[Zope] Re: ExternalFile errors
friedrich steindl
zopp at floSoft.net
Mon Mar 7 17:38:42 EST 2005
hi all,
i had the same problem as the first poster
but the solution does not work for me
the error comes from this additional line in 'create.pt'
<tal:work define="global ef modules/Products/ExternalFile" />
it still produces a 'not authorized'
the complete traceback reads as follows
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Site Error
An error was encountered while publishing this resource.
Unauthorized
Sorry, a site error occurred.
Traceback (innermost last):
Module ZPublisher.Publish, line 175, in publish_module_standard
Module ZPublisher.Publish, line 132, in publish
Module Zope.App.startup, line 204, in zpublisher_exception_hook
Module ZPublisher.Publish, line 101, in publish
Module ZPublisher.mapply, line 88, in mapply
Module ZPublisher.Publish, line 39, in call_object
Module Shared.DC.Scripts.Bindings, line 306, in __call__
Module Shared.DC.Scripts.Bindings, line 343, in _bindAndExec
Module Products.PageTemplates.PageTemplateFile, line 106, in _exec
Module Products.PageTemplates.PageTemplate, line 96, in pt_render
<PageTemplateFile at /WeatherFiles/manage_addExternalFileForm>
Module TAL.TALInterpreter, line 190, in __call__
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 464, in do_setGlobal_tal
Module Products.PageTemplates.TALES, line 221, in evaluate
URL: manage_addExternalFileForm
Line 1, Column 0
Expression: standard:'modules/Products/ExternalFile'
Names:
{'container': <__FactoryDispatcher__ instance at 40a3d740>,
'context': <__FactoryDispatcher__ instance at 40a3d740>,
'default': <Products.PageTemplates.TALES.Default instance at 0x40a237ac>,
'here': <__FactoryDispatcher__ instance at 40a3d740>,
'loop': <SafeMapping instance at 40e7d3e0>,
'modules': <Products.PageTemplates.ZRPythonExpr._SecureModuleImporter
instance at 0x40a232ac>,
'nothing': None,
'options': {'args': ()},
'repeat': <SafeMapping instance at 40e7d3e0>,
'request': <HTTPRequest, URL=http://192.168.11.47:9080/WeatherFiles/
manage_addProduct/ExternalFile/create>,
'root': <Application instance at 40d644d0>,
'template': <PageTemplateFile at /WeatherFiles/manage_addExternalFileForm>,
'traverse_subpath': [],
'user': fs}
Module Products.PageTemplates.Expressions, line 201, in __call__
Module Products.PageTemplates.Expressions, line 189, in _eval
Module Products.PageTemplates.Expressions, line 145, in _eval
__traceback_info__: modules
Module Products.PageTemplates.Expressions, line 340, in restrictedTraverse
__traceback_info__: {'path': ['Products', 'ExternalFile'],
'TraversalRequestNameStack': []}
Unauthorized: You are not allowed to access 'ExternalFile' in this context
(Also, an error occurred while attempting to render the standard error
message.)
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Zope version: (Zope 2.7.4-0, python 2.3.3, linux2)
Python version: 2.3.3 (#3, Mar 11 2004, 00:53:33) [GCC 3.3 20030226
(prerelease) (SuSE Linux)]
thx for your help
steindl friedrich
(-:fs)
======================================================
Am Freitag, 7. Januar 2005 18:23 tippte Steve McMahon:
> Two (late) solutions:
>
> 1) If you don't need the batch addition support, just comment out the
> section of create.pt that calls gethostname and the whole div that
> supports batch addition.
>
> 2) If you're more adventurous, add to __init__.py security declarations
> to make the needed module functions public. The code will look like:
>
> from AccessControl import ModuleSecurityInfo
>
> ModuleSecurityInfo('ExternalFile').declarePublic('gethostname')
> ModuleSecurityInfo('ExternalFile').declarePublic('illegalCharsAsString')
> ModuleSecurityInfo('ExternalFile').declarePublic('omittedDirNamesAsString')
> ModuleSecurityInfo('ExternalFile').declarePublic('omittedDirPrefixesAsStrin
>g')
> ModuleSecurityInfo('ExternalFile').declarePublic('omittedDirSuffixesAsStrin
>g')
> ModuleSecurityInfo('ExternalFile').declarePublic('omittedFileNamesAsString'
>)
> ModuleSecurityInfo('ExternalFile').declarePublic('omittedFilePrefixesAsStri
>ng')
> ModuleSecurityInfo('ExternalFile').declarePublic('omittedFileSuffixesAsStri
>ng')
>
> ModuleSecurityInfo('ExternalFile').apply(globals())
>
> Then, in www/create.pt, add a line like:
>
> <tal:work define="global ef modules/Products/ExternalFile" />
>
> change
>
> tal:content="container/gethostname"
>
> to
>
> tal:content="ef/gethostname"
>
> and ALL the code like:
>
> tal:attributes="value container/illegalCharsAsString"
>
> to
>
> tal:attributes="value python: ef.illegalCharsAsString(container)"
>
> If you don't want to mess with the security declarations, you could also
> just edit www/create.pt to remove the section that prints the hostname
> and all the "tal:attributes..." that supply default values in the batch
> section.
>
> Steve
>
> BTW, I don't regularly watch this list; so if you'd like my attention in
> a reply, please CC me.
>
> Chris H wrote:
> > Greets;
> >
> > Testing externalFile from collective cvs consistantly gives the
> > following error upon creating an instance, regardless of user that
> > starts the zope process.
> >
> > URL: manage_addExternalFileForm
> > Line 36, Column 5
> > Expression: standard:'container/gethostname'
> > Names:
> > {'container': <__FactoryDispatcher__ instance at 40f65340>,
> > 'context': <__FactoryDispatcher__ instance at 40f65340>,
> > 'default': <Products.PageTemplates.TALES.Default instance at 0x40b8ae6c>,
> > 'here': <__FactoryDispatcher__ instance at 40f65340>,
> > 'loop': <SafeMapping instance at 40f653e0>,
> > 'modules': <Products.PageTemplates.ZRPythonExpr._SecureModuleImporter
> > instance at 0x40b8fb0c>,
> > 'nothing': None,
> > 'options': {'args': ()},
> > 'repeat': <SafeMapping instance at 40f653e0>,
> > 'request': <HTTPRequest,
> > URL=http://localhost:8080/manage_addProduct/ExternalFile/create>,
> > 'root': <Application instance at 417e2a10>,
> > 'template': <PageTemplateFile at /manage_addExternalFileForm>,
> > 'traverse_subpath': [],
> > 'user': chris}
> > Module Products.PageTemplates.Expressions, line 201, in __call__
> > Module Products.PageTemplates.Expressions, line 189, in _eval
> > Module Products.PageTemplates.Expressions, line 145, in _eval
> > __traceback_info__: container
> > Module Products.PageTemplates.Expressions, line 340, in
> > restrictedTraverse __traceback_info__: {'path': ['gethostname'],
> > 'TraversalRequestNameStack': []}
> > Unauthorized: You are not allowed to access 'gethostname' in this
> > context (Also, an error occurred while attempting to render the standard
> > error message.)
> >
> > Any suggestions on how to resolve this?
> >
> > /ch
>
> _______________________________________________
> Zope maillist - Zope at zope.org
> http://mail.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://mail.zope.org/mailman/listinfo/zope-announce
> http://mail.zope.org/mailman/listinfo/zope-dev )
More information about the Zope
mailing list