[Zope-dev] AUTHENTICATION_USER in standard_error_message cause by
NotFound error
Tim Ansell
mithro@senet.com.au
Thu, 11 Jan 2001 04:53:00 +1030
This is a multi-part message in MIME format.
--------------7EEF6E5F4C42011A796CD009
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Forgot to attach the diff....
Forgive me it's 4:52am here....
Mithro
Tim Ansell wrote:
> Oppps, just realised i've been replying only to myself :)
>
> Umm okay here is the diff, it is from version 2.2.4 but should apply to most
> versions....
> I have removed all the "print" debugging and cleaned up the formatting.
>
> Could people look it over and tell me if there are any hidden problems with it?
> Is it done the right way?
>
> There seems to be a lot of repeated code between zpublisher_exception_hook and
> ZPublisher.BaseRequest, maybe you want to put the auth stuff into it's own
> function and work that way? Just an idea...
>
> Mithro
>
> > Tim Ansell wrote:
> >
> > > No further investigation i have found out that the part i really want to
> > > modify is
> > >
> > > zpublisher_exception_hook, which gets called when the error occurs
> > >
> > > Inside this functions there is a
> > >
> > > if REQUEST.get('AUTHENTICATED_USER', None) is None:
> > > REQUEST['AUTHENTICATED_USER']=AccessControl.User.nobody
> > >
> > > which seems to explain why i'm getting the anonymous user for the errors.
> > >
> > > Is there anyway to add to this function the authentication routines so that
> > > is AUTHENTICATED_USER is none it authentication is check with
> > > standard_error_message being the object checked against?
> > >
> > > Am i making any sense?
> > >
> > > I'm going to give it a go and see what happen...
> > >
> > > Mithro
> > >
> > > Tim Ansell wrote:
> > >
> > > > <newbie alert>
> > > >
> > > > Hello.
> > > >
> > > > I've been using zope for a couple of months, i have found zope to be a
> > > > great product and thank you for creating it. Currently i have run into a
> > > > problem, i need to access the AUTHENTICATED_USER in a
> > > > standard_error_message called by notFoundError in BaseRequest.
> > > >
> > > > I was wondering if the authentication routine can be added before the
> > > > authentication routine in BaseRequest? Or if this is not possible it
> > > > could be split into a function and and call it before the notFoundError
> > > > call as well?
> > > >
> > > > There are many reasons you might want to do this, i have listed some
> > > > below:
> > > >
> > > > * You want list possible urls the reader could have meant but don't want
> > > > to show let Anonymous users see possible privileged urls
> > > >
> > > > * You want to provided different error messages for different people,
> > > > i.e. a more advanced error for coders, a simple error for html writer, a
> > > > special error for normal people
> > > >
> > > > * You wanted errors to only be reported it they where caused by certain
> > > > users
> > > >
> > > > and the list could go on....
> > > >
> > > > Mithro
> > > >
> > > > </newbie aler>
> > > >
> > > > _______________________________________________
> > > > Zope-Dev maillist - Zope-Dev@zope.org
> > > > http://lists.zope.org/mailman/listinfo/zope-dev
> > > > ** No cross posts or HTML encoding! **
> > > > (Related lists -
> > > > http://lists.zope.org/mailman/listinfo/zope-announce
> > > > http://lists.zope.org/mailman/listinfo/zope )
>
> _______________________________________________
> Zope-Dev maillist - Zope-Dev@zope.org
> http://lists.zope.org/mailman/listinfo/zope-dev
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://lists.zope.org/mailman/listinfo/zope-announce
> http://lists.zope.org/mailman/listinfo/zope )
--------------7EEF6E5F4C42011A796CD009
Content-Type: text/plain; charset=us-ascii;
name="SEM_auth.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="SEM_auth.diff"
--- ./__init__.py.org Thu Jan 11 04:39:25 2001
+++ ./__init__.py Thu Jan 11 04:37:24 2001
@@ -162,6 +162,9 @@
class RequestContainer(ExtensionClass.Base):
def __init__(self,r): self.REQUEST=r
+from ZPublisher.BaseRequest import old_validation
+UNSPECIFIED_ROLES=''
+
def zpublisher_exception_hook(
published, REQUEST, t, v, traceback,
# static
@@ -208,11 +211,79 @@
break
client=published
+
+ auth=REQUEST._auth
+
+ user=groups=None
+
+ while 1:
+ if REQUEST.get('AUTHENTICATED_USER', None) is None:
+ # Do authentication here....
+ r = getattr(client, '__roles__', UNSPECIFIED_ROLES)
+ if r is not UNSPECIFIED_ROLES:
+ roles = r
+ elif not got:
+ roles = getattr(client, entry_name+'__roles__', roles)
+
+ if roles:
+ if hasattr(client, '__allow_groups__'):
+ groups=client.__allow_groups__
+
+ if hasattr(groups, 'validate'): v=groups.validate
+ else: v=old_validation
+
+ if v is old_validation and roles is UNSPECIFIED_ROLES:
+ print "Validation and UNSEPCIFIED_ROLES is okay"
+ # No roles, so if we have a named group, get roles from
+ # group keys
+ if hasattr(groups,'keys'): roles=groups.keys()
+ else:
+ try: groups=groups()
+ except: pass
+ try: roles=groups.keys()
+ except: pass
+
+ if groups is None:
+ # Public group, hack structures to get it to validate
+ roles=None
+ auth=''
+
+ if v is old_validation:
+ user=old_validation(groups, request, auth, roles)
+ elif roles is UNSPECIFIED_ROLES: user=v(request, auth)
+ else: user=v(REQUEST, auth, roles)
+
+ if hasattr(client, '__allow_groups__') and user == None:
+ groups=client.__allow_groups__
+ if hasattr(groups,'validate'):
+ v=groups.validate
+ else:
+ v=old_validation
+ if v is old_validation:
+ user=old_validation(groups, REQUEST, auth, roles)
+ elif roles is UNSPECIFIED_ROLES:
+ user=v(REQUEST, auth)
+ else:
+ user=v(REQUEST, auth, roles)
+
+ if user is not None:
+ REQUEST['AUTHENTICATED_USER']=user
+
+ try:
+ client=getattr(client, 'aq_parent', None)
+ if client is None: raise
+ except:
+ break
+
while 1:
if getattr(client, 'standard_error_message', None) is not None:
break
+ try:
client=getattr(client, 'aq_parent', None)
if client is None: raise
+ except:
+ break
+
if REQUEST.get('AUTHENTICATED_USER', None) is None:
REQUEST['AUTHENTICATED_USER']=AccessControl.User.nobody
--------------7EEF6E5F4C42011A796CD009--