Re: [Zope-dev] Trying to understand the nuances of a VerboseSecurityreport ..
Notice that the closing square bracket is not present, and something printed three asterisks. Myeah, 'grep -r "\*\*\*" *' in the Zope 2.5.1 source and instance Products directories doesn't turn up any AttributeError line .. > I don't know what code would do that... perhaps Python 1.5.2? It's running: python2.1 -V Python 2.1.3 [EMAIL PROTECTED] creme.jean-ZopeTestCase-branch $ cat start #! /bin/sh PYTHON=/usr/bin/python2.1 ZOPE_BASE=/usr/local/zope/2-5-1 ZOPE_SECURITY_POLICY=PYTHON reldir=`dirname $0` INSTANCE_HOME=`cd $reldir; pwd` export INSTANCE_HOME ZOPE_SECURITY_POLICY exec $PYTHON $ZOPE_BASE/z2.py \ -D -X -w 17085 -W 17805 \ -u jean >> $INSTANCE_HOME/var/z2.log 2>&1 & -- Jean Jordaan http://www.upfrontsystems.co.za ___ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Trying to understand the nuances of a VerboseSecurityreport ..
Jean Jordaan wrote: Hi Shane, Toby .. Set Tardis for http://mail.zope.org/pipermail/zope-dev/2003-February/018837.html All I can think is that that object 'basic' lacks context for some reason (i.e. lacks an acquisition wrapper?). I can't think why it lacks context .. we use that idiom all over the app, and don't normally get any problems. That's all I can think of also. Try examining basic.aq_chain. It looks like bad interaction with ZUnit: (Pdb) license.propertysheets.basic (Pdb) license.propertysheets.basic.aq_chain [, , , , , , *** AttributeError: testsRun That AttributeError is awfully strange, but it does explain the lack of context. The chain needs to go all the way to the application and request container. Notice that the closing square bracket is not present, and something printed three asterisks. I don't know what code would do that... perhaps Python 1.5.2? Shane ___ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Trying to understand the nuances of a VerboseSecurityreport ..
In case it's relevant, the Folder at the bottom of the aq_chain
for license is a ZUnit temporary folder:
(116)doRemindersForLicense()
(Pdb) license.aq_chain
[, ,
, , ***
AttributeError: testsRun
(Pdb) license.aq_chain[3].__dict__
{'title': '', 'id':
'00022_Products.CremeTests.LicenseTests.LicenseTests.testAddFekoDongleLicense',
'__ac_local_roles__': {'jean': ['Owner']}}
The two Specialists are just part of our app:
/Licenses/LicenseDocs
--
Jean Jordaan
http://www.upfrontsystems.co.za
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Trying to understand the nuances of a VerboseSecurityreport ..
Hi Shane, Toby ..
Set Tardis for
http://mail.zope.org/pipermail/zope-dev/2003-February/018837.html
All I can think is that that object 'basic' lacks context for
some reason (i.e. lacks an acquisition wrapper?). I can't think
why it lacks context .. we use that idiom all over the app, and
don't normally get any problems.
That's all I can think of also. Try examining basic.aq_chain.
It looks like bad interaction with ZUnit:
(Pdb) license.propertysheets.basic
(Pdb) license.propertysheets.basic.aq_chain
[, , , , , , *** AttributeError: testsRun
'testsRun' is an attribute that is set in ZUnit.TestMonitor
I'm poking about in ZUnit now .. benightedly ..
Here is the code context in which the above obtains::
# Create a new reminder and reference it from the License
reminder = container.addInstance(no_redir=1)
import pdb; pdb.set_trace() #DBG We are here. This fails:
license.propertysheets.basic.manage_changeProperties(
{reminder_id_property: reminder.id})
That is in a Script (Python). The 'license' instance was
created in the calling Script (Python), and passed in as parameter.
Calling sequence:
addLicenses (called from a ZUnitExternal test suite) ->
addLicense (creates license instance) ->
doRemindersForLicense(license) (creates reminder instance;
calls license.propertysheets.basic.manage_changeProperties)
Perhaps interestingly, reminder and AUTHENTICATED_USER seem to be
OK, and license and context do not:
(Pdb) reminder.aq_chain
[, ,
, ]
(Pdb) license.aq_chain
[, ,
, , ***
AttributeError: testsRun
(Pdb) context.aq_chain
[, ,
, , ***
AttributeError: testsRun
(Pdb) context.REQUEST.AUTHENTICATED_USER.aq_chain
[jean, , , ]
--
Jean Jordaan
http://www.upfrontsystems.co.za
___
Zope-Dev maillist - [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Trying to understand the nuances of a VerboseSecurityreport ..
Jean Jordaan wrote: All I can think is that that object 'basic' lacks context for some reason (i.e. lacks an acquisition wrapper?). I can't think why it lacks context .. we use that idiom all over the app, and don't normally get any problems. That's all I can think of also. Try examining basic.aq_chain. I'm trying to see if reading VerboseSecurity's source will help, but all I've found so far is a suspect double negation: """ def userHasRolesButNotInContext(user, object, object_roles): '''Returns 1 if the user has any of the listed roles but is not defined in a context which is not an ancestor of object. ''' """ Surely either one of those 'not's should go? Yes. I think the first one should go. Shane ___ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
