RE: [Zope-CMF] mysqlUserFolder and CMF
Hello Shane, I have it working as suggested and it picks all the members I had added using the mysqlUserFolder interface, now I have to integrate this into the CMF registration and log in form. The _addUser method, is this something I have to create or can I use the existing docNewUser form provided with mysqlUserFolder? Can you expand on this. Many thanks Norman -----Original Message----- From: shane@shane.digicool.com [mailto:shane@shane.digicool.com]On Behalf Of Shane Hathaway Sent: Monday, April 23, 2001 5:21 PM To: Norman Khine Subject: Re: [Zope-CMF] mysqlUserFolder and CMF Norman Khine wrote:
Hello,
Has anyone implemented mysqlUserFolder with CMF? I am asking because I
would
like to use CMF with an existing MySQL database schema for authentication, but am finding it difficult to link the two methods / or merge the two.
From what I understand -- in my case NOT A LOT ;^( -- one can use mysqlUserFolder to authenticate and store the values/ data of the user in a MySQL database. This being the case am I right to assume that I can use my existing UserRegistration which writes to the database, form to add new users that will get registered in the CMF.
How do I alter the current acl_users folder so that it uses the acl_users (MySQL User Folder), or is there a better way to do this.
Try deleting the current acl_users and replacing it with a mysqlUserFolder. Authentication should work. The new user registration process should work if mysqlUserFolder has an "_addUser" method. Shane
On Tue, 24 Apr 2001, Norman Khine wrote:
I have it working as suggested and it picks all the members I had added using the mysqlUserFolder interface, now I have to integrate this into the CMF registration and log in form.
Again, the log in form is probably working already.
The _addUser method, is this something I have to create or can I use the existing docNewUser form provided with mysqlUserFolder? Can you expand on this.
I'm afraid I have no experience with mysqlUserFolder so you'll have to consult its documentation. There is a good chance it has an _addUser method already. Shane
Hello Shane, Yes, the log-in form works without any problems, it creates the Session and builds the logs. I will look at the documentation and see how to integrate the registration into the CMF. Can you tell me though is there a particular reason as to the pro's & con's of using either existing acl_users or any other flavours of Login Managers. The reason why I am using the mysqlUserFolder is to integrated with the existing application and also because I did not want to clutter the ZODB with demographic user data. What I am getting at will I loose any performence if using one method or the other? I know you said you don't have any experience of using mysqlUserFolder, but maybe from a perspective of OO to RDBMS authentication. Also are there any methods which I can use to analyse the Log files from the CMF if they are any? If so where can I find them. Or is there a way in which I can query the Members folder, so that I can for example get total number of Members, their e-mails etc etc? Thanks Norman ========================================= "Eternity is Time Time, eternity To see the two as opposite Is Man's Perversity" The Book of Angelus Silesius -----Original Message----- From: Shane Hathaway [mailto:shane@digicool.com] Sent: Tuesday, April 24, 2001 1:38 PM To: Norman Khine Cc: Zope Mailing List Subject: RE: [Zope-CMF] mysqlUserFolder and CMF On Tue, 24 Apr 2001, Norman Khine wrote:
I have it working as suggested and it picks all the members I had added using the mysqlUserFolder interface, now I have to integrate this into the CMF registration and log in form.
Again, the log in form is probably working already.
The _addUser method, is this something I have to create or can I use the existing docNewUser form provided with mysqlUserFolder? Can you expand on this.
I'm afraid I have no experience with mysqlUserFolder so you'll have to consult its documentation. There is a good chance it has an _addUser method already. Shane
On Tue, 24 Apr 2001, Norman Khine wrote:
Can you tell me though is there a particular reason as to the pro's & con's of using either existing acl_users or any other flavours of Login Managers.
The reason why I am using the mysqlUserFolder is to integrated with the existing application and also because I did not want to clutter the ZODB with demographic user data. What I am getting at will I loose any performence if using one method or the other? I know you said you don't have any experience of using mysqlUserFolder, but maybe from a perspective of OO to RDBMS authentication.
Assuming mysqlUserFolder caches the authentication tokens (and it very likely does), there should be only a minor performance drop when using an RDBMS. The ZODB has built-in caching that reduces the time it takes to access authentication tokens to something on the order of nanoseconds :-) while SQL authentication without caching can easily take up to 100 ms per request, which would be noticeable.
Also are there any methods which I can use to analyse the Log files from the CMF if they are any? If so where can I find them. Or is there a way in which I can query the Members folder, so that I can for example get total number of Members, their e-mails etc etc?
You could analyze the HTTP log, Z2.log. To query the members folder use a Python script like: return len(container.Members.objectIds()) For email properties look at what the "roster" method does. Shane
You are too good I was just looking at these tools. Can I confirm then that if I go down the route of mySQLUserFolder all I will be concern with in ensuring it is complient with the CMF to be the portal_registration part of the application lloking at the Portal Object schema http://www.zope.org/Products/PTK/UML/PTKBase/Portal_Objects_Diag.html and I suppose I'll need to look at the portal_membership www.zope.org/Products/PTK/UML/PTKBase/portal_membership_Info.html objects and merge it with the mysqlUserFolder Well thatnks for your help, I have taken enough of your time. If this work I will sit down and write a How-to ;^) Regards Norman -----Original Message----- From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of Shane Hathaway Sent: Tuesday, April 24, 2001 3:58 PM To: Norman Khine Cc: Zope Mailing List Subject: [Zope] RE: [Zope-CMF] mysqlUserFolder and CMF On Tue, 24 Apr 2001, Norman Khine wrote:
Can you tell me though is there a particular reason as to the pro's & con's of using either existing acl_users or any other flavours of Login Managers.
The reason why I am using the mysqlUserFolder is to integrated with the existing application and also because I did not want to clutter the ZODB with demographic user data. What I am getting at will I loose any performence if using one method or the other? I know you said you don't have any experience of using mysqlUserFolder, but maybe from a perspective of OO to RDBMS authentication.
Assuming mysqlUserFolder caches the authentication tokens (and it very likely does), there should be only a minor performance drop when using an RDBMS. The ZODB has built-in caching that reduces the time it takes to access authentication tokens to something on the order of nanoseconds :-) while SQL authentication without caching can easily take up to 100 ms per request, which would be noticeable.
Also are there any methods which I can use to analyse the Log files from the CMF if they are any? If so where can I find them. Or is there a way in which I can query the Members folder, so that I can for example get total number of Members, their e-mails etc etc?
You could analyze the HTTP log, Z2.log. To query the members folder use a Python script like: return len(container.Members.objectIds()) For email properties look at what the "roster" method does. Shane _______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
On Tue, 24 Apr 2001, Norman Khine wrote:
You are too good I was just looking at these tools.
Can I confirm then that if I go down the route of mySQLUserFolder all I will be concern with in ensuring it is complient with the CMF to be the portal_registration part of the application lloking at the Portal Object schema http://www.zope.org/Products/PTK/UML/PTKBase/Portal_Objects_Diag.html
CookieCrumbler takes care of the gory details, so I think all you need to be concerned with is modifying portal_membership so that people can add themselves to the SQL database and the extra properties can be stored there as well. (portal_registration probably won't need any changes.)
and I suppose I'll need to look at the portal_membership www.zope.org/Products/PTK/UML/PTKBase/portal_membership_Info.html objects and merge it with the mysqlUserFolder
Well thatnks for your help, I have taken enough of your time. If this work I will sit down and write a How-to ;^)
Excellent! Shane
-----Original Message----- From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of Shane Hathaway Sent: Tuesday, April 24, 2001 3:58 PM To: Norman Khine Cc: Zope Mailing List Subject: [Zope] RE: [Zope-CMF] mysqlUserFolder and CMF
On Tue, 24 Apr 2001, Norman Khine wrote:
Can you tell me though is there a particular reason as to the pro's & con's of using either existing acl_users or any other flavours of Login Managers.
The reason why I am using the mysqlUserFolder is to integrated with the existing application and also because I did not want to clutter the ZODB with demographic user data. What I am getting at will I loose any performence if using one method or the other? I know you said you don't have any experience of using mysqlUserFolder, but maybe from a perspective of OO to RDBMS authentication.
Assuming mysqlUserFolder caches the authentication tokens (and it very likely does), there should be only a minor performance drop when using an RDBMS. The ZODB has built-in caching that reduces the time it takes to access authentication tokens to something on the order of nanoseconds :-) while SQL authentication without caching can easily take up to 100 ms per request, which would be noticeable.
Also are there any methods which I can use to analyse the Log files from the CMF if they are any? If so where can I find them. Or is there a way in which I can query the Members folder, so that I can for example get total number of Members, their e-mails etc etc?
You could analyze the HTTP log, Z2.log. To query the members folder use a Python script like:
return len(container.Members.objectIds())
For email properties look at what the "roster" method does.
Shane
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Hello Shane, Well finally I managed to hack the code so that I can use mysqlUserFolder to (1) Authenticate users from MySQL db and (2) Register New Users. But being new to programming in general and especially python, I'll like your advice and any suggestions on the following, in order to ensure my work is correct and that is being done in the most efficient manner. What I did then was: (1) Created a new folder into which I set up a CMF Site using ALL the default options ie create a new user folder. (2) Changed the create_table.sql and added the following lines to it: ============================================================================ ============================== INSERT into Roles values ('', 'Manager', '*'); INSERT into Roles values ('', 'Anonymous', '*'); INSERT into Roles values ('', 'Member', '*'); INSERT into Users values ('', 'User', 'User Name', 'Password', '', '*', 'user@btinternet.com'); INSERT into UserRoles values ('1', '1'); ============================================================================ =============================== Lines 1,2, & 3 create the initial Roles Line 5 creates the Manager Account and Line 7 links user with the role for more details see the README text (2) I removed the newly created User Folder and replaced it with the MySQL User Folder -- as discussed previously. This in turn created a new acl_users folder containing in the contents tab 6 files. (3) From this I cut ALL the files that begin with doc* ie docLogin, docNewUser and docUserPage (4) In the portal_skins folder, custom I pasted the above selection. (5) Then from the generic folder I had to edit the join_form and replaced the whole contents with the following code: ============================================================================ ==== <dtml-var standard_html_header> <div class="Desktop"> <h1>Become a member</h1> <dtml-var docNewUser> <dtml-var standard_html_footer> ============================================================================ == (6) Having got couple of errors when trying to add a new record, this being: (a) Error Type: Forbidden Error Value: Get lost you stupid boy. You are not authorized to access this document. Traceback (innermost last): File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/Publish.py, line 223, in publish_module File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/Publish.py, line 187, in publish File /usr/home/khine/usr/local/Zope/lib/python/Zope/__init__.py, line 221, in zpublisher_exception_hook (Object: RoleManager) File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/Publish.py, line 171, in publish File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/mapply.py, line 160, in mapply (Object: actCreateUser) File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/Publish.py, line 112, in call_object (Object: actCreateUser) File /usr/home/khine/usr/local/Zope/lib/python/OFS/DTMLDocument.py, line 189, in __call__ (Object: actCreateUser) File /usr/home/khine/usr/local/Zope/lib/python/DocumentTemplate/DT_String.py, line 538, in __call__ (Object: actCreateUser) File /usr/home/khine/usr/local/Zope/lib/python/DocumentTemplate/DT_Let.py, line 146, in render (Object: ok="user_create (REQUEST, username, realname, email, password1)") File /usr/home/khine/usr/local/Zope/lib/python/DocumentTemplate/DT_Util.py, line 334, in eval (Object: user_create (REQUEST, username, realname, email, password1)) (Info: username) File <string>, line 0, in ? File /usr/home/khine/usr/local/Zope/lib/python/Products/mysqlUserFolder/mysqlUser Folder.py, line 885, in user_create (Object: RoleManager) Forbidden: (see above) So to resolve this I looked at the mysqlUserFolder.py, and right at the bottom we have the following code ---------------------------------------------------------------------------- ------------------------------------------------- user_create__roles__ = None def user_create (Self, REQUEST, username, realname, email, password): """ Anonymous creation """ if not Self.anon_create_ok: raise 'Forbidden', \ "Get lost you stupid boy. You are not authorized to access this document." roles = [Self.anon_create_role] ok = Self.create_user (username, password, roles, realname, email) return ok Globals.default__class_init__ (mysqlUserFolder) ---------------------------------------------------------------------------- ------------------------------------------------- So what I did was to remove the following 3 lines ---------------------------------------------------------------------------- ------------------------------------------------ # if not Self.anon_create_ok: # raise 'Forbidden', \ # "Get lost you stupid boy. You are not authorized to access this document." ============================================================================ =============================================== or just hash it. (b) Then I got the following error which is as follows: (Please note I had to restart the server everytime I made any changes to any of the code) Error Type: Unknown role: Select Id from Roles where Rolename = %s and Realm = %s Error Value: None Traceback (innermost last): File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/Publish.py, line 223, in publish_module File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/Publish.py, line 187, in publish File /usr/home/khine/usr/local/Zope/lib/python/Zope/__init__.py, line 221, in zpublisher_exception_hook (Object: RoleManager) File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/Publish.py, line 171, in publish File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/mapply.py, line 160, in mapply (Object: actCreateUser) File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/Publish.py, line 112, in call_object (Object: actCreateUser) File /usr/home/khine/usr/local/Zope/lib/python/OFS/DTMLDocument.py, line 189, in __call__ (Object: actCreateUser) File /usr/home/khine/usr/local/Zope/lib/python/DocumentTemplate/DT_String.py, line 538, in __call__ (Object: actCreateUser) File /usr/home/khine/usr/local/Zope/lib/python/DocumentTemplate/DT_Let.py, line 146, in render (Object: ok="user_create (REQUEST, username, realname, email, password1)") File /usr/home/khine/usr/local/Zope/lib/python/DocumentTemplate/DT_Util.py, line 334, in eval (Object: user_create (REQUEST, username, realname, email, password1)) (Info: username) File <string>, line 0, in ? File /usr/home/khine/usr/local/Zope/lib/python/Products/mysqlUserFolder/mysqlUser Folder.py, line 890, in user_create (Object: RoleManager) File /usr/home/khine/usr/local/Zope/lib/python/Products/mysqlUserFolder/mysqlUser Folder.py, line 563, in create_user (Object: RoleManager) File /usr/home/khine/usr/local/Zope/lib/python/Products/mysqlUserFolder/vdb.py, line 99, in create_user File /usr/home/khine/usr/local/Zope/lib/python/Products/mysqlUserFolder/db.py, line 331, in create_user Unknown role: Select Id from Roles where Rolename = %s and Realm = %s: (see above) **************************************************************************** ******************************************* But the strange is that the user is being created on the database, but without any priviviliges, the only priviliges that this user has is if you go to your ZMI and then to the acl_user folder and then you will see the user you just created as: User page for test22. Username: test22 Userroles: mysqlRole Anonymous So to overcome this error looking at the traceback I altered the db.py file and hardcoded a new user in the following lines, which used to be: ============================================================================ ====================== # ----- Find roles query = 'Select Id_Role from UserRoles where Id_User = %s' role_ids = Self.__query_list_field (query, (id, )) roles = ["mysqlRole", cfg.ZOPE_ANONYMOUS_ROLE] ============================================================================ ========================= To **************************************************************************** ************************ # ----- Find roles query = 'Select Id_Role from UserRoles where Id_User = %s' role_ids = Self.__query_list_field (query, (id, )) roles = ["mysqlRole", cfg.ZOPE_ANONYMOUS_ROLE, "Members"] **************************************************************************** ************************* The outcome of this is that the form creates the user and assigns the Member Role, and although I still get the same error Error Type: Unknown role: Select Id from Roles where Rolename = %s and Realm = %s Error Value: None The application creates the user with Member priviliges. ** This is something which I need to look and see the mechanics of it of how to suppress it, and suggestions are welcomed. This is the first milestone, NEXT I'll need to check that ALL other forms such as change password function correctly. Thanks for staying thus far and ALL your comments BAD or GOOD are most welcomed ;^) Norman -----Original Message----- From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of Shane Hathaway Sent: Tuesday, April 24, 2001 4:32 PM To: Norman Khine Cc: Zope Mailing List Subject: RE: [Zope] RE: [Zope-CMF] mysqlUserFolder and CMF On Tue, 24 Apr 2001, Norman Khine wrote:
You are too good I was just looking at these tools.
Can I confirm then that if I go down the route of mySQLUserFolder all I will be concern with in ensuring it is complient with the CMF to be the portal_registration part of the application lloking at the Portal Object schema http://www.zope.org/Products/PTK/UML/PTKBase/Portal_Objects_Diag.html
CookieCrumbler takes care of the gory details, so I think all you need to be concerned with is modifying portal_membership so that people can add themselves to the SQL database and the extra properties can be stored there as well. (portal_registration probably won't need any changes.)
and I suppose I'll need to look at the portal_membership www.zope.org/Products/PTK/UML/PTKBase/portal_membership_Info.html objects and merge it with the mysqlUserFolder
Well thatnks for your help, I have taken enough of your time. If this work I will sit down and write a How-to ;^)
Excellent! Shane
-----Original Message----- From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of Shane Hathaway Sent: Tuesday, April 24, 2001 3:58 PM To: Norman Khine Cc: Zope Mailing List Subject: [Zope] RE: [Zope-CMF] mysqlUserFolder and CMF
On Tue, 24 Apr 2001, Norman Khine wrote:
Can you tell me though is there a particular reason as to the pro's & con's of using either existing acl_users or any other flavours of Login Managers.
The reason why I am using the mysqlUserFolder is to integrated with the existing application and also because I did not want to clutter the ZODB with demographic user data. What I am getting at will I loose any performence if using one method or the other? I know you said you don't have any experience of using mysqlUserFolder, but maybe from a perspective of OO to RDBMS authentication.
Assuming mysqlUserFolder caches the authentication tokens (and it very likely does), there should be only a minor performance drop when using an RDBMS. The ZODB has built-in caching that reduces the time it takes to access authentication tokens to something on the order of nanoseconds :-) while SQL authentication without caching can easily take up to 100 ms per request, which would be noticeable.
Also are there any methods which I can use to analyse the Log files from the CMF if they are any? If so where can I find them. Or is there a way in which I can query the Members folder, so that I can for example get total
number
of Members, their e-mails etc etc?
You could analyze the HTTP log, Z2.log. To query the members folder use a Python script like:
return len(container.Members.objectIds())
For email properties look at what the "roster" method does.
Shane
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Sorry, I accidentally pressed send :-)
(6) Having got couple of errors when trying to add a new record, this being:
(a) Error Type: Forbidden Error Value: Get lost you stupid boy. You are not authorized to access this document.
user_create__roles__ = None def user_create (Self, REQUEST, username, realname, email, password): """ Anonymous creation """
There are two functions for creating new users: manage_users_create () and create_user (). First one is used from management screens, and it requires role 'Manager'. Second one is used for users that that create their accounts over internet. Anonymous can call it, but when you create mysqlUserFolder instance you have to allow anonymous user creation (if statement checks that).
(b) Then I got the following error which is as follows: (Please note I had to restart the server everytime I made any changes to any of the code)
Error Type: Unknown role: Select Id from Roles where Rolename = %s and Realm = %s Error Value: None
When creating new user using user_create (), mysqlUserFolder will automatically assign him role that is specified when mysqlUserFolder is created. You probably left that field empty, so that's why you get the error. You don't need to change the code, just put 'Members' as anonymous creation role. Vladimir
participants (4)
-
Norman Khine -
Norman Khine -
Shane Hathaway -
Vladimir Petrovic