Thread Pawel Lewicki
Tres Seaver wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Holger Butschek wrote: It looks as though you have a borked Zope installation: how did you install Zope? What does borked mean? I installed it with the windows installer. The file ist from zope.org. The traceback indicated

Re: [Zope] Memory Leak Debugging

2006-02-15 Thread Andrew Milton
+---[ Jonathan Bowlas ]-- | Hi All, | | We're having serious problems with performance running Silva CMS on Zope | 2.7.8-final, python 2.3.5, linux2 set up on a machine with 2.5GB RAM. There | are currently only about 65 users and around 2000 documents in the CMS but | it

[Zope] Re: Advice needed before settling on Zope

2006-02-15 Thread Maik Ihde
What turned you off Plone? Plone still lacks a decent versioning System. That's definetely a showstopper. And it does not scale too well, if you cannot use caching. Don't get me wrong, I do like Plone since you can rip out small Intranet solutions in a very short time - but do not try to do

[Zope] VerboseSecurity and zope 2.8.5

2006-02-15 Thread Peter Bengtsson
I'm not getting any verbose security messages in my zope 2.8.5. zope.conf reads: security-policy-implementation python verbose-security on I'm trying to log in as a user but get rejected which is probably because I've incorrectly configured one method or object to require one permission too many.

[Zope] calling getOwner on an ExtFile instance raises an Unauthorized ex ception

2006-02-15 Thread Palermo, Tom
All, Does anyone know why calling getOwner() on an instance of ExtFile raises an unauthorized exception? Error Type: Unauthorized Error Value: You are not allowed to access 'getOwner' in this context ExtFile imports SimpleItem which, in turn, imports AccessControl.Owner Here's the code

[Zope] Re: calling getOwner on an ExtFile instance raises an Unauthorized ex ception

2006-02-15 Thread Tres Seaver
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Palermo, Tom wrote: All, Does anyone know why calling getOwner() on an instance of ExtFile raises an unauthorized exception? Error Type: Unauthorized Error Value: You are not allowed to access 'getOwner' in this context ExtFile

[Zope] RE: calling getOwner on an ExtFile instance raises an Unauthori zed ex ception

2006-02-15 Thread Palermo, Tom
Tres, Thanks. I didn't know about that. I will try that. Also, I just used owner_info['id'] instead of getOwner(). It returns the same thing. I'm not sure why owner_info worked and getOwner did not both methods are in AccessControl.Owner.py Thanks, Tom -Original Message- From: Tres

Re: [Zope] VerboseSecurity and zope 2.8.5

2006-02-15 Thread Stefan H. Holek
If this is Plone, you also need to tell error_log not to ignore Unauthorized and clear the Login page ID in cookie_authentication. See http://plone.org/debug-unauthorized Stefan On 15. Feb 2006, at 14:39, Peter Bengtsson wrote: I'm not getting any verbose security messages in my zope

Re: [Zope] VerboseSecurity and zope 2.8.5

2006-02-15 Thread Peter Bengtsson
On 2/15/06, Stefan H. Holek [EMAIL PROTECTED] wrote: If this is Plone, you also need to tell error_log not to ignore Unauthorized and clear the Login page ID in cookie_authentication. See http://plone.org/debug-unauthorized It's not plone. Logged Unauthorised in error_log. On 15. Feb 2006,

Re: [Zope] restricting permissions for direct access only

2006-02-15 Thread Michael Shulman
On 2/15/06, Chris Withers [EMAIL PROTECTED] wrote: But... it's still not working for my real site. I think the issue is this. If script1 has proxy role Manager, and script2 has view permissions set only for Manager, then script1 can call script2, no problem. But if script1 instead calls

Re: [Zope] Zope/Plone logon security strategy etc

2006-02-15 Thread michael nt milne
Hi DieterI've installed DigestAuth. Just wondering if there are any set-up instructions at all?ThanksMichaelOn 1/26/06, Dieter Maurer [EMAIL PROTECTED] wrote:michael nt milne wrote at 2006-1-25 18:55 +: Yeah I know the security aspects are good once you are in, howeverwhen you login it's

Re: [Zope] Zope/Plone logon security strategy etc

2006-02-15 Thread michael nt milne
PSI won't be using this with SSL obviously. Good to use it to secure login areas where the other content doesn't require SSL.On 2/15/06, michael nt milne [EMAIL PROTECTED] wrote: Hi DieterI've installed DigestAuth. Just wondering if there are any set-up instructions at all?ThanksMichaelOn

Re: [Zope] Zope and roles and hierarchy

2006-02-15 Thread Lennart Regebro
On 2/14/06, Kees de Brabander [EMAIL PROTECTED] wrote: But my subfolders are for different groups of users and I want to keep them apart (so I can throw them away with the subfolder, when their use has become obsolete). Well, you could use PluggableAuthService, and have them in different

Re: [Zope] Zope 2.9 and SSL

2006-02-15 Thread Ron Bickers
On Wed February 15 2006 02:42, Janusz Zamecki wrote: The easiest way is to use Apache, but I have reasons to not go that way. If you don't want big Apache, lighttpd is small and has made a good SSL front-end proxy to Zope for me. http://www.lighttpd.net/ -- Ron

[Zope] Granting access by reading http headers

2006-02-15 Thread Marc Schnapp
We're running Plone for internal departmental use. I'm going to lock down most of the content, requiring a login to view sensitive documents. But I also want our Google Mini appliance to crawl all content. The problem is that the appliance does not accept cookies. So Plone and Zope don't

[Zope] Importing a ZClass from Zope 2.8.1 to Zope 2.9.0

2006-02-15 Thread Edward Huixquic
Hi Zopistas:I am trying to import into a Zope 2.9.0 installation, a ZClass that lives and runs fine in a Zope 2.8.1. I am getting an error which I attach below (from my event.log):What I am getting is a ZClassName does not support this operation. Does any of you have any idea what is going on and,

[Zope] Render image from external method.

2006-02-15 Thread Jason C. Leach
Hi, I'm wondering how I can render an image from an external method without creating a permanent image object in Zope? What I have is a python script I call in my ZPT. The python script does some things, and calls an external method that returns PNG image data. If I do tal:attributes=src

Re: [Zope] Render image from external method.

2006-02-15 Thread Peter Bengtsson
On 2/16/06, Jason C. Leach [EMAIL PROTECTED] wrote: Hi, I'm wondering how I can render an image from an external method without creating a permanent image object in Zope? What I have is a python script I call in my ZPT. The python script does some things, and calls an external method that

Re: [Zope] Importing a ZClass from Zope 2.8.1 to Zope 2.9.0

2006-02-15 Thread Peter Bengtsson
Perhaps not a valuable advice but I remember (years ago) that I couldn't import a ZClass because of something to do with the security even though I was logged in as root Manager. I ended up writing an External Method that in turn calls manage_importObject(file.zexp) and that worked. I know

[Zope] Re: restricting permissions for direct access only

2006-02-15 Thread Tres Seaver
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Michael Shulman wrote: On 2/15/06, Chris Withers [EMAIL PROTECTED] wrote: But... it's still not working for my real site. I think the issue is this. If script1 has proxy role Manager, and script2 has view permissions set only for Manager, then

Re: [Zope] Re: Re: major problems placing authentication on an extranet site-security flaw?

2006-02-15 Thread Chris Withers
michael nt milne wrote: Chris, back to throwing personal insults eh. It's not so much an insult as a statement of fact. Retarded means slower, and given how slow you seem to be to get the stuff we're discussing, I think the shoe fits. Not necessarily meant as an insult, but if you want to

[Zope-Checkins] SVN: Zope/branches/2.9/doc/CHANGES.txt Changelog cleanup.

2006-02-15 Thread Tres Seaver
Log message for revision 41627: Changelog cleanup. Changed: U Zope/branches/2.9/doc/CHANGES.txt -=- Modified: Zope/branches/2.9/doc/CHANGES.txt === --- Zope/branches/2.9/doc/CHANGES.txt 2006-02-15 15:27:58 UTC (rev 41626)

Re: [Zope-dev] Pluggins vs Application Definition

2006-02-15 Thread Chris Withers
[aside... hmmm, crossposting, maybe time to merge zope-dev and zope3-dev? most stuff seems to be relevent to both nowadays] Jim Fulton wrote: In Zope 3, we went with a more explicit installation mechanism, in which people had to explicitly cause a package's ZCML files to be loaded for it to

[Zope-dev] Re: [Zope3-dev] Pluggins vs Application Definition

2006-02-15 Thread Chris Withers
Stephan Richter wrote: This is interesting. I agree with Philipp though that a simple install tool would be better than one magic location. Indeed, but don't eggs already provide tools for this? I think the ZCML slugs are very cool I think they suck, sorry... it's one of the first things

Re: [Zope-dev] Pluggins vs Application Definition

2006-02-15 Thread Philipp von Weitershausen
Chris Withers wrote: [aside... hmmm, crossposting, maybe time to merge zope-dev and zope3-dev? most stuff seems to be relevent to both nowadays] +10 You know, I once had a proposal. Uh, never mind :) In Zope 3, we went with a more explicit installation mechanism, in which people had to

Re: [Zope-dev] Pluggins vs Application Definition

2006-02-15 Thread Stephan Richter
On Wednesday 15 February 2006 07:20, Philipp von Weitershausen wrote: Chris Withers wrote: [aside... hmmm, crossposting, maybe time to merge zope-dev and zope3-dev? most stuff seems to be relevent to both nowadays] +10 Okay, I hope this would be ignored, but -1. I can still ignore many

[Zope-dev] Moving Five source code to svn.zope.org

2006-02-15 Thread Philipp von Weitershausen
Hi all, the cross-repository merging between Zope 2 and Five has become a pain, especially as Five is now a big element in Zope 2 development. Since Five is ZPL and part of the Zope repository tree already, we would like to take another, final step now and move its complete source code control to

Re: [Zope-dev] Moving Five source code to svn.zope.org

2006-02-15 Thread Jens Vagelpohl
On 15 Feb 2006, at 15:30, Philipp von Weitershausen wrote: * I plan on doing the migration some time during the PyCON conference or sprint (24 Feb through 2 Mar). There might be a period of 1 day or so when commits to Five won't be possible. I'll inform everyone in advance. Perhaps Jens

Re: [Zope3-dev] Re: [Zope-dev] Pluggins vs Application Definition

2006-02-15 Thread Benji York
Chris Withers wrote: maybe time to merge zope-dev and zope3-dev? -1 They're still different enough that most traffic on one is not interesting to the majority of subscribers to the other. -- Benji York Senior Software Engineer Zope Corporation ___