[Zope] half programmatically authenticated from product

Tim Hicks tim@sitefusion.co.uk
Tue, 23 Jul 2002 13:10:07 +0100


I'm having difficulties 'artificially' logging in a user from filesystem
python code.

I'm trying to setup a queuing system for converting files that users upload.
The uploads are pickled to the filesystem and I then use Xron to fire the
conversions at regular intervals.  Once the conversion is done, I want it
added to the ZODB (along with various default methods), but I also need to
check whether the user has permission to add files to the place they tried.
I'm trying to perform this check when the scheduled conversion takes place
as opposed to when the upload takes place, so I capture the
username/password of the uploading user and store it in the pickle.

Here's my attempt at logging in programmatically:

#Get hold of the original upload folder
folder = context.restrictedTraverse(qfile.upload_url)
#Authenticate with the same acl_users as te original uploader
acl_users = folder.acl_users
user = acl_users.authenticate(qfile.user, qfile.passw, request={})
user = user.__of__(acl_users)
newSecurityManager(None, user)

This works up to a point.  The user does seem to be logged in and I can then
call a ZODB python script that subsequently calls manage_addFolder (amongst
other things).  However, when the ZODB python script tries to call a method
of a product of mine (which adds one of my default methods to the folder
made by the aforementioned manage_addFolder), I get the following in my log
(line 126 in _doConversion calls my ZODB python script and addPPTindex_html
is the method on my product);

2002-07-23 12:53:51,187 ERROR AsyncZlaveClient failed on Qfile '56148' for
user 'tim' (tim@sitefusion.co.uk)
Traceback (most recent call last):
  File
"D:\Zlave\zope251\lib\python\Products\ZOffice\AsyncZlaveClient\AsyncZlaveCli
ent.py", line 126, in _doConversion
    extension=qfile.extension)
  File "D:\Zlave\zope251\lib\python\Shared\DC\Scripts\Bindings.py", line
252, in __call__
    return self._bindAndExec(args, kw, None)
  File "D:\Zlave\zope251\lib\python\Shared\DC\Scripts\Bindings.py", line
283, in _bindAndExec
    return self._exec(bound_data, args, kw)
  File "D:\Zlave\zope251\lib\python\Products\PythonScripts\PythonScript.py",
line 302, in _exec
    result = apply(f, args, kw)
  File "Script (Python)", line 37, in addFolderAndFiles
  File "D:\Zlave\zope251\lib\python\AccessControl\ZopeGuards.py", line 58,
in guarded_getattr
    return inst.aq_acquire(name, aq_validate, validate)
  File "D:\Zlave\zope251\lib\python\AccessControl\ZopeGuards.py", line 40,
in aq_validate
    return validate(inst, obj, name, v)
  File "D:\Zlave\zope251\lib\python\AccessControl\SecurityManager.py", line
83, in validate
    self._context)
  File "D:\Zlave\zope251\lib\python\AccessControl\ZopeSecurityPolicy.py",
line 200, in validate
    raise Unauthorized(name, value)
Unauthorized: You are not allowed to access addPPTindex_html in this context


So, after that long-winded description, my question is...

why does the authentication seem to run out when calling a product method
when it can call manage_addFolder()?

cheers

tim