[Zope3-dev] Undo Principal Transaction problems with pluggable users

[Jeff Shell]

I've developed a sick fascination with undo and have been working
[hard] over the past few days trying to write some code for our
internal frameworks to make Undo easy. Inspired by GMail's "Message
Discarded (Undo Discard)" functionality, I've set about making
something similar that does a modified version of
zope.app.undo.browser's "Undo Last Action", which uses the
'undoPrincipalTransactions()' method of the ZODBUndoManager
(zope.app.undo).

I've filed a collector issue, 529
http://www.zope.org/Collectors/Zope3-dev/529

Basically, unless the request.principal comes from the global
registry, a principal can't undo their own transactions (UndoError
gets raised). Even when I tried to patch the code to get the user from
zapi.principals() (which worked and put a principal object in the
transaction entry information being retrieved), a later identity
comparison of info['principal'] against request.principal failed,
causing UndoError to be raised. I tried an equality check, but it
didn't work either.

If I'm logged in as a global principal defined in zcml, it works fine.

'getPrincipalTransactions' works fine, I'm assuming (or hoping) that
as a workaround that once my code has the filtered transaction list, I
could call 'undo' on the undo manager instead of undo principal
transactions, so long as I remove the security proxy first. I'm fairly
satisfied (enough for tonight) that the selected transaction I want
the view to undo is the users own.

I'm hoping that works so I can leave here in relative peace tonight,
hurry home to my dog, and enjoy a ski day tomorrow :)