[Zope] Restricted Traverse

Paul Winkler pw_lists at slinkp.com
Sat Nov 11 12:31:27 EST 2006


On Sun, Nov 12, 2006 at 12:57:21AM +1100, Andrew Milton wrote:
> +-------[ Nancy Donnelly ]----------------------
> | Could someone tell me what's wrong with this code?
> | 
> | <span
> |     tal:define="global url python:here.absolute_url(relative=None) + '/
> | index_frame.pt#quotes'"
> | />
> | <span
> |     tal:define="root python:container.restrictedTraverse(url)"
> |     tal:replace="structure python:here.printSiteMap(root, 12)"
> | />
> | 
> | --or--
> | 
> | <span
> |     tal:define="root python:container.restrictedTraverse(here.absolute_url
> | (relative=None) + '/index_frame.pt#quotes')"
> |     tal:replace="structure python:here.printSiteMap(root, 12)"
> | />
> | 
> | 
> | I'm trying to automate that restrictedTraverse.
> 
> absolute url returns a string prefixed with "http(s)://", unless the relative
> parameter evaluates to true.... None doesn't do that.
> 
> Try using relative = True

Aside from that, and the problem with '#quotes' as Andrew pointed out,
absolute_url() is just not safe to use with restrictedTraverse(), since
the url takes virtual hosting into account and thus may add or remove
parts of the path.  This technique tends to work fine during local
development and then as soon as you deploy to a server with virtual
hosting configured, boom, everything breaks. No fun.
So, Don't Do That.
See http://www.plope.com/Books/2_7Edition/AppendixB.stx#2-394

When creating paths for use with restrictedTraverse(),
you should always use getPhysicalPath() instead.

In this particular case, I suspect you don't even need to do that.
Try:

 tal:define="root python:here.restrictedTraverse('index_frame.pt')"

which can be spelled a bit more simply as:

 tal:define="root nocall:here/index_frame.pt"


-- 

Paul Winkler
http://www.slinkp.com


More information about the Zope mailing list