[Zope] Re: zope hosting
David H <[EMAIL PROTECTED]> writes: > My understanding is that Zettai is closing down. Bummer cause I have > been using them. I know they are not accepting new orders, but I wasn't aware they are shutting down. How have you heard? (I also have a Zettai account.) ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Re: Question about Zope and security
> > I'd rather encrypt passwords with a hash and reset the password if the > > users have lost it. Is it possible to do that in Zope? Isn't there an option in GRUF to encrypt passwords? Although I don't think that affects the user's sending of passwords over the Web. Peace, George ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Re: major problems placing authentication on an extranet site-security flaw?
Scratch that, looking more closely at the thread it looks like you followed the "make site private" documentation and it worked. Peace, George ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Re: major problems placing authentication on an extranet site-security flaw?
michael nt milne <[EMAIL PROTECTED]> writes: > HiI have major problems here trying to set-up authentication over a > whole Plone site using Zope. I'm not going to get involved in the large Zope security discussion but I will post an additional something to plone-users in reply to the more narrow problem. If you want additional help with it there, we'll need more details and debugging from you. I usually like to help folks figure out bugs because it's a nice problem solving stint, but I can't do much without more info. Peace, George ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] SOLUTION -- Products have incorrect "home" attribute
> After migrating to a new server, several of my Zope products have an > incorrect "home" attribute that specifies where they live on the > filesystem. However, when I try to change these attributes using an > external method, the attributes do not change. Any help? > > Peace, > George Turns out it was a bug in my external method, writing == instead of =, that tripped me up. This is the external method I used: OLD_INSTANCE_PROD_DIR_LIST = [ '/home/BLUH1/zope/instance1/Products/', '/home/BLUH2/zope/instance1/Products/', ] NEW_INSTANCE_PROD_DIR = '/usr/local/zope/instance1/Products/' OLD_PYTHON_PROD_DIR_LIST = [ '/usr/home/BLUH3/zope/270/lib/python/Products/', '/home/BLUH4/zope/273/lib/python/Products/', '/home/BLUH5/zope/281/lib/python/Products/', ] NEW_PYTHON_PROD_DIR = '/usr/local/zope/284/lib/python/Products/' def listHome(self): prods = self.Control_Panel.Products listBefore = [] listAfter = [] for p in prods.objectIds(): homeBefore = prods._getOb(p).home listBefore = listBefore + [homeBefore] if homeBefore in map( lambda x : x + p, OLD_INSTANCE_PROD_DIR_LIST ): prods._getOb(p).home = NEW_INSTANCE_PROD_DIR + p elif homeBefore in map( lambda x : x + p, OLD_PYTHON_PROD_DIR_LIST ): prods._getOb(p).home = NEW_PYTHON_PROD_DIR + p listAfter = listAfter + [prods._getOb(p).home] return "Before: %s\n\nAfter: %s" % (str(listBefore),str(listAfter)) ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Re: Newbee interfaces and implementations
> So you recommend that I should just skip them as long as I'm on Zope2? > > I would be happy with that. I find them confusing when they don't > really interface with but just document my methods. Some of the reasons interfaces can be helpful are (1) for documentation purposes and clarity for code if someone needs to look at it, (2) if other classes might use the same interface, you help make sure you're sticking to a common interface so that the methods in different classes do similar things, and (3) you can use methods like "isImplementedBy" so that certain templates, code, etc. does something with an object or class if it uses the interface -- what you call "really interfacing". There's many examples of how (3) might work. It seems like for now that (3) won't be important to you and (2) might be. Personally I define interfaces for some classes (especially tools) to help with the documentation, but agree with you that for other straightforward classes they don't help that much with documetnation. Hope this helps; peace, George ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Re: Products have incorrect "home" attribute
> I asked the same question a couple of days ago (see "wrong directoy in > Control_Panel.Products..home") and no, they aren't reset at zope > restart, and deleting the pyc files doesn't help either. Thanks, didn't see the previous conversation. =) I'll do the delete the Products objects trick ... any idea why it fails to just directly change the attribute with an external method? I'm not savvy to the inner workings of ZODB so I don't know if there's read-only attributes or persistence issues (with a string attribute though?) here... Peace, Geroge ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Products have incorrect "home" attribute
After migrating to a new server, several of my Zope products have an incorrect "home" attribute that specifies where they live on the filesystem. However, when I try to change these attributes using an external method, the attributes do not change. Any help? Peace, George ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] External Methods, Proxy Roles, and Executable Security
Great, thanks much. Is there much buzz about this in CMF developer land? It seems like proper proxy roles handling, and like you said what Zope 3 security will do to it, are pretty important and will come up quite often (all I was doing, after all, was trying to move an object upon workflow change!). Peace, George On 11/19/05, Dieter Maurer <[EMAIL PROTECTED]> wrote: > George Lee wrote at 2005-11-19 00:46 -0500: > >In CMFCore 1.5.4: > > > >If a low-security-clearance user calls an external method that pastes > >an object from a PortalFolder, he gets an error because the following > >line in CMFCore.PortalFolder fails: > > > >if not sm.checkPermission(DeleteObjects, parent): > > raise AccessControl_Unauthorized > > > >This is even the case if "sm.checkPermission" is changed to > >"_checkPermission", which takes into account proxy roles. The external > >method does not allow proxy roles attached, so I can't just add a > >"Manager" proxy role. > > > >Because I called the pasting in an external method, I expected it to > >go through without security problems! Is this a right expectation / > >and a bug, or a wrong expectation? > > It is the fate induced by explicit security checks. > It will get much worse when the Zope 3 security comes into > Zope 2 land: then even trusted code will have to deal with > security proxied objects. > > > We currently work around the problem that trusted code > cannot have proxy roles with the following class: > > class ProxyContext: > def __init__(self, proxy_roles): > self._proxy_roles = tuple(proxy_roles) > > def getOwner(self): return None > getWrappedOwner = getOwner > > This class emulates an object with proxy roles and can be pushed > onto the "SecurityManager"s "context" stack like so: > > sm = getSecurityManager() > context = ProxyContext(proxy_roles) > sm.addContext(context) > try: > # do something with "proxy_roles" > ... > finally: sm.removeContext(context) > > > Note, that I had to fix (in a local copy) CMF's "_checkPermission" > for this to work: > >It had decided to emulate Zope's proxy role checking only >approximately -- incorrectly for a "None" owner. > > My fix looks like this: > > security.declarePrivate('_checkPermission') > def _checkPermission(permission, obj): > """ Check if the current user has the permission on the given object. > """ > # this code is ported from ZopeSecurityPolicy.checkPermission > roles = rolesForPermissionOn(permission, obj) > if isinstance(roles, basestring): > roles = [roles] > context = getSecurityManager()._context > > # check executable owner and proxy roles > # this code is ported from ZopeSecurityPolicy.validate > stack = context.stack > if stack: > eo = stack[-1] > owner = eo.getOwner() > if owner is not None: > if not owner.allowed(obj, roles): > return 0 > # DM 2005-09-07: no reason to do it differently from Zope > # It accepts "proxy_roles" even for a None owner > ##proxy_roles = getattr(eo, '_proxy_roles', None) > ##if proxy_roles: > ##if obj is not aq_base(obj): > ##if not owner._check_context(obj): > ##return 0 > ##for r in proxy_roles: > ##if r in roles: > ## return 1 > ##return 0 > proxy_roles = getattr(eo, '_proxy_roles', None) > if proxy_roles: > if obj is not aq_base(obj): > # DM 2005-09-07: do it as Zope does > #if not owner._check_context(obj): > if owner is not None and not owner._check_context(obj): > return 0 > for r in proxy_roles: > if r in roles: > return 1 > return 0 > > return context.user.allowed(obj, roles) > > > If you are interested in using this approach, you > should probably file another CMF bug report about the > wrong handling of proxy roles in "_checkPermission". > I explicitely allow you to attach the fix given above. > > > -- > Dieter > ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Re: External Methods, Proxy Roles, and Executable Security
p.s. This is in the context of a external method in a workflow scripts folder, if that helps. Peace, George On 11/19/05, George Lee <[EMAIL PROTECTED]> wrote: > In CMFCore 1.5.4: > > If a low-security-clearance user calls an external method that pastes > an object from a PortalFolder, he gets an error because the following > line in CMFCore.PortalFolder fails: > > if not sm.checkPermission(DeleteObjects, parent): >raise AccessControl_Unauthorized > > This is even the case if "sm.checkPermission" is changed to > "_checkPermission", which takes into account proxy roles. The external > method does not allow proxy roles attached, so I can't just add a > "Manager" proxy role. > > Because I called the pasting in an external method, I expected it to > go through without security problems! Is this a right expectation / > and a bug, or a wrong expectation? > > Peace, > George > > > > > > > > On 11/18/05, George Lee <[EMAIL PROTECTED]> wrote: > > I forget if I submitted a collector issue about this before, but I > > didn't see it. I just posted one at > > <http://www.zope.org/Collectors/CMF/396>: > > > > Title: PortalFolder.py _verifyObjectPaste ignores executable security > > > > Version info: CMF 1.5.4 but also in trunk > > > > _verifyObjectPaste calls "sm.checkPermission(permission_name,self)" > > rather than "_checkPermission(permission_name,self)" > > > > This makes it ignore executable security. So, if _verifyObjectPaste is > > in an external method or in a script with sufficient proxy roles, it > > raises an Unauthorized error for users when the external method / > > proxy role security should suffice. > > > > > > > > On 9/9/05, Dieter Maurer <[EMAIL PROTECTED]> wrote: > > > George Lee wrote at 2005-9-8 23:57 -0400: > > > > ... > > > >Is it okay to just replace sm.checkPermission with _checkPermission > > > >from CMFCore.utils or is that not okay? > > > > > > Yes. But, please file a bug report as well. > > > > > > >Also Dieter I noticed that Alan Runyan and you briefly discussed this > > > >issue back in 2002: > > > >http://mail.zope.org/pipermail/zope-cmf/2002-September/015350.html > > > > > > Any internal use should always take executable security (i.e. > > > executable ownership and proxy roles) into account. > > > Not doing so is a but, as things expected to be possible are not > > > and (maybe even worse) things expected to be impossible may > > > be possible. > > > > > > There may be a need for application code to check the permissions > > > of the user with proxy roles not taken into account. > > > > > > E.g. a script that must use a "Manager" roles to do one > > > thing but does not want to do another unless the current > > > user has specific permissions. > > > > > > For this case, there also should be a method checking > > > permissions with proxy roles not taken into account. > > > > > > -- > > > Dieter > > > > > > ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] External Methods, Proxy Roles, and Executable Security
In CMFCore 1.5.4: If a low-security-clearance user calls an external method that pastes an object from a PortalFolder, he gets an error because the following line in CMFCore.PortalFolder fails: if not sm.checkPermission(DeleteObjects, parent): raise AccessControl_Unauthorized This is even the case if "sm.checkPermission" is changed to "_checkPermission", which takes into account proxy roles. The external method does not allow proxy roles attached, so I can't just add a "Manager" proxy role. Because I called the pasting in an external method, I expected it to go through without security problems! Is this a right expectation / and a bug, or a wrong expectation? Peace, George On 11/18/05, George Lee <[EMAIL PROTECTED]> wrote: > I forget if I submitted a collector issue about this before, but I > didn't see it. I just posted one at > <http://www.zope.org/Collectors/CMF/396>: > > Title: PortalFolder.py _verifyObjectPaste ignores executable security > > Version info: CMF 1.5.4 but also in trunk > > _verifyObjectPaste calls "sm.checkPermission(permission_name,self)" > rather than "_checkPermission(permission_name,self)" > > This makes it ignore executable security. So, if _verifyObjectPaste is > in an external method or in a script with sufficient proxy roles, it > raises an Unauthorized error for users when the external method / > proxy role security should suffice. > > > > On 9/9/05, Dieter Maurer <[EMAIL PROTECTED]> wrote: > > George Lee wrote at 2005-9-8 23:57 -0400: > > > ... > > >Is it okay to just replace sm.checkPermission with _checkPermission > > >from CMFCore.utils or is that not okay? > > > > Yes. But, please file a bug report as well. > > > > >Also Dieter I noticed that Alan Runyan and you briefly discussed this > > >issue back in 2002: > > >http://mail.zope.org/pipermail/zope-cmf/2002-September/015350.html > > > > Any internal use should always take executable security (i.e. > > executable ownership and proxy roles) into account. > > Not doing so is a but, as things expected to be possible are not > > and (maybe even worse) things expected to be impossible may > > be possible. > > > > There may be a need for application code to check the permissions > > of the user with proxy roles not taken into account. > > > > E.g. a script that must use a "Manager" roles to do one > > thing but does not want to do another unless the current > > user has specific permissions. > > > > For this case, there also should be a method checking > > permissions with proxy roles not taken into account. > > > > -- > > Dieter > > > ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Reprise -- Manager Proxy Role ineffective for deleting/moving objects
I forget if I submitted a collector issue about this before, but I didn't see it. I just posted one at <http://www.zope.org/Collectors/CMF/396>: Title: PortalFolder.py _verifyObjectPaste ignores executable security Version info: CMF 1.5.4 but also in trunk _verifyObjectPaste calls "sm.checkPermission(permission_name,self)" rather than "_checkPermission(permission_name,self)" This makes it ignore executable security. So, if _verifyObjectPaste is in an external method or in a script with sufficient proxy roles, it raises an Unauthorized error for users when the external method / proxy role security should suffice. On 9/9/05, Dieter Maurer <[EMAIL PROTECTED]> wrote: > George Lee wrote at 2005-9-8 23:57 -0400: > > ... > >Is it okay to just replace sm.checkPermission with _checkPermission > >from CMFCore.utils or is that not okay? > > Yes. But, please file a bug report as well. > > >Also Dieter I noticed that Alan Runyan and you briefly discussed this > >issue back in 2002: > >http://mail.zope.org/pipermail/zope-cmf/2002-September/015350.html > > Any internal use should always take executable security (i.e. > executable ownership and proxy roles) into account. > Not doing so is a but, as things expected to be possible are not > and (maybe even worse) things expected to be impossible may > be possible. > > There may be a need for application code to check the permissions > of the user with proxy roles not taken into account. > > E.g. a script that must use a "Manager" roles to do one > thing but does not want to do another unless the current > user has specific permissions. > > For this case, there also should be a method checking > permissions with proxy roles not taken into account. > > -- > Dieter > ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] Re: VIRTUAL_URL Failure
> I fear you fight a CookieCrumbler bug. Vicious monsters, indeed. Thanks for the REQUEST['URL'] tip. It's a pretty good workaround for now, although not exactly right. If I am going to an object http://here.org/object with default page or default method "default", then REQUEST['URL'] equals http://here.org/object/default instead of http://here.org/object This works for purposes of redirecting after login but isn't exactly what should happen. From what I recall browsing a few ACTUAL_URL, etc. threads, this is one reason there's a difference between the few different URL variables. Also, I opened up a collector issue at http://www.zope.org/Collectors/CMF/393 Peace, George > > The most natural "REQUEST['URL']" will give the correct value > (as it gives what the primary HHTP cleint sees). > > -- > Dieter > ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] Re: VIRTUAL_URL Failure
> The correct thing to use in a recent Zope is REQUEST['ACTUAL_URL']. > > Florent This gives something like http://ip:port/path/to/subdomain though rather than http://subdomain.mydomain.org ... what if anything gives the latter? Peace, George ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] VIRTUAL_URL Failure
> (2) Does anyone know how to debug VirtualHostMonster or other Python > libraries while running a Zope instance (it lives in Python not in > Zope, so I don't know if I change the code there if those changes will > actually get executed)? Oh wait it is in a Zope product, scratch that. Peace, George ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] VIRTUAL_URL Failure
Two main questions: (1) Does anybody *have* good documentation on VIRTUAL_URL and how it interacts with CookieCrumbler and VirtualHostMonster? (2) Does anyone know how to debug VirtualHostMonster or other Python libraries while running a Zope instance (it lives in Python not in Zope, so I don't know if I change the code there if those changes will actually get executed)? For people who care to read more about what I think is going on: > Well, where is VIRTUAL_URL documented? Why doesn't Plohn do something > sane if it's not there? It's not Plone's issue from what I can tell. CookieCrumbler, which lives in CMF, does do something sane if VIRTUAL_URL is not there -- it tries to create a substitute URL. VIRTUAL_URL is set by the VirtualHostMonster. Does anyone know how to debug it? Because it is in the python directories used to build Zope, not in a Zope product which I know how to debug. (Is there a way to restart python to register changes in VirtualHostMonster.py)? Here is what I can tell of what is going on: (1) VIRTUAL_URL is supposed to return the actual URL when there is a Virtual Hosting Monster, for instance http://subdomain.mydomain.org instead of http://ip:port/path/to/subdomain/object or http://mydomain.org/path/to/subdomain/object. (2) There's an Apache rewrite rule set to transform URL requests like http://subdomain.org to http://ip:port/VirtualHostBase/http/subdomain.mydomain.org before they get sent into Zope. (3) When VirtualHostMonster receives a request like http://ip:port/VirtualHostBase/http/subdomain.mydomain.org, it is supposed to return the currect object at http://ip:port/path/to/subdomain/object and set a variable VIRTUAL_URL http://subdomain.mydomain.org in the REQUEST variable. (4) When navigating to an authenticated-only page, CMFCore's CookieCrumbler sets a "came_from" variable to remember where to go. To set the "came_from" variable, it first looks for VIRTUAL_URL. If it doesn't find it, it uses another method to set "came_from" -- but this returns an URL, and one that does not work. (5) During login in Plone to a authenticated-only page, it uses CMFCore's CookieCrumbler came_from variable. > > > I'm wondering if CookieCrumbler is supposed > > to set VIRTUAL_URL given that there's a VHM installed and doesn't? > > It's probably some code in the publisher or vhm. Maybe it's something > that didn't get merged from a branch or the trunk. > > Your best bet is to come up with minimal (ie: no plone, no cookie > crumbler, etc) way to reproduce this and file a bug report in the collector. > > Oh, and grab yourself a copy of grep and see where this should be > defined ;-) > > cheers, > > Chris > > -- > Simplistix - Content Management, Zope & Python Consulting > - http://www.simplistix.co.uk > > ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
Re: [Zope] VIRTUAL_URL Failure
Zope 2.8.1 In Plone 2.1.1, when I try to access a page Anonymous does not have permission to see, it redirects to a login. While doing so, it sets a came_from variable with the URL I'm trying to access. It sets an ugly http://my.domain.org/VirtualHostBase/http/my.domain.org:80/contentPages which does not work. Plone folks suspected this was a Zope problem. When Plone sets the came_from, it draws on the REQUEST variable. It first looks to see if there is a VIRTUAL_URL in the REQUEST variable, but it doesn't find one. I'm wondering if CookieCrumbler is supposed to set VIRTUAL_URL given that there's a VHM installed and doesn't? Peace, George Peace, George On 11/8/05, Chris Withers <[EMAIL PROTECTED]> wrote: > George Lee wrote: > > On my Plone site, in CookieCrumbler.py, VIRTUAL_URL is not found in > > the request variable even though I have a Virtual Host Monster. This > > means that when logging in, the "came_from" URL that my site directs > > to becomes something ugly like > > What version of Zope are you using? > > Why do you think VIRTUAL_URL should be there? > > cheers, > > Chris > > -- > Simplistix - Content Management, Zope & Python Consulting > - http://www.simplistix.co.uk > ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
[Zope] VIRTUAL_URL Failure
Hi, On my Plone site, in CookieCrumbler.py, VIRTUAL_URL is not found in the request variable even though I have a Virtual Host Monster. This means that when logging in, the "came_from" URL that my site directs to becomes something ugly like http://my.domain.org/VirtualHostBase/http/my.domain.org:80/contentPages This doesn't seem to be an Apache rewriting issue. Should VIRTUAL_URL be found in the request variable and giving the right URL (http://my.domain.org/contentPages), and why isn't it showing up? Peace, George ___ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )