[Zope-dev] SVN: Zope/branches/2.12/ Correctly handle unauthorized exceptions in the ZPublisherExceptionHook.

Tres Seaver tseaver at palladion.com
Sat Jul 4 14:03:16 EDT 2009 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hanno Schlichting wrote:
> Log message for revision 101181:
>   Correctly handle unauthorized exceptions in the ZPublisherExceptionHook.
> 
> Modified: Zope/branches/2.12/src/Zope2/App/startup.py
> ===================================================================
> --- Zope/branches/2.12/src/Zope2/App/startup.py	2009-06-20 19:53:08 UTC (rev 101180)
> +++ Zope/branches/2.12/src/Zope2/App/startup.py	2009-06-21 00:00:53 UTC (rev 101181)
> @@ -24,6 +24,7 @@
>  from time import asctime
>  from types import StringType, ListType
>  from zExceptions import Redirect
> +from zExceptions import Unauthorized
>  from ZODB.POSException import ConflictError
>  import transaction
>  import AccessControl.User
> @@ -170,7 +171,7 @@
>                  if t.lower() in ('unauthorized', 'redirect'):
>                      raise
>              else:
> -                if t is SystemExit or t is Redirect:
> +                if t is SystemExit or t is Redirect or t is Unauthorized:
>                      raise
>  
>                  if issubclass(t, ConflictError):

What is the motivation here?  Zope2 applications have hooked
Unauthorized exceptions *forever*:

 - You can see them in the error_log (if you take them out of the ignore
   list).

This change (the fixed version) breaks unit tests which assert that the
exception can be hooked:

- --------------------------------------------------------------------------
$ bin/test -s Zope2.App
Running zope.testing.testrunner.layer.UnitTests tests:
  Set up zope.testing.testrunner.layer.UnitTests in 0.000 seconds.

Error in test testRenderUnauthorizedBrokenClient
(Zope2.App.tests.testExceptionHook.ExceptionMessageRenderTest)
Traceback (most recent call last):
  File "/home/tseaver/projects/Zope-CVS/lib/python2.6/unittest.py", line
279, in run
    testMethod()
  File
"/home/tseaver/projects/Zope-CVS/Zope-trunk/src/Zope2/App/tests/testExceptionHook.py",
line 284, in testRenderUnauthorizedBrokenClient
    self.assertRaises(AttributeError, self.call, client, request, f)
  File "/home/tseaver/projects/Zope-CVS/lib/python2.6/unittest.py", line
336, in failUnlessRaises
    callableObj(*args, **kwargs)
  File
"/home/tseaver/projects/Zope-CVS/Zope-trunk/src/Zope2/App/tests/testExceptionHook.py",
line 74, in call
    sys.exc_info()[2],
  File
"/home/tseaver/projects/Zope-CVS/Zope-trunk/src/Zope2/App/tests/testExceptionHook.py",
line 69, in call
    f(*args, **kw)
  File
"/home/tseaver/projects/Zope-CVS/Zope-trunk/src/Zope2/App/tests/testExceptionHook.py",
line 281, in f
    raise Unauthorized, 1
Unauthorized: You are not allowed to access '1' in this context

Error in test testRenderUnauthorizedOldClient
(Zope2.App.tests.testExceptionHook.ExceptionMessageRenderTest)
Traceback (most recent call last):
  File "/home/tseaver/projects/Zope-CVS/lib/python2.6/unittest.py", line
279, in run
    testMethod()
  File
"/home/tseaver/projects/Zope-CVS/Zope-trunk/src/Zope2/App/tests/testExceptionHook.py",
line 251, in testRenderUnauthorizedOldClient
    self.call(client, request, f)
  File
"/home/tseaver/projects/Zope-CVS/Zope-trunk/src/Zope2/App/tests/testExceptionHook.py",
line 74, in call
    sys.exc_info()[2],
  File
"/home/tseaver/projects/Zope-CVS/Zope-trunk/src/Zope2/App/tests/testExceptionHook.py",
line 69, in call
    f(*args, **kw)
  File
"/home/tseaver/projects/Zope-CVS/Zope-trunk/src/Zope2/App/tests/testExceptionHook.py",
line 248, in f
    raise Unauthorized, 1
Unauthorized: You are not allowed to access '1' in this context

Error in test testRenderUnauthorizedStandardClient
(Zope2.App.tests.testExceptionHook.ExceptionMessageRenderTest)
Traceback (most recent call last):
  File "/home/tseaver/projects/Zope-CVS/lib/python2.6/unittest.py", line
279, in run
    testMethod()
  File
"/home/tseaver/projects/Zope-CVS/Zope-trunk/src/Zope2/App/tests/testExceptionHook.py",
line 262, in testRenderUnauthorizedStandardClient
    self.call(client, request, f)
  File
"/home/tseaver/projects/Zope-CVS/Zope-trunk/src/Zope2/App/tests/testExceptionHook.py",
line 74, in call
    sys.exc_info()[2],
  File
"/home/tseaver/projects/Zope-CVS/Zope-trunk/src/Zope2/App/tests/testExceptionHook.py",
line 69, in call
    f(*args, **kw)
  File
"/home/tseaver/projects/Zope-CVS/Zope-trunk/src/Zope2/App/tests/testExceptionHook.py",
line 259, in f
    raise Unauthorized, 1
Unauthorized: You are not allowed to access '1' in this context

Error in test testRenderUnauthorizedStandardClientMethod
(Zope2.App.tests.testExceptionHook.ExceptionMessageRenderTest)
Traceback (most recent call last):
  File "/home/tseaver/projects/Zope-CVS/lib/python2.6/unittest.py", line
279, in run
    testMethod()
  File
"/home/tseaver/projects/Zope-CVS/Zope-trunk/src/Zope2/App/tests/testExceptionHook.py",
line 273, in testRenderUnauthorizedStandardClientMethod
    self.call(client.dummyMethod, request, f)
  File
"/home/tseaver/projects/Zope-CVS/Zope-trunk/src/Zope2/App/tests/testExceptionHook.py",
line 74, in call
    sys.exc_info()[2],
  File
"/home/tseaver/projects/Zope-CVS/Zope-trunk/src/Zope2/App/tests/testExceptionHook.py",
line 69, in call
    f(*args, **kw)
  File
"/home/tseaver/projects/Zope-CVS/Zope-trunk/src/Zope2/App/tests/testExceptionHook.py",
line 270, in f
    raise Unauthorized, 1
Unauthorized: You are not allowed to access '1' in this context

Failure in test testCustomExceptionViewUnauthorized
(Zope2.App.tests.testExceptionHook.ExceptionViewsTest)
Traceback (most recent call last):
  File "/home/tseaver/projects/Zope-CVS/lib/python2.6/unittest.py", line
279, in run
    testMethod()
  File
"/home/tseaver/projects/Zope-CVS/Zope-trunk/src/Zope2/App/tests/testExceptionHook.py",
line 353, in testCustomExceptionViewUnauthorized
    self.failUnless(isinstance(v, HTTPResponse), v)
  File "/home/tseaver/projects/Zope-CVS/lib/python2.6/unittest.py", line
325, in failUnless
    if not expr: raise self.failureException, msg
AssertionError: You are not allowed to access '1' in this context

  Ran 23 tests with 1 failures and 4 errors in 0.512 seconds.
Tearing down left over layers:
  Tear down zope.testing.testrunner.layer.UnitTests in 0.000 seconds.
- --------------------------------------------------------------------------


Tres.
- --
===================================================================
Tres Seaver          +1 540-429-0999          tseaver at palladion.com
Palladion Software   "Excellence by Design"    http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFKT5lk+gerLs4ltQ4RAuXKAJ4x+m289pMfGeYprwdJgAJ/6RkIBACdG8FO
VYiQVeOKXbGSQ/g65GkP0sw=
=RH3T
-----END PGP SIGNATURE-----

More information about the Zope-Dev mailing list