This is a simple project example. I'm trying to wrap an object generated on the fly and publish methods from it. However, as I'm doing it, I get an HTTP authentication challenge, and it does not recognize any usernames, including the superuser, so I always have to click "cancel" which gives me a "you are not allowed to access index_html in this context" in this case. The main module is included below, and I've put a tar file of the product here: http://manage.narya.net/Anansi/Download/PBTest.030728.tgz To test it: * Add a "My Container" object ("folderish"). * Inside the "My Container" object, create a python script called "test_html", with the following contents: """ return context.get_obj("Green").index_html """ * Access the URL of the test_html script. What should happen is that the server should return text saying "Test version of index_html for Green object." But what I actually get is a challenge popup, which I can't satisfy with any valid usernames on the server, and thus I get the message: """ Error Type: Unauthorized Error Value: You are not allowed to access index_html in this context """ Obviously, there's something incomplete about the PB_Object instance, but I can't figure out what it might be. Source of PBTest.py: ---snip------------------------------------------ # Test returning PB transitory object from a folder-like object. # This is a technique I want to use in Narya, but it's running into # permissions problems. """ Test PB return object publishing. """ # Probably don't need all of these imports -- this is taken from Home.py # Python Standard Library: import string # Zope: import Acquisition from Globals import DTMLFile from OFS.Folder import Folder from OFS.Traversable import Traversable from Globals import Persistent from OFS.SimpleItem import SimpleItem from AccessControl.DTML import DTMLSecurityAPI SecurityGetUser = DTMLSecurityAPI.SecurityGetUser from AccessControl import ClassSecurityInfo import AccessControl from Interface import Base, Attribute class MyContainer(Folder): """ The container object will contain Zope objects, but also some objects generated on the fly. """ meta_type = "My Container" security = ClassSecurityInfo() security.setDefaultAccess("allow") security.declarePublic("get_obj") def get_obj(self, name, REQUEST=None, RESPONSE=None): """ Get an object by name. Probably to be replaced by __getattr__? """ if hasattr(self, name): return getattr(self, name) elif name in ("Red", "Green", "Blue"): return PB_Object(name).__of__(self) manage_addMyContainerForm = DTMLFile('MyContainerForm', globals()) def manage_addMyContainer(self, id, title='', REQUEST=None): """ Add a new MyContainer folder. """ ob=MyContainer(id, title=title) ob.id=str(id) ob.title=title self._setObject(id, ob) ob=self._getOb(id) if REQUEST is not None: return self.manage_main(self, REQUEST, update_menu=1) class PB_Object(Acquisition.Implicit): """ The object to be generated on the fly. """ meta_type = "PB Object" security = ClassSecurityInfo() security.setDefaultAccess("allow") def __init__(self, pb_name): self.pb_name = pb_name self.id = pb_name self.title = pb_name security.declarePublic("index_html") def index_html(self, REQUEST=None, RESPONSE=None): """Silly docstring for index_html""" return "Test version of index_html for %s object." % self.pn_name security.declarePublic("getId") def getId(self): """ Apparently required but undocumented interface for Zope traversal. #$(&#*!!!! """ return self.id ---snip---------------------------------------------------- I'd really like to understand what's going on here, so any help will be much appreciated. Cheers, Terry -- Terry Hancock ( hancock at anansispaceworks.com ) Anansi Spaceworks http://www.anansispaceworks.com
You're declaring security, but do you initialize the class to use it? Put: -------- Globals.InitializeClass(MyContainer) -------- after your class definition, at the same level. Does that do the trick? HTH, Dylan PS - You'll probably want to look into __bobo_traverse__() instead of __getattr__() when it comes time to move beyond get_obj() On Mon, 2003-07-28 at 14:28, Terry Hancock wrote:
This is a simple project example. I'm trying to wrap an object generated on the fly and publish methods from it. However, as I'm doing it, I get an HTTP authentication challenge, and it does not recognize any usernames, including the superuser, so I always have to click "cancel" which gives me a "you are not allowed to access index_html in this context" in this case.
The main module is included below, and I've put a tar file of the product here: http://manage.narya.net/Anansi/Download/PBTest.030728.tgz
To test it:
* Add a "My Container" object ("folderish"). * Inside the "My Container" object, create a python script called "test_html", with the following contents: """ return context.get_obj("Green").index_html """ * Access the URL of the test_html script.
What should happen is that the server should return text saying "Test version of index_html for Green object."
But what I actually get is a challenge popup, which I can't satisfy with any valid usernames on the server, and thus I get the message: """ Error Type: Unauthorized Error Value: You are not allowed to access index_html in this context """
Obviously, there's something incomplete about the PB_Object instance, but I can't figure out what it might be.
Source of PBTest.py: ---snip------------------------------------------ # Test returning PB transitory object from a folder-like object. # This is a technique I want to use in Narya, but it's running into # permissions problems. """ Test PB return object publishing. """
# Probably don't need all of these imports -- this is taken from Home.py
# Python Standard Library: import string
# Zope: import Acquisition from Globals import DTMLFile from OFS.Folder import Folder from OFS.Traversable import Traversable from Globals import Persistent from OFS.SimpleItem import SimpleItem from AccessControl.DTML import DTMLSecurityAPI SecurityGetUser = DTMLSecurityAPI.SecurityGetUser from AccessControl import ClassSecurityInfo import AccessControl
from Interface import Base, Attribute
class MyContainer(Folder): """ The container object will contain Zope objects, but also some objects generated on the fly. """ meta_type = "My Container"
security = ClassSecurityInfo() security.setDefaultAccess("allow")
security.declarePublic("get_obj") def get_obj(self, name, REQUEST=None, RESPONSE=None): """ Get an object by name. Probably to be replaced by __getattr__? """ if hasattr(self, name): return getattr(self, name) elif name in ("Red", "Green", "Blue"): return PB_Object(name).__of__(self)
manage_addMyContainerForm = DTMLFile('MyContainerForm', globals())
def manage_addMyContainer(self, id, title='', REQUEST=None): """ Add a new MyContainer folder. """ ob=MyContainer(id, title=title) ob.id=str(id) ob.title=title self._setObject(id, ob) ob=self._getOb(id)
if REQUEST is not None: return self.manage_main(self, REQUEST, update_menu=1)
class PB_Object(Acquisition.Implicit): """ The object to be generated on the fly. """ meta_type = "PB Object"
security = ClassSecurityInfo() security.setDefaultAccess("allow")
def __init__(self, pb_name): self.pb_name = pb_name self.id = pb_name self.title = pb_name
security.declarePublic("index_html") def index_html(self, REQUEST=None, RESPONSE=None): """Silly docstring for index_html""" return "Test version of index_html for %s object." % self.pn_name
security.declarePublic("getId") def getId(self): """ Apparently required but undocumented interface for Zope traversal. #$(&#*!!!! """ return self.id ---snip----------------------------------------------------
I'd really like to understand what's going on here, so any help will be much appreciated.
Cheers, Terry
-- Terry Hancock ( hancock at anansispaceworks.com ) Anansi Spaceworks http://www.anansispaceworks.com
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
On Monday 28 July 2003 02:41 pm, Dylan Reinhardt wrote:
Globals.InitializeClass(MyContainer)
Hey, that works! Thanks. When you said this, I was pretty sure I had already tried that on the "real" product. But putting it into this test case made it work, so I have a good place to start. I actually used this on both the MyContainer and the PB_Object test, which I'm assuming is necessary. Anyway, thanks! That was really stumping me. Terry -- Terry Hancock ( hancock at anansispaceworks.com ) Anansi Spaceworks http://www.anansispaceworks.com
participants (2)
-
Dylan Reinhardt -
Terry Hancock