Hi Folks,

        I don't know if anyone out there is actually trying to
*use* my ZCVSMixin/ZCVS Folder stuff, but if you are you certainly
want to get the latest release, ZCVSMixin-0.1.1.tgz from
the zope.org site:


I put some screenshots up there so you can
see what it looks like at:


I've also found it useful for managing Python products and other
software through the web! I have had a couple of minor 'breakthrough's
that *seem* cool, but I might just be fooling myself. If an object is
not folderish I guess that it's 'simple' so I export it as XML with
the following code:

def doExport( conn, oid, file=None):
    if file is None: file=TemporaryFile()
    elif type(file) is StringType: file=open(file,'w+b')
    write('<?xml version="1.0"?>\012<ZopeData>\012')
    while oids:
        del oids[0]
        if done(oid): continue
        try: p, serial = load(oid, version)
        except: pass # Ick, a broken reference
            ref(p, oids)
        counter = counter + 1
    return file

def buildOID( value ):
    return '\000\000\000\000' + struct.pack('!l', value)
This way the XML always starts with '0' as a base oid. I experimented
a little and the xmlimport stuff doesn't seem to use the 'oid' unless
an object is 'complex' (i.e., self references etc... ). Anyway this
has the happy effect of making the xml for a simple object the same
every time it is exported so diff's make sense etc...

If objects are 'folderish' or 'complex' (and the user is permitted to
dictate this when objects are added to CVS), they are exported as
'zexp' files and cvs adds them as 'binary'. I was having trouble with
certain kinds of object's xml representation.  I decided that this was
really an xml implementation problem, since I couldn't reliably export
these as xml through the normal Zope export mechanism either. Anyway..
let me know what you think if you are using this stuff!

Finally I'm aware that there are also security issues with the way
this works now. I need to look at all the things a user might need to
do and eliminate some of the 'type in' arguments that are in the
product now. These arguments wind up on 'os.system' calls, and could
be abused by a ill-meaning user (with access to the CVS Admin page!)
Any thoughts there?


Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope )

Reply via email to