Greets; Testing externalFile from collective cvs consistantly gives the following error upon creating an instance, regardless of user that starts the zope process. URL: manage_addExternalFileForm Line 36, Column 5 Expression: standard:'container/gethostname' Names: {'container': <__FactoryDispatcher__ instance at 40f65340>, 'context': <__FactoryDispatcher__ instance at 40f65340>, 'default': <Products.PageTemplates.TALES.Default instance at 0x40b8ae6c>, 'here': <__FactoryDispatcher__ instance at 40f65340>, 'loop': <SafeMapping instance at 40f653e0>, 'modules': <Products.PageTemplates.ZRPythonExpr._SecureModuleImporter instance at 0x40b8fb0c>, 'nothing': None, 'options': {'args': ()}, 'repeat': <SafeMapping instance at 40f653e0>, 'request': <HTTPRequest, URL=http://localhost:8080/manage_addProduct/ExternalFile/create>, 'root': <Application instance at 417e2a10>, 'template': <PageTemplateFile at /manage_addExternalFileForm>, 'traverse_subpath': [], 'user': chris} Module Products.PageTemplates.Expressions, line 201, in __call__ Module Products.PageTemplates.Expressions, line 189, in _eval Module Products.PageTemplates.Expressions, line 145, in _eval __traceback_info__: container Module Products.PageTemplates.Expressions, line 340, in restrictedTraverse __traceback_info__: {'path': ['gethostname'], 'TraversalRequestNameStack': []} Unauthorized: You are not allowed to access 'gethostname' in this context (Also, an error occurred while attempting to render the standard error message.) Any suggestions on how to resolve this? /ch
On Dec 12, 2004, at 3:56, Chris H wrote:
Greets;
Testing externalFile from collective cvs consistantly gives the following error upon creating an instance, regardless of user that starts the zope process.
<snip> Questions about third party add-ons should be directed to the add-on author first. jens
Jens Vagelpohl wrote:
Questions about third party add-ons should be directed to the add-on author first.
Yes I agree, however the contact address provided below comes back as dead. I was working through the plone book and its one of the referenced applications and one that I need to currently to test file system access and import for plone site that I want to build as part of a doc management solution for another gpl project that I participate with as an editor for documentation. Posted to the plone list and to date no response yet. See: http://zope.org/Members/arielpartners/ExternalFile Alternatively, what are the current preferred methods for including file system data. ExtFile is a bit weak in that regard and I am currently trying to track down revision control methods as well that are preferred or recommended with zope/plone. ExternalFile seems to be the precussor for several efforts. So I am kinda stuck..:) Thanks for the advise however.. Regards /ch
Two (late) solutions: 1) If you don't need the batch addition support, just comment out the section of create.pt that calls gethostname and the whole div that supports batch addition. 2) If you're more adventurous, add to __init__.py security declarations to make the needed module functions public. The code will look like: from AccessControl import ModuleSecurityInfo ModuleSecurityInfo('ExternalFile').declarePublic('gethostname') ModuleSecurityInfo('ExternalFile').declarePublic('illegalCharsAsString') ModuleSecurityInfo('ExternalFile').declarePublic('omittedDirNamesAsString') ModuleSecurityInfo('ExternalFile').declarePublic('omittedDirPrefixesAsString') ModuleSecurityInfo('ExternalFile').declarePublic('omittedDirSuffixesAsString') ModuleSecurityInfo('ExternalFile').declarePublic('omittedFileNamesAsString') ModuleSecurityInfo('ExternalFile').declarePublic('omittedFilePrefixesAsString') ModuleSecurityInfo('ExternalFile').declarePublic('omittedFileSuffixesAsString') ModuleSecurityInfo('ExternalFile').apply(globals()) Then, in www/create.pt, add a line like: <tal:work define="global ef modules/Products/ExternalFile" /> change tal:content="container/gethostname" to tal:content="ef/gethostname" and ALL the code like: tal:attributes="value container/illegalCharsAsString" to tal:attributes="value python: ef.illegalCharsAsString(container)" If you don't want to mess with the security declarations, you could also just edit www/create.pt to remove the section that prints the hostname and all the "tal:attributes..." that supply default values in the batch section. Steve BTW, I don't regularly watch this list; so if you'd like my attention in a reply, please CC me. Chris H wrote:
Greets;
Testing externalFile from collective cvs consistantly gives the following error upon creating an instance, regardless of user that starts the zope process.
URL: manage_addExternalFileForm Line 36, Column 5 Expression: standard:'container/gethostname' Names: {'container': <__FactoryDispatcher__ instance at 40f65340>, 'context': <__FactoryDispatcher__ instance at 40f65340>, 'default': <Products.PageTemplates.TALES.Default instance at 0x40b8ae6c>, 'here': <__FactoryDispatcher__ instance at 40f65340>, 'loop': <SafeMapping instance at 40f653e0>, 'modules': <Products.PageTemplates.ZRPythonExpr._SecureModuleImporter instance at 0x40b8fb0c>, 'nothing': None, 'options': {'args': ()}, 'repeat': <SafeMapping instance at 40f653e0>, 'request': <HTTPRequest, URL=http://localhost:8080/manage_addProduct/ExternalFile/create>, 'root': <Application instance at 417e2a10>, 'template': <PageTemplateFile at /manage_addExternalFileForm>, 'traverse_subpath': [], 'user': chris} Module Products.PageTemplates.Expressions, line 201, in __call__ Module Products.PageTemplates.Expressions, line 189, in _eval Module Products.PageTemplates.Expressions, line 145, in _eval __traceback_info__: container Module Products.PageTemplates.Expressions, line 340, in restrictedTraverse __traceback_info__: {'path': ['gethostname'], 'TraversalRequestNameStack': []} Unauthorized: You are not allowed to access 'gethostname' in this context (Also, an error occurred while attempting to render the standard error message.)
Any suggestions on how to resolve this?
/ch
hi all, i had the same problem as the first poster but the solution does not work for me the error comes from this additional line in 'create.pt' <tal:work define="global ef modules/Products/ExternalFile" /> it still produces a 'not authorized' the complete traceback reads as follows - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Site Error An error was encountered while publishing this resource. Unauthorized Sorry, a site error occurred. Traceback (innermost last): Module ZPublisher.Publish, line 175, in publish_module_standard Module ZPublisher.Publish, line 132, in publish Module Zope.App.startup, line 204, in zpublisher_exception_hook Module ZPublisher.Publish, line 101, in publish Module ZPublisher.mapply, line 88, in mapply Module ZPublisher.Publish, line 39, in call_object Module Shared.DC.Scripts.Bindings, line 306, in __call__ Module Shared.DC.Scripts.Bindings, line 343, in _bindAndExec Module Products.PageTemplates.PageTemplateFile, line 106, in _exec Module Products.PageTemplates.PageTemplate, line 96, in pt_render <PageTemplateFile at /WeatherFiles/manage_addExternalFileForm> Module TAL.TALInterpreter, line 190, in __call__ Module TAL.TALInterpreter, line 234, in interpret Module TAL.TALInterpreter, line 464, in do_setGlobal_tal Module Products.PageTemplates.TALES, line 221, in evaluate URL: manage_addExternalFileForm Line 1, Column 0 Expression: standard:'modules/Products/ExternalFile' Names: {'container': <__FactoryDispatcher__ instance at 40a3d740>, 'context': <__FactoryDispatcher__ instance at 40a3d740>, 'default': <Products.PageTemplates.TALES.Default instance at 0x40a237ac>, 'here': <__FactoryDispatcher__ instance at 40a3d740>, 'loop': <SafeMapping instance at 40e7d3e0>, 'modules': <Products.PageTemplates.ZRPythonExpr._SecureModuleImporter instance at 0x40a232ac>, 'nothing': None, 'options': {'args': ()}, 'repeat': <SafeMapping instance at 40e7d3e0>, 'request': <HTTPRequest, URL=http://192.168.11.47:9080/WeatherFiles/ manage_addProduct/ExternalFile/create>, 'root': <Application instance at 40d644d0>, 'template': <PageTemplateFile at /WeatherFiles/manage_addExternalFileForm>, 'traverse_subpath': [], 'user': fs} Module Products.PageTemplates.Expressions, line 201, in __call__ Module Products.PageTemplates.Expressions, line 189, in _eval Module Products.PageTemplates.Expressions, line 145, in _eval __traceback_info__: modules Module Products.PageTemplates.Expressions, line 340, in restrictedTraverse __traceback_info__: {'path': ['Products', 'ExternalFile'], 'TraversalRequestNameStack': []} Unauthorized: You are not allowed to access 'ExternalFile' in this context (Also, an error occurred while attempting to render the standard error message.) - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Zope version: (Zope 2.7.4-0, python 2.3.3, linux2) Python version: 2.3.3 (#3, Mar 11 2004, 00:53:33) [GCC 3.3 20030226 (prerelease) (SuSE Linux)] thx for your help steindl friedrich (-:fs) ====================================================== Am Freitag, 7. Januar 2005 18:23 tippte Steve McMahon:
Two (late) solutions:
1) If you don't need the batch addition support, just comment out the section of create.pt that calls gethostname and the whole div that supports batch addition.
2) If you're more adventurous, add to __init__.py security declarations to make the needed module functions public. The code will look like:
from AccessControl import ModuleSecurityInfo
ModuleSecurityInfo('ExternalFile').declarePublic('gethostname') ModuleSecurityInfo('ExternalFile').declarePublic('illegalCharsAsString') ModuleSecurityInfo('ExternalFile').declarePublic('omittedDirNamesAsString') ModuleSecurityInfo('ExternalFile').declarePublic('omittedDirPrefixesAsStrin g') ModuleSecurityInfo('ExternalFile').declarePublic('omittedDirSuffixesAsStrin g') ModuleSecurityInfo('ExternalFile').declarePublic('omittedFileNamesAsString' ) ModuleSecurityInfo('ExternalFile').declarePublic('omittedFilePrefixesAsStri ng') ModuleSecurityInfo('ExternalFile').declarePublic('omittedFileSuffixesAsStri ng')
ModuleSecurityInfo('ExternalFile').apply(globals())
Then, in www/create.pt, add a line like:
<tal:work define="global ef modules/Products/ExternalFile" />
change
tal:content="container/gethostname"
to
tal:content="ef/gethostname"
and ALL the code like:
tal:attributes="value container/illegalCharsAsString"
to
tal:attributes="value python: ef.illegalCharsAsString(container)"
If you don't want to mess with the security declarations, you could also just edit www/create.pt to remove the section that prints the hostname and all the "tal:attributes..." that supply default values in the batch section.
Steve
BTW, I don't regularly watch this list; so if you'd like my attention in a reply, please CC me.
Chris H wrote:
Greets;
Testing externalFile from collective cvs consistantly gives the following error upon creating an instance, regardless of user that starts the zope process.
URL: manage_addExternalFileForm Line 36, Column 5 Expression: standard:'container/gethostname' Names: {'container': <__FactoryDispatcher__ instance at 40f65340>, 'context': <__FactoryDispatcher__ instance at 40f65340>, 'default': <Products.PageTemplates.TALES.Default instance at 0x40b8ae6c>, 'here': <__FactoryDispatcher__ instance at 40f65340>, 'loop': <SafeMapping instance at 40f653e0>, 'modules': <Products.PageTemplates.ZRPythonExpr._SecureModuleImporter instance at 0x40b8fb0c>, 'nothing': None, 'options': {'args': ()}, 'repeat': <SafeMapping instance at 40f653e0>, 'request': <HTTPRequest, URL=http://localhost:8080/manage_addProduct/ExternalFile/create>, 'root': <Application instance at 417e2a10>, 'template': <PageTemplateFile at /manage_addExternalFileForm>, 'traverse_subpath': [], 'user': chris} Module Products.PageTemplates.Expressions, line 201, in __call__ Module Products.PageTemplates.Expressions, line 189, in _eval Module Products.PageTemplates.Expressions, line 145, in _eval __traceback_info__: container Module Products.PageTemplates.Expressions, line 340, in restrictedTraverse __traceback_info__: {'path': ['gethostname'], 'TraversalRequestNameStack': []} Unauthorized: You are not allowed to access 'gethostname' in this context (Also, an error occurred while attempting to render the standard error message.)
Any suggestions on how to resolve this?
/ch
_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )
friedrich steindl wrote:
hi all,
i had the same problem as the first poster but the solution does not work for me
the error comes from this additional line in 'create.pt' <tal:work define="global ef modules/Products/ExternalFile" />
it still produces a 'not authorized'
Try Shane Hathaways's VerboseSecurity product... Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk
participants (5)
-
Chris H -
Chris Withers -
friedrich steindl -
Jens Vagelpohl -
Steve McMahon