[Zope] RE: Zope Digest, Vol 37, Issue 16

Mark, Jonathan (Integic) jonathan.mark at integic-hc.com
Mon Jun 18 12:38:27 EDT 2007



-----Original Message-----
From: zope-bounces at zope.org [mailto:zope-bounces at zope.org] On Behalf Of
zope-request at zope.org
Sent: Monday, June 18, 2007 12:00 PM
To: zope at zope.org
Subject: Zope Digest, Vol 37, Issue 16

Send Zope mailing list submissions to
	zope at zope.org

To subscribe or unsubscribe via the World Wide Web, visit
	http://mail.zope.org/mailman/listinfo/zope
or, via email, send a message with subject or body 'help' to
	zope-request at zope.org

You can reach the person managing the list at
	zope-owner at zope.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Zope digest..."


Today's Topics:

   1. Re: Auto Cataloging my ZCatalog (kamal hamzat)
   2. Re: zope stopped working suddenly (Mohammed Tlais)
   3. Re: zope stopped working suddenly (Maciej Wisniowski)
   4. Re: Auto Cataloging my ZCatalog (Jonathan)
   5. RSS to HTML in Zope (Tom Von Lahndorff)
   6. Re: security assertion needed for dictionary? (tomvon)
   7. RE: security assertion needed for dictionary?
      (Doyon, Jean-Francois)
   8. Re: RSS to HTML in Zope (Andreas Jung)
   9. RE: security assertion needed for dictionary? (tomvon)


----------------------------------------------------------------------

Message: 1
Date: Sun, 17 Jun 2007 18:01:28 +0100
From: "kamal hamzat" <hamzat at dnetsystems.net>
Subject: Re: [Zope] Auto Cataloging my ZCatalog
To: "Jonathan" <dev101 at magma.ca>, <zope at zope.org>
Message-ID: <004801c7b101$275bcdc0$0200a8c0 at design4>
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
	reply-type=response


----- Original Message ----- 
From: "Jonathan" <dev101 at magma.ca>
To: "kamal hamzat" <hamzat at dnetsystems.net>; <zope at zope.org>
Sent: Friday, June 15, 2007 5:58 PM
Subject: Re: [Zope] Auto Cataloging my ZCatalog


>
> ----- Original Message ----- 
> From: "kamal hamzat" <hamzat at dnetsystems.net>
> To: <zope at zope.org>
> Sent: Friday, June 15, 2007 12:51 PM
> Subject: [Zope] Auto Cataloging my ZCatalog
>
>
> Hello,
>
> I have a ZCatalog that my users use to catalog there news articles
which 
> are (DTML Documents). I have already explained it to them to always
input 
> the id for the new DTML Documents under "with ids" section on the Find

> Objects tab on the ZMI to catalog new articles. But most time they
will 
> not and they end up cataloging the entire articles which runs to
13,000 
> records.
>
> What i want is either to be able to display error when the "with ids"
is 
> missing on Find Objects form or to be able to automate it. For example
use 
> a python code. I am new to python but very eager to learn.
>>
>
> One possible approach:
>
> - I would not allow end-users access to the ZMI.
>
> - Have users interact with the application through a menu driven
interface
>
> - Use a series of forms to collect data, then use python
scripts/external 
> methods to create/store objects (eg. your DTML Documents) and update
the 
> ZCatalog(s).
>

This sound interesting, but i do not have an idea of how to use python/ 
external method to create/store objects.
I will appreciate if you can point me to links or articles that have
treated 
something similar.

Thanks
kamal 



------------------------------

Message: 2
Date: Mon, 18 Jun 2007 08:18:22 +0300
From: "Mohammed Tlais" <m.tlais at gmail.com>
Subject: Re: [Zope] zope stopped working suddenly
To: "Maciej Wisniowski" <maciej.wisniowski at coig.katowice.pl>
Cc: zope at zope.org
Message-ID:
	<4fbde830706172218s6b11ad1cwdf8a4b44d2b4a71 at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"

On 6/15/07, Maciej Wisniowski <maciej.wisniowski at coig.katowice.pl>
wrote:

>
> >   File "/opt/Zope-2.10/lib/python/Zope2/Startup/__init__.py", line
> > 234, in dropPrivileges
> >     return dropPrivileges(self.cfg)
> >   File "/opt/Zope-2.10/lib/python/Zope2/Startup/__init__.py", line
> > 403, in dropPrivileges
> >     raise ZConfig.ConfigurationError(msg)
> > ZConfig.ConfigurationError: A user was not specified to setuid to;
fix
> > this to start as root (change the effective-user directive in
zope.conf)
> > /** END **/
> You have answer above. To run as root you have
> to change effective-user at zope.conf file


I tried to change effective-user from the zope.conf.in file and saved it
as
zope.conf, I used the command

effective-user tleis , as stated in the example of that file, but no
thing
changed. if anyone knows why please tell me (just curousity)



> >
> > When everything was ok in the past I was able to run zope through
> > ./zopectl start (as a root)
> > but now the stop command displays that  the daemon manager is not
open.
> Strange that it worked. In general I think you shouldn't
> run zope as root.
>
> --
> Maciej Wisniowski


I created a new user as Maciej said, and there i tried to create an
instance, but I got a denied permission message. What I did finally is
that
I deleted the folders in both /tmp/zope and /opt/Zope-2.10 folders, and
installed Zope Again and everything is working fine right
now! but i still want to understand why this happened to me?
Thanks for you
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
http://mail.zope.org/pipermail/zope/attachments/20070618/c3d24bcc/attach
ment-0001.htm

------------------------------

Message: 3
Date: Mon, 18 Jun 2007 11:32:04 +0200
From: Maciej Wisniowski <maciej.wisniowski at coig.katowice.pl>
Subject: Re: [Zope] zope stopped working suddenly
To: Mohammed Tlais <m.tlais at gmail.com>
Cc: zope at zope.org
Message-ID: <46765114.70903 at coig.katowice.pl>
Content-Type: text/plain; charset=ISO-8859-1


> I tried to change effective-user from the zope.conf.in
> <http://zope.conf.in> file and saved it as zope.conf, I used the
command
>  
> effective-user tleis , as stated in the example of that file, but no
> thing changed. if anyone knows why please tell me (just curousity)
Maybe user tleis had no permissions to folders you've created as root.
> I created a new user as Maciej said, and there i tried to create an
> instance, but I got a denied permission message. 
If you tried to override existing instance created
by root then it is correct behaviour I think.

> What I did finally is that I deleted the folders in both /tmp/zope and
> /opt/Zope-2.10 folders, and installed Zope Again and everything is
> working fine right
:)

-- 
Maciej Wisniowski


------------------------------

Message: 4
Date: Mon, 18 Jun 2007 07:31:55 -0400
From: "Jonathan" <dev101 at magma.ca>
Subject: Re: [Zope] Auto Cataloging my ZCatalog
To: "kamal hamzat" <hamzat at dnetsystems.net>, <zope at zope.org>
Message-ID: <000701c7b19c$47b690f0$677ba8c0 at DESKTOP>
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
	reply-type=response



>> ----- Original Message ----- 
>> From: "kamal hamzat" <hamzat at dnetsystems.net>
>> To: <zope at zope.org>
>> Sent: Friday, June 15, 2007 12:51 PM
>> Subject: [Zope] Auto Cataloging my ZCatalog
>>
>>
>> Hello,
>>
>> I have a ZCatalog that my users use to catalog there news articles
which 
>> are (DTML Documents). I have already explained it to them to always
input 
>> the id for the new DTML Documents under "with ids" section on the
Find 
>> Objects tab on the ZMI to catalog new articles. But most time they
will 
>> not and they end up cataloging the entire articles which runs to
13,000 
>> records.
>>
>> What i want is either to be able to display error when the "with ids"
is 
>> missing on Find Objects form or to be able to automate it. For
example 
>> use a python code. I am new to python but very eager to learn.
>>>
>>
>> One possible approach:
>>
>> - I would not allow end-users access to the ZMI.
>>
>> - Have users interact with the application through a menu driven 
>> interface
>>
>> - Use a series of forms to collect data, then use python
scripts/external 
>> methods to create/store objects (eg. your DTML Documents) and update
the 
>> ZCatalog(s).
>>
>
> This sound interesting, but i do not have an idea of how to use
python/ 
> external method to create/store objects.
> I will appreciate if you can point me to links or articles that have 
> treated something similar.

You should read the ZopeBook chapters on scripting: 
http://plope.com/Books/2_7Edition/view

If you can make do with existing Zope object types (eg. DTML Documents,
etc) 
then you can develop your application without having to create your own
Zope 
Product, which means that DTML, ZPT and scripts will give you everything
you 
need.

If you have to define your own object types (classes) then you will need
to 
create your own Zope Product. Here are some links to product examples:

http://www.zope.org/Members/gtk/Boring
http://www.devshed.com/c/a/Zope/Creating-Zope-Products/

There is another way to create Zope classes called ZClasses (they are 
mentioned in the ZopeBook), but I would not recommend using them for a 
long-term applications as they are officially deprecated as of Zope
2.10. 
However, for 'quick & dirty' prototyping or for applications that have a

limited lifetime they may be useful.

hth

Jonathan

http://www.zope.org/Members/gtk/Boring





------------------------------

Message: 5
Date: Mon, 18 Jun 2007 10:41:53 -0400
From: Tom Von Lahndorff <tom at modscape.com>
Subject: [Zope] RSS to HTML in Zope
To: zope at zope.org
Message-ID: <F3C73865-B0A3-487B-B768-398FA31FAD44 at modscape.com>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed

Hi, Im still struggling to get an RSS feed converted to HTML in Zope  
using

Universal Feed Parser
http://www.feedparser.org/
+
This feedpaser setup
http://www.zope.org/Members/johntynan/feedparser

I'm able to get an RSS feed converted to what looks like a dictionary  
and view it, however it shows up as a rendered string on the page.  
Whenever I try to get any of the keys, no matter how, I've tried  
every possible scenario, I get an error back every time. "Blah Blah"  
is not callable..., You care not allowed to access "blah Blah" in  
this context., Value 0, etc...

I've also tried using the RSS Document in the XML Kit which ended up  
causing a runaway python method and took down Zope so I'd like to  
avoid using it. Half the time it gives back an error message anyway.

If anyone has a relatively easy way to convert an RSS feed to HTML in  
Zope I would greatly appreciate any feedback on how to set this up.  
Thanks in advance.


------------------------------

Message: 6
Date: Mon, 18 Jun 2007 08:36:06 -0700 (PDT)
From: tomvon <tom at modscape.com>
Subject: Re: [Zope] security assertion needed for dictionary?
To: zope at zope.org
Message-ID: <11178187.post at talk.nabble.com>
Content-Type: text/plain; charset=us-ascii



I have the exact same problem and have been unable to find a solution
anywhere. Were you ever able to resolve this? 


sfmcfar wrote:
> 
> I apologize for cross-posting from the plone newsgroup. but after
posting
> this I realized that this was more of a Zope issue than a Plone one.
I
> wish I could cut-and-paste (development is on the other side of a
> firewall), so instead I'll be as clear as I can.  
> 
> Anyway, I have a Plone product that contains a method called
> getFeedSequence() that returns the result (a dictionary) from
> feedparser.parse() (Feedparser is the generic RSS/Atom parser).  
> 
> In my template, I can do:
> 
> <div tal:define="myFeed python:getFeedSequence()">
>   <div tal:content="python:myFeed">
> 
> And see the string representation of the dictionary with no problem.
But
> if
> I try and access a member of the sequence:
> 
> <div tal:define="myFeed python:getFeedSequence()">
>   <div tal:content="python:myFeed['feed']['title']">
> 
> VerboseSecurity reports "The container has no security assertions.
> Access to None of {[the entire RSS dictionary goes here]} denied."
> 
> How can I have permission to access the entire sequence but not a
> portion of it?  it appears to me that the sequence is fairly
> straightforward - a few nested dictionaries, but that's it.  Does this
> make any sense?
> 
> 
> Thanks,
> 
> Stan 
> 

-- 
View this message in context:
http://www.nabble.com/security-assertion-needed-for-dictionary--tf376206
1.html#a11178187
Sent from the Zope - General mailing list archive at Nabble.com.



------------------------------

Message: 7
Date: Mon, 18 Jun 2007 11:43:00 -0400
From: "Doyon, Jean-Francois" <jdoyon at NRCan.gc.ca>
Subject: RE: [Zope] security assertion needed for dictionary?
To: "tomvon" <tom at modscape.com>, <zope at zope.org>
Message-ID:
	
<AC5C8D744B56174DB5AE2F3D1A18623F012AA336 at S0-OTT-X2.nrn.nrcan.gc.ca>
Content-Type: text/plain;	charset="us-ascii"

Forgetting plone (which I know nothing about), dictionaries definitely
do NOT need security assertions (like lists, strings, integers and all
basic types).

Are you SURE it's a dictionary?  Most likely it just LOOKS like one when
represented as a string.

Try:

<div tal:content="python:repr(myFeed)">

To see exactly what it is ... It might be an instance of some object
that has a __str__ that makes it look like a dictionary?

J.F.

-----Original Message-----
From: zope-bounces at zope.org [mailto:zope-bounces at zope.org] On Behalf Of
tomvon
Sent: June 18, 2007 11:36
To: zope at zope.org
Subject: Re: [Zope] security assertion needed for dictionary?



I have the exact same problem and have been unable to find a solution
anywhere. Were you ever able to resolve this? 


sfmcfar wrote:
> 
> I apologize for cross-posting from the plone newsgroup. but after 
> posting this I realized that this was more of a Zope issue than a 
> Plone one.  I wish I could cut-and-paste (development is on the other 
> side of a firewall), so instead I'll be as clear as I can.
> 
> Anyway, I have a Plone product that contains a method called
> getFeedSequence() that returns the result (a dictionary) from
> feedparser.parse() (Feedparser is the generic RSS/Atom parser).  
> 
> In my template, I can do:
> 
> <div tal:define="myFeed python:getFeedSequence()">
>   <div tal:content="python:myFeed">
> 
> And see the string representation of the dictionary with no problem.  
> But if I try and access a member of the sequence:
> 
> <div tal:define="myFeed python:getFeedSequence()">
>   <div tal:content="python:myFeed['feed']['title']">
> 
> VerboseSecurity reports "The container has no security assertions.
> Access to None of {[the entire RSS dictionary goes here]} denied."
> 
> How can I have permission to access the entire sequence but not a 
> portion of it?  it appears to me that the sequence is fairly 
> straightforward - a few nested dictionaries, but that's it.  Does this

> make any sense?
> 
> 
> Thanks,
> 
> Stan
> 

-- 
View this message in context:
http://www.nabble.com/security-assertion-needed-for-dictionary--tf376206
1.html#a11178187
Sent from the Zope - General mailing list archive at Nabble.com.

_______________________________________________
Zope maillist  -  Zope at zope.org
http://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope-dev )


------------------------------

Message: 8
Date: Mon, 18 Jun 2007 17:44:18 +0200
From: Andreas Jung <lists at zopyx.com>
Subject: Re: [Zope] RSS to HTML in Zope
To: Tom Von Lahndorff <tom at modscape.com>, zope at zope.org
Message-ID: <0EF1994D952D79D6DEEE3AD2 at suxmac2.local>
Content-Type: text/plain; charset="us-ascii"



--On 18. Juni 2007 10:41:53 -0400 Tom Von Lahndorff <tom at modscape.com> 
wrote:

> Hi, Im still struggling to get an RSS feed converted to HTML in Zope
using
>
> Universal Feed Parser
> http://www.feedparser.org/
> +
> This feedpaser setup
> http://www.zope.org/Members/johntynan/feedparser
>
> I'm able to get an RSS feed converted to what looks like a dictionary
and
> view it, however it shows up as a rendered string on the page.
Whenever I
> try to get any of the keys, no matter how, I've tried every possible
> scenario, I get an error back every time. "Blah Blah" is not
callable...,
> You care not allowed to access "blah Blah" in this context., Value 0,
> etc...
>
> I've also tried using the RSS Document in the XML Kit which ended up
> causing a runaway python method and took down Zope so I'd like to
avoid
> using it. Half the time it gives back an error message anyway.
>

I think this issue has been discussed in detail:

 - something that looks like a dict must not be dict

 - without security assertions you can basically only
   use native Python types

 - solutions/workaround: wrap your code into an external method,
   write a product, use a browser view, use TrustedExecutables
   or something like that.

 - in addition you might play around with ModuleSecurityInfo() &
friends,
  check the related APIs of the 'AccessControl' module.

-aj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url :
http://mail.zope.org/pipermail/zope/attachments/20070618/5b3511a7/attach
ment-0001.bin

------------------------------

Message: 9
Date: Mon, 18 Jun 2007 08:56:48 -0700 (PDT)
From: tomvon <tom at modscape.com>
Subject: [Zope] RE: security assertion needed for dictionary?
To: zope at zope.org
Message-ID: <11178584.post at talk.nabble.com>
Content-Type: text/plain; charset=us-ascii



<dtml-var "repr(newsfd)"> does the same as <dtml-var newsfd>. Here's a
snippet of what it shows:

{'feed': {'subtitle': u'', 'links': [{'href':
u'http://www.modscape.com/blog', 'type': 'text/html', 'rel':
'alternate'}],
'title': u'modscape.com Home', 'subtitle_detail': {'base':
'http://www.modscape.com/blog/rss.xml', 'type': 'text/html', 'value':
u'',
'language': None}, 'title_detail': {'base':
'http://www.modscape.com/blog/rss.xml', 'type': 'text/plain', 'value':
u'modscape.com Home', 'language': None}, 'link':
u'http://www.modscape.com/blog'}, 'status': 200, 'updated': (2007, 6,
18,
15, 54, 24, 0, 169, 0), 'encoding': 'iso-8859-15', 'bozo': 0, 'href':
'http://www.modscape.com/blog/rss.xml', 'headers': {'content-length':
'18486', 'via': '1.0 px02.bc.fw.cbs.net:80 (squid)', 'x-cache': 'MISS
from
px02.bc.fw.cbs.net', 'x-powered-by': 'Zope (www.zope.org), Python
(www.python.org)', 'x-cache-lookup': 'HIT from px02.bc.fw.cbs.net:80',
'expires': 'Mon, 18 Jun 2007 16:54:24 GMT', 'server': 'Apache/2.0.52
(Red
Hat) DAV/2 SVN/1.2.3 mod_ssl/2.0.52 OpenSSL/0.9.7a PHP/5.1.2
mod_fastcgi/2.4.2', 'last-modified': 'Mon, 18 Jun 2007 15:54:24 GMT',
'connection': 'close', 'cache-control': 'max-age=3600', 'date': 'Mon, 18
Jun
2007 15:54:24 GMT', 'content-type': 'text/xml; charset=iso-8859-15'},
'version': 'rss20', 'etag': None, 'namespaces': {}, 'entries':
[{'updated':
u'Mon, Sep 04 2006, 06:23PM', 'updated_parsed': None, 'links': [{'href':
u'http://www.modscape.com/blog/index_html?showall=yes#id1157412223',
'type':
'text/html', 'rel': 'alternate'}], 'title': u'Ubuntu: Linux For Human
Beings', 'summary_detail': {'base':
'http://www.modscape.com/blog/rss.xml',
'type': 'text/html', 'value': u'ubuntu.jpg\n\nTom wrote:


Doyon, Jean-Francois-2 wrote:
> 
> Forgetting plone (which I know nothing about), dictionaries definitely
> do NOT need security assertions (like lists, strings, integers and all
> basic types).
> 
> Are you SURE it's a dictionary?  Most likely it just LOOKS like one
when
> represented as a string.
> 
> Try:
> 
> <div tal:content="python:repr(myFeed)">
> 
> To see exactly what it is ... It might be an instance of some object
> that has a __str__ that makes it look like a dictionary?
> 
> J.F.
> 
> -----Original Message-----
> From: zope-bounces at zope.org [mailto:zope-bounces at zope.org] On Behalf
Of
> tomvon
> Sent: June 18, 2007 11:36
> To: zope at zope.org
> Subject: Re: [Zope] security assertion needed for dictionary?
> 
> 
> 
> I have the exact same problem and have been unable to find a solution
> anywhere. Were you ever able to resolve this? 
> 
> 
> sfmcfar wrote:
>> 
>> I apologize for cross-posting from the plone newsgroup. but after 
>> posting this I realized that this was more of a Zope issue than a 
>> Plone one.  I wish I could cut-and-paste (development is on the other

>> side of a firewall), so instead I'll be as clear as I can.
>> 
>> Anyway, I have a Plone product that contains a method called
>> getFeedSequence() that returns the result (a dictionary) from
>> feedparser.parse() (Feedparser is the generic RSS/Atom parser).  
>> 
>> In my template, I can do:
>> 
>> <div tal:define="myFeed python:getFeedSequence()">
>>   <div tal:content="python:myFeed">
>> 
>> And see the string representation of the dictionary with no problem.

>> But if I try and access a member of the sequence:
>> 
>> <div tal:define="myFeed python:getFeedSequence()">
>>   <div tal:content="python:myFeed['feed']['title']">
>> 
>> VerboseSecurity reports "The container has no security assertions.
>> Access to None of {[the entire RSS dictionary goes here]} denied."
>> 
>> How can I have permission to access the entire sequence but not a 
>> portion of it?  it appears to me that the sequence is fairly 
>> straightforward - a few nested dictionaries, but that's it.  Does
this
> 
>> make any sense?
>> 
>> 
>> Thanks,
>> 
>> Stan
>> 
> 
> -- 
> View this message in context:
>
http://www.nabble.com/security-assertion-needed-for-dictionary--tf376206
> 1.html#a11178187
> Sent from the Zope - General mailing list archive at Nabble.com.
> 
> _______________________________________________
> Zope maillist  -  Zope at zope.org
> http://mail.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists - 
>  http://mail.zope.org/mailman/listinfo/zope-announce
>  http://mail.zope.org/mailman/listinfo/zope-dev )
> _______________________________________________
> Zope maillist  -  Zope at zope.org
> http://mail.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://mail.zope.org/mailman/listinfo/zope-announce
>  http://mail.zope.org/mailman/listinfo/zope-dev )
> 
> 

-- 
View this message in context:
http://www.nabble.com/security-assertion-needed-for-dictionary--tf376206
1.html#a11178584
Sent from the Zope - General mailing list archive at Nabble.com.



------------------------------

_______________________________________________
Zope maillist  -  Zope at zope.org



End of Zope Digest, Vol 37, Issue 16
************************************


More information about the Zope mailing list