-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Monday, June 18, 2007 12:00 PM To: zope@zope.org Subject: Zope Digest, Vol 37, Issue 16
Send Zope mailing list submissions to zope@zope.org To subscribe or unsubscribe via the World Wide Web, visit http://mail.zope.org/mailman/listinfo/zope or, via email, send a message with subject or body 'help' to [EMAIL PROTECTED] You can reach the person managing the list at [EMAIL PROTECTED] When replying, please edit your Subject line so it is more specific than "Re: Contents of Zope digest..." Today's Topics: 1. Re: Auto Cataloging my ZCatalog (kamal hamzat) 2. Re: zope stopped working suddenly (Mohammed Tlais) 3. Re: zope stopped working suddenly (Maciej Wisniowski) 4. Re: Auto Cataloging my ZCatalog (Jonathan) 5. RSS to HTML in Zope (Tom Von Lahndorff) 6. Re: security assertion needed for dictionary? (tomvon) 7. RE: security assertion needed for dictionary? (Doyon, Jean-Francois) 8. Re: RSS to HTML in Zope (Andreas Jung) 9. RE: security assertion needed for dictionary? (tomvon) ---------------------------------------------------------------------- Message: 1 Date: Sun, 17 Jun 2007 18:01:28 +0100 From: "kamal hamzat" <[EMAIL PROTECTED]> Subject: Re: [Zope] Auto Cataloging my ZCatalog To: "Jonathan" <[EMAIL PROTECTED]>, <zope@zope.org> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=response ----- Original Message ----- From: "Jonathan" <[EMAIL PROTECTED]> To: "kamal hamzat" <[EMAIL PROTECTED]>; <zope@zope.org> Sent: Friday, June 15, 2007 5:58 PM Subject: Re: [Zope] Auto Cataloging my ZCatalog > > ----- Original Message ----- > From: "kamal hamzat" <[EMAIL PROTECTED]> > To: <zope@zope.org> > Sent: Friday, June 15, 2007 12:51 PM > Subject: [Zope] Auto Cataloging my ZCatalog > > > Hello, > > I have a ZCatalog that my users use to catalog there news articles which > are (DTML Documents). I have already explained it to them to always input > the id for the new DTML Documents under "with ids" section on the Find > Objects tab on the ZMI to catalog new articles. But most time they will > not and they end up cataloging the entire articles which runs to 13,000 > records. > > What i want is either to be able to display error when the "with ids" is > missing on Find Objects form or to be able to automate it. For example use > a python code. I am new to python but very eager to learn. >> > > One possible approach: > > - I would not allow end-users access to the ZMI. > > - Have users interact with the application through a menu driven interface > > - Use a series of forms to collect data, then use python scripts/external > methods to create/store objects (eg. your DTML Documents) and update the > ZCatalog(s). > This sound interesting, but i do not have an idea of how to use python/ external method to create/store objects. I will appreciate if you can point me to links or articles that have treated something similar. Thanks kamal ------------------------------ Message: 2 Date: Mon, 18 Jun 2007 08:18:22 +0300 From: "Mohammed Tlais" <[EMAIL PROTECTED]> Subject: Re: [Zope] zope stopped working suddenly To: "Maciej Wisniowski" <[EMAIL PROTECTED]> Cc: zope@zope.org Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="iso-8859-1" On 6/15/07, Maciej Wisniowski <[EMAIL PROTECTED]> wrote: > > > File "/opt/Zope-2.10/lib/python/Zope2/Startup/__init__.py", line > > 234, in dropPrivileges > > return dropPrivileges(self.cfg) > > File "/opt/Zope-2.10/lib/python/Zope2/Startup/__init__.py", line > > 403, in dropPrivileges > > raise ZConfig.ConfigurationError(msg) > > ZConfig.ConfigurationError: A user was not specified to setuid to; fix > > this to start as root (change the effective-user directive in zope.conf) > > /** END **/ > You have answer above. To run as root you have > to change effective-user at zope.conf file I tried to change effective-user from the zope.conf.in file and saved it as zope.conf, I used the command effective-user tleis , as stated in the example of that file, but no thing changed. if anyone knows why please tell me (just curousity) > > > > When everything was ok in the past I was able to run zope through > > ./zopectl start (as a root) > > but now the stop command displays that the daemon manager is not open. > Strange that it worked. In general I think you shouldn't > run zope as root. > > -- > Maciej Wisniowski I created a new user as Maciej said, and there i tried to create an instance, but I got a denied permission message. What I did finally is that I deleted the folders in both /tmp/zope and /opt/Zope-2.10 folders, and installed Zope Again and everything is working fine right now! but i still want to understand why this happened to me? Thanks for you -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.zope.org/pipermail/zope/attachments/20070618/c3d24bcc/attach ment-0001.htm ------------------------------ Message: 3 Date: Mon, 18 Jun 2007 11:32:04 +0200 From: Maciej Wisniowski <[EMAIL PROTECTED]> Subject: Re: [Zope] zope stopped working suddenly To: Mohammed Tlais <[EMAIL PROTECTED]> Cc: zope@zope.org Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=ISO-8859-1 > I tried to change effective-user from the zope.conf.in > <http://zope.conf.in> file and saved it as zope.conf, I used the command > > effective-user tleis , as stated in the example of that file, but no > thing changed. if anyone knows why please tell me (just curousity) Maybe user tleis had no permissions to folders you've created as root. > I created a new user as Maciej said, and there i tried to create an > instance, but I got a denied permission message. If you tried to override existing instance created by root then it is correct behaviour I think. > What I did finally is that I deleted the folders in both /tmp/zope and > /opt/Zope-2.10 folders, and installed Zope Again and everything is > working fine right :) -- Maciej Wisniowski ------------------------------ Message: 4 Date: Mon, 18 Jun 2007 07:31:55 -0400 From: "Jonathan" <[EMAIL PROTECTED]> Subject: Re: [Zope] Auto Cataloging my ZCatalog To: "kamal hamzat" <[EMAIL PROTECTED]>, <zope@zope.org> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=response >> ----- Original Message ----- >> From: "kamal hamzat" <[EMAIL PROTECTED]> >> To: <zope@zope.org> >> Sent: Friday, June 15, 2007 12:51 PM >> Subject: [Zope] Auto Cataloging my ZCatalog >> >> >> Hello, >> >> I have a ZCatalog that my users use to catalog there news articles which >> are (DTML Documents). I have already explained it to them to always input >> the id for the new DTML Documents under "with ids" section on the Find >> Objects tab on the ZMI to catalog new articles. But most time they will >> not and they end up cataloging the entire articles which runs to 13,000 >> records. >> >> What i want is either to be able to display error when the "with ids" is >> missing on Find Objects form or to be able to automate it. For example >> use a python code. I am new to python but very eager to learn. >>> >> >> One possible approach: >> >> - I would not allow end-users access to the ZMI. >> >> - Have users interact with the application through a menu driven >> interface >> >> - Use a series of forms to collect data, then use python scripts/external >> methods to create/store objects (eg. your DTML Documents) and update the >> ZCatalog(s). >> > > This sound interesting, but i do not have an idea of how to use python/ > external method to create/store objects. > I will appreciate if you can point me to links or articles that have > treated something similar. You should read the ZopeBook chapters on scripting: http://plope.com/Books/2_7Edition/view If you can make do with existing Zope object types (eg. DTML Documents, etc) then you can develop your application without having to create your own Zope Product, which means that DTML, ZPT and scripts will give you everything you need. If you have to define your own object types (classes) then you will need to create your own Zope Product. Here are some links to product examples: http://www.zope.org/Members/gtk/Boring http://www.devshed.com/c/a/Zope/Creating-Zope-Products/ There is another way to create Zope classes called ZClasses (they are mentioned in the ZopeBook), but I would not recommend using them for a long-term applications as they are officially deprecated as of Zope 2.10. However, for 'quick & dirty' prototyping or for applications that have a limited lifetime they may be useful. hth Jonathan http://www.zope.org/Members/gtk/Boring ------------------------------ Message: 5 Date: Mon, 18 Jun 2007 10:41:53 -0400 From: Tom Von Lahndorff <[EMAIL PROTECTED]> Subject: [Zope] RSS to HTML in Zope To: zope@zope.org Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Hi, Im still struggling to get an RSS feed converted to HTML in Zope using Universal Feed Parser http://www.feedparser.org/ + This feedpaser setup http://www.zope.org/Members/johntynan/feedparser I'm able to get an RSS feed converted to what looks like a dictionary and view it, however it shows up as a rendered string on the page. Whenever I try to get any of the keys, no matter how, I've tried every possible scenario, I get an error back every time. "Blah Blah" is not callable..., You care not allowed to access "blah Blah" in this context., Value 0, etc... I've also tried using the RSS Document in the XML Kit which ended up causing a runaway python method and took down Zope so I'd like to avoid using it. Half the time it gives back an error message anyway. If anyone has a relatively easy way to convert an RSS feed to HTML in Zope I would greatly appreciate any feedback on how to set this up. Thanks in advance. ------------------------------ Message: 6 Date: Mon, 18 Jun 2007 08:36:06 -0700 (PDT) From: tomvon <[EMAIL PROTECTED]> Subject: Re: [Zope] security assertion needed for dictionary? To: zope@zope.org Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=us-ascii I have the exact same problem and have been unable to find a solution anywhere. Were you ever able to resolve this? sfmcfar wrote: > > I apologize for cross-posting from the plone newsgroup. but after posting > this I realized that this was more of a Zope issue than a Plone one. I > wish I could cut-and-paste (development is on the other side of a > firewall), so instead I'll be as clear as I can. > > Anyway, I have a Plone product that contains a method called > getFeedSequence() that returns the result (a dictionary) from > feedparser.parse() (Feedparser is the generic RSS/Atom parser). > > In my template, I can do: > > <div tal:define="myFeed python:getFeedSequence()"> > <div tal:content="python:myFeed"> > > And see the string representation of the dictionary with no problem. But > if > I try and access a member of the sequence: > > <div tal:define="myFeed python:getFeedSequence()"> > <div tal:content="python:myFeed['feed']['title']"> > > VerboseSecurity reports "The container has no security assertions. > Access to None of {[the entire RSS dictionary goes here]} denied." > > How can I have permission to access the entire sequence but not a > portion of it? it appears to me that the sequence is fairly > straightforward - a few nested dictionaries, but that's it. Does this > make any sense? > > > Thanks, > > Stan > -- View this message in context: http://www.nabble.com/security-assertion-needed-for-dictionary--tf376206 1.html#a11178187 Sent from the Zope - General mailing list archive at Nabble.com. ------------------------------ Message: 7 Date: Mon, 18 Jun 2007 11:43:00 -0400 From: "Doyon, Jean-Francois" <[EMAIL PROTECTED]> Subject: RE: [Zope] security assertion needed for dictionary? To: "tomvon" <[EMAIL PROTECTED]>, <zope@zope.org> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="us-ascii" Forgetting plone (which I know nothing about), dictionaries definitely do NOT need security assertions (like lists, strings, integers and all basic types). Are you SURE it's a dictionary? Most likely it just LOOKS like one when represented as a string. Try: <div tal:content="python:repr(myFeed)"> To see exactly what it is ... It might be an instance of some object that has a __str__ that makes it look like a dictionary? J.F. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of tomvon Sent: June 18, 2007 11:36 To: zope@zope.org Subject: Re: [Zope] security assertion needed for dictionary? I have the exact same problem and have been unable to find a solution anywhere. Were you ever able to resolve this? sfmcfar wrote: > > I apologize for cross-posting from the plone newsgroup. but after > posting this I realized that this was more of a Zope issue than a > Plone one. I wish I could cut-and-paste (development is on the other > side of a firewall), so instead I'll be as clear as I can. > > Anyway, I have a Plone product that contains a method called > getFeedSequence() that returns the result (a dictionary) from > feedparser.parse() (Feedparser is the generic RSS/Atom parser). > > In my template, I can do: > > <div tal:define="myFeed python:getFeedSequence()"> > <div tal:content="python:myFeed"> > > And see the string representation of the dictionary with no problem. > But if I try and access a member of the sequence: > > <div tal:define="myFeed python:getFeedSequence()"> > <div tal:content="python:myFeed['feed']['title']"> > > VerboseSecurity reports "The container has no security assertions. > Access to None of {[the entire RSS dictionary goes here]} denied." > > How can I have permission to access the entire sequence but not a > portion of it? it appears to me that the sequence is fairly > straightforward - a few nested dictionaries, but that's it. Does this > make any sense? > > > Thanks, > > Stan > -- View this message in context: http://www.nabble.com/security-assertion-needed-for-dictionary--tf376206 1.html#a11178187 Sent from the Zope - General mailing list archive at Nabble.com. _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev ) ------------------------------ Message: 8 Date: Mon, 18 Jun 2007 17:44:18 +0200 From: Andreas Jung <[EMAIL PROTECTED]> Subject: Re: [Zope] RSS to HTML in Zope To: Tom Von Lahndorff <[EMAIL PROTECTED]>, zope@zope.org Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="us-ascii" --On 18. Juni 2007 10:41:53 -0400 Tom Von Lahndorff <[EMAIL PROTECTED]> wrote: > Hi, Im still struggling to get an RSS feed converted to HTML in Zope using > > Universal Feed Parser > http://www.feedparser.org/ > + > This feedpaser setup > http://www.zope.org/Members/johntynan/feedparser > > I'm able to get an RSS feed converted to what looks like a dictionary and > view it, however it shows up as a rendered string on the page. Whenever I > try to get any of the keys, no matter how, I've tried every possible > scenario, I get an error back every time. "Blah Blah" is not callable..., > You care not allowed to access "blah Blah" in this context., Value 0, > etc... > > I've also tried using the RSS Document in the XML Kit which ended up > causing a runaway python method and took down Zope so I'd like to avoid > using it. Half the time it gives back an error message anyway. > I think this issue has been discussed in detail: - something that looks like a dict must not be dict - without security assertions you can basically only use native Python types - solutions/workaround: wrap your code into an external method, write a product, use a browser view, use TrustedExecutables or something like that. - in addition you might play around with ModuleSecurityInfo() & friends, check the related APIs of the 'AccessControl' module. -aj -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 186 bytes Desc: not available Url : http://mail.zope.org/pipermail/zope/attachments/20070618/5b3511a7/attach ment-0001.bin ------------------------------ Message: 9 Date: Mon, 18 Jun 2007 08:56:48 -0700 (PDT) From: tomvon <[EMAIL PROTECTED]> Subject: [Zope] RE: security assertion needed for dictionary? To: zope@zope.org Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=us-ascii <dtml-var "repr(newsfd)"> does the same as <dtml-var newsfd>. Here's a snippet of what it shows: {'feed': {'subtitle': u'', 'links': [{'href': u'http://www.modscape.com/blog', 'type': 'text/html', 'rel': 'alternate'}], 'title': u'modscape.com Home', 'subtitle_detail': {'base': 'http://www.modscape.com/blog/rss.xml', 'type': 'text/html', 'value': u'', 'language': None}, 'title_detail': {'base': 'http://www.modscape.com/blog/rss.xml', 'type': 'text/plain', 'value': u'modscape.com Home', 'language': None}, 'link': u'http://www.modscape.com/blog'}, 'status': 200, 'updated': (2007, 6, 18, 15, 54, 24, 0, 169, 0), 'encoding': 'iso-8859-15', 'bozo': 0, 'href': 'http://www.modscape.com/blog/rss.xml', 'headers': {'content-length': '18486', 'via': '1.0 px02.bc.fw.cbs.net:80 (squid)', 'x-cache': 'MISS from px02.bc.fw.cbs.net', 'x-powered-by': 'Zope (www.zope.org), Python (www.python.org)', 'x-cache-lookup': 'HIT from px02.bc.fw.cbs.net:80', 'expires': 'Mon, 18 Jun 2007 16:54:24 GMT', 'server': 'Apache/2.0.52 (Red Hat) DAV/2 SVN/1.2.3 mod_ssl/2.0.52 OpenSSL/0.9.7a PHP/5.1.2 mod_fastcgi/2.4.2', 'last-modified': 'Mon, 18 Jun 2007 15:54:24 GMT', 'connection': 'close', 'cache-control': 'max-age=3600', 'date': 'Mon, 18 Jun 2007 15:54:24 GMT', 'content-type': 'text/xml; charset=iso-8859-15'}, 'version': 'rss20', 'etag': None, 'namespaces': {}, 'entries': [{'updated': u'Mon, Sep 04 2006, 06:23PM', 'updated_parsed': None, 'links': [{'href': u'http://www.modscape.com/blog/index_html?showall=yes#id1157412223', 'type': 'text/html', 'rel': 'alternate'}], 'title': u'Ubuntu: Linux For Human Beings', 'summary_detail': {'base': 'http://www.modscape.com/blog/rss.xml', 'type': 'text/html', 'value': u'ubuntu.jpg\n\nTom wrote: Doyon, Jean-Francois-2 wrote: > > Forgetting plone (which I know nothing about), dictionaries definitely > do NOT need security assertions (like lists, strings, integers and all > basic types). > > Are you SURE it's a dictionary? Most likely it just LOOKS like one when > represented as a string. > > Try: > > <div tal:content="python:repr(myFeed)"> > > To see exactly what it is ... It might be an instance of some object > that has a __str__ that makes it look like a dictionary? > > J.F. > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > tomvon > Sent: June 18, 2007 11:36 > To: zope@zope.org > Subject: Re: [Zope] security assertion needed for dictionary? > > > > I have the exact same problem and have been unable to find a solution > anywhere. Were you ever able to resolve this? > > > sfmcfar wrote: >> >> I apologize for cross-posting from the plone newsgroup. but after >> posting this I realized that this was more of a Zope issue than a >> Plone one. I wish I could cut-and-paste (development is on the other >> side of a firewall), so instead I'll be as clear as I can. >> >> Anyway, I have a Plone product that contains a method called >> getFeedSequence() that returns the result (a dictionary) from >> feedparser.parse() (Feedparser is the generic RSS/Atom parser). >> >> In my template, I can do: >> >> <div tal:define="myFeed python:getFeedSequence()"> >> <div tal:content="python:myFeed"> >> >> And see the string representation of the dictionary with no problem. >> But if I try and access a member of the sequence: >> >> <div tal:define="myFeed python:getFeedSequence()"> >> <div tal:content="python:myFeed['feed']['title']"> >> >> VerboseSecurity reports "The container has no security assertions. >> Access to None of {[the entire RSS dictionary goes here]} denied." >> >> How can I have permission to access the entire sequence but not a >> portion of it? it appears to me that the sequence is fairly >> straightforward - a few nested dictionaries, but that's it. Does this > >> make any sense? >> >> >> Thanks, >> >> Stan >> > > -- > View this message in context: > http://www.nabble.com/security-assertion-needed-for-dictionary--tf376206 > 1.html#a11178187 > Sent from the Zope - General mailing list archive at Nabble.com. > > _______________________________________________ > Zope maillist - Zope@zope.org > http://mail.zope.org/mailman/listinfo/zope > ** No cross posts or HTML encoding! ** > (Related lists - > http://mail.zope.org/mailman/listinfo/zope-announce > http://mail.zope.org/mailman/listinfo/zope-dev ) > _______________________________________________ > Zope maillist - Zope@zope.org > http://mail.zope.org/mailman/listinfo/zope > ** No cross posts or HTML encoding! ** > (Related lists - > http://mail.zope.org/mailman/listinfo/zope-announce > http://mail.zope.org/mailman/listinfo/zope-dev ) > > -- View this message in context: http://www.nabble.com/security-assertion-needed-for-dictionary--tf376206 1.html#a11178584 Sent from the Zope - General mailing list archive at Nabble.com. ------------------------------ _______________________________________________ Zope maillist - Zope@zope.org End of Zope Digest, Vol 37, Issue 16 ************************************ _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )