[Zope] mysqlUserFolder and CMF - UPDATE
Norman Khine
khine@btinternet.com
Wed, 25 Apr 2001 11:22:14 +0100
Hello Shane,
Well finally I managed to hack the code so that I can use mysqlUserFolder to
(1) Authenticate users from MySQL db and (2) Register New Users.
But being new to programming in general and especially python, I'll like
your advice and any suggestions on the following, in order to ensure my work
is correct and that is being done in the most efficient manner. What I did
then was:
(1) Created a new folder into which I set up a CMF Site using ALL the
default options ie create a new user folder.
(2) Changed the create_table.sql and added the following lines to it:
============================================================================
==============================
INSERT into Roles values ('', 'Manager', '*');
INSERT into Roles values ('', 'Anonymous', '*');
INSERT into Roles values ('', 'Member', '*');
INSERT into Users values ('', 'User', 'User Name', 'Password', '', '*',
'user@btinternet.com');
INSERT into UserRoles values ('1', '1');
============================================================================
===============================
Lines 1,2, & 3 create the initial Roles
Line 5 creates the Manager Account
and Line 7 links user with the role
for more details see the README text
(2) I removed the newly created User Folder and replaced it with the MySQL
User Folder -- as discussed previously. This in turn created a new acl_users
folder containing in the contents tab 6 files.
(3) From this I cut ALL the files that begin with doc* ie docLogin,
docNewUser and docUserPage
(4) In the portal_skins folder, custom I pasted the above selection.
(5) Then from the generic folder I had to edit the join_form and replaced
the whole contents with the following code:
============================================================================
====
<dtml-var standard_html_header>
<div class="Desktop">
<h1>Become a member</h1>
<dtml-var docNewUser>
<dtml-var standard_html_footer>
============================================================================
==
(6) Having got couple of errors when trying to add a new record, this being:
(a) Error Type: Forbidden
Error Value: Get lost you stupid boy. You are not authorized to access
this document.
Traceback (innermost last):
File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/Publish.py, line
223, in publish_module
File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/Publish.py, line
187, in publish
File /usr/home/khine/usr/local/Zope/lib/python/Zope/__init__.py, line 221,
in zpublisher_exception_hook
(Object: RoleManager)
File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/Publish.py, line
171, in publish
File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/mapply.py, line
160, in mapply
(Object: actCreateUser)
File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/Publish.py, line
112, in call_object
(Object: actCreateUser)
File /usr/home/khine/usr/local/Zope/lib/python/OFS/DTMLDocument.py, line
189, in __call__
(Object: actCreateUser)
File
/usr/home/khine/usr/local/Zope/lib/python/DocumentTemplate/DT_String.py,
line 538, in __call__
(Object: actCreateUser)
File /usr/home/khine/usr/local/Zope/lib/python/DocumentTemplate/DT_Let.py,
line 146, in render
(Object: ok="user_create (REQUEST, username, realname, email,
password1)")
File
/usr/home/khine/usr/local/Zope/lib/python/DocumentTemplate/DT_Util.py, line
334, in eval
(Object: user_create (REQUEST, username, realname, email, password1))
(Info: username)
File <string>, line 0, in ?
File
/usr/home/khine/usr/local/Zope/lib/python/Products/mysqlUserFolder/mysqlUser
Folder.py, line 885, in user_create
(Object: RoleManager)
Forbidden: (see above)
So to resolve this I looked at the mysqlUserFolder.py, and right at the
bottom we have the following code
----------------------------------------------------------------------------
-------------------------------------------------
user_create__roles__ = None
def user_create (Self, REQUEST, username, realname, email,
password):
""" Anonymous creation """
if not Self.anon_create_ok:
raise 'Forbidden', \
"Get lost you stupid boy.
You are not authorized to access this document."
roles = [Self.anon_create_role]
ok = Self.create_user (username, password, roles, realname,
email)
return ok
Globals.default__class_init__ (mysqlUserFolder)
----------------------------------------------------------------------------
-------------------------------------------------
So what I did was to remove the following 3 lines
----------------------------------------------------------------------------
------------------------------------------------
# if not Self.anon_create_ok:
# raise 'Forbidden', \
# "Get lost you stupid boy.
You are not authorized to access this document."
============================================================================
===============================================
or just hash it.
(b) Then I got the following error which is as follows: (Please note I had
to restart the server everytime I made any changes to any of the code)
Error Type: Unknown role: Select Id from Roles where Rolename = %s and Realm
= %s
Error Value: None
Traceback (innermost last):
File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/Publish.py, line
223, in publish_module
File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/Publish.py, line
187, in publish
File /usr/home/khine/usr/local/Zope/lib/python/Zope/__init__.py, line 221,
in zpublisher_exception_hook
(Object: RoleManager)
File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/Publish.py, line
171, in publish
File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/mapply.py, line
160, in mapply
(Object: actCreateUser)
File /usr/home/khine/usr/local/Zope/lib/python/ZPublisher/Publish.py, line
112, in call_object
(Object: actCreateUser)
File /usr/home/khine/usr/local/Zope/lib/python/OFS/DTMLDocument.py, line
189, in __call__
(Object: actCreateUser)
File
/usr/home/khine/usr/local/Zope/lib/python/DocumentTemplate/DT_String.py,
line 538, in __call__
(Object: actCreateUser)
File /usr/home/khine/usr/local/Zope/lib/python/DocumentTemplate/DT_Let.py,
line 146, in render
(Object: ok="user_create (REQUEST, username, realname, email,
password1)")
File
/usr/home/khine/usr/local/Zope/lib/python/DocumentTemplate/DT_Util.py, line
334, in eval
(Object: user_create (REQUEST, username, realname, email, password1))
(Info: username)
File <string>, line 0, in ?
File
/usr/home/khine/usr/local/Zope/lib/python/Products/mysqlUserFolder/mysqlUser
Folder.py, line 890, in user_create
(Object: RoleManager)
File
/usr/home/khine/usr/local/Zope/lib/python/Products/mysqlUserFolder/mysqlUser
Folder.py, line 563, in create_user
(Object: RoleManager)
File
/usr/home/khine/usr/local/Zope/lib/python/Products/mysqlUserFolder/vdb.py,
line 99, in create_user
File
/usr/home/khine/usr/local/Zope/lib/python/Products/mysqlUserFolder/db.py,
line 331, in create_user
Unknown role: Select Id from Roles where Rolename = %s and Realm = %s: (see
above)
****************************************************************************
*******************************************
But the strange is that the user is being created on the database, but
without any priviviliges, the only priviliges that this user has is if you
go to your ZMI and then to the acl_user folder and then you will see the
user you just created as:
User page for test22.
Username: test22
Userroles: mysqlRole
Anonymous
So to overcome this error looking at the traceback I altered the db.py file
and hardcoded a new user in the following lines, which used to be:
============================================================================
======================
# ----- Find roles
query = 'Select Id_Role from UserRoles where Id_User = %s'
role_ids = Self.__query_list_field (query, (id, ))
roles = ["mysqlRole", cfg.ZOPE_ANONYMOUS_ROLE]
============================================================================
=========================
To
****************************************************************************
************************
# ----- Find roles
query = 'Select Id_Role from UserRoles where Id_User = %s'
role_ids = Self.__query_list_field (query, (id, ))
roles = ["mysqlRole", cfg.ZOPE_ANONYMOUS_ROLE, "Members"]
****************************************************************************
*************************
The outcome of this is that the form creates the user and assigns the Member
Role, and although I still get the same error
Error Type: Unknown role: Select Id from Roles where Rolename = %s and Realm
= %s
Error Value: None
The application creates the user with Member priviliges.
** This is something which I need to look and see the mechanics of it of how
to suppress it, and suggestions are welcomed.
This is the first milestone, NEXT I'll need to check that ALL other forms
such as change password function correctly.
Thanks for staying thus far and ALL your comments BAD or GOOD are most
welcomed ;^)
Norman
-----Original Message-----
From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of Shane
Hathaway
Sent: Tuesday, April 24, 2001 4:32 PM
To: Norman Khine
Cc: Zope Mailing List
Subject: RE: [Zope] RE: [Zope-CMF] mysqlUserFolder and CMF
On Tue, 24 Apr 2001, Norman Khine wrote:
> You are too good I was just looking at these tools.
>
> Can I confirm then that if I go down the route of mySQLUserFolder all I
will
> be concern with in ensuring it is complient with the CMF to be the
> portal_registration part of the application lloking at the Portal Object
> schema
http://www.zope.org/Products/PTK/UML/PTKBase/Portal_Objects_Diag.html
CookieCrumbler takes care of the gory details, so I think all you need to
be concerned with is modifying portal_membership so that people can add
themselves to the SQL database and the extra properties can be stored
there as well. (portal_registration probably won't need any changes.)
> and I suppose I'll need to look at the portal_membership
> www.zope.org/Products/PTK/UML/PTKBase/portal_membership_Info.html objects
> and merge it with the mysqlUserFolder
>
> Well thatnks for your help, I have taken enough of your time. If this work
I
> will sit down and write a How-to ;^)
Excellent!
Shane
>
> -----Original Message-----
> From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of Shane
> Hathaway
> Sent: Tuesday, April 24, 2001 3:58 PM
> To: Norman Khine
> Cc: Zope Mailing List
> Subject: [Zope] RE: [Zope-CMF] mysqlUserFolder and CMF
>
>
> On Tue, 24 Apr 2001, Norman Khine wrote:
>
> > Can you tell me though is there a particular reason as to the pro's &
> con's
> > of using either existing acl_users or any other flavours of Login
> Managers.
> >
> > The reason why I am using the mysqlUserFolder is to integrated with the
> > existing application and also because I did not want to clutter the ZODB
> > with demographic user data. What I am getting at will I loose any
> > performence if using one method or the other? I know you said you don't
> have
> > any experience of using mysqlUserFolder, but maybe from a perspective of
> OO
> > to RDBMS authentication.
>
> Assuming mysqlUserFolder caches the authentication tokens (and it very
> likely does), there should be only a minor performance drop when using an
> RDBMS. The ZODB has built-in caching that reduces the time it takes to
> access authentication tokens to something on the order of nanoseconds :-)
> while SQL authentication without caching can easily take up to 100 ms per
> request, which would be noticeable.
>
> > Also are there any methods which I can use to analyse the Log files from
> the
> > CMF if they are any? If so where can I find them. Or is there a way in
> which
> > I can query the Members folder, so that I can for example get total
number
> > of Members, their e-mails etc etc?
>
> You could analyze the HTTP log, Z2.log. To query the members folder use a
> Python script like:
>
> return len(container.Members.objectIds())
>
> For email properties look at what the "roster" method does.
>
> Shane
>
>
> _______________________________________________
> Zope maillist - Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://lists.zope.org/mailman/listinfo/zope-announce
> http://lists.zope.org/mailman/listinfo/zope-dev )
>
>
_______________________________________________
Zope maillist - Zope@zope.org
http://lists.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope-dev )