[Zope] Slow response with 2.2.5
Hi Brian, I have noticed a problem with 2.2.5b1 running under Win98. The ZServer seems to wait for 5 seconds or so before serving each page. My fresh installation of 2.2.4 has no noticable delay. To duplicate this, go to a Windows 98 machine and: - Install Zope-2.2.4-win32-x86.exe and start Zope - Try http://localhost:8080 and see the Zope welcome screen appear almost instantaneously - Shutdown Zope - Upgrade to 2.2.5 by installing Zope-2.2.x-to-2.2.5b1-win32-x86.tgz then starting Zope - Try http://localhost:8080 and wait for 5 seconds for the Zope welcome screen to appear This was observed on a brand new IBM Thinkpad T21 (700MHz PIII, 128MB) running Win98SR2 while not connected to any network (No cable modem while on holiday!). Regards, Stephen ___ Stephen Simmons, [EMAIL PROTECTED] HealthArena B.V., Amsterdam, The Netherlands phone +31 20 486 0555; mobile +31 6 1505 3086; fax +31 20 486 0559 ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
[Zope-dev] Re: Re: Refresh and debugging product creation issues.....
Shane and Zope-Dev users of Refresh, Have you noticed any differences refreshing objects that are in the root folder versus higher in the Zope tree? Last week, I was debugging a class using Refresh. I had two class instances, E1 in the root directory and E2 which lived inside E1 (my class is folderish). Trying http://localhost:8080/E1/test and http://localhost:8080/E1/E2/test gave completely different results after changing the class's python code and refreshing. E2 picked up the new class definition while E1 kept the old class definition. Aggressively flushing the cache a few times and refreshing again sometimes fixed the problem, but only temporarily. E1 would use the new code a couple of times then inexplicably switch back to the old code. Needless to say, this bamboozled me completely! Today I am debugging the class instances one level higher in the Zope tree (http://localhost:8080/demo/E1/test and http://localhost:8080/demo/E1/E2/test). Refresh works perfectly. I don't need to flush the cashe or anything like that. Also, the reported size of the cache after a full refresh is down to 8 objects (it was around 28 before). Strange huh? Does this mean that Zope's cache hangs on much more tightly to objects in the ZODB root that inside folders? Cheers, Stephen - Original Message - From: "Shane Hathaway" [EMAIL PROTECTED] Newsgroups: digicool.zope.dev To: "Stephen Simmons" [EMAIL PROTECTED] Sent: Tuesday, October 10, 2000 3:53 PM Subject: Re: [Zope-dev] Re: Refresh and debugging product creation issues. Stephen Simmons wrote: The combination of Shane's Refresh product and Steve's code to prevent multiple names in the product add list is really useful. Thanks, guys! I've reworked Steve's initialize code so it works for products that have multiple classes. As an added benefit, you no longer need to specify which class is being refreshed, so the meta types can be renamed or the code reused without changing a single line. This is great, Steve and Stephen. I'll get this worked into Refresh right away. Shane _______ Stephen Simmons, [EMAIL PROTECTED] HealthArena B.V., Amsterdam, The Netherlands phone +31 20 486 0555; mobile +31 6 1505 3086; fax +31 20 486 0559 ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] Inconsistent behaviour in Zope's constructor security check?
I have just concluded an epic two day struggle with Zope's security machinery. I think I've won, and wanted to find out whether anyone else has had similar problems. I had defined a Python product that worked very nicely. I was able to add and delete my objects and edit, copy and export them perfectly well. But when I tried to rename, paste or import them, I got an exception saying that "The object X does not support this operation". It appears that security checks for permission to add an object to a Folder is done differently by the Product Add machinery and the CopySupport machinery that paste/rename/import use. I had defined my constructors slightly unconventionally in __init__.py. Redefining the constructors more normally solved my immediate problem, but it doesn't remove the source of Zope's inconsistent behaviour. More details of the diagnosis are at the end of this email, for those who are interested. Is this something I should put in the collector? One happy result of this mess is that I am now on a first-name basis with about 80% of the Zope source code! Stephen _______ Stephen Simmons, [EMAIL PROTECTED] HealthArena B.V., Amsterdam, The Netherlands phone +31 20 486 0555; mobile +31 6 1505 3086; fax +31 20 486 0559 Problem copying/pasting and renaming I was able to create new instances of my Element class, but whenever I tried to rename, cut/paste or import the objects, _verifyObjectPaste() in CopySupport.py raised a Copy Error (The object X does not support this operation). _verifyObjectPaste() performs three checks: (i) The container is happy having an object of this type being pasted into it (ii) The user is allowed to create new objects of this type (iii) The user is able to access the object being pasted or renamed All three conditions were true, so there is no reason why renaming, etc should be prevented. Especially when I could create objects as desired through the management screens. Solution The problem was traced to the unusual way I had defined the constructors in __init__.py and the class's module. It appears that getSecurityManager().validateValue(meth) does not exactly duplicate the check done when adding a product instance. Originally, I removed the constructor definition tuple from __init__.py: def initialize(context): """Register Element""" context.registerClass( PlatformElement.Element, constructors = (PlatformElement.Element), # Specified indirectly! icon = element.gif ) and put it at the end of my class definition module, PlatformElement.py: class Element(Folder): ... def manage_addElement(self, id, name='', title='', REQUEST=None): """Create an Element""" ... Element_constructors = ( ('manage_addElementForm', HTMLFile('Element_add', globals())), ('manage_addElement', manage_addElement), ) In this case, check (ii) was failing at line 390 of CopySupport.py when trying to validate the constructor manage_addProduct/HAPlatform/manage_addElementForm. The problem was fixed by changing the constructor definition to the more conventional form: In __init__.py: def initialize(context): """Register Element""" context.registerClass( PlatformElement.Element, constructors = ( # Specify constructors explicitly! PlatformElement.manage_addElementForm, PlatformElement.manage_addElement, ), icon = element.gif ) In PlatformElement.py: ... manage_addElementForm = HTMLFile('Element_add', globals()) def manage_addElement(self, id, name='', title='', REQUEST=None): """Create an Element""" ... While this fixes the problem, it leaves unresolved the question of why Zope's security machinery was happy using the original constructors but barfed when checking whether it could use them. ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
[Zope-dev] Help, please!!! __call__ problems with DTML templates
Today is not a good day:-( I've just spent 2 days trying to force __call__ to render my product properly, got every error possible at least seven times, and wasted last night working out what was wrong with Refresh (I was calling refresh on the wrong product. Duh!). Please, please, please, can someone point me in the right direction. I have a class called Element which has three components: 1. purpose: a string describing the element's role (rendered as structured text) 2. template: a string that is rendered to display the element (DTML) 3. Element inherits from Folder so it can contain sub-elements which can be included in the template For example, suppose A is an element that contains a sub-element B (i.e. B is A.B) Ahas template 'Element A contains dtml-var B' and purpose 'Contain B' Bhas template 'element B, which contains nix' and purpose 'Element with no subelement' Now for the tricky bit: "dtml-var A" needs to be rendered one of three possible ways depending on a variable in the REQUEST. So __call__ needs to return one of - case a: the purpose property (as structured text) wrapped in [] - case b: render the template, with sub-elements properly rendered - case c: render the template, with sub-elements wrapped in [] showing their purpose Then 'dtml-var A' must be rendered in the three cases as: - case a: '[Contain B]' - case b: 'Element A contains element B, which contains nix' - case c: 'Element A contains [Element with no subelement]' To do this, I need to write my own __call__ method since __call__ is what detemines how objects gets rendered in DTML (is this correct?) def __call__(self, client=None, REQUEST={}, RESPONSE=None, **kw): With this, I discovered that 'dtml-var A' gives client=None and REQUEST={} while 'dtml-var "A(_,REQUEST)"' gets client=_ and REQUEST=REQUEST. But I cannot for the life of me, work out how to do what I need. In particular: 1.) How do you magically get the DTML context from 'dtml-var A' without having to resort to 'dtml-var "A(_,REQUEST)"' in the templates? In the __call__ methods of different classes, I've seen some code like: 'if REQUEST is None and not kw: REQUEST=self.REQUEST' (from Catalog.py) and other code like 'if hasattr(self, 'aq_explicit'): bself=self.aq_explicit else: bself=self' and 'security=getSecurityManager() security.addContext(self)' (from DTMLDocument.py) I can't see any consistency in what these classes are doing, so I don't know what I need to do. 2.) How to convert an arbitrary text string into rendered DTML inside a python product method? How do you get the object's properties, REQUEST and acquisition context all in the namespace? I've been trying code like: template = 'span class="purpose"dtml-var purpose fmt="structured_text"/span' dtml = HTML(template, globals()) rendered = dtml(self, REQUEST) but this doesn't work. All the example classes I've seen (such as ZWikiPage.py in ZWiki) use DTMLDocument as their base class so can call DTMLDocument's __call__ on themselves as in text = apply(DTMLDocument.__call__,(self, client, REQUEST, RESPONSE), kw)(ZWikiPage.py, line 135) This doesn't help me because I don't have DTMLDocument as a base class. Looking through the source for DTMLMethod etc is not very clear because lots of "apply(__call__,(...),kw)" calls are all mixed up with acquisition code. 3.) Do I need to write a custom tag (dtml-element A) to get this behaviour? So, if anyone out in Zope land can help me, I'll be eternally grateful. I've exhausted my patience looking through the NIP mailing list archives, the How-Tos and the Zope site and need to have something to demonstrate on Thursday. Thanks in advace, Stephen P.S. ChrisW, searching NIP for "__call__" returns every message with 'call' in it, which is not quite the same thing! ___ Stephen Simmons HealthArena B.V. phone +31 20 486 0555 mobile +31 6 1505 3086 [EMAIL PROTECTED] ___ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )
Re: [Zope] Restricting URL access to objects that are not complete web pages
Steve, Ideally the publishability of an object would be an internal property of that object, not something that is set externally via rules in SiteAccess. It's been a little while since I last looked at SiteAccess, but wouldn't using SiteAccess force you to store publishable objects in one part of the database hierarchy and non-publishables in another? If you wanted publishables and non-publishables all mixed up in the same folders, SiteAccess's rules might get a bit complicated. Another approach could be to: - create a folder that does a RESPONSE.setStatus(404) as the URL traversal machinery passes it. This sets up the default condition of 'NotFound' error for the URL - at the end of the URL, if the final object is publishable or the final item is a publishable method called on a publishable object, do a RESPONSE.setStatus(200) to say 'OK'. Would this be feasible without hacking HTTPResponse.py too much? Stephen ___ Stephen Simmons HealthArena B.V. phone +31 20 486 0555 [EMAIL PROTECTED] - Original Message - From: "Steve Alexander" [EMAIL PROTECTED] To: "Stephen Simmons" [EMAIL PROTECTED] Sent: Thursday, September 21, 2000 3:21 PM Subject: Re: [Zope] Restricting URL access to objects that are not complete web pages Stephen Simmons wrote: My thoughts were to use an html_header that tracks how deeply components are nested so that inner components turn off the page wrapper. This achieves 1 and 2. This also achieves 3 if sections raise an exception if their page wrapper is not turned off. You only want to see standard_html_footer and so forth when REQUEST.steps[-1]!=fragment_id, so it would not be accessible directly by URL. Try something like this for standard_html_footer: dtml-if "REQUEST.steps[-1]=='standard_html_footer'" dtml-raise type="NotFound"/dtml-raise/dtml-if /BODY/HTML I think using siteaccess for this is more elegant, though. All the knowledge about what is allowed and what is not is maintained in one place, and the knowledge can be declared flexibly using regular expressions. -- Steve Alexander Software Engineer Cat-Box limited http://www.cat-box.net ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
[Zope] Restricting URL access to objects that are not complete web pages
After reading the Zope lists for a couple of months to struggle up the Zope learning curve, it's time for my first question. I want to serve web pages build up from a database of document components. Zope's object-based subsystems should be completely hidden so that the only objects accessible over the web interface are complete, well-formed HTML web pages. For the sake of simplicity, suppose we have three types of components, web pages, articles and sections. These components obey the following 4 rules: 1. Web pages operate just like a DTML document, where the articles and sections from which it is built are specified via dtml-var. The page definition starts with standard_html_header and _footer (or similar) to create nice HTML output. 2. Articles are primarily meant for inclusion within a web page so that they are displayed in a browser by specifying the URL of their containing web page. However if an article's URL is specified, the article automatically gets wrapped in an HTML template. 3. Sections are only used as building blocks for other documents so it must not be possible to retrieve a section via a URL. 4. Similarly, standard_html_header and other methods/objects not meant to be a standalone web page should not be accessible via a URL. My thoughts were to use an html_header that tracks how deeply components are nested so that inner components turn off the page wrapper. This achieves 1 and 2. This also achieves 3 if sections raise an exception if their page wrapper is not turned off. But 4 was where I got stuck. I want to use the full magic of acquisition when assembling web pages from components within a page, but prevent acquisition from returning other objects via URLs. So mypage in http://myserver:8080/myarea/mypage is able to find standard_html_header by acquisition but http://myserver:8080/myarea/mypage/standard_html_header gives a not-found error. Any suggestions? Something involving permissions/roles? Hacking before_bobo_traverse()? Something simpler? Thanks for any assistance! Stephen ___ Stephen Simmons HealthArena B.V. phone +31 20 486 0555 [EMAIL PROTECTED] ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )