[z3-five] Re: Traversal issue [was: 0.2 release]

Martijn Faassen faassen at infrae.com
Mon Oct 4 13:42:08 MEST 2004 

Philipp von Weitershausen wrote:
> I was just reviewing Sidnei's code on the traversal branch and 
> discussing it with him on IRC. We went through the problematic Zope code 
> again and discussed alternative solutions. He asked me to write a 
> summary to the list, so here it is:
> 
> ZPublisher's BaseRequest checks for __bobo_traverse__ existance during 
> traversal. Here, an exception that is raised by __bobo_traverse__ is 
> simply not caught and ends up being displayed like it was raised by any 
> other code. Thus, raising NotFound in __bobo_traverse__ brings the 
> expected result of a 404 page being served.
> 
> In ZPT's Expressions.py, however, the NotFound exception raised in 
> __bobo_traverse__ is not caught; here, the method is expected to raise 
> AttributeError or KeyError (or several other ones like Unauthorized) to 
> indicate that traversal has failed. Five.Traversable/Viewable returned 
> None here in case it couldn't traverse. That was not correct because it 
> made not existing traversal paths look like they existed. It also broke 
> ZPublisher because ZPublisher thought None had no docstring, hence the 
> docstring problem.
> 
> The code in Sidnei's branch raises NotFoundError now except when it 
> thinks it's being called from ZPT pathexpressions; then it returns None. 
> As explained above, this is not correct behaviour. I suggested to solve 
> the issue by implementing the following:
> - __bobo_traverse__ always raises AttributeError when it cannot 
> traverse. This seems to be the overall expected behaviour.
> 
> - for the ZPublisher, we don't want AttributeError showing but NotFound. 
> To achieve this, we wrap __bobo_traverse__ in a descriptor that does the 
> funky frame introspection and converts AttributeErrors into NotFound. 
> That way the magic is at least contained in that descriptor.
> 
> Objections?

I'm rather horrified such a thing should be necessary, and also 
concerned about performance implications.

I'm confused why we need to do all this special work while Zope itself 
does not. Zope doesn't have any code unwrapping the call stack just to 
determine how the code was called, right? What's different here?

Regards,

Martijn

More information about the z3-five mailing list