RE: [Zope] [announce] Local File System product
-----Original Message----- From: Jonothan Farr [mailto:jfarr@real.com] Sent: Wednesday, October 27, 1999 04:13 To: kent@goathill.org Cc: zope Subject: Re: [Zope] [announce] Local File System product
What I was planning on doing for security was having an "access" file in the products directory that contained a list of directories and a list of the files (allowing wildcards) that you were allowed to access in _that_ directory. It was going to default to only letting you read txt and log files in the product directory itself (defined by .). You could also add roles to this file.
My 'file access' product creates Zope folders which correspond to directories and other interesting objects. These Zope folders can use the std zope acl_users (or whatever) and can also contain methods and products in the Zope database specific to that directory or file tree. This allows you to create different meta-data for the same directories, depending on how they are accessed from Zope (different subdir folders pointing at the same filesys path).
That's closer to how I was planning to allow access control for specific directories and files. The problem with this approach is that I don't want to make the objects that represent directories or files in the local file system persistent Zope objects, which would be necessary to store access control data in the ZODB. I like the 'access' file approach for that reason, but I don't like the fact that it wouldn't be manageable throught the Zope interface. I honestly haven't come up with a really good solution yet.
Solution: Make the files/folder persistant but every request checks for the existance of its filesystem counterpart. If its gone then it gets deleted. Slow but it would work.
On 26 Oct 1999 21:05:00 -0500, Jay, Dylan wrote:
Solution: Make the files/folder persistant but every request checks for the existance of its filesystem counterpart. If its gone then it gets deleted. Slow but it would work.
I tried that using bobo_traverse, but haven't gotten past some of the bugs regarding variable persistence in bobo_traverse. I posted an example product which outlines the problem a couple of months ago, but didn't get a single response so I'm still stuck. LocalFS gave me an idea to try which might get around the problem though.
On 27 Oct 1999 15:37:44 GMT, Kent Polk wrote:
On 26 Oct 1999 21:05:00 -0500, Jay, Dylan wrote:
Solution: Make the files/folder persistant but every request checks for the existance of its filesystem counterpart. If its gone then it gets deleted. Slow but it would work.
I tried that using bobo_traverse, but haven't gotten past some of the bugs regarding variable persistence in bobo_traverse. I posted an example product which outlines the problem a couple of months ago, but didn't get a single response so I'm still stuck.
LocalFS gave me an idea to try which might get around the problem though.
Well. It didn't work. I can't find any way to get around using bobo_traverse to locate and call class methods, zope DB objects *and* filesystem 'objects', and with v_variables broken in bobo_traverse, I'm not sure how to accomplish what's needed without every request becoming a Zope database transaction. Does anyone have an idea of how to obtain the equivalent of the v_variable behavior that is available in __getitem__ and __getattr__ from inside of bobo_traverse? If we could figure this out, it'd be a cinch. Thanks Kent
participants (2)
-
Jay, Dylan -
kent@tiamat.goathill.org