Sorry the gmail response send only to the original poster not to the list (sorry Andreas)<br>The original post:<br><br>The question then (sorry):<br>I have a product called Yanged<br>This product has overrided:<br>__bobo_traverse__ who returns some objects and sometime a wrapper object with the HTML code to the browser
<br>__call__ who returns the HTML code to __bobo_traverse__ or if you call the object itself
<br>index_html who returns __call__<br>A TALES evaluator to evaluate some TALES expresion out of page templates<br><br>All
works ok except when I try to delete some objects. When I try to launch
the delete method I raises an authorized error and ask for new login
and password
<br><br>I try with my user who is manager and owner but logon doesn't work and raises the same error<br><br>If I look the error log I could see this error:<br><br><pre>Traceback (innermost last):<br> Module ZPublisher.Publish
<br>, line 106, in publish<br> Module ZPublisher.BaseRequest, line 323, in traverse<br> Module Products.Yanged.Yanged, line 61, in __bobo_traverse__<br> Module Products.Yanged.Yanged, line 141, in __call__<br> Module
Products.Yanged.Yanged<br>, line 170, in Ejecutar<br> Module Products.Yanged.Yanged, line 125, in __call__<br> Module Products.Yanged.Yanged, line 170, in Ejecutar<br> Module Shared.DC.Scripts.Bindings, line 311, in __call__
<br> Module Shared.DC.Scripts.Bindings<br>, line 348, in _bindAndExec<br> Module Products.PythonScripts.PythonScript, line 325, in _exec<br> Module None, line 2, in BorrarFuncionalidad<br> - <PythonScript at /sistes.net/clientes/escobarsl.com/Comandos/BorrarFuncionalidad used for /sistes.net/clientes/escobarsl.com/Pagina/Borrar/BorrarCaso>
<br><br> - Line 2<br> Module AccessControl.ImplPython, line 729, in guarded_getattr<br> Module AccessControl.ImplPython, line 671, in aq_validate<br> Module AccessControl.ImplPython, line 565, in validate<br> Module
AccessControl.ImplPython<br>, line 463, in validate<br> Module AccessControl.ImplPython, line 810, in raiseVerbose<br>Unauthorized: Your user account does not have the required permission. Access to 'manage_delObjects' of (Yanged at /sistes.net/clientes/escobarsl.com/Pagina/Funcionalidades) denied. Your user account, Anonymous User, exists at (unknown). Access requires one of the following roles: ['Manager']. Your roles in this context are ['Anonymous'].
<br><br></pre>If I try to delete the object the error is raised but if <span>immediately I try to create another object works ok<br><br>This
are the code about BorrarFuncionalidad (the code who raises the error)
and CrearFuncionalidad (the code that works ok). Both are Python
Scripts:
<br><br>BorrarFuncinalidad<br></span>carpeta = getattr(context.Singular(), 'Funcionalidades')<br>carpeta.manage_delObjects(args['path'])<br>return args<br><br>CrearFuncionalidad<br>carpeta = getattr(context.Singular
(), 'Funcionalidades')<br>Id = context.Dame(context.Id)<br><br>args['caso'] = carpeta.manage_addProduct['Yanged'].CrearYanged(Id)<br>return args<br><br>Both scripts are launched in the same way (the Ejecutar method you could see at the traceback above)
<br><br>I try to track the user from the __bobo_traverse__ to the
__call__ and seems the user credentials are lost when I call
CrearFuncionalidad (in the whole call)<br><br>Can you point me some clues to solve this problem?
<br><br>Thanks!<br><br><div><span class="gmail_quote">2007/3/12, Dennis Allison <<a href="mailto:allison@shasta.stanford.edu">allison@shasta.stanford.edu</a>>:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>I did not catch the original post and so don't know any of the details,<br>but it sounds like a problem with the logging system, not a loss of<br>credentials. We had long ago and resolved with the list's help. This
<br>patch is still in use with Zope 2.9.X.<br><br>You need to patch ../lib/python/ZServer/medusa/http_server.py<br><br>--- ./v0.0/http_server.py 2004-12-25 22:39:31.000000000 -0800<br>+++ ./v0.1/http_server.py 2004-12-25 22:39:
31.000000000 -0800<br>@@ -36,6 +36,9 @@<br> from counter import counter<br> from urllib import unquote<br><br>+# Paul's Patch (a shameful thing) to make names register properly<br>+from ZPublisher.HTTPRequest import parse_cookie
<br>+<br> #<br>===========================================================================<br> # Request Object<br> #<br>===========================================================================
<br>@@ -277,6 +280,7 @@<br><br> auth=self.get_header('Authorization')<br> name='Anonymous'<br>+<br> if auth is not None:<br> if string.lower(auth[:6]) == 'basic ':
<br> try: decoded=base64.decodestring(auth[6:])<br>@@ -286,10 +290,35 @@<br> name = 'Unknown (bad auth string)'<br> else:<br> name = t[0]<br>
+ else:<br>+ # start of patch<br>+ try:<br>+ auth_cookie_name='__ac'<br>+ cookie= None<br>+ try:<br>+ cookies = {}<br>+ header_value =
self.get_header("Cookie")<br>+ if header_value:<br>+ parse_cookie(header_value, cookies)<br>+ cookie = cookies.get(auth_cookie_name, None)<br>+ except:
<br>+ name = 'Anonymous'<br>+<br>+ if cookie is not None:<br>+ cookie = unquote(cookie)<br>+ try:<br>+ cookie = base64.decodestring
(cookie)<br>+ name, password = tuple( cookie.split(':',1))<br>+ except: name= "Unknown (bad auth cookie)"<br>+ except:<br>+ name = "Failure!"
<br>+ # end of patch<br><br>+ # log the host domain too<br> self.channel.server.logger.log (<br> self.channel.addr[0],<br>- '- %s [%s] "%s" %d %d "%s" "%s"\n' % (
<br>+ '%s %s [%s] "%s" %d %d "%s" "%s"\n' % (<br>+ self.get_header('Host'),<br> name,<br> self.log_date_string (time.time
()),<br> self.request,<br><br>Hope this helps.<br><br><br><br>On Mon, 12 Mar 2007, Garito wrote:<br><br>> Could any charitable soul take pity on this poor sinner, please...?<br>><br>> 2007/3/12, Garito <
<a href="mailto:garito@gmail.com">garito@gmail.com</a>>:<br>> ><br>> > Hi Andreas!<br>> > What kind of information do you need?<br>> > On my last messages to the list I send the tracebacks and some other
<br>> > information (need to resend them?)<br>> ><br>> > Could you point me what details do you need?<br>> ><br>> > Thank you so much for you interest!<br>> ><br>> > 2007/3/12, Andreas Jung <
<a href="mailto:lists@zopyx.com">lists@zopyx.com</a>>:<br>> > ><br>> > ><br>> > ><br>> > > --On 12. März 2007 04:04:31 +0100 Garito <<a href="mailto:garito@gmail.com">garito@gmail.com
</a>> wrote:<br>> > ><br>> > > > Hi all!<br>> > > > Some days ago I send to the list a question about a problem losting<br>> > > user<br>> > > > credentials<br>> > > >
<br>> > > > In my code I don't use nothing about security and nothing is changed<br>> > > on<br>> > > > zmi's security tab<br>> > > ><br>> > > > But when I launch a method (Borrar if you remember) the user who
<br>> > > launches<br>> > > > the action is anonymous not the logged one<br>> > ><br>> > > Somewhat hard to believe without a detailed description....<br>> > ><br>> > > -aj
<br>> > ><br>> ><br>> ><br>> ><br>> > --<br>> > Mis Cosas: <a href="http://blogs.sistes.net/Garito">http://blogs.sistes.net/Garito</a><br>> ><br>><br>><br>><br>><br>
<br>--<br><br></blockquote></div><br><br clear="all"><br>-- <br>Mis Cosas: <a href="http://blogs.sistes.net/Garito">http://blogs.sistes.net/Garito</a>