On Wed, 24 May 2000 13:38:55 -0400 (CLT) you wrote:
Hi Zopistas,
after upgrading Zope (in a debian/Linux system) from 2.1.4 to 2.1.6 the acquisition rules seems to be broken.
As an example supose we have this tree structure
---|- aviso |- foo |- bar |- X_sql (sql method)
X_sql is a sql method with to parameters: objeto, aviso
here is the template:
INSERT INTO linea_publicacion (publicacion,aviso) VALUES (&dtml-objeto;,&dtml-aviso;)
when zope renders this template to execute the sql, it renders
INSERT INTO linea_publicacion (publicacion,aviso) VALUES (3,<Folder instance at 8580aa0>)
so it replaces aviso with the folder instance aviso.
Apart of discarding the explicit parameter "aviso", the aviso folder is not parent of bar so it shoudn't acquire it.
So, who can explain me this??
is that a bug in Zope 2.1.6 ?? Zope 2.1.4 works fine.
Yes. ZSQL methods attempt to acquire values _before_ using the ones you supply directly. It's been discussed on the list earlier this month, as I found out when I stumbled upon it on Monday. Lots of things in 2.1.6 are worth keeping, however, so I patched it. Just as soon as I have the time I'll post a formal patch just as soon as I have time, but here's a quick rundown: In lib/python/Shared/DC/ZRDB/Aquaduct.py you should see something like this: class BaseQuery(Persistent, SimpleItem.Item, Acquisition.Implicit, RoleManager): def query_year(self): return self.query_date.year() def query_month(self): return self.query_date.month() def query_day(self): return self.query_date.day() query_date=DateTime.now() manage_options=() def quoted_input(self): return quotedHTML(self.input_src) def quoted_report(self): return quotedHTML(self.report_src) MissingArgumentError='Bad Request' def _convert(self): self._arg=parse(self.arguments_src) def _argdata(self, REQUEST): r=ArgWrapper() Change that last line to: r={} Then, in lib/python/Shared/DC/ZRDB/DA.py, in __call__, look for this: query=apply(self.template, (p, argdata)) And change it to: query=apply(self.template, (p,), argdata) That seemed to fix the problem for me. Brickbats to DC for releasing a security update that breaks functionality this badly, but kudos to them for releasing the code so we can patch around problems. John