Sorry the gmail response send only to the original poster not to the list (sorry Andreas) The original post:
The question then (sorry): I have a product called Yanged This product has overrided: __bobo_traverse__ who returns some objects and sometime a wrapper object with the HTML code to the browser __call__ who returns the HTML code to __bobo_traverse__ or if you call the object itself index_html who returns __call__ A TALES evaluator to evaluate some TALES expresion out of page templates All works ok except when I try to delete some objects. When I try to launch the delete method I raises an authorized error and ask for new login and password I try with my user who is manager and owner but logon doesn't work and raises the same error If I look the error log I could see this error: Traceback (innermost last): Module ZPublisher.Publish , line 106, in publish Module ZPublisher.BaseRequest, line 323, in traverse Module Products.Yanged.Yanged, line 61, in __bobo_traverse__ Module Products.Yanged.Yanged, line 141, in __call__ Module Products.Yanged.Yanged , line 170, in Ejecutar Module Products.Yanged.Yanged, line 125, in __call__ Module Products.Yanged.Yanged, line 170, in Ejecutar Module Shared.DC.Scripts.Bindings, line 311, in __call__ Module Shared.DC.Scripts.Bindings , line 348, in _bindAndExec Module Products.PythonScripts.PythonScript, line 325, in _exec Module None, line 2, in BorrarFuncionalidad - <PythonScript at /sistes.net/clientes/escobarsl.com/Comandos/BorrarFuncionalidad used for /sistes.net/clientes/escobarsl.com/Pagina/Borrar/BorrarCaso> - Line 2 Module AccessControl.ImplPython, line 729, in guarded_getattr Module AccessControl.ImplPython, line 671, in aq_validate Module AccessControl.ImplPython, line 565, in validate Module AccessControl.ImplPython , line 463, in validate Module AccessControl.ImplPython, line 810, in raiseVerbose Unauthorized: Your user account does not have the required permission. Access to 'manage_delObjects' of (Yanged at /sistes.net/clientes/escobarsl.com/Pagina/Funcionalidades) denied. Your user account, Anonymous User, exists at (unknown). Access requires one of the following roles: ['Manager']. Your roles in this context are ['Anonymous']. If I try to delete the object the error is raised but if immediately I try to create another object works ok This are the code about BorrarFuncionalidad (the code who raises the error) and CrearFuncionalidad (the code that works ok). Both are Python Scripts: BorrarFuncinalidad carpeta = getattr(context.Singular(), 'Funcionalidades') carpeta.manage_delObjects(args['path']) return args CrearFuncionalidad carpeta = getattr(context.Singular (), 'Funcionalidades') Id = context.Dame(context.Id) args['caso'] = carpeta.manage_addProduct['Yanged'].CrearYanged(Id) return args Both scripts are launched in the same way (the Ejecutar method you could see at the traceback above) I try to track the user from the __bobo_traverse__ to the __call__ and seems the user credentials are lost when I call CrearFuncionalidad (in the whole call) Can you point me some clues to solve this problem? Thanks! 2007/3/12, Dennis Allison <[EMAIL PROTECTED]>:
I did not catch the original post and so don't know any of the details, but it sounds like a problem with the logging system, not a loss of credentials. We had long ago and resolved with the list's help. This patch is still in use with Zope 2.9.X. You need to patch ../lib/python/ZServer/medusa/http_server.py --- ./v0.0/http_server.py 2004-12-25 22:39:31.000000000 -0800 +++ ./v0.1/http_server.py 2004-12-25 22:39:31.000000000 -0800 @@ -36,6 +36,9 @@ from counter import counter from urllib import unquote +# Paul's Patch (a shameful thing) to make names register properly +from ZPublisher.HTTPRequest import parse_cookie + # =========================================================================== # Request Object # =========================================================================== @@ -277,6 +280,7 @@ auth=self.get_header('Authorization') name='Anonymous' + if auth is not None: if string.lower(auth[:6]) == 'basic ': try: decoded=base64.decodestring(auth[6:]) @@ -286,10 +290,35 @@ name = 'Unknown (bad auth string)' else: name = t[0] + else: + # start of patch + try: + auth_cookie_name='__ac' + cookie= None + try: + cookies = {} + header_value = self.get_header("Cookie") + if header_value: + parse_cookie(header_value, cookies) + cookie = cookies.get(auth_cookie_name, None) + except: + name = 'Anonymous' + + if cookie is not None: + cookie = unquote(cookie) + try: + cookie = base64.decodestring(cookie) + name, password = tuple( cookie.split(':',1)) + except: name= "Unknown (bad auth cookie)" + except: + name = "Failure!" + # end of patch + # log the host domain too self.channel.server.logger.log ( self.channel.addr[0], - '- %s [%s] "%s" %d %d "%s" "%s"\n' % ( + '%s %s [%s] "%s" %d %d "%s" "%s"\n' % ( + self.get_header('Host'), name, self.log_date_string (time.time()), self.request, Hope this helps. On Mon, 12 Mar 2007, Garito wrote: > Could any charitable soul take pity on this poor sinner, please...? > > 2007/3/12, Garito <[EMAIL PROTECTED]>: > > > > Hi Andreas! > > What kind of information do you need? > > On my last messages to the list I send the tracebacks and some other > > information (need to resend them?) > > > > Could you point me what details do you need? > > > > Thank you so much for you interest! > > > > 2007/3/12, Andreas Jung <[EMAIL PROTECTED]>: > > > > > > > > > > > > --On 12. März 2007 04:04:31 +0100 Garito <[EMAIL PROTECTED]> wrote: > > > > > > > Hi all! > > > > Some days ago I send to the list a question about a problem losting > > > user > > > > credentials > > > > > > > > In my code I don't use nothing about security and nothing is changed > > > on > > > > zmi's security tab > > > > > > > > But when I launch a method (Borrar if you remember) the user who > > > launches > > > > the action is anonymous not the logged one > > > > > > Somewhat hard to believe without a detailed description.... > > > > > > -aj > > > > > > > > > > > -- > > Mis Cosas: http://blogs.sistes.net/Garito > > > > > > --
-- Mis Cosas: http://blogs.sistes.net/Garito
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )