I'm having difficulty accessing zope 3 objects using xmlrpc in my application, so I've gone back into the 22auth example of Phillip von Weitershausen's excellent book and made some simple modifications to elucidate my question in a simple environment
which I describe here:

created a zope 3 instance
   created a site named wcsite
      created a folder named rfolder
         created a recipe named r1
         created a recipe named r2

configured a PAU (at the wcsite level)
"No Challenge if Authenticated"
"Session Credentials"

created a Principal Folder named users

Access using a browser works fine. If I attempt to access an object that an unauthenticated user has no access to, I'm presented with a login page and after logging in, I acquire and retain access
until I logout. That's good.

I modified Phillip's example python code worldcookery/xmlrpc/ recipe.py to authenticate using a user=u1 and password=p1 (or so I think, hence my problem). That program is shown below.

To test:
First, in a browser I log in a manager and I edit the wcsite roles and permissions to grant the Site Manager role to All Users.

then run
displayandedit.py http://sasa.local:8080/wcsite/rfolder/r1

This works fine, so I'm able to locate and access and edit the recipe data

Next, (using a browser and logged in as the site manager)
I edit the wcsite roles and permissions to UNSET the Site Manager role to All Users and
grant  the "Visitor of the WorldCookery website" role to All Users.
Further, I edit wcsite/rfolder/r1 to grant the Site Manager role to user u1 So, the user r1 can read everything on the site but can only edit wcsite/rfolder/r1

Now, I rerun displayandedit.py http://sasa.local:8080/wcsite/rfolder/r1
and get an Unauthorized error:
xmlrpclib.ProtocolError: <ProtocolError for sasa.local:8080/wcsite/ rfolder/r1: 401 Unauthorized>

It is my belief that I should be able to provide xmlrpc access to the r1 user in the recipe.py code but I can't figure out how. Can someone peruse the code below and suggest to me the appropriate technique? The edit method is the one that I modified to attempt to provide access.
Thanks in advance.

=================Sample worldcookery/xmlrpc/recipe.py==================
import time
import xmlrpclib
from zope.schema import getFields
from zope.dublincore.interfaces import IZopeDublinCore
from zope.app.publisher.xmlrpc import XMLRPCView
from zope.component import getUtility
from zope.app.security.interfaces import IAuthentication
from zope.app.authentication.interfaces import IPluggableAuthentication

from worldcookery.interfaces import IRecipe

def to_unicode(string):
    if isinstance(string, unicode):
        return string
    return string.decode('utf-8')

class RecipeView(XMLRPCView):

    def info(self):
        return dict((field, getattr(self.context, field))
                    for field in getFields(IRecipe)
                    if field not in ('__parent__', '__name__'))

    def dublincore_info(self):
        dc = IZopeDublinCore(self.context)
        info = dict((field, getattr(dc, field))
                    for field in getFields(IZopeDublinCore))
        for name in ('effective', 'created', 'expires', 'modified'):
            if info[name]:
                epochtime = time.mktime(info[name].timetuple())
                info[name] = xmlrpclib.DateTime(epochtime)
                info[name] = ''
        return info

    def edit(self, info, user, password):

        edit_return = ""
        pau = getUtility(IAuthentication)
        # make sure there is an authentication utility
        if not IPluggableAuthentication.providedBy(pau):
edit_return = "# ERROR: No Pluggable Authentication Utility instance."
            return edit_return
edit_return = "\n" + "# found a Pluggable Authentication Utility instace named " + pau.__name__
        # get the authenticator plugin and authenticate credentials
        for name, plugin in pau.getAuthenticatorPlugins():
auth_creds = plugin.authenticateCredentials({'login': user, 'password': password}) edit_return = edit_return + "\n# authenticated user:" + auth_creds.login + " title:" + auth_creds.title

        context = self.context
        context.name = to_unicode(info['name'])
        context.ingredients = \
            [to_unicode(ingr) for ingr in info['ingredients']]
        context.tools = [to_unicode(tool) for tool in info['tools']]
        context.time_to_cook = info['time_to_cook']
        context.description = to_unicode(info['description'])

edit_return = edit_return + "\n" + "# Object updated successfully"
        return edit_return

Zope3-users mailing list

Reply via email to