[Zope] UserDb weirdness update

Sun, 22 Aug 1999 15:50:07 +0100

Hi,
I posted a while back about problems I was having with UserDb and cookie
authentication (basically a LoginRequired exception being raised that was
causing 'an error has occurred' message when I tried to access a page that
was restricted).

Here's my latest observations - once I have time, I'll write up what little
I know as a HowTo on UserDb.

I had a folder structure
Actors
    Upload
        acl_users (a UserDb object)
            docLogin  (these are all properties of the UserDb object)
            docLogout
            sqlListQuery
            sqlUserQuery
            ....
        sqlmethods
        index_html (no acquired permission for 'view', anonymous:view = off,
Owner:view = on
        etc....

index_html is where all the stuff goes that I want authorised people to see.

Accessing this URL
/Actors/Upload
always produced the 'an error has occurred' message.

As a test I created a new folder, put a UserDb object in it and made an
index_html document with these permissions
index_html (no acquired permission for 'view', anonymous:view = off,
Owner:view = on

ie
junk
    UserDbTest
        acl_users (a UserDb object)
        index_html (view permission off, etc. etc.)

accessing *that* folder (/junk/UserDbTest) *did* work as expected.

To cut a long story short I basically exported *each* individual object in
the Upload directory bar the acl_users folder and reimported them into
another folder (Upload2). I then created a new UserDb object in the *Actors*
folder (ie acl_users) and edited the sqlListQuery and sqlUserQuery SQL
queries so that they were pointing at the right database.

It looks like this;
Actors
    acl_users
    Upload
        index_html
        sqlmethods
        etc...

Things now work, although I have no idea why (which is a *bit* of a
worry...)

One thing that *might* be useful for others is that the docLogin document is
*included* into the document that needs authentication, at least that's the
way it's worked for me, ie;
standard_html_header shown from *my* acquisition tree
contents of docLogin
standard_html_footer shown from *my* acquisition tree

This means y'all want to be careful with docLogin, strip away it's
<html><body> and </body></html> tags and just leave it bare with the FORM
HTML.

A bit ramblin' I know, but I hope this helps some people out. If anyone
who's more au fait with UserDb can point out the glaring, idiotic, ne'er to
be repeated spasm of ineptitude that I've committed - I'll be grateful,
honest!.

Tone.