Re: [Zope] Zope security and packing the database

Tue, 11 Oct 2005 17:43:18 -0700

I have created a script based on zope_pack from the Zope book which allows a username and password to be specified when it is called. I wish to create a user specifically for this purpose that only has the ability to pack the ZODB. 

What permission is ZODB packing protected by?



I don't know. That's part of the problem. I can't see any permissions that 
allow or disallow this.



granted the backup role all available permissions. But the user can't 
login to http://mydomain.com/Control_Panel/Database/main/manage_workspace


I don't know what zope_pack looks like, can you show us?

vi zope_pack
#!/usr/bin/python
import sys, urllib
host = sys.argv[1]
days = sys.argv[2]
user = sys.argv[3]
pwd  = sys.argv[4]

class MyUrlOpener(urllib.FancyURLopener):
       def prompt_user_passwd(self, host, realm):
               return (user,pwd)
       def __init__(self, *args):
               self.version = "Zope Packer"
               urllib.FancyURLopener.__init__(self, *args)

def main():
       urllib._urlopener = MyUrlOpener()
       url = "%s/Control_Panel/Database/manage_pack?days:float=%s" % \
               (host, days)
       try:
               f = urllib.urlopen(url).read()
       except IOError:
               print "Cannot open URL %s, aborting" % url
       print "Successfully packed ZODB on host %s" % host
if __name__ == '__main__':
       main()


What error message do you get?


If I use a user that has the Owner role it works correctly.


If I use the backup user then urllib can't get the url due to no 
authentication so errors as follows:

 File "/usr/lib/python2.4/urllib.py", line 180, in open
   return getattr(self, name)(url)
 File "/usr/lib/python2.4/urllib.py", line 305, in open_http
   return self.http_error(url, fp, errcode, errmsg, headers)
 File "/usr/lib/python2.4/urllib.py", line 318, in http_error
   result = method(url, fp, errcode, errmsg, headers)
 File "/usr/lib/python2.4/urllib.py", line 615, in http_error_401
   return getattr(self,name)(url, realm)
 File "/usr/lib/python2.4/urllib.py", line 628, in retry_http_basic_auth
   return self.open(newurl)


Any tracebacks?


Nothing appears in the log.



PS: I wouldn't do zodb packing by whacking a url. There's a script that 
scripts with ZOpe now that opens up a ZEO connection and does the pack 
that way, that's what I'd do...



I don't use ZEO - can I just do the scripted packing bit without all the 
associated ZEO setup?


Regards


Cameron 


_______________________________________________
Zope maillist  -  Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **

(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope-dev )






















					Reply via email to