I appears last night i didn't test the diff... This one should work without any editing... Mithro Tim Ansell wrote: > Forgot to attach the diff.... > > Forgive me it's 4:52am here.... > > Mithro > > Tim Ansell wrote: > > > Oppps, just realised i've been replying only to myself :) > > > > Umm okay here is the diff, it is from version 2.2.4 but should apply to most > > versions.... > > I have removed all the "print" debugging and cleaned up the formatting. > > > > Could people look it over and tell me if there are any hidden problems with it? > > Is it done the right way? > > > > There seems to be a lot of repeated code between zpublisher_exception_hook and > > ZPublisher.BaseRequest, maybe you want to put the auth stuff into it's own > > function and work that way? Just an idea... > > > > Mithro > > > > > Tim Ansell wrote: > > > > > > > No further investigation i have found out that the part i really want to > > > > modify is > > > > > > > > zpublisher_exception_hook, which gets called when the error occurs > > > > > > > > Inside this functions there is a > > > > > > > > if REQUEST.get('AUTHENTICATED_USER', None) is None: > > > > REQUEST['AUTHENTICATED_USER']=AccessControl.User.nobody > > > > > > > > which seems to explain why i'm getting the anonymous user for the errors. > > > > > > > > Is there anyway to add to this function the authentication routines so that > > > > is AUTHENTICATED_USER is none it authentication is check with > > > > standard_error_message being the object checked against? > > > > > > > > Am i making any sense? > > > > > > > > I'm going to give it a go and see what happen... > > > > > > > > Mithro > > > > > > > > Tim Ansell wrote: > > > > > > > > > <newbie alert> > > > > > > > > > > Hello. > > > > > > > > > > I've been using zope for a couple of months, i have found zope to be a > > > > > great product and thank you for creating it. Currently i have run into a > > > > > problem, i need to access the AUTHENTICATED_USER in a > > > > > standard_error_message called by notFoundError in BaseRequest. > > > > > > > > > > I was wondering if the authentication routine can be added before the > > > > > authentication routine in BaseRequest? Or if this is not possible it > > > > > could be split into a function and and call it before the notFoundError > > > > > call as well? > > > > > > > > > > There are many reasons you might want to do this, i have listed some > > > > > below: > > > > > > > > > > * You want list possible urls the reader could have meant but don't want > > > > > to show let Anonymous users see possible privileged urls > > > > > > > > > > * You want to provided different error messages for different people, > > > > > i.e. a more advanced error for coders, a simple error for html writer, a > > > > > special error for normal people > > > > > > > > > > * You wanted errors to only be reported it they where caused by certain > > > > > users > > > > > > > > > > and the list could go on.... > > > > > > > > > > Mithro > > > > > > > > > > </newbie aler> > > > > > > > > > > _______________________________________________
--- ./__init__.py.original Wed Jan 10 23:13:53 2001 +++ ./__init__.py Wed Jan 10 23:45:28 2001 @@ -162,6 +162,9 @@ class RequestContainer(ExtensionClass.Base): def __init__(self,r): self.REQUEST=r +from ZPublisher.BaseRequest import old_validation +UNSPECIFIED_ROLES='' + def zpublisher_exception_hook( published, REQUEST, t, v, traceback, # static @@ -208,11 +211,79 @@ break client=published + + auth=REQUEST._auth + + user=groups=None + + while 1: + if REQUEST.get('AUTHENTICATED_USER', None) is None: + # Do authentication here.... + r = getattr(client, '__roles__', UNSPECIFIED_ROLES) + if r is not UNSPECIFIED_ROLES: + roles = r + elif not got: + roles = getattr(client, entry_name+'__roles__', roles) + + if roles: + if hasattr(client, '__allow_groups__'): + groups=client.__allow_groups__ + + if hasattr(groups, 'validate'): v=groups.validate + else: v=old_validation + + if v is old_validation and roles is UNSPECIFIED_ROLES: + print "Validation and UNSEPCIFIED_ROLES is okay" + # No roles, so if we have a named group, get roles from + # group keys + if hasattr(groups,'keys'): roles=groups.keys() + else: + try: groups=groups() + except: pass + try: roles=groups.keys() + except: pass + + if groups is None: + # Public group, hack structures to get it to +validate + roles=None + auth='' + + if v is old_validation: + user=old_validation(groups, request, auth, roles) + elif roles is UNSPECIFIED_ROLES: user=v(request, auth) + else: user=v(REQUEST, auth, roles) + + if hasattr(client, '__allow_groups__') and user == None: + groups=client.__allow_groups__ + if hasattr(groups,'validate'): + v=groups.validate + else: + v=old_validation + if v is old_validation: + user=old_validation(groups, REQUEST, auth, +roles) + elif roles is UNSPECIFIED_ROLES: + user=v(REQUEST, auth) + else: + user=v(REQUEST, auth, roles) + + if user is not None: + REQUEST['AUTHENTICATED_USER']=user + + try: + client=getattr(client, 'aq_parent', None) + if client is None: raise + except: + break + while 1: if getattr(client, 'standard_error_message', None) is not None: break - client=getattr(client, 'aq_parent', None) - if client is None: raise + try: + client=getattr(client, 'aq_parent', None) + if client is None: raise + except: + break + if REQUEST.get('AUTHENTICATED_USER', None) is None: REQUEST['AUTHENTICATED_USER']=AccessControl.User.nobody