[Zope-dev] Re: [ZODB-Dev] Blather
Shane Hathaway
shane@zope.com
Fri, 13 Sep 2002 09:30:54 -0400 (EDT)
On Fri, 13 Sep 2002, Magnus Heino wrote:
>
> > >>What do ZODB and VerboseSecurity log at the BLATHER level?
> > >
> > > 2002-09-12T17:55:53 BLATHER(-100) VerboseSecurity Unauthorized: Your user
> > > account does not have the required permission. Access to 'manage' of
> > > (Application instance at 8b9cf90) denied. Your user account, Anonymous
> > > User, exists at /acl_users. Access requires one of the following roles:
> > > ['Manager']. Your roles in this context are ['Anonymous'].
> > >
> > > 2002-09-12T17:56:57 BLATHER(-100) ZODB Commiting subtransaction of size
> > > 2909677
> > >
> > > Maybe its Shanes VerboseSecurity product that should use INFO, cause all
> > > it does is output those logs... I mean, if you have it installed, you
> > > probably want to see the logs.
> >
> > This is a tough call. VerboseSecurity often logs information that might
> > be useful, but which does not actually raise an Unauthorized error. For
> > example, if you look at the management interface as a semi-restricted
> > user, you'll see only some of the tabs. VerboseSecurity will output a
> > log message for each tab you can't see and for every ZMI request. This
> > is far more info than most people want (including me). :-)
>
> Why not keep this at BLATHER, but change the "Unauthorized error's" to INFO?
We can't differentiate between the two. VerboseSecurity does not know
(and should not know) how it is invoked. Unless you can think of some way
we can achieve the right magic.
Shane