Mailing List Archive: Zope: Users

how to set anonymous access to authorized content?

Index | Next | Previous | View Threaded

lukesh at seznam

Jan 6, 2009, 2:49 AM

Post #1 of 4 (1262 views)
Permalink

how to set anonymous access to authorized content?

Hi all,

I need to set-up page with anonymous access with some informations from
site, where are authorized access only. This page call dtml method
list_robot from authorized site, from where are called other authorized
methods and documents. From authorized site list_robot works, of course.

Site structure:
domain.com/authorized_pages.htm
domain.com/public/index_html

I was set-up to allow view etc for anonymous (and for all users) in security
tab for "public" folder, index_html have defined proxy role "manager" and I
am still not able to get content from authorized site content. And it still
could not get DTML document js_lib (it is called as <dtml-var js_lib>) from
authorized site. If I was comment js_lib calling, then it fails that used
ZSQL method does not exist...

Error Type: KeyError
Error Value: js_lib
This resource may be trying to reference a nonexistent object or variable
js_lib.

Traceback (innermost last):
File /var/zope/lib/python/ZPublisher/Publish.py, line 150, in
publish_module
File /var/zope/lib/python/ZPublisher/Publish.py, line 114, in publish
File /var/zope/lib/python/Zope/__init__.py, line 159, in
zpublisher_exception_hook
(Object: public)
File /var/zope/lib/python/ZPublisher/Publish.py, line 98, in publish
File /var/zope/lib/python/ZPublisher/mapply.py, line 88, in mapply
(Object: index_html)
File /var/zope/lib/python/ZPublisher/Publish.py, line 39, in call_object
(Object: index_html)
File /var/zope/lib/python/OFS/DTMLDocument.py, line 127, in __call__
(Object: index_html)
File /var/zope/lib/python/DocumentTemplate/DT_String.py, line 473, in
__call__
(Object: index_html)
File /var/zope/lib/python/OFS/DTMLMethod.py, line 120, in __call__
(Object: list_robot)
File /var/zope/lib/python/DocumentTemplate/DT_String.py, line 473, in
__call__
(Object: list_robot)
KeyError: (see above)

It is Zope 2.5.1.

Would you like to point me, where I was make error, please?

Many thanks,

J. Lukesh

_______________________________________________
Zope maillist - Zope [at] zope
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )

dieter at handshake

Jan 6, 2009, 9:24 AM

Post #2 of 4 (1167 views)
Permalink

Re: how to set anonymous access to authorized content? [In reply to]

Jaroslav Lukesh wrote at 2009-1-6 11:49 +0100:
>I need to set-up page with anonymous access with some informations from
>site, where are authorized access only. This page call dtml method
>list_robot from authorized site, from where are called other authorized
>methods and documents. From authorized site list_robot works, of course.

You can try Python scripts with proxy roles to access protected objects.

--
Dieter
_______________________________________________
Zope maillist - Zope [at] zope
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )

dieter at handshake

Jan 10, 2009, 11:50 PM

Post #3 of 4 (1134 views)
Permalink

Re: how to set anonymous access to authorized content? [In reply to]

Jaroslav Lukesh wrote at 2009-1-9 19:06 +0100:
> ...
>But what to do with ZSQL methods? I was create Python script called
>ZSQL_query:
>
>## Script (Python) "ZSQL_query"
> ...
>##parameters=my_string
> ....
>result=context.folder_few_levels_above.ZSQL_query(my_string=my_string)
>return len(result)
>
>
>
>But I was receive error:
>
>Error Type: TypeError
>Error Value: ZSQL_query() takes exactly 1 argument (0 given)
>.....
> File /var/zope/lib/python/DocumentTemplate/DT_Let.py, line 75, in render
> (Object: LET_druh_prace="ZSQL_query()")
> File /var/zope/lib/python/DocumentTemplate/DT_Util.py, line 159, in eval
> (Object: ZSQL_query())
> (Info: ZSQL_query)
> File <string>, line 2, in f
> File /var/zope/lib/python/Shared/DC/Scripts/Bindings.py, line 252, in
>__call__
> (Object: ZSQL_query)
> File /var/zope/lib/python/Shared/DC/Scripts/Bindings.py, line 283, in
>_bindAndExec
> (Object: ZSQL_query)
> File /var/zope/lib/python/Products/PythonScripts/PythonScript.py, line
>302, in _exec
> (Object: ZSQL_query)
> (Info: ({'script': <PythonScript instance at 9570fc0>, 'context':
><Folder instance at 969a378>, 'container': <Folder instance at
>969a378>, 'traverse_subpath': []}, (), {}, None))
>TypeError: (see above)

Apparently, the problem occurs when your Python Script "ZSQL_query"
(not the ZSQL method) is called.
Apparently, the Python Script is called without parameters but
it requires a parameter "my_string".

--
Dieter
_______________________________________________
Zope maillist - Zope [at] zope
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )

dieter at handshake

Jan 12, 2009, 10:42 AM

Post #4 of 4 (1122 views)
Permalink

Re: how to set anonymous access to authorized content? [In reply to]

Jaroslav Lukesh wrote at 2009-1-12 11:35 +0100:
>>>But what to do with ZSQL methods? I was create Python script called
>>>ZSQL_query:
>
>Hi all,
>
>so the only one functional and clean method is to use web_client.
>
>External method:
>
>from ZPublisher import Client
>def wc_list(xmyparam='URL parameter',xmyparam1='URL parameter'):
> return
>Client.call('http://authorized.domain.com/page.htm','login_username','login_password',
>myparam=xmyparam, myparam1=xmyparam1)

I do not think that this is a good solution: it is risky to make
web requests to ones own Zope instance.

To see the risk, assume for a moment that your allow just for a single
worker. Then http requests to itself will deadlock deterministically.

The risk is smaller for larger numbers of workers -- but never zero.
For two workers, assume that both start to execute requests that
later make the client call. Deadlock will be the result again.

Why does the Python script with proxy role not work (I did not understand
this)? It should!

--
Dieter
_______________________________________________
Zope maillist - Zope [at] zope
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )

Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads