-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Monday, June 18, 2007 12:00 PM
To: zope@zope.org
Subject: Zope Digest, Vol 37, Issue 16
Send Zope mailing list submissions to
zope@zope.org
To subscribe or unsubscribe via the World Wide Web, visit
http://mail.zope.org/mailman/listinfo/zope
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]
You can reach the person managing the list at
[EMAIL PROTECTED]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of Zope digest..."
Today's Topics:
1. Re: Auto Cataloging my ZCatalog (kamal hamzat)
2. Re: zope stopped working suddenly (Mohammed Tlais)
3. Re: zope stopped working suddenly (Maciej Wisniowski)
4. Re: Auto Cataloging my ZCatalog (Jonathan)
5. RSS to HTML in Zope (Tom Von Lahndorff)
6. Re: security assertion needed for dictionary? (tomvon)
7. RE: security assertion needed for dictionary?
(Doyon, Jean-Francois)
8. Re: RSS to HTML in Zope (Andreas Jung)
9. RE: security assertion needed for dictionary? (tomvon)
----------------------------------------------------------------------
Message: 1
Date: Sun, 17 Jun 2007 18:01:28 +0100
From: "kamal hamzat" <[EMAIL PROTECTED]>
Subject: Re: [Zope] Auto Cataloging my ZCatalog
To: "Jonathan" <[EMAIL PROTECTED]>, <zope@zope.org>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
reply-type=response
----- Original Message -----
From: "Jonathan" <[EMAIL PROTECTED]>
To: "kamal hamzat" <[EMAIL PROTECTED]>; <zope@zope.org>
Sent: Friday, June 15, 2007 5:58 PM
Subject: Re: [Zope] Auto Cataloging my ZCatalog
>
> ----- Original Message -----
> From: "kamal hamzat" <[EMAIL PROTECTED]>
> To: <zope@zope.org>
> Sent: Friday, June 15, 2007 12:51 PM
> Subject: [Zope] Auto Cataloging my ZCatalog
>
>
> Hello,
>
> I have a ZCatalog that my users use to catalog there news articles
which
> are (DTML Documents). I have already explained it to them to always
input
> the id for the new DTML Documents under "with ids" section on the Find
> Objects tab on the ZMI to catalog new articles. But most time they
will
> not and they end up cataloging the entire articles which runs to
13,000
> records.
>
> What i want is either to be able to display error when the "with ids"
is
> missing on Find Objects form or to be able to automate it. For example
use
> a python code. I am new to python but very eager to learn.
>>
>
> One possible approach:
>
> - I would not allow end-users access to the ZMI.
>
> - Have users interact with the application through a menu driven
interface
>
> - Use a series of forms to collect data, then use python
scripts/external
> methods to create/store objects (eg. your DTML Documents) and update
the
> ZCatalog(s).
>
This sound interesting, but i do not have an idea of how to use python/
external method to create/store objects.
I will appreciate if you can point me to links or articles that have
treated
something similar.
Thanks
kamal
------------------------------
Message: 2
Date: Mon, 18 Jun 2007 08:18:22 +0300
From: "Mohammed Tlais" <[EMAIL PROTECTED]>
Subject: Re: [Zope] zope stopped working suddenly
To: "Maciej Wisniowski" <[EMAIL PROTECTED]>
Cc: zope@zope.org
Message-ID:
<[EMAIL PROTECTED]>
Content-Type: text/plain; charset="iso-8859-1"
On 6/15/07, Maciej Wisniowski <[EMAIL PROTECTED]>
wrote:
>
> > File "/opt/Zope-2.10/lib/python/Zope2/Startup/__init__.py", line
> > 234, in dropPrivileges
> > return dropPrivileges(self.cfg)
> > File "/opt/Zope-2.10/lib/python/Zope2/Startup/__init__.py", line
> > 403, in dropPrivileges
> > raise ZConfig.ConfigurationError(msg)
> > ZConfig.ConfigurationError: A user was not specified to setuid to;
fix
> > this to start as root (change the effective-user directive in
zope.conf)
> > /** END **/
> You have answer above. To run as root you have
> to change effective-user at zope.conf file
I tried to change effective-user from the zope.conf.in file and saved it
as
zope.conf, I used the command
effective-user tleis , as stated in the example of that file, but no
thing
changed. if anyone knows why please tell me (just curousity)
> >
> > When everything was ok in the past I was able to run zope through
> > ./zopectl start (as a root)
> > but now the stop command displays that the daemon manager is not
open.
> Strange that it worked. In general I think you shouldn't
> run zope as root.
>
> --
> Maciej Wisniowski
I created a new user as Maciej said, and there i tried to create an
instance, but I got a denied permission message. What I did finally is
that
I deleted the folders in both /tmp/zope and /opt/Zope-2.10 folders, and
installed Zope Again and everything is working fine right
now! but i still want to understand why this happened to me?
Thanks for you
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://mail.zope.org/pipermail/zope/attachments/20070618/c3d24bcc/attach
ment-0001.htm
------------------------------
Message: 3
Date: Mon, 18 Jun 2007 11:32:04 +0200
From: Maciej Wisniowski <[EMAIL PROTECTED]>
Subject: Re: [Zope] zope stopped working suddenly
To: Mohammed Tlais <[EMAIL PROTECTED]>
Cc: zope@zope.org
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-1
> I tried to change effective-user from the zope.conf.in
> <http://zope.conf.in> file and saved it as zope.conf, I used the
command
>
> effective-user tleis , as stated in the example of that file, but no
> thing changed. if anyone knows why please tell me (just curousity)
Maybe user tleis had no permissions to folders you've created as root.
> I created a new user as Maciej said, and there i tried to create an
> instance, but I got a denied permission message.
If you tried to override existing instance created
by root then it is correct behaviour I think.
> What I did finally is that I deleted the folders in both /tmp/zope and
> /opt/Zope-2.10 folders, and installed Zope Again and everything is
> working fine right
:)
--
Maciej Wisniowski
------------------------------
Message: 4
Date: Mon, 18 Jun 2007 07:31:55 -0400
From: "Jonathan" <[EMAIL PROTECTED]>
Subject: Re: [Zope] Auto Cataloging my ZCatalog
To: "kamal hamzat" <[EMAIL PROTECTED]>, <zope@zope.org>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
reply-type=response
>> ----- Original Message -----
>> From: "kamal hamzat" <[EMAIL PROTECTED]>
>> To: <zope@zope.org>
>> Sent: Friday, June 15, 2007 12:51 PM
>> Subject: [Zope] Auto Cataloging my ZCatalog
>>
>>
>> Hello,
>>
>> I have a ZCatalog that my users use to catalog there news articles
which
>> are (DTML Documents). I have already explained it to them to always
input
>> the id for the new DTML Documents under "with ids" section on the
Find
>> Objects tab on the ZMI to catalog new articles. But most time they
will
>> not and they end up cataloging the entire articles which runs to
13,000
>> records.
>>
>> What i want is either to be able to display error when the "with ids"
is
>> missing on Find Objects form or to be able to automate it. For
example
>> use a python code. I am new to python but very eager to learn.
>>>
>>
>> One possible approach:
>>
>> - I would not allow end-users access to the ZMI.
>>
>> - Have users interact with the application through a menu driven
>> interface
>>
>> - Use a series of forms to collect data, then use python
scripts/external
>> methods to create/store objects (eg. your DTML Documents) and update
the
>> ZCatalog(s).
>>
>
> This sound interesting, but i do not have an idea of how to use
python/
> external method to create/store objects.
> I will appreciate if you can point me to links or articles that have
> treated something similar.
You should read the ZopeBook chapters on scripting:
http://plope.com/Books/2_7Edition/view
If you can make do with existing Zope object types (eg. DTML Documents,
etc)
then you can develop your application without having to create your own
Zope
Product, which means that DTML, ZPT and scripts will give you everything
you
need.
If you have to define your own object types (classes) then you will need
to
create your own Zope Product. Here are some links to product examples:
http://www.zope.org/Members/gtk/Boring
http://www.devshed.com/c/a/Zope/Creating-Zope-Products/
There is another way to create Zope classes called ZClasses (they are
mentioned in the ZopeBook), but I would not recommend using them for a
long-term applications as they are officially deprecated as of Zope
2.10.
However, for 'quick & dirty' prototyping or for applications that have a
limited lifetime they may be useful.
hth
Jonathan
http://www.zope.org/Members/gtk/Boring
------------------------------
Message: 5
Date: Mon, 18 Jun 2007 10:41:53 -0400
From: Tom Von Lahndorff <[EMAIL PROTECTED]>
Subject: [Zope] RSS to HTML in Zope
To: zope@zope.org
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Hi, Im still struggling to get an RSS feed converted to HTML in Zope
using
Universal Feed Parser
http://www.feedparser.org/
+
This feedpaser setup
http://www.zope.org/Members/johntynan/feedparser
I'm able to get an RSS feed converted to what looks like a dictionary
and view it, however it shows up as a rendered string on the page.
Whenever I try to get any of the keys, no matter how, I've tried
every possible scenario, I get an error back every time. "Blah Blah"
is not callable..., You care not allowed to access "blah Blah" in
this context., Value 0, etc...
I've also tried using the RSS Document in the XML Kit which ended up
causing a runaway python method and took down Zope so I'd like to
avoid using it. Half the time it gives back an error message anyway.
If anyone has a relatively easy way to convert an RSS feed to HTML in
Zope I would greatly appreciate any feedback on how to set this up.
Thanks in advance.
------------------------------
Message: 6
Date: Mon, 18 Jun 2007 08:36:06 -0700 (PDT)
From: tomvon <[EMAIL PROTECTED]>
Subject: Re: [Zope] security assertion needed for dictionary?
To: zope@zope.org
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii
I have the exact same problem and have been unable to find a solution
anywhere. Were you ever able to resolve this?
sfmcfar wrote:
>
> I apologize for cross-posting from the plone newsgroup. but after
posting
> this I realized that this was more of a Zope issue than a Plone one.
I
> wish I could cut-and-paste (development is on the other side of a
> firewall), so instead I'll be as clear as I can.
>
> Anyway, I have a Plone product that contains a method called
> getFeedSequence() that returns the result (a dictionary) from
> feedparser.parse() (Feedparser is the generic RSS/Atom parser).
>
> In my template, I can do:
>
> <div tal:define="myFeed python:getFeedSequence()">
> <div tal:content="python:myFeed">
>
> And see the string representation of the dictionary with no problem.
But
> if
> I try and access a member of the sequence:
>
> <div tal:define="myFeed python:getFeedSequence()">
> <div tal:content="python:myFeed['feed']['title']">
>
> VerboseSecurity reports "The container has no security assertions.
> Access to None of {[the entire RSS dictionary goes here]} denied."
>
> How can I have permission to access the entire sequence but not a
> portion of it? it appears to me that the sequence is fairly
> straightforward - a few nested dictionaries, but that's it. Does this
> make any sense?
>
>
> Thanks,
>
> Stan
>
--
View this message in context:
http://www.nabble.com/security-assertion-needed-for-dictionary--tf376206
1.html#a11178187
Sent from the Zope - General mailing list archive at Nabble.com.
------------------------------
Message: 7
Date: Mon, 18 Jun 2007 11:43:00 -0400
From: "Doyon, Jean-Francois" <[EMAIL PROTECTED]>
Subject: RE: [Zope] security assertion needed for dictionary?
To: "tomvon" <[EMAIL PROTECTED]>, <zope@zope.org>
Message-ID:
<[EMAIL PROTECTED]>
Content-Type: text/plain; charset="us-ascii"
Forgetting plone (which I know nothing about), dictionaries definitely
do NOT need security assertions (like lists, strings, integers and all
basic types).
Are you SURE it's a dictionary? Most likely it just LOOKS like one when
represented as a string.
Try:
<div tal:content="python:repr(myFeed)">
To see exactly what it is ... It might be an instance of some object
that has a __str__ that makes it look like a dictionary?
J.F.
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of
tomvon
Sent: June 18, 2007 11:36
To: zope@zope.org
Subject: Re: [Zope] security assertion needed for dictionary?
I have the exact same problem and have been unable to find a solution
anywhere. Were you ever able to resolve this?
sfmcfar wrote:
>
> I apologize for cross-posting from the plone newsgroup. but after
> posting this I realized that this was more of a Zope issue than a
> Plone one. I wish I could cut-and-paste (development is on the other
> side of a firewall), so instead I'll be as clear as I can.
>
> Anyway, I have a Plone product that contains a method called
> getFeedSequence() that returns the result (a dictionary) from
> feedparser.parse() (Feedparser is the generic RSS/Atom parser).
>
> In my template, I can do:
>
> <div tal:define="myFeed python:getFeedSequence()">
> <div tal:content="python:myFeed">
>
> And see the string representation of the dictionary with no problem.
> But if I try and access a member of the sequence:
>
> <div tal:define="myFeed python:getFeedSequence()">
> <div tal:content="python:myFeed['feed']['title']">
>
> VerboseSecurity reports "The container has no security assertions.
> Access to None of {[the entire RSS dictionary goes here]} denied."
>
> How can I have permission to access the entire sequence but not a
> portion of it? it appears to me that the sequence is fairly
> straightforward - a few nested dictionaries, but that's it. Does this
> make any sense?
>
>
> Thanks,
>
> Stan
>
--
View this message in context:
http://www.nabble.com/security-assertion-needed-for-dictionary--tf376206
1.html#a11178187
Sent from the Zope - General mailing list archive at Nabble.com.
_______________________________________________
Zope maillist - Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
------------------------------
Message: 8
Date: Mon, 18 Jun 2007 17:44:18 +0200
From: Andreas Jung <[EMAIL PROTECTED]>
Subject: Re: [Zope] RSS to HTML in Zope
To: Tom Von Lahndorff <[EMAIL PROTECTED]>, zope@zope.org
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="us-ascii"
--On 18. Juni 2007 10:41:53 -0400 Tom Von Lahndorff <[EMAIL PROTECTED]>
wrote:
> Hi, Im still struggling to get an RSS feed converted to HTML in Zope
using
>
> Universal Feed Parser
> http://www.feedparser.org/
> +
> This feedpaser setup
> http://www.zope.org/Members/johntynan/feedparser
>
> I'm able to get an RSS feed converted to what looks like a dictionary
and
> view it, however it shows up as a rendered string on the page.
Whenever I
> try to get any of the keys, no matter how, I've tried every possible
> scenario, I get an error back every time. "Blah Blah" is not
callable...,
> You care not allowed to access "blah Blah" in this context., Value 0,
> etc...
>
> I've also tried using the RSS Document in the XML Kit which ended up
> causing a runaway python method and took down Zope so I'd like to
avoid
> using it. Half the time it gives back an error message anyway.
>
I think this issue has been discussed in detail:
- something that looks like a dict must not be dict
- without security assertions you can basically only
use native Python types
- solutions/workaround: wrap your code into an external method,
write a product, use a browser view, use TrustedExecutables
or something like that.
- in addition you might play around with ModuleSecurityInfo() &
friends,
check the related APIs of the 'AccessControl' module.
-aj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url :
http://mail.zope.org/pipermail/zope/attachments/20070618/5b3511a7/attach
ment-0001.bin
------------------------------
Message: 9
Date: Mon, 18 Jun 2007 08:56:48 -0700 (PDT)
From: tomvon <[EMAIL PROTECTED]>
Subject: [Zope] RE: security assertion needed for dictionary?
To: zope@zope.org
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii
<dtml-var "repr(newsfd)"> does the same as <dtml-var newsfd>. Here's a
snippet of what it shows:
{'feed': {'subtitle': u'', 'links': [{'href':
u'http://www.modscape.com/blog', 'type': 'text/html', 'rel':
'alternate'}],
'title': u'modscape.com Home', 'subtitle_detail': {'base':
'http://www.modscape.com/blog/rss.xml', 'type': 'text/html', 'value':
u'',
'language': None}, 'title_detail': {'base':
'http://www.modscape.com/blog/rss.xml', 'type': 'text/plain', 'value':
u'modscape.com Home', 'language': None}, 'link':
u'http://www.modscape.com/blog'}, 'status': 200, 'updated': (2007, 6,
18,
15, 54, 24, 0, 169, 0), 'encoding': 'iso-8859-15', 'bozo': 0, 'href':
'http://www.modscape.com/blog/rss.xml', 'headers': {'content-length':
'18486', 'via': '1.0 px02.bc.fw.cbs.net:80 (squid)', 'x-cache': 'MISS
from
px02.bc.fw.cbs.net', 'x-powered-by': 'Zope (www.zope.org), Python
(www.python.org)', 'x-cache-lookup': 'HIT from px02.bc.fw.cbs.net:80',
'expires': 'Mon, 18 Jun 2007 16:54:24 GMT', 'server': 'Apache/2.0.52
(Red
Hat) DAV/2 SVN/1.2.3 mod_ssl/2.0.52 OpenSSL/0.9.7a PHP/5.1.2
mod_fastcgi/2.4.2', 'last-modified': 'Mon, 18 Jun 2007 15:54:24 GMT',
'connection': 'close', 'cache-control': 'max-age=3600', 'date': 'Mon, 18
Jun
2007 15:54:24 GMT', 'content-type': 'text/xml; charset=iso-8859-15'},
'version': 'rss20', 'etag': None, 'namespaces': {}, 'entries':
[{'updated':
u'Mon, Sep 04 2006, 06:23PM', 'updated_parsed': None, 'links': [{'href':
u'http://www.modscape.com/blog/index_html?showall=yes#id1157412223',
'type':
'text/html', 'rel': 'alternate'}], 'title': u'Ubuntu: Linux For Human
Beings', 'summary_detail': {'base':
'http://www.modscape.com/blog/rss.xml',
'type': 'text/html', 'value': u'ubuntu.jpg\n\nTom wrote:
Doyon, Jean-Francois-2 wrote:
>
> Forgetting plone (which I know nothing about), dictionaries definitely
> do NOT need security assertions (like lists, strings, integers and all
> basic types).
>
> Are you SURE it's a dictionary? Most likely it just LOOKS like one
when
> represented as a string.
>
> Try:
>
> <div tal:content="python:repr(myFeed)">
>
> To see exactly what it is ... It might be an instance of some object
> that has a __str__ that makes it look like a dictionary?
>
> J.F.
>
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
> tomvon
> Sent: June 18, 2007 11:36
> To: zope@zope.org
> Subject: Re: [Zope] security assertion needed for dictionary?
>
>
>
> I have the exact same problem and have been unable to find a solution
> anywhere. Were you ever able to resolve this?
>
>
> sfmcfar wrote:
>>
>> I apologize for cross-posting from the plone newsgroup. but after
>> posting this I realized that this was more of a Zope issue than a
>> Plone one. I wish I could cut-and-paste (development is on the other
>> side of a firewall), so instead I'll be as clear as I can.
>>
>> Anyway, I have a Plone product that contains a method called
>> getFeedSequence() that returns the result (a dictionary) from
>> feedparser.parse() (Feedparser is the generic RSS/Atom parser).
>>
>> In my template, I can do:
>>
>> <div tal:define="myFeed python:getFeedSequence()">
>> <div tal:content="python:myFeed">
>>
>> And see the string representation of the dictionary with no problem.
>> But if I try and access a member of the sequence:
>>
>> <div tal:define="myFeed python:getFeedSequence()">
>> <div tal:content="python:myFeed['feed']['title']">
>>
>> VerboseSecurity reports "The container has no security assertions.
>> Access to None of {[the entire RSS dictionary goes here]} denied."
>>
>> How can I have permission to access the entire sequence but not a
>> portion of it? it appears to me that the sequence is fairly
>> straightforward - a few nested dictionaries, but that's it. Does
this
>
>> make any sense?
>>
>>
>> Thanks,
>>
>> Stan
>>
>
> --
> View this message in context:
>
http://www.nabble.com/security-assertion-needed-for-dictionary--tf376206
> 1.html#a11178187
> Sent from the Zope - General mailing list archive at Nabble.com.
>
> _______________________________________________
> Zope maillist - Zope@zope.org
> http://mail.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://mail.zope.org/mailman/listinfo/zope-announce
> http://mail.zope.org/mailman/listinfo/zope-dev )
> _______________________________________________
> Zope maillist - Zope@zope.org
> http://mail.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://mail.zope.org/mailman/listinfo/zope-announce
> http://mail.zope.org/mailman/listinfo/zope-dev )
>
>
--
View this message in context:
http://www.nabble.com/security-assertion-needed-for-dictionary--tf376206
1.html#a11178584
Sent from the Zope - General mailing list archive at Nabble.com.
------------------------------
_______________________________________________
Zope maillist - Zope@zope.org
End of Zope Digest, Vol 37, Issue 16
************************************
_______________________________________________
Zope maillist - Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
