[Zope] patch to make GUF work with zope-2.2.5

Andrews, Martin mandrews@netgenics.com
Tue, 16 Jan 2001 11:18:24 -0500 

This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.

------_=_NextPart_000_01C07FD7.F3AC1090
Content-Type: text/plain;
	charset="iso-8859-1"

Attached is a (very simple) patch to GenericUserFolder-1.2.4 that allowed me
to use it with zope-2.2.5. I just derives GenericUserFolder from
BasicUserFolder as as well as Folder (I also comment out a couple debugging
messages that were failling). Since I am a newbie I wondered it anyone had
comments on the security implications of this patch, or using GUF in general
(are there other changes required for recent zopes to ensure proper
security)?

FYI - I had tried switching to LoginManager (0.8.8b1), but after struggling
to configure it to replace my GUF usage I still managed to screw it up
somehow and lock myself out of zope entirely - not even superuser could log
in. GUF seems much better at always allowing superuser to authenticate.

Martin

---
Martin Andrews
mandrews@netgenics.com


------_=_NextPart_000_01C07FD7.F3AC1090
Content-Type: application/octet-stream;
	name="guf-derivefolder.patch"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: attachment;
	filename="guf-derivefolder.patch"

diff -ru lib~/python/Products/GenericUserFolder/GenericUserFolder.py =
lib/python/Products/GenericUserFolder/GenericUserFolder.py=0A=
--- lib~/python/Products/GenericUserFolder/GenericUserFolder.py	Mon May =
29 20:58:28 2000=0A=
+++ lib/python/Products/GenericUserFolder/GenericUserFolder.py	Fri Jan  =
5 19:17:06 2001=0A=
@@ -8,7 +8,7 @@=0A=
 from OFS.Document import Document=0A=
 from base64 import decodestring, encodestring=0A=
 from urllib import quote, unquote=0A=
-from AccessControl.User import _remote_user_mode,nobody,super,\=0A=
+from AccessControl.User import =
BasicUserFolder,_remote_user_mode,nobody,super,\=0A=
     addr_match,host_match=0A=
 from AccessControl.PermissionRole import =
_what_not_even_god_should_do=0A=
 from OFS.Folder import Folder=0A=
@@ -40,7 +40,7 @@=0A=
     oldclose(self)=0A=
 BaseRequest.close =3D close=0A=
 =0A=
-class GenericUserFolder(Folder):=0A=
+class GenericUserFolder(Folder, BasicUserFolder):=0A=
     '''A Generic User authentication userlist'''=0A=
 =0A=
     meta_type=3D'Generic User Folder'=0A=
@@ -277,12 +277,12 @@=0A=
 	    if self._isTop() and anon.allowed(parent, roles):=0A=
 		anon =3D anon.__of__(self)=0A=
 		return anon=0A=
-	    _debug("Returning None from validate (parent=3D%s,roles=3D%s)" =
\=0A=
-		% (parent.absolute_url(),roles))=0A=
+#	    _debug("Returning None from validate (parent=3D%s,roles=3D%s)" =
\=0A=
+#		% (parent.absolute_url(),roles))=0A=
 	    return None=0A=
 	else:=0A=
-	    _debug("Returning %s from validate (parent=3D%s,roles=3D%s)" \=0A=
-		% (u.getUserName(),parent.absolute_url(),roles))=0A=
+#	    _debug("Returning %s from validate (parent=3D%s,roles=3D%s)" =
\=0A=
+#		% (u.getUserName(),parent.absolute_url(),roles))=0A=
 	    return u=0A=
 =0A=
     def _basic_validate(self,request,auth,roles,parent):=0A=

------_=_NextPart_000_01C07FD7.F3AC1090--