<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Marius Gedminas wrote:
<blockquote cite="mid:20100331184713.GA25468@platonas" type="cite">
<pre wrap="">On Thu, Apr 01, 2010 at 12:34:03AM +0900, hass wrote:
</pre>
<blockquote type="cite">
<pre wrap="">I'm experiencing a problem with security declarations in OOBTreeItems.
The following setting which used to worked with an older version of
zope.security failed after upgrading to 3.7.2.
</pre>
</blockquote>
<pre wrap=""><!---->
What version did you use before?
<...snip...>
</pre>
<blockquote type="cite">
<pre wrap="">the error occurs in a view when I try to see if a filename is already in
self.context.keys():
------------------
File "pdfprofile/browser.py", line 151, in extractData
if data['filename'] in self.context.keys():
ForbiddenAttribute: ('__contains__', <OOBTreeItems object at 0xb71c7570>)
</pre>
</blockquote>
<pre wrap=""><!---->
You could use
if data['filename'] in self.context:
instead, and avoid the OOBTreeItems completely.
</pre>
</blockquote>
<font face="Arial"><big></big></font><br>
Well, I was using 3.5.0 before but that doesn't seem to be the issue
because when I check the older version, it didn't declare any
permission for OOBTreeItems as well. The thing is that I updated my
whole repository to the latest versions, so its really hard to figure
out what has caused this change of behavior across versions. <br>
<br>
<blockquote cite="mid:20100331184713.GA25468@platonas" type="cite">
<pre wrap="">
</pre>
<blockquote type="cite">
<pre wrap="">Now I believe I have correct declarations on the self.context. The
problem only arises when I try to look inside the self.context.keys()
which is a OOBTreeItems object.
When I try to check the security declarations, I get an empty list
meaning no declarations at all.
</pre>
</blockquote>
<pre wrap=""><!---->
I don't think I remember zope.security (and zope.app.security before
that) ever declaring permissions for OOBTreeItems...
</pre>
<blockquote type="cite">
<pre wrap=""> >>from zope.security.proxy import getTestProxyItems
>>getTestProxyItems(self.context.keys())
>>[]
Do I have to declare them myself? shouldn't these declarations come as
default?
</pre>
</blockquote>
<pre wrap=""><!---->
Good question. I don't see why not.
</pre>
</blockquote>
My problem was solved by using "if 'something' in self.context"
instead of "if 'something' in self.context.key()".<br>
Thanks alot! But is there basically no other standard use-case scenario
of OOBtreeItems imaginable?<br>
Is that why the declarations are not being made by default? just
wondering.<br>
<br>
Thanks again!<br>
Hass<br>
<blockquote cite="mid:20100331184713.GA25468@platonas" type="cite">
<pre wrap="">Regards,
Marius Gedminas
</pre>
<pre wrap="">
<hr size="4" width="90%">
_______________________________________________
Zope3-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Zope3-users@zope.org">Zope3-users@zope.org</a>
<a class="moz-txt-link-freetext" href="https://mail.zope.org/mailman/listinfo/zope3-users">https://mail.zope.org/mailman/listinfo/zope3-users</a>
</pre>
</blockquote>
<br>
</body>
</html>