getSecurityManager.getUser() in __getitem__ Was: [Zope] Method with Dot in the name
Dieter Maurer
dieter@handshake.de
Sun, 24 Nov 2002 19:15:55 +0100
Thomas Guettler writes:
> ... calling "__getitem__" during URL traversal ...
> It works 95%. Since no REQUEST is given to __getitem__ I get
> it like this:
>
> if hasattr(self, 'REQUEST'):
> request=self.REQUEST
>
> This or something differnt
No, it does not -- see below.
> seems to change the result
> of getSecurityManager().getUser(): I always get the
> anonymous user.
This is because authentication is done at the end of traversal.
When you use "__getitem__" during traversal, the user is not yet
determined.
> Does someone know why getUser() in __getitem__ is diffent than in
> other methods?
It is not. Any method used during traversal will behave identically
in this respect.
> The next thing is working, but it is not nice: the call to
> __getitem__() returns the content of a file to the browser. But Zope
> misses the docstring of the string. I solved by adding the content to
> the request object and returning a function which returns this, but a
> nicer solution would be better:
You can solve both problems by returning a wrapper object for your
file.
Ensure, that your wrapper class inherits from "Acquisition.Explicit/Implicit"
and that you wrap it in the objects context.
Give its "__call__" method a docstring and let it render the file content.
Protect it as you find useful. This way Zopes security mechanism
ensures authorized access only.
You can also replace "__getitem__" by "__bobo_traverse__" (when you like).
Dieter