Re: Zope Digest, Vol 10, Issue 2

2 May 2004

      unsubscribe

zope-request@zope.org wrote:Send Zope mailing list submissions to
zope@zope.org

To subscribe or unsubscribe via the World Wide Web, visit
http://mail.zope.org/mailman/listinfo/zope
or, via email, send a message with subject or body 'help' to
zope-request@zope.org

You can reach the person managing the list at
zope-owner@zope.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Zope digest..."

Today's Topics:

1. Re: Module security assertions fail (Dieter Maurer)
2. Re: Module security assertions fail (Josef Albert Meile)
3. Adding zope object-references to content on file system?
(Alan Ezust)
4. Re: Adding zope object-references to content on file system?
(Paul Winkler)
5. Symantec AVF detected a repairable/quarantined virus in a
message you sent (Marty Bauer)
6. Re: Module security assertions fail (Matt Hamilton)
7. Z MySQL database adapter (Aaron)
8. Re: Z MySQL database adapter (robert rottermann)
9. VIRUS IN YOUR MAIL (postmaster@rproxy2.ccu.edu.tw)
10. Re: Module security assertions fail (Josef Meile)
11. Re: Module security assertions fail (Stefan H. Holek)
12. Re: Module security assertions fail (Josef Meile)

----------------------------------------------------------------------

Message: 1
Date: Sat, 1 May 2004 20:46:27 +0200
From: Dieter Maurer 
Subject: Re: [Zope] Module security assertions fail
To: "Josef Albert Meile" 
Cc: zope@zope.org
Message-ID: <16531.61571.935309.346645@gargle.gargle.HOWL>
Content-Type: text/plain; charset=us-ascii

Josef Albert Meile wrote at 2004-5-1 17:31 +0200:
...
...
I have two packages "TranslationUtils" and "JMZPTMacros", which I want to 
use from a zope product. I have implemented the module and class security 
assertions as indicated on the Zope Developer's Gide, but I got always an 
Unauthorized error (see the traceback attached at the bottom of this 
message).
....
----->Begin of MyInstanceHome/Products/JMUtils/TranslationUtils.py
from AccessControl import ModuleSecurityInfo
security=ModuleSecurityInfo()
security.declarePublic('checkTranslationService')
...
Module Products.PageTemplates.Expressions, line 340, in restrictedTraverse
- __traceback_info__: {'path': ['Products', 'JMUtils', 
'TranslationUtils'], 'TraversalRequestNameStack': []}
Unauthorized: You are not allowed to access 'TranslationUtils' in this 
context
"ModuleSecurityInfo" is really convoluted and difficult to grasp.

Try to replace:

security=ModuleSecurityInfo()
security.declarePublic('checkTranslationService')

by:

security=ModuleSecurityInfo('Products.JMUtils.TranslationUtils')
security.declarePublic('checkTranslationService')

If necessary, also add 

ModuleSecurityInfo('Products').declarePublic('JMUtils')
ModuleSecurityInfo('Products.JMUtils').declarePublic('TranslationUtils')

Ensure that "TranslationUtils" is imported by your "__init__".
Otherwise, security declaration defined inside "TranslationUtils.py"
are not executed and therefore do not take effect.

-- 
Dieter

------------------------------

Message: 2
Date: Sat, 01 May 2004 22:09:01 +0200
From: "Josef Albert Meile" 
Subject: Re: [Zope] Module security assertions fail
To: dieter@handshake.de
Cc: zope@zope.org
Message-ID: 
Content-Type: text/plain; format=flowed
...
"ModuleSecurityInfo" is really convoluted and difficult to grasp.
Try to replace:
security=ModuleSecurityInfo()
security.declarePublic('checkTranslationService')
by:
security=ModuleSecurityInfo('Products.JMUtils.TranslationUtils')
security.declarePublic('checkTranslationService')
If necessary, also add
ModuleSecurityInfo('Products').declarePublic('JMUtils')
ModuleSecurityInfo('Products.JMUtils').declarePublic('TranslationUtils')
Ensure that "TranslationUtils" is imported by your "__init__".
Otherwise, security declaration defined inside "TranslationUtils.py"
are not executed and therefore do not take effect.
Hi Dieter,
Thanks for your reply. Finally I got working. I did everything what you 
said, but it didn't work either. So, I just replace:

modules/Products/JMUtils/TranslationUtils;">
Something comes here

by its python equivalent:

python:modules['Products.JMUtils.TranslationUtils'];">
Something comes here

and guess what, it worked. I find this behaviour wird because according to 
the Zope book both statements should do the same. I will try to do a small 
test file and submit it again here, so, we can see either it's my error or a 
bug on zope.

Regards,
Josef

_________________________________________________________________
STOP MORE SPAM with the new MSN 8 and get 2 months FREE* 
http://join.msn.com/?page=features/junkmail

------------------------------

Message: 3
Date: Sat, 1 May 2004 18:21:01 -0400
From: Alan Ezust 
Subject: [Zope] Adding zope object-references to content on file
system?
To: zope@zope.org
Message-ID: <200405011821.01092.zope@oddiofile.com>
Content-Type: text/plain; charset="us-ascii"

Hello everyone - I'm a zope newbie, teaching myself python at the same time.

I have a batch of docbook files and I generate a couple of hundred HTML files 
(processed a couple of steps through XSL transformations). It's 400+ pages, 
so importing/exporting will probably take quite a long time. I thought it 
would make sense to continue transforming the doc on the local file system 
and add a link to the file location from the Zope control center.

If I import the files, then I will have to remove and re-import the files each 
time I rebuild the document, which seems excessive... And I would need a 
command-line interface to do that anyway, because it makes no sense to add 
each file individually.

Is it possible to give zope server knowledge of trees of HTML on the local 
file system? How do I do that? Or is there a better way?

What other approaches are there to integrating large docbook documents inside 
Zope applications? I suspect it's not a good idea to store the XML source and 
dynamically generate docbook for each page, but I haven't tried that yet. 

-- 
Alan Ezust 
ottawa, canada

------------------------------

Message: 4
Date: Sat, 1 May 2004 18:58:39 -0400
From: Paul Winkler 

Subject: Re: [Zope] Adding zope object-references to content on file
system?
To: zope@zope.org
Message-ID: <20040501225839.GA4567@slinkp.com>
Content-Type: text/plain; charset=us-ascii

On Sat, May 01, 2004 at 06:21:01PM -0400, Alan Ezust wrote:
...
Is it possible to give zope server knowledge of trees of HTML on the local 
file system? How do I do that? Or is there a better way?
There are a couple ways.
Filesystem Directory View ships with CMF but can be used independently.
It gives a read-only view in Zope.
LocalFS gives read-write access. Best version I know of can
be found here http://www.easyleading.org/Downloads/
If that gives you access denied (due to Andreas' blocking of
several very large ISPs due to spam relaying), 
you can try the tarball here:
http://cvs.easyleading.org/browse/LocalFS/

-- 

Paul Winkler
http://www.slinkp.com

------------------------------

Message: 5
Date: Sat, 1 May 2004 23:37:03 -0700 
From: Marty Bauer 
Subject: [Zope] Symantec AVF detected a repairable/quarantined virus
in a message you sent
To: zope@zope.org
Message-ID: <025a01c4300f$e1802190$1f0014ac@ent.gric.com>
Content-Type: text/plain; charset="utf-8"

Subject of the message: RE: Protected message
Recipient of the message: virii

------------------------------

Message: 6
Date: Sun, 02 May 2004 12:12:36 +0100
From: Matt Hamilton 
Subject: Re: [Zope] Module security assertions fail
To: zope@zope.org
Message-ID: <4094D7A4.5030102@netsight.co.uk>
Content-Type: text/plain; charset=us-ascii; format=flowed

Josef Albert Meile wrote:
...
Thanks for your reply. Finally I got working. I did everything what you 
said, but it didn't work either. So, I just replace:
...
modules/Products/JMUtils/TranslationUtils;">
Something comes here
by its python equivalent:
...
python:modules['Products.JMUtils.TranslationUtils'];">
Something comes here
and guess what, it worked. I find this behaviour wird because according 
to the Zope book both statements should do the same. I will try to do a
Josef,
I think the first case (TALES syntax) actually tries to *call* the 
modules TranslationUtils, whereas the latter (python syntax) doesn't -- 
it just references it. I think if you add a 'nocall' statement to the 
first case it will do what you want e.g.:

  nocall:modules/Products/JMUtils/TranslationUtils;">
Something comes here

Regards,
Matt

-- 
Matt Hamilton matth@netsight.co.uk
Netsight Internet Solutions, Ltd. Business Vision on the Internet
http://www.netsight.co.uk +44 (0)117 9090901
Web Design | Zope/Plone Development & Consulting | Co-location | Hosting

------------------------------

Message: 7
Date: Sun, 02 May 2004 14:16:08 -0400
From: Aaron 
Subject: [Zope] Z MySQL database adapter
To: zope@zope.org
Message-ID: <1083521768.3858.5.camel@theone>
Content-Type: text/plain

HI
I am new to Zope and have been trying to set up a connection from Zope
to my Mysql datatbase.

Z MySQL database adapter asks that I have the _mysql extension
installed. But I can't seem to get it to happen for me.

I don't have root permissions on the webhost. Is there anyway for me to
install _mysql?

Thanks
Aaron

------------------------------

Message: 8
Date: Sun, 02 May 2004 13:30:24 +0200
From: robert rottermann 
Subject: Re: [Zope] Z MySQL database adapter
To: Aaron 
Cc: zope@zope.org
Message-ID: <4094DBD0.1010600@redcor.ch>
Content-Type: text/plain; charset=us-ascii; format=flowed

Aaron wrote:
...
HI
I am new to Zope and have been trying to set up a connection from Zope
to my Mysql datatbase.
Z MySQL database adapter asks that I have the _mysql extension
installed. But I can't seem to get it to happen for me.
I don't have root permissions on the webhost. Is there anyway for me to
install _mysql?
Thanks
Aaron
_______________________________________________
Zope maillist - Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists - 
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
MySQLdb must be installed into the same python that is ued by your zope.
So if you have installed Zope yourselb you should be able to install 
MuSQLdb as well.
Otherwise you must ask the admin to do so.

Robert

------------------------------

Message: 9
Date: Sun, 2 May 2004 19:57:23 +0800 (CST)
From: postmaster@rproxy2.ccu.edu.tw
Subject: [Zope] VIRUS IN YOUR MAIL
To: zope@zope.org
Message-ID: <200405021157.i42BvNrh034735@rproxy2.ccu.edu.tw>

V I R U S A L E R T

Our viruschecker found the

W32/Netsky.p@MM

virus(es) in your email to the following recipient(s):

-> u9142060@ccu.edu.tw

Please check your system for viruses, or ask your system administrator
to do so.

For your reference, here are the headers from your email:

------------------------- BEGIN HEADERS -----------------------------
Return-Path: 
Received: from ccu.edu.tw (adsl-220-228-66-180.NH.sparqnet.net [220.228.66.180] (may be forged))
by rproxy2.ccu.edu.tw (8.12.11/8.12.11av) with ESMTP id i42Bv3xw034653
for ; Sun, 2 May 2004 19:57:05 +0800 (CST)
(envelope-from zope@zope.org)
From: zope@zope.org
Message-Id: <200405021157.i42Bv3xw034653@rproxy2.ccu.edu.tw>
To: u9142060@ccu.edu.tw
Subject: Mail Delivery (failure u9142060@ccu.edu.tw)
Date: Sun, 2 May 2004 19:57:14 +0800
MIME-Version: 1.0
Content-Type: multipart/related;
type="multipart/alternative";
boundary="----=_NextPart_000_001B_01C0CA80.6B015D10"
X-Priority: 3
X-MSMail-Priority: Normal
-------------------------- END HEADERS ------------------------------

------------------------------

Message: 10
Date: Sun, 02 May 2004 17:37:51 +0200
From: Josef Meile 
Subject: [Zope] Re: Module security assertions fail
To: zope@zope.org
Message-ID: <409515CF.4030103@hotmail.com>
Content-Type: text/plain; charset=us-ascii; format=flowed

Hi Matt,

thanks for your reply. I think what you said sounds convincent, but:
...
I think the first case (TALES syntax) actually tries to *call* the
modules TranslationUtils, whereas the latter (python syntax) doesn't
-- 
it just references it. I think if you add a 'nocall' statement to the
first case it will do what you want e.g.:
...
nocall:modules/Products/JMUtils/TranslationUtils;">
Something comes here
This must be said on the zope book as well. On section python modules:
http://zope.org/Documentation/Books/ZopeBook/2_6Edition/AdvZPT.stx

You see that they import the module string as mstring then use the join
method. They don't use the nocall statement, so I think with an own
module should be the same. However, I read a little bit before this 
section and saw what you mean. I tried to do it as well and it didn't 
work either. The same Unauthorized exception was raised.

Here is a small test case I did:

---->$Home_Instance/Products/FooContainer/FooPackage.py:

from AccessControl import ModuleSecurityInfo

#This three lines where suggested by Dieder.
#I tried different versions and I got the same results
security=ModuleSecurityInfo('Products.FooContainer.FooPackage')
ModuleSecurityInfo('Products').declarePublic('FooContainer')
ModuleSecurityInfo('Products.FooContainer').declarePublic('FooPackage')

security.declarePublic('foo')
def foo():
"""This is only a test"""
return "Just a test function"

security.apply(globals())

---->$Home_Instance/Products/FooContainer/__init__.py

__doc__='''FooPackage'''
__version__='0.1'

#Here I'm importing the module, so that the security
#declarations are excecuted (Suggested by Dieter)
from Products.FooContainer import FooPackage

---->$Home_Instance/Products/FooProduct/FooProduct.py

__doc__="""FooProduct module."""
__version__='0.1'

from Globals import InitializeClass
from Products.PageTemplates.PageTemplateFile import PageTemplateFile
from AccessControl import ClassSecurityInfo
from OFS.SimpleItem import SimpleItem

manage_addFooProductForm=PageTemplateFile('zpt/FooProduct_Add',globals())
manage_addFooProductForm._owner=None

def manage_addFooProduct(self,id,title='',REQUEST=None,submit=None):
"""Invoques the __init__ method of the FooProduct class"""

fooProductObj=FooProduct(id,title)
self._setObject(id,fooProductObj)
return 'Object created'

class FooProduct(SimpleItem):
"""FooProduct class definition"""

security=ClassSecurityInfo()
meta_type='FooProduct'

#manage_options=SimpleItem.manage_options

def __init__(self,id,title=''):
"""Contructor method to initialize the class properties"""
self.id=id
self.title=title

InitializeClass(FooProduct)

---->$Home_Instance/Products/FooProduct/__init__.py

__doc__="""FooProduct initialization module."""
__version__='0.1'

from FooProduct import FooProduct, manage_addFooProductForm, 
manage_addFooProduct
from Products.FooContainer import FooPackage

def initialize(context):
try:
context.registerClass(FooProduct,
constructors=(
manage_addFooProductForm,
manage_addFooProduct,
),
icon='images/icon.gif',
)
except:
from sys import exc_info, stderr
from traceback import format_exception
from string import join

type,val,tb=exc_info()
stderr.write(join(format_exception(type, val, tb),''))

del type,val,tb

---->$Home_Instance/Products/FooProduct/zpt/FooProduct_Add.zpt

Default Header

python:here.manage_form_title(here,request,
                                                 form_title='Add 
FooProduct')" 
tal:replace="structure pageTitleScript">Add myClass

nocall:modules/Products/FooContainer/FooPackage;
                    fooVar python:FooPackage.foo()" 
tal:replace="fooVar">Using FooPackage

Optional fields are written in italic

tal:define="formAction python:'manage_addFooProduct'"
tal:attributes="action formAction">

Id

 [input] 

Title

 [input] 

 [input] value=" Add ">

Default Footer

---->End

If somebody gets it working with the tales sintax:
nocall:modules/Products/FooContainer/FooPackage;
                    fooVar python:FooPackage.foo()" 
tal:replace="fooVar">Using FooPackage

and not with the python one:

python:modules['Products.FooContainer.FooPackage'];
               fooVar python:FooPackage.foo()" 
tal:replace="fooVar">Using FooPackage

Just let me know. Otherwise, I'd think it's a bug and will reported it 
to the collector. One thing to remmember: If you try it with the python
sintax and revert the changes on the zpt template without restarting 
zope, it will work. So, you will have to restart zope for each test.

Regards,
Josef Meile

------------------------------

Message: 11
Date: Sun, 2 May 2004 15:51:48 +0200
From: "Stefan H. Holek" 
Subject: Re: [Zope] Module security assertions fail
To: "Josef Albert Meile" 
Cc: zope@zope.org
Message-ID: 
Content-Type: text/plain; charset=US-ASCII; format=flowed

These two statements are NOT the same. 'modules' is a dictionary and 
you want to access the key 'Products.JMUtils.TranslationUtils' of this 
dictionary.

The first statement has no way of figuring that out, I think.

Stefan

On Samstag, Mai 1, 2004, at 22:09 Europe/Vienna, Josef Albert Meile 
wrote:
...
Thanks for your reply. Finally I got working. I did everything what 
you said, but it didn't work either. So, I just replace:
...
modules/Products/JMUtils/TranslationUtils;">
Something comes here
by its python equivalent:
...
python:modules['Products.JMUtils.TranslationUtils'];">
Something comes here
and guess what, it worked. I find this behaviour wird because 
according to the Zope book both statements should do the same. I will 
try to do a small test file and submit it again here, so, we can see 
either it's my error or a bug on zope.
--
The time has come to start talking about whether the emperor is as well
dressed as we are supposed to think he is. /Pete McBreen/
------------------------------

Message: 12
Date: Sun, 2 May 2004 16:38:35 +0200
From: "Josef Meile" 
Subject: Re: [Zope] Module security assertions fail
To: "Stefan H. Holek" 
Cc: zope@zope.org
Message-ID: <000401c43053$25f77650$da278481@sepp>

=== message truncated ===

---------------------------------
Do you Yahoo!?
Win a $20,000 Career Makeover at Yahoo! HotJobs

Jim Miller

tags

participants (1)