[Checkins] SVN: zope.app.wsgi/trunk/src/zope/app/wsgi/__init__.pyprovide a user name for use in logs

Roger Ineichen dev at projekt01.ch
Tue Mar 31 14:59:10 EDT 2009 

Hi Alex

What are you doing? I think there is no 
request.principal.info.login in any zope implementation.

I think it's very bad to just inject such code because
you probably use such an implementation.

Using such code is a very bad idea in general. Populating
the login into a public space like the envorion is probably
not good for everyone. The login has not allways something to
do with a user id. A login is a part of the security
credential and not a user id! That's a dangerous guess you made!

Can you explain what you are doing?

btw, there is a login feature in zope already or
at least some long time ago there was something like
populating the the user id to the log. Could be that
this is gone since a long time. Not sure about that.
And probably this was never migrated to the WSGI server.

Regards
Roger Ineichen

> Betreff: [Checkins] SVN: 
> zope.app.wsgi/trunk/src/zope/app/wsgi/__init__.pyprovide a 
> user name for use in logs
> 
> Log message for revision 98707:
>   provide a user name for use in logs
> 
> Changed:
>   U   zope.app.wsgi/trunk/src/zope/app/wsgi/__init__.py
> 
> -=-
> Modified: zope.app.wsgi/trunk/src/zope/app/wsgi/__init__.py
> ===================================================================
> --- zope.app.wsgi/trunk/src/zope/app/wsgi/__init__.py	
> 2009-03-31 18:14:18 UTC (rev 98706)
> +++ zope.app.wsgi/trunk/src/zope/app/wsgi/__init__.py	
> 2009-03-31 18:16:55 UTC (rev 98707)
> @@ -55,6 +55,11 @@
>  
>          request = publish(request, handle_errors=handle_errors)
>          response = request.response
> +        try:
> +            environ['wsgi.user_name'] = format_login(
> +                request.principal.info.login) 
> +        except AttributeError:
> +            pass
>  
>          # Start the WSGI server response
>          start_response(response.getStatusString(), 
> response.getHeaders()) @@ -63,6 +68,13 @@
>          return response.consumeBodyIter()
>  
>  
> +# Defensive against ids with whitespace def format_login(login):
> +    if login != login.replace(' ',''):
> +        login = '"'+login+'"'
> +    return login
> +
> +
>  class PMDBWSGIPublisherApplication(WSGIPublisherApplication):
>  
>      def __init__(self, db=None, 
> factory=HTTPPublicationRequestFactory,
> 
> _______________________________________________
> Checkins mailing list
> Checkins at zope.org
> http://mail.zope.org/mailman/listinfo/checkins
>

More information about the Checkins mailing list