[Zope3-Users] container protectName
Pete Taylor
baldtrol at gmail.com
Wed Mar 29 12:22:12 EST 2006
That worked immediately... Thank you sir.
other than "being really smart", how did you know to look at that? I
guess I don't understand some of the implied permissions, esp when
they contradict what I put in the zcml. is there a writeup of the
security chain on the zope3 application server startup somewhere that
I can read through to have a better idea of how that works? I hate
sending questions to the list if I could have just read it myself
somewhere.
On 3/29/06, Michael Howitz <mh at gocept.com> wrote:
> Am Mittwoch, den 29.03.2006, 01:56 -0500 schrieb Pete Taylor:
> > Hi all (yet again ;) ),
> > I ran into this issue on a project I worked on before, but I ended up
> > changing the design before it became a significant issue. this time
> > around, i don't see a way by it.
> >
> > i have a class that derives from Folder (or BTreeContainer, it doesn't
> > really matter for this). in configure.zcml, i set it up as follows:
> > <content class=".consumer.Consumer">
> > <implements
> >
> > interface="zope.app.annotation.interfaces.IAttributeAnnotatable"
> > />
> > <require
> > permission="zope.ManageContent"
> > interface="zope.app.container.interfaces.IReadContainer"
> > />
> > <require
> > permission="zope.ManageContent"
> > interface="zope.app.container.interfaces.IWriteContainer"
> > />
> > <require
> > permission="zope.ManageContent"
> > interface=".interfaces.consumer.IConsumer"
> > />
> > <require
> > permission="zope.ManageContent"
> > set_schema=".interfaces.consumer.IConsumer"
> > />
> > </content>
> >
> > this doesn't work. putting in the third-down require statement breaks
> [ ... ]
> > I've put the traceback below...
> >
> > Traceback (most recent call last):
> > File "bin/runzope", line 48, in ?
> > run()
> > File "bin/runzope", line 44, in run
> > main(["-C", CONFIG_FILE] + sys.argv[1:])
> > File "/opt/zope3//lib/python/zope/app/twisted/main.py", line 74, in main
> > service = setup(load_options(args))
> > File "/opt/zope3//lib/python/zope/app/twisted/main.py", line 139, in setup
> > zope.app.appsetup.config(options.site_definition, features=features)
> > File "/opt/zope3//lib/python/zope/app/appsetup/appsetup.py", line
> > 110, in config
> > context = xmlconfig.file(file, context=context, execute=execute)
> > File "/opt/zope3//lib/python/zope/configuration/xmlconfig.py", line
> > 556, in file
> > context.execute_actions()
> > File "/opt/zope3//lib/python/zope/configuration/config.py", line
> > 606, in execute_actions
> > for action in resolveConflicts(self.actions):
> > File "/opt/zope3//lib/python/zope/configuration/config.py", line
> > 1511, in resolveConflicts
> > raise ConfigurationConflictError(conflicts)
> > zope.configuration.config.ConfigurationConflictError: Conflicting
> > configuration actions
> > For: ('protectName', <class 'petetest.consumer.Consumer'>, '__contains__')
> > File "/usr/lib/python2.4/site-packages/petetest/configure.zcml",
> [ ... ]
>
> This is because your Interface IConsumer extends the
> IContainer-Interface. In Zope3 security declarations can only be done
> once on a content class, but if you extend from IContainer in both
> require statements (for IConsumer and IReadContainer) a permission is
> declared.
>
> Solution: Let ICustomer extend zope.interface.Interface. Because your
> implementation of ICustomer extends BTreeContainer it also interhits the
> implements statement for IContainer.
>
> HTH,
> mac
>
>
--
"All guilt is relative, loyalty counts, and never let your conscience
be your guide."
- Lucas Buck, American Gothic
More information about the Zope3-users
mailing list