Re: [Zope-dev] security.declareProtected doesn't always work?
Dieter Maurer wrote:
[snip]
Now replace the line security.declarePublic('getTitle') with something like
security.declareProtected('View', 'getTitle'), and suddenly nobody is
allowed to call getTitle() on a Book object anymore.
You must acquistion wrap your book objects. Otherwise, Zope's
security code is unable to find the permission-role mapping.
Try:
return books.__of__(self)
Aah, of course, makes sense. They should put this in the developer's guide!
The thing that tripped me up is that it works at all for declarePublic. :)
Thanks,
Martijn
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] security.declareProtected doesn't always work?
Aah, of course, makes sense. They should put this in the developer's guide! The thing that tripped me up is that it works at all for declarePublic. :) Martijn, I can put it in the developer's guide.. maybe the next time you're through there, you can add a comment with the issue and we can fold it in during the next editing cycle? -- Chris McDonoughZope Corporation http://www.zope.org http://www.zope.com Killing hundreds of birds with thousands of stones ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] File/stream like Pdata class in Zope?
Hi, I want to transmit the data of a (probably large) Pdata object (Zope module OSF/Image) over a TCP/IP socket using sock.send(). Is there a stream-like wrapper class for Pdata in Zope? Any thoughts? Niels ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] File/stream like Pdata class in Zope?
I think you're going to need to roll your own here... I know of no wrapper class for pdata that makes it appear to be streamlike... Sorry, - C - Original Message - From: Niels Mache [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Friday, January 04, 2002 11:41 AM Subject: [Zope-dev] File/stream like Pdata class in Zope? Hi, I want to transmit the data of a (probably large) Pdata object (Zope module OSF/Image) over a TCP/IP socket using sock.send(). Is there a stream-like wrapper class for Pdata in Zope? Any thoughts? Niels ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope ) ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] LDAP on Zope 2.5.0b2
Hi, Has anybody successfully installed LDAPUserFolder on Zope2.5.0b2 (on Linux). When I compile python-ldap module and install it alongwith LDAPUserFolder, it shows as a installed product in the Zope management screen, but when I try to connect to the LDAP server (openldap 2.0.18) also running on the same machine, it says 'connection settings not ok...'. Interestingly, when I install LDAPUserFolder on Zope 2.4.3 running on a WinNT 4.1 workstation and use the same connection settings, it connects successfully and I'm able to query the LDAP database. Any ideas why..?? ~Peeyush.
Re: [Zope-dev] LDAP on Zope 2.5.0b2
i have it running on 2.5beta3 without a problem. try upgrading your zope. jens On Friday, January 4, 2002, at 02:29 , Peeyush Garg wrote: Hi, Has anybody successfully installed LDAPUserFolder on Zope2.5.0b2 (on Linux). When I compile python-ldap module and install it alongwith LDAPUserFolder, it shows as a installed product in the Zope management screen, but when I try to connect to the LDAP server (openldap 2.0.18) also running on the same machine, it says 'connection settings not ok...'. Interestingly, when I install LDAPUserFolder on Zope 2.4.3 running on a WinNT 4.1 workstation and use the same connection settings, it connects successfully and I'm able to query the LDAP database. Any ideas why..?? ~Peeyush. ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] security.declareProtected doesn't always work?
Martijn Faassen writes:
Dieter Maurer wrote:
[snip]
Now replace the line security.declarePublic('getTitle') with something like
security.declareProtected('View', 'getTitle'), and suddenly nobody is
allowed to call getTitle() on a Book object anymore.
You must acquistion wrap your book objects. Otherwise, Zope's
security code is unable to find the permission-role mapping.
Try:
return books.__of__(self)
Aah, of course, makes sense. They should put this in the developer's guide!
The thing that tripped me up is that it works at all for declarePublic. :)
The basic security mechanism uses the attribute m__roles__ in order
to protect m. If this attribute it None, then m is public.
Otherwise, it is expected to be a sequence of roles that are allowed
to use m.
But, ExtensionsClass brings with it computed attributes. This allows
m__roles__ to be not a sequence but a method returning a sequence.
When you protect m with a permission p, then
m__roles__ is set to PermissionRole(p). This instance dynamically
evaluates into a sequence of roles by crawling up the aq_container
(which is correctly aq_parent after aq_inner) chain and translating
p into roles by interpreting the permission-to-role mapping
it finds on its way to the application object.
Therefore, declarePublic works for non-wrapped instances while
declareProtected requires the wrapping.
Dieter
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] security.declareProtected doesn't always work?
The basic security mechanism uses the attribute m__roles__ in order to protect m. If this attribute it None, then m is public. Otherwise, it is expected to be a sequence of roles that are allowed to use m. But, ExtensionsClass brings with it computed attributes. This allows m__roles__ to be not a sequence but a method returning a sequence. When you protect m with a permission p, then m__roles__ is set to PermissionRole(p). This instance dynamically evaluates into a sequence of roles by crawling up the aq_container (which is correctly aq_parent after aq_inner) chain and translating p into roles by interpreting the permission-to-role mapping it finds on its way to the application object. Therefore, declarePublic works for non-wrapped instances while declareProtected requires the wrapping. Dieter Very well put, Dieter -- both as an explanation of the problem at hand, as well as a general description of one of the more esoteric regions of Zope. I think it belongs in a document somewhere. Thanks. I knew I read these email lists for a reason. Ziniti ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] security.declareProtected doesn't always work?
I have added this nugget of knowledge as a comment to the ZDG. John Ziniti wrote: The basic security mechanism uses the attribute m__roles__ in order to protect m. If this attribute it None, then m is public. Otherwise, it is expected to be a sequence of roles that are allowed to use m. But, ExtensionsClass brings with it computed attributes. This allows m__roles__ to be not a sequence but a method returning a sequence. When you protect m with a permission p, then m__roles__ is set to PermissionRole(p). This instance dynamically evaluates into a sequence of roles by crawling up the aq_container (which is correctly aq_parent after aq_inner) chain and translating p into roles by interpreting the permission-to-role mapping it finds on its way to the application object. Therefore, declarePublic works for non-wrapped instances while declareProtected requires the wrapping. Dieter Very well put, Dieter -- both as an explanation of the problem at hand, as well as a general description of one of the more esoteric regions of Zope. I think it belongs in a document somewhere. Thanks. I knew I read these email lists for a reason. Ziniti ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope ) ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] FreeBSD, Zope, and Python 2.1
For what it's worth: Today I helped Jens track down a problem under FreeBSD where Zope was crashing rendering a page which rendered successfully on other systems. It turns out that the default stack size for a thread under FreeBSD is 64K, and that's not enough stack space to render this particular page of his (a Tracker page) -- most likely due to changes with how the RestrictedPython compiler is used/invoked by DTML processing, since this represents a big change from Zope 2.3. The solution we used was modifying Python/thread_pthread.h and the PyThread_start_new_thread function; specifically, instead of using a (pthread_attr_t *) NULL, we made a new attribute instead: pthread_attr_t pta; pthread_attr_init(pta); pthread_attr_setstacksize(pta, (117)); and using pta in the thread creation function rather than NULL. Recompiling Python 2.1 with changes gives it a 128K stack per thread, which seemed sufficient to render the Tracker page in question. Does anyone know of a better way to tune thread stack sizes on FreeBSD? ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] LDAP on Zope 2.5.0b2
Hi Jens, I get the same error message with installation of 2.5.0b3. Do you have the latest files checked out for python-ldap module? Any other clues? I've tried several combinations and not any luck yet. ~Peeyush. - Original Message - From: Jens Vagelpohl [EMAIL PROTECTED] To: Peeyush Garg [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Friday, January 04, 2002 12:30 PM Subject: Re: [Zope-dev] LDAP on Zope 2.5.0b2 i have it running on 2.5beta3 without a problem. try upgrading your zope. jens On Friday, January 4, 2002, at 02:29 , Peeyush Garg wrote: Hi, Has anybody successfully installed LDAPUserFolder on Zope2.5.0b2 (on Linux). When I compile python-ldap module and install it alongwith LDAPUserFolder, it shows as a installed product in the Zope management screen, but when I try to connect to the LDAP server (openldap 2.0.18) also running on the same machine, it says 'connection settings not ok...'. Interestingly, when I install LDAPUserFolder on Zope 2.4.3 running on a WinNT 4.1 workstation and use the same connection settings, it connects successfully and I'm able to query the LDAP database. Any ideas why..?? ~Peeyush. ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] LDAP on Zope 2.5.0b2
i only ever use python-ldap 1.10alpha3, that's all i test against because it's a known quantity. anything else is way too much in flux. jens On Friday, January 4, 2002, at 05:25 , Peeyush Garg wrote: Hi Jens, I get the same error message with installation of 2.5.0b3. Do you have the latest files checked out for python-ldap module? Any other clues? I've tried several combinations and not any luck yet. ~Peeyush. - Original Message - From: Jens Vagelpohl [EMAIL PROTECTED] To: Peeyush Garg [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Friday, January 04, 2002 12:30 PM Subject: Re: [Zope-dev] LDAP on Zope 2.5.0b2 i have it running on 2.5beta3 without a problem. try upgrading your zope. jens On Friday, January 4, 2002, at 02:29 , Peeyush Garg wrote: Hi, Has anybody successfully installed LDAPUserFolder on Zope2.5.0b2 (on Linux). When I compile python-ldap module and install it alongwith LDAPUserFolder, it shows as a installed product in the Zope management screen, but when I try to connect to the LDAP server (openldap 2.0.18) also running on the same machine, it says 'connection settings not ok...'. Interestingly, when I install LDAPUserFolder on Zope 2.4.3 running on a WinNT 4.1 workstation and use the same connection settings, it connects successfully and I'm able to query the LDAP database. Any ideas why..?? ~Peeyush. ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope ) ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
