[ZCM] [ZC] 1211/ 2 Resolve "Zope 2.7 always uses Python implementation of ZopeSecurityPolicy"

Collector: Zope Bugs, Features, and Patches ... zope-coders-admin at zope.org
Thu Jan 29 14:14:50 EST 2004 

Issue #1211 Update (Resolve) "Zope 2.7 always uses Python implementation of ZopeSecurityPolicy"
 Status Resolved, Zope/bug medium
To followup, visit:
  http://zope.org/Collectors/Zope/1211

==============================================================
= Resolve - Entry #2 by Brian on Jan 29, 2004 2:14 pm

 Status: Pending => Resolved

An update on this - it was never the 
intent that the policy be switchable after 
initially being selected. The changes made 
for 2.7 were mainly to allow the selection 
to be made in the config file rather than 
a lot of env var checks distributed in 
different modules.

It turns out that a test in testImplementation violated this by 
calling setImplementation several times. 
The end effect was that the test rig 
itself was getting the policy set back 
to Python (from which it can't currently 
be switched back).

I've commented those tests for now with 
a note explaining that setImplementation 
is meant to be called only once and that 
calling it again can lead to undefined 
results (there are good reasons why it 
is not a good idea to support arbitrary 
switchability the way that the code is 
currently factored - 3rd party apps may 
have already imported elements of the 
implementation, so switching it after it 
is initially set is unwise).

Interestingly, I've verified that under 
2.7 *both* the Python and C policy 
implementations fail the user folder 
test related to this issue. (That is 
not the case under 2.6).

-BL
________________________________________
= Request - Entry #1 by shh on Jan 28, 2004 3:01 pm

Zope 2.7 appears to *always* use the Python implementation of ZopeSecurityPolicy. 

The implementation is initialized by a call to ImplPython.setDefaultBehaviors() in module ImplPython. Future calls to AccessControl.setImplementation('C') fail to change the security policy implementation (to C).

One way to reproduce this is to run 'AccessControl/tests/testUserFolder.py' which has the same new tests (and issues) like reported in http://zope.org/Collectors/Zope/1210 for 2.6. 

You will notice that the test *fails* even though use of the C implementation would be expected by default. 

You can force a C-ZopeSecurityPolicy by uncommenting the marked block near the top of 'testUserFolder.py'. This again makes all tests pass.


==============================================================

More information about the Zope-Collector-Monitor mailing list