Acquisition? Did I just lose my Zen?
And I thougt I had it covered.... I have the following structure: / index_html (checks a cookie, gives a frameset or a redirect to /noframes/home (frameset loads /home)) home (content) standard_html_header (together define my page standard_html_footer layout) frames/ <- Framesets standard_html_header (define a frameset that standard_html_footer loads the same URL minus index_html the /frames prefix) nav (navigational frame) noframes/ <- No framesets standard_html_header (define a layout with standard_html_footer navigation in a table) index_html All objects are either Folders or DTML Methods. So far so good, this works like charm. With acquisition, the home document can be viewed with and without a frameset. See for yourself at: http://mj.antraciet.nl/ But then I make another Folder, lets say Personal, and define a index_html in that Folder: Personal/ index_html Calling http://mj.antraciet.nl/Personal/ works fine, but when I call http://mj.antraciet.nl/frames/Personal/ the same layout appears as the previous URL. De standard_html_header and -_footer from the root are being used, not the ones in the frames/ Folder! The same goes for noframes/. Now either I have to rethink my Zope Zen, or something is very wrong here. -- Martijn Pieters, Web Developer | Antraciet http://www.antraciet.nl | Tel: +31-35-7502100 Fax: +31-35-7502111 | mailto:mj@antraciet.nl http://www.antraciet.nl/~mj | PGP: http://wwwkeys.nl.pgp.net:11371/pks/lookup?op=get&search=0xA8A32149 ------------------------------------------
Martijn Pieters wrote:
And I thougt I had it covered....
I have the following structure:
/ index_html (checks a cookie, gives a frameset or a redirect to /noframes/home (frameset loads /home)) home (content) standard_html_header (together define my page standard_html_footer layout)
frames/ <- Framesets standard_html_header (define a frameset that standard_html_footer loads the same URL minus index_html the /frames prefix) nav (navigational frame)
noframes/ <- No framesets standard_html_header (define a layout with standard_html_footer navigation in a table) index_html
All objects are either Folders or DTML Methods. So far so good, this works like charm. With acquisition, the home document can be viewed with and without a frameset. See for yourself at:
But then I make another Folder, lets say Personal, and define a index_html in that Folder:
Personal/ index_html
Calling http://mj.antraciet.nl/Personal/ works fine, but when I call http://mj.antraciet.nl/frames/Personal/ the same layout appears as the previous URL. De standard_html_header and -_footer from the root are being used, not the ones in the frames/ Folder! The same goes for noframes/.
Now either I have to rethink my Zope Zen, or something is very wrong here.
You need to rethink your Zope Zen. :) Here's the explanation. When you acquire an object, the acquired object gets the context of the aquirer *and* the context it was acquired from, with the source context taking precedence over the destination context. In the example above, 'Personal' acquires from the top-level folder first, and then from the 'frames' folder. Lets walk through why this is so. Suppose in Python, we have a variable 'app' that is the top-level folder. The expression: app.Personal Gets 'Personal' in the context of 'app'. app.frames Gets 'frames' in the context if 'app'. So far so good. Now consider: app.frames.Personal 'Personal' is acquired from 'app'. We have to get 'app.Personal', and then use it in the context of 'app.frames'. This results in: (Personal of app) of (frames of app) When searching for an attribute, we always search the innermost contexts first. In this example, we search 'Personal of app' before we search 'frames of app'. Jim -- Jim Fulton mailto:jim@digicool.com Technical Director (888) 344-4332 Python Powered! Digital Creations http://www.digicool.com http://www.python.org Under US Code Title 47, Sec.227(b)(1)(C), Sec.227(a)(2)(B) This email address may not be added to any commercial mail list with out my permission. Violation of my privacy with advertising or SPAM will result in a suit for a MINIMUM of $500 damages/incident, $1500 for repeats.
At 14:25 21/09/99 , Jim Fulton wrote:
You need to rethink your Zope Zen. :) Here's the explanation.
When you acquire an object, the acquired object gets the context of the aquirer *and* the context it was acquired from, with the source context taking precedence over the destination context. In the example above, 'Personal' acquires from the top-level folder first, and then from the 'frames' folder.
Lets walk through why this is so. Suppose in Python, we have a variable 'app' that is the top-level folder.
The expression:
app.Personal
Gets 'Personal' in the context of 'app'.
app.frames
Gets 'frames' in the context if 'app'. So far so good.
Now consider:
app.frames.Personal
'Personal' is acquired from 'app'. We have to get 'app.Personal', and then use it in the context of 'app.frames'. This results in:
(Personal of app) of (frames of app)
When searching for an attribute, we always search the innermost contexts first. In this example, we search 'Personal of app' before we search 'frames of app'.
Bother. I was afraid that this was the case. This way, you can never override the default standard_html_header and -_footer for subfolders of the site. This is actually the first time I ran into this in 7 months of Zope use =/ So, before I go rack my brains on this, how do I accomplish what I want to do here... -- Martijn Pieters, Web Developer | Antraciet http://www.antraciet.nl | Tel: +31-35-7502100 Fax: +31-35-7502111 | mailto:mj@antraciet.nl http://www.antraciet.nl/~mj | PGP: http://wwwkeys.nl.pgp.net:11371/pks/lookup?op=get&search=0xA8A32149 ------------------------------------------
On Tue, Sep 21, 1999 at 12:25:10PM +0000, Jim Fulton wrote:
When you acquire an object, the acquired object gets the context of the aquirer *and* the context it was acquired from, with the source ^^ context taking precedence over the destination context. In the example above, 'Personal' acquires from the top-level folder first, and then from the 'frames' folder.
That started off as a useful tidbit... then we got to the pronoun without a referent. "It". Which it? Cheers, -- jra -- Jay R. Ashworth jra@baylink.com Member of the Technical Staff Buy copies of The New Hackers Dictionary. The Suncoast Freenet Give them to all your friends. Tampa Bay, Florida http://www.ccil.org/jargon/ +1 813 790 7592
-----Original Message----- From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of Martijn Pieters Sent: Tuesday, September 21, 1999 1:54 PM To: zope@zope.org Subject: [Zope] Acquisition? Did I just lose my Zen?
And I thougt I had it covered....
I have the following structure:
/ index_html (checks a cookie, gives a frameset or a redirect to /noframes/home (frameset loads /home)) home (content) standard_html_header (together define my page standard_html_footer layout)
frames/ <- Framesets standard_html_header (define a frameset that standard_html_footer loads the same URL minus index_html the /frames prefix) nav (navigational frame)
noframes/ <- No framesets standard_html_header (define a layout with standard_html_footer navigation in a table) index_html
All objects are either Folders or DTML Methods. So far so good, this works like charm. With acquisition, the home document can be viewed with and without a frameset. See for yourself at:
But then I make another Folder, lets say Personal, and define a index_html in that Folder:
Personal/ index_html
Calling http://mj.antraciet.nl/Personal/ works fine, but when I call http://mj.antraciet.nl/frames/Personal/ the same layout appears as the previous URL. De standard_html_header and -_footer from the root are being used, not the ones in the frames/ Folder! The same goes for noframes/.
Now either I have to rethink my Zope Zen, or something is very wrong here.
Ah, so I was not mistaken! I have had this problem sometimes now, but could not quite reproduce it when I needed to (I changed it in deep frustration). Another example: I have a folder / index_html login/ index_html userfolder/ user1 somethingelse/ stillsomethingelse/ Now calling a url like somethingelse/stillsomethingelse/login/ gives the index_html from login, as it should. But if I set security in the userfolder under login to a role associated with user1, acquisition will not work as (I) expected. User1 will authenticate against a straight url login/, but it will not against somethingelse/stillsomethingelse/login/. User1 _will_ authenticate if he is in a userfolder in / Does this mean that acquisition does not (always) work between objects that are on a same level (if this means something in the ZODB)? Rik
Rik Hoekstra wrote:
(snip)
I have a folder
/
index_html
login/ index_html
userfolder/ user1
somethingelse/ stillsomethingelse/
Now calling a url like somethingelse/stillsomethingelse/login/ gives the index_html from login, as it should. But if I set security in the userfolder under login to a role associated with user1, acquisition will not work as (I) expected. User1 will authenticate against a straight url login/, but it will not against somethingelse/stillsomethingelse/login/. User1 _will_ authenticate if he is in a userfolder in /
This is a function of the Zope security model. A user is not allowed to access a protected resource outside of the containment hierarchy where there user is defined.
Does this mean that acquisition does not (always) work between objects that are on a same level
This is a feature of the security model, no acquisition.
(if this means something in the ZODB)?
Acquisition and ZODB are entirely independent. Jim -- Jim Fulton mailto:jim@digicool.com Technical Director (888) 344-4332 Python Powered! Digital Creations http://www.digicool.com http://www.python.org Under US Code Title 47, Sec.227(b)(1)(C), Sec.227(a)(2)(B) This email address may not be added to any commercial mail list with out my permission. Violation of my privacy with advertising or SPAM will result in a suit for a MINIMUM of $500 damages/incident, $1500 for repeats.
On Tue, Sep 21, 1999 at 12:30:59PM +0000, Jim Fulton wrote:
This is a function of the Zope security model. A user is not allowed to access a protected resource outside of the containment hierarchy where there user is defined.
Does this mean that acquisition does not (always) work between objects that are on a same level
This is a feature of the security model, no acquisition.
So, from the security model's point of view, sibling folder aquisition is not the True aquisition? ;-) This doesn't answer Martijn's question, though, about overriding the root standard_header and standard_footer, overcoming the order-of-aquisition problem. Any clever ideas out there? Ross -- Ross J. Reedstrom, Ph.D., <reedstrm@rice.edu> NSBRI Research Scientist/Programmer Computer and Information Technology Institute Rice University, 6100 S. Main St., Houston, TX 77005
At 19:25 21-9-99 , Ross J. Reedstrom wrote:
This doesn't answer Martijn's question, though, about overriding the root standard_header and standard_footer, overcoming the order-of-aquisition problem. Any clever ideas out there?
I have a few ideas, just haven't had the time to work them out yet. I have a deadline on a paper on Thursday, and an important exhibition tomorrow. Basically I do this: 1. Only one standard_html_header and -_footer, that include context_header and -_footer. 2. frames and noframes standard_html_header and -_footer renamed to context_header and -_footer. 3. A third folder (lets name it content) that has the old root folder standard_html_header and -_footer copied to context_header and -_footer. 4. Hack standard_error_message to look out for a AttributeError on context_header. If it occurs, a direct URL to content (without a /frames, /noframes or /content prefix) was called, so we redirect with a prepended /frames or /noframes (depending on the cookie). Now a frameset uses the same URL, but with /content prepended. So: /frames/home gives you a frameset with in the content frame the page /content/home. The no-frames version has the URL /noframes/home -- Martijn Pieters, Web Developer | Antraciet http://www.antraciet.nl | T: +31 35 7502100 F: +31 35 7502111 | mj@antraciet.nl http://www.antraciet.nl/~mj | PGP: http://wwwkeys.nl.pgp.net:11371/pks/lookup?op=get&search=0xA8A32149 ---------------------------------------------
Date sent: Tue, 21 Sep 1999 21:04:48 +0200 To: "Ross J. Reedstrom" <reedstrm@wallace.ece.rice.edu>, zope@zope.org From: Martijn Pieters <mj@antraciet.nl> Subject: Re: [Zope] Security and containment (was Re: [Zope] Acquisition? Did I just lose my Zen?) Zen?)
At 19:25 21-9-99 , Ross J. Reedstrom wrote:
This doesn't answer Martijn's question, though, about overriding the root standard_header and standard_footer, overcoming the order-of-aquisition problem. Any clever ideas out there?
I have a few ideas, just haven't had the time to work them out yet. I have a deadline on a paper on Thursday, and an important exhibition tomorrow.
Basically I do this: 1. Only one standard_html_header and -_footer, that include context_header and -_footer. 2. frames and noframes standard_html_header and -_footer renamed to context_header and -_footer. 3. A third folder (lets name it content) that has the old root folder standard_html_header and -_footer copied to context_header and -_footer. 4. Hack standard_error_message to look out for a AttributeError on context_header. If it occurs, a direct URL to content (without a /frames, /noframes or /content prefix) was called, so we redirect with a prepended /frames or /noframes (depending on the cookie).
Now a frameset uses the same URL, but with /content prepended.
So: /frames/home gives you a frameset with in the content frame the page /content/home. The no-frames version has the URL /noframes/home
Martijn, as you point out, there are many solutions (all a bit hackish). Just one more _very_ simple idea, which is at least a solution to some of these problems: changing the order of objects also changes the order of acquisition. I can't quite judge your case, but if you change a URL from frames/Personal to Personal/frames the result may well be something different. Just simplifying Rik
At 09:38 23/09/99 , Rik Hoekstra wrote:
Martijn,
as you point out, there are many solutions (all a bit hackish). Just one more _very_ simple idea, which is at least a solution to some of these problems: changing the order of objects also changes the order of acquisition. I can't quite judge your case, but if you change a URL from frames/Personal to Personal/frames the result may well be something different.
Just simplifying
Rik
Tried it already =). Problem is, I have an index_html method in /frames. And I do want to acquire the right index_html. But, as already said, I have plans, just no time. -- Martijn Pieters, Web Developer | Antraciet http://www.antraciet.nl | Tel: +31-35-7502100 Fax: +31-35-7502111 | mailto:mj@antraciet.nl http://www.antraciet.nl/~mj | PGP: http://wwwkeys.nl.pgp.net:11371/pks/lookup?op=get&search=0xA8A32149 ------------------------------------------
participants (6)
-
Jay R. Ashworth -
Jim Fulton -
Martijn Pieters -
Rik Hoekstra -
Rik Hoekstra -
Ross J. Reedstrom