[Zope-dev] Re: brain.getObject and traversal

2005-04-06 Thread Chris Withers
Tres Seaver wrote:
Since this is a bug, and it looks like it's going to be fixed with a
config option, would anyone mind if I ported this code to the 2.7 branch
with the option set to do whatever 2.7.5 does?
- -0.  This change is not a bugfix 
If removing bare try: excepts: is a bugfix, then this is too, can't 
remember when and how the big try-fix-geddon was done though...

-- this is a new feature, which changes
the documented behavior of the catalog brains.
Which documentation are you referring to? I want to make sure it gets 
updated too...

 It is really up to
Andreas whether or not to accept such a change on the 2.7 line.
Andreas, whatcha think?
cheers,
Chris
--
Simplistix - Content Management, Zope & Python Consulting
   - http://www.simplistix.co.uk
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] Re: brain.getObject and traversal

2005-04-06 Thread Andreas Jung

--On Mittwoch, 6. April 2005 10:16 Uhr +0100 Chris Withers 
<[EMAIL PROTECTED]> wrote:


 It is really up to
Andreas whether or not to accept such a change on the 2.7 line.
Andreas, whatcha think?
Sorry, I have to catch up with this thread. I thought the problem was 
solved by
Tres new configuration option.

-aj

pgpQeSFBv0tNI.pgp
Description: PGP signature
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] Can't import objects in Zope 2.8a2

2005-04-06 Thread Santi Camps
Hi all,
I'm just trying recent Zope 2.8 a2 and I'm not able to import any .zexp 
file.   At the begin I thought that it could be caused by the zexp I was 
trying to import, but default Examples.zexp also cause the same error.   
I've tried with and without ZEO, and with and without debug mode, always 
the same result.I'm doing something wrong or this could be a bug ?

Thanks in advance
The obtained traceback is this one:
Time
2005/04/06 14:05:06.943 GMT+2
User Name (User Id)
admin (admin)
Request URL
http://localhost.localdomain:8083/manage_importObject
Exception Type
BdbQuit
Exception Value
Traceback (innermost last):
Module ZPublisher.Publish, line 113, in publish
Module ZPublisher.mapply, line 88, in mapply
Module ZPublisher.Publish, line 40, in call_object
Module OFS.ObjectManager, line 554, in manage_importObject
Module Shared.DC.Scripts.Bindings, line 311, in __call__
Module Shared.DC.Scripts.Bindings, line 348, in _bindAndExec
Module App.special_dtml, line 175, in _exec
Module DocumentTemplate.DT_Let, line 76, in render
Module DocumentTemplate.DT_In, line 703, in renderwob
Module App.PersistentExtra, line 44, in locked_in_version
Module ZODB.Connection, line 831, in modifiedInVersion
Module pdb, line 992, in set_trace
Module bdb, line 52, in trace_dispatch
Module bdb, line 80, in dispatch_return
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] Can't import objects in Zope 2.8a2

2005-04-06 Thread Jens Vagelpohl
On Apr 6, 2005, at 14:11, Santi Camps wrote:
Hi all,
I'm just trying recent Zope 2.8 a2 and I'm not able to import any 
.zexp file.   At the begin I thought that it could be caused by the 
zexp I was trying to import, but default Examples.zexp also cause the 
same error.   I've tried with and without ZEO, and with and without 
debug mode, always the same result.I'm doing something wrong or 
this could be a bug ?
LOL  looks like someone left a pdb.set_trace() in the 
ZODB.Connection.modifiedInVersion method...

jens
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] I want Zope 2.9 to use Zope 3's security architecture.

2005-04-06 Thread Jim Fulton
I very much want Zope 2.9 to use Zope 3's security architecture.
Zope 3's security architecture is far more robust, but it is different
in some significant ways:
- It protects names not values.  This means that you protect
  how you access things, not the things themselves.
- It doesn't provide key-bases access control for mapping
  objects.  If you can get any key, you can get all keys.
  This is less powerful that Zope 2's security system, but
  this is power we haven't needed for Zope 3 and I suggest
  we don't really need it for Zope 2.
- Non-basic values passed from trusted code to untrusted code
  are security proxied and thus protected.  This means that the
  security framework has a much greater reach than in Zope 2,
  Even trusted code is subject to the security system in many
  cases.  This can be a good thing or a bad thing, depending
  on your point of view. :)
- The Zope 3 security system is much more pluggable.  This means
  that it is much easier to provide alternate security policies
  to meet special needs to or exclude unneeded features.
For more information on the security system, see:
http://svn.zope.org/Zope3/trunk/src/zope/security/untrustedinterpreter.txt?view=markup
http://svn.zope.org/Zope3/trunk/src/zope/security/README.txt?view=markup
http://svn.zope.org/Zope3/trunk/src/zope/app/securitypolicy/zopepolicy.txt?view=markup
http://www.zope.org/Wikis/DevSite/Projects/ComponentArchitecture/ProgrammerTutorial/programmers_tutorial.pdf
I see 2 main challenges:
- supporting implicit acquisition
- Backward incompatibilities:
  o No support for key-based access control
  o Trusted code will be subject to security restrictions
in cases in which it isn't now.
I think there will be a number of significant benefits, including:
- Greater security
- Less complexity
- Less risk with new Python versions
- Narrower gap between Zope 2 and Zope 3.
This will be a fairly large job.  I won't have time to work on it before this
Fall.  I could certianly use some help. :)
Are there any objections?  Suggestions? Questions?
Jim
--
Jim Fulton   mailto:[EMAIL PROTECTED]   Python Powered!
CTO  (540) 361-1714http://www.python.org
Zope Corporation http://www.zope.com   http://www.zope.org
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] Can't import objects in Zope 2.8a2

2005-04-06 Thread Andreas Jung

--On Mittwoch, 6. April 2005 14:22 Uhr +0200 Jens Vagelpohl 
<[EMAIL PROTECTED]> wrote:

On Apr 6, 2005, at 14:11, Santi Camps wrote:
Hi all,
I'm just trying recent Zope 2.8 a2 and I'm not able to import any
.zexp file.   At the begin I thought that it could be caused by the
zexp I was trying to import, but default Examples.zexp also cause the
same error.   I've tried with and without ZEO, and with and without
debug mode, always the same result.I'm doing something wrong or
this could be a bug ?
LOL  looks like someone left a pdb.set_trace() in the
ZODB.Connection.modifiedInVersion method...
There was something with a pdb.set_trace() in ZODB code (on some Zope list
lately).
-aj

pgpG7VpzZXNZw.pgp
Description: PGP signature
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] Can't import objects in Zope 2.8a2

2005-04-06 Thread Tim Peters
[Santi Camps]
>> I'm just trying recent Zope 2.8 a2 and I'm not able to import any
>> .zexp file.   At the begin I thought that it could be caused by the
>> zexp I was trying to import, but default Examples.zexp also cause the
>> same error.   I've tried with and without ZEO, and with and without
>> debug mode, always the same result.I'm doing something wrong or
>> this could be a bug ?

[Jens Vagelpohl]
> LOL  looks like someone left a pdb.set_trace() in the
> ZODB.Connection.modifiedInVersion method...

Yup, that got checked in by mistake during the recent ZODB sprint at PyCon.

It's repaired on Zope trunk / ZODB 3.4a2, so try the trunk instead.

Another thing it proves is that Zope's test suite is somewhat lacking .
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] Can't import objects in Zope 2.8a2

2005-04-06 Thread Jens Vagelpohl
On Apr 6, 2005, at 15:00, Tim Peters wrote:
LOL  looks like someone left a pdb.set_trace() in the
ZODB.Connection.modifiedInVersion method...
Yup, that got checked in by mistake during the recent ZODB sprint at 
PyCon.

It's repaired on Zope trunk / ZODB 3.4a2, so try the trunk instead.
Another thing it proves is that Zope's test suite is somewhat lacking 
.
So I was clicking through svn.zope.org trying to find the ZODB code in 
question but couldn't, simply because I did not know what tag/branch 
the version stitched into Zope 2.8a2 is. How can you tell from looking 
at the Zope code on http://svn.zope.org which ZODB branch/tag is 
stitched in during checkout?

jens
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] Re: brain.getObject and traversal

2005-04-06 Thread Tres Seaver
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Andreas Jung wrote:
> 
> 
> --On Mittwoch, 6. April 2005 10:16 Uhr +0100 Chris Withers
> <[EMAIL PROTECTED]> wrote:
> 
>>
>>>  It is really up to
>>> Andreas whether or not to accept such a change on the 2.7 line.
>>
>>
>> Andreas, whatcha think?
> 
> 
> Sorry, I have to catch up with this thread. I thought the problem was
> solved by
> Tres new configuration option.

Chris wants to backport it to 2.7 x;  I'm opposed.  Your call.


Tres.
- --
===
Tres Seaver[EMAIL PROTECTED]
Zope Corporation  "Zope Dealers"   http://www.zope.com
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCU+T4GqWXf00rNCgRAmunAJ9KhHjABM6gcjsdFpfjz3OfQISUVACdFLQy
J9CiMRtEQu0CV4CRJxVEX+c=
=vinQ
-END PGP SIGNATURE-
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] Re: brain.getObject and traversal

2005-04-06 Thread Andreas Jung

--On Mittwoch, 6. April 2005 9:32 Uhr -0400 Tres Seaver <[EMAIL PROTECTED]> 
wrote:

Chris wants to backport it to 2.7 x;  I'm opposed.  Your call.
If it does not change the default behaviour we have in 2.7.5... why not...
Andreas


pgp7uZ3q8EeTC.pgp
Description: PGP signature
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] Re: Can't import objects in Zope 2.8a2

2005-04-06 Thread Tres Seaver
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Jens Vagelpohl wrote:
> 
> On Apr 6, 2005, at 15:00, Tim Peters wrote:
> 
>>> LOL  looks like someone left a pdb.set_trace() in the
>>> ZODB.Connection.modifiedInVersion method...
>>
>>
>> Yup, that got checked in by mistake during the recent ZODB sprint at
>> PyCon.
>>
>> It's repaired on Zope trunk / ZODB 3.4a2, so try the trunk instead.
>>
>> Another thing it proves is that Zope's test suite is somewhat lacking
>> .
> 
> 
> So I was clicking through svn.zope.org trying to find the ZODB code in
> question but couldn't, simply because I did not know what tag/branch the
> version stitched into Zope 2.8a2 is. How can you tell from looking at
> the Zope code on http://svn.zope.org which ZODB branch/tag is stitched
> in during checkout?

viewcvs doesn't seem to give access to the DAV properties of the
folders.  The name of the property is 'svn:externals', which contains a
list of name->URL mappings.


Tres.
- --
===
Tres Seaver[EMAIL PROTECTED]
Zope Corporation  "Zope Dealers"   http://www.zope.com
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCU+oNGqWXf00rNCgRAuaYAJ4/4TAtb1DZy8Nh10gs8pwCD3AvCgCfbNbV
19uJRye/Hr0s3ToATHhuXt8=
=asYz
-END PGP SIGNATURE-

___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] opinion: speeding up large PUT uploads

2005-04-06 Thread Florent Guillaume
Chris McDonough  <[EMAIL PROTECTED]> wrote:
> On Wed, 2005-04-06 at 00:45, Pavel Zaitsev wrote:
> > If you look above I had problems with zope creating temp files, as I am 
> > using Mac OS X and Webdav to Zope
> > mounted on the same machine. There is some race condition on locks in 
> > mach kernel, and sometimes zope
> > dies, as open system call never returns. 
> 
> That sounds bad.  I'm surprised you've had so much trouble with this.  I
> thought OS X was just BSD, and BSD works fine?

The webdav kernel drivers are known to have quite a number of problems
in Mac OS X 10.3 (don't know about upcoming Tiger).

Florent

-- 
Florent Guillaume, Nuxeo (Paris, France)   CTO, Director of R&D
+33 1 40 33 71 59   http://nuxeo.com   [EMAIL PROTECTED]
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] Can't import objects in Zope 2.8a2

2005-04-06 Thread Tim Peters
[Jens Vagelpohl]
> So I was clicking through svn.zope.org trying to find the ZODB code in
> question but couldn't, simply because I did not know what tag/branch
> the version stitched into Zope 2.8a2 is. How can you tell from looking
> at the Zope code on http://svn.zope.org which ZODB branch/tag is
> stitched in during checkout?

Never tried before, and don't think you can.  From the root of a Zope
checkout, you can do:

svn proplist -v utilities lib/python
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] Can't import objects in Zope 2.8a2

2005-04-06 Thread Jens Vagelpohl
On Apr 6, 2005, at 17:50, Tim Peters wrote:
[Jens Vagelpohl]
So I was clicking through svn.zope.org trying to find the ZODB code in
question but couldn't, simply because I did not know what tag/branch
the version stitched into Zope 2.8a2 is. How can you tell from looking
at the Zope code on http://svn.zope.org which ZODB branch/tag is
stitched in during checkout?
Never tried before, and don't think you can.  From the root of a Zope
checkout, you can do:
svn proplist -v utilities lib/python
Well, I was trying to *avoid* making a checkout to see that detail, 
that's all...

jens
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] I want Zope 2.9 to use Zope 3's security architecture.

2005-04-06 Thread Paul Winkler
On Wed, Apr 06, 2005 at 08:33:39AM -0400, Jim Fulton wrote:
> 
> I very much want Zope 2.9 to use Zope 3's security architecture.
> Zope 3's security architecture is far more robust, but it is different
> in some significant ways:
(snip)

Will this all be "under the hood"?
i.e. will Products have to be rewritten for 2.9?

i.e. will I still write:

security.declareProtected(SomePermission, 'foo')
def foo(self):
...

> I see 2 main challenges:
> 
> - supporting implicit acquisition
> 
> - Backward incompatibilities:
> 
>   o No support for key-based access control

Don't know what that is.

-- 

Paul Winkler
http://www.slinkp.com
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] Can't import objects in Zope 2.8a2

2005-04-06 Thread Sidnei da Silva
On Wed, Apr 06, 2005 at 05:55:18PM +0200, Jens Vagelpohl wrote:
| >svn proplist -v utilities lib/python
| 
| Well, I was trying to *avoid* making a checkout to see that detail, 
| that's all...

svn proplist -v svn://svn.zope.org/repos/main/Zope/trunk/utilities

Properties on 'svn://svn.zope.org/repos/main/Zope/trunk/utilities':
  svn:externals : ZODBTools
  svn://svn.zope.org/repos/main/ZODB/tags/3.4.0a2/src/scripts

-- 
Sidnei da Silva <[EMAIL PROTECTED]>
http://awkly.org - dreamcatching :: making your dreams come true
http://www.enfoldsystems.com
http://plone.org/about/team#dreamcatcher

<[EMAIL PROTECTED]> Why?
 because C++ is an excellent language for doing slow and late projects 
in. :)
<[EMAIL PROTECTED]> dash:  at least it's good for something. :)
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] I want Zope 2.9 to use Zope 3's security architecture.

2005-04-06 Thread Jim Fulton
Paul Winkler wrote:
On Wed, Apr 06, 2005 at 08:33:39AM -0400, Jim Fulton wrote:
I very much want Zope 2.9 to use Zope 3's security architecture.
Zope 3's security architecture is far more robust, but it is different
in some significant ways:
(snip)
Will this all be "under the hood"?
i.e. will Products have to be rewritten for 2.9?
I don't know.  I expect that most products would not
have to be rewritten.  I expect that *some* proucts
would.  (e.g. products that depend on key-based access
control.)
i.e. will I still write:
security.declareProtected(SomePermission, 'foo')
def foo(self):
...
That will work, and I don't see a need to deprecate it.
Eventually, though, I expect products to migrate to
ZCML-based security declarations.
...
 o No support for key-based access control

Don't know what that is.
It was/is possible to control access to mapping items
based on item values (e.g. key values).
Jim
--
Jim Fulton   mailto:[EMAIL PROTECTED]   Python Powered!
CTO  (540) 361-1714http://www.python.org
Zope Corporation http://www.zope.com   http://www.zope.org
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] I want Zope 2.9 to use Zope 3's security architecture.

2005-04-06 Thread Paul Winkler
On Wed, Apr 06, 2005 at 12:49:19PM -0400, Jim Fulton wrote:
> >> o No support for key-based access control
> >
> >
> >Don't know what that is.
> 
> It was/is possible to control access to mapping items
> based on item values (e.g. key values).

OK... I've never used this AFAIK.
Anybody know if it's a widely used feature?

-- 

Paul Winkler
http://www.slinkp.com
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] I want Zope 2.9 to use Zope 3's security architecture.

2005-04-06 Thread Sidnei da Silva
On Wed, Apr 06, 2005 at 12:49:19PM -0400, Jim Fulton wrote:
| >i.e. will I still write:
| >
| >security.declareProtected(SomePermission, 'foo')
| >def foo(self):
| >...
| 
| That will work, and I don't see a need to deprecate it.
| Eventually, though, I expect products to migrate to
| ZCML-based security declarations.

BTW, Five already allows ZCML-based security declarations, to the
extent supported by Zope 2. You can't protect assigning to instance
attributes by a permission until we move to Zope 3 security
implementation.

| It was/is possible to control access to mapping items
| based on item values (e.g. key values).

Is this related in any way to having a dictionary or callable in
__allow_access_to_unprotected_subobjects__?

I ask because we just started abusing this one *wink*.

-- 
Sidnei da Silva <[EMAIL PROTECTED]>
http://awkly.org - dreamcatching :: making your dreams come true
http://www.enfoldsystems.com
http://plone.org/about/team#dreamcatcher

 we are the knights who say INT! SHORT! and 
UNSINNNED LONGG!
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] Five within Zope 2.8 - really cool !

2005-04-06 Thread Martijn Faassen
Andreas Jung wrote:
I just would like to thank everyone working on the Five integration
with Zope 2.8. It's really easy and fun to work with views, view
classes, adapters and interfaces in a Zope 2 environment. I've always
tried to get around Zope 3 somehow but now I am at the point where I
am really convinced and healed :-) It was a good decision to ship
Five now instead in Zope 2.9 or so. I am sure Five will make Z2
application design a lot more  straight forward and
cleaner...thanks...great work.
Thanks on behalf of the Five developers and integrators! That's very 
nice to hear, especially coming from you!

Regards,
Martijn
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] Zope 2.7.6 release schedule

2005-04-06 Thread Andreas Jung
The schedule for the next Zope release is a follows:
2.7.6 b1: April 13th
2.7.6 RC1: April 20th
2.7.6 final: April 27th
Although 2.7.5 had been relased lately, yesterdays hotfix and another bug 
justify a new release this month.

Andreas


pgplUhIIumTkV.pgp
Description: PGP signature
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] I want Zope 2.9 to use Zope 3's security architecture.

2005-04-06 Thread Dieter Maurer
Jim Fulton wrote at 2005-4-6 08:33 -0400:
>
>I very much want Zope 2.9 to use Zope 3's security architecture.
>Zope 3's security architecture is far more robust, but it is different
>in some significant ways:

Even small modifications to the security machinery tend to 
end up in lots of problems.

The latest prominent example: the changes introduced with
Zope 2.7.3: It took two releases (until 2.7.5) and
more than 6 months (at least in my memory) before everything
worked again as it should...

Hopefully, such a major change will not require 4, 5, 6
minor releases and years for stabilazation...

-- 
Dieter
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] I want Zope 2.9 to use Zope 3's security architecture.

2005-04-06 Thread Jim Fulton
Sidnei da Silva wrote:
...
Is this related in any way to having a dictionary or callable in
__allow_access_to_unprotected_subobjects__?
I ask because we just started abusing this one *wink*.
I believe so. I don't remember the details.
Jim
--
Jim Fulton   mailto:[EMAIL PROTECTED]   Python Powered!
CTO  (540) 361-1714http://www.python.org
Zope Corporation http://www.zope.com   http://www.zope.org
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] I want Zope 2.9 to use Zope 3's security architecture.

2005-04-06 Thread Jim Fulton
Dieter Maurer wrote:
Jim Fulton wrote at 2005-4-6 08:33 -0400:
I very much want Zope 2.9 to use Zope 3's security architecture.
Zope 3's security architecture is far more robust, but it is different
in some significant ways:

Even small modifications to the security machinery tend to 
end up in lots of problems.

The latest prominent example: the changes introduced with
Zope 2.7.3: It took two releases (until 2.7.5) and
more than 6 months (at least in my memory) before everything
worked again as it should...
Hopefully, such a major change will not require 4, 5, 6
minor releases and years for stabilazation...
Hopefully not.  It depends on whether people choose to
test their application during the beta cycle or during
the release cycle.
This will be a *big* change.  Possibly, this will be
bigger than the change from 2.7 to 2.8.  I do think it
will provide significant benefits that justify the pain.
Of course, when we try it, we may find it is too painful
and we'll have to reconsider.
Jim
--
Jim Fulton   mailto:[EMAIL PROTECTED]   Python Powered!
CTO  (540) 361-1714http://www.python.org
Zope Corporation http://www.zope.com   http://www.zope.org
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


[Zope-dev] SiteRoot and VHM

2005-04-06 Thread Florent Guillaume
After spending an hour helping someone debug a site that had an hidden 
SiteRoot somewhere that prevented a virtual host monster from working, 
it was suggested to me that if there's a virtual host monster, it 
should take precedence (and deactivates) any further SiteRoot. I think 
it's a good idea.

Should I create a patch ?
Florent
--
Florent Guillaume, Nuxeo (Paris, France)   CTO, Director of R&D
+33 1 40 33 71 59   http://nuxeo.com   [EMAIL PROTECTED]
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] I want Zope 2.9 to use Zope 3's security architecture.

2005-04-06 Thread Richard Jones
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Thu, 7 Apr 2005 02:49 am, Jim Fulton wrote:
> Paul Winkler wrote:
> > i.e. will I still write:
> >
> > security.declareProtected(SomePermission, 'foo')
> > def foo(self):
> > ...
>
> That will work, and I don't see a need to deprecate it.
> Eventually, though, I expect products to migrate to
> ZCML-based security declarations.

Is this a general trend for Zope 2? I'd rather see Zope 2 kinda avoid ZCML if 
possible. It's just one of those personal preference things, I suppose, but I 
know I'm not the only one who isn't that enamored of the ZCML approach. I 
actually like having the declarations all in the python code like it is in 
Zope 2.

I'd like to see the declarative style that Zope 2 move to using decorators. I 
was sitting in a presentation at PyCon talking about MetaClasses, and I 
finally *got* them. I realised that the security declarations in Zope 2 are a 
perfect fit for metaclasses and decorators. If only I had the time to 
actually implement this dream ;)

Note that this all comes from the perspective of someone whose only exposure 
to Zope 3 has been through two sprints. I've not actually tried to develop 
any sort of application using it. My day job is very firmly fixed in Zope 2, 
and isn't likely to change for a long time. So I'm definitely speaking from 
ignorance of real-world application development in Zope 3.


 Richard
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFCVIIirGisBEHG6TARAowSAKCGSgaIkZeLJfg1NFlnzKdhOZDa3QCePu30
f5MPM1sUwbBEVykehbyNH7o=
=v736
-END PGP SIGNATURE-
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists -
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] I want Zope 2.9 to use Zope 3's security architecture.

2005-04-06 Thread Andreas Jung

--On Mittwoch, 6. April 2005 21:59 Uhr +0200 Dieter Maurer 
<[EMAIL PROTECTED]> wrote:

Jim Fulton wrote at 2005-4-6 08:33 -0400:
I very much want Zope 2.9 to use Zope 3's security architecture.
Zope 3's security architecture is far more robust, but it is different
in some significant ways:
Even small modifications to the security machinery tend to
end up in lots of problems.
The latest prominent example: the changes introduced with
Zope 2.7.3: It took two releases (until 2.7.5) and
more than 6 months (at least in my memory) before everything
worked again as it should...
I don't know exactly to which changes do you refer. Either little
people that this problem or people did not use these releases or
people did not test enough or people did not contribute enough
to fix this bug in time *wink*.
-aj

pgpU4uTM9RZcM.pgp
Description: PGP signature
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] SiteRoot and VHM

2005-04-06 Thread Jens Vagelpohl
On Apr 7, 2005, at 1:45, Florent Guillaume wrote:
After spending an hour helping someone debug a site that had an hidden 
SiteRoot somewhere that prevented a virtual host monster from working, 
it was suggested to me that if there's a virtual host monster, it 
should take precedence (and deactivates) any further SiteRoot. I think 
it's a good idea.
Wouldn't that fall under "Unexpected new behavior"? VHMs have always 
been "inert" objects that don't do anything unless you specifically use 
the Mappings tab or you hand them magic URL path elements. That was 
their beauty as opposed to the "dangerous" SiteRoot. Now you propose 
adding magic. Magic is BAD, IMHO.

-0 on the trunk, but -1 for any maintenance branch.
jens
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )


Re: [Zope-dev] I want Zope 2.9 to use Zope 3's security architecture.

2005-04-06 Thread Jens Vagelpohl
On Apr 7, 2005, at 6:50, Andreas Jung wrote:
Even small modifications to the security machinery tend to
end up in lots of problems.
The latest prominent example: the changes introduced with
Zope 2.7.3: It took two releases (until 2.7.5) and
more than 6 months (at least in my memory) before everything
worked again as it should...
I don't know exactly to which changes do you refer. Either little
people that this problem or people did not use these releases or
people did not test enough or people did not contribute enough
to fix this bug in time *wink*.
This is probably in reference to some overeager security checks that 
caused login boxes in unexpected places. Jim and Tres fixed that for 
2.7.5. I thought that problem was older than 2.7.3, though.

jens
___
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )