[z3-five] Re: another newbie cmf/plone integration question...

Rob Miller ra at burningman.com
Sun Jun 12 22:28:13 CEST 2005 

Lennart Regebro wrote:

> Which expression causes the error?

the following piece from a tal:define is the culprit:

Iterator python:modules['Products.CMFPlone'].IndexIterator;

the module access is what is being denied.

> Doesn't Plone use stadrad_template/macros/master? (if it does you can
> simply use CMFonFives template...)

plone has it's own main_template with a master macro, yes.  but i AM 
using CMFonFive's template, that's how i'm getting the error.  as i 
said, the problem seems to be related to the 'container' variable being 
bound to an instance of SimpleViewClass; either the SimpleViewClass 
instance needs to be wrapped in a Z2-style implicit acquisition context, 
or the container binding needs to changed to actually be the container 
within which the view is being rendered, i think, but i have no idea how 
to go about accomplishing either of these.

-r


> 
> 
> On 6/11/05, Rob Miller <ra at burningman.com> wrote:
> 
>>okay, making progress.  i'm now able to create instances of my custom AT
>>objects using a z3 style addform which is autogenerated from the AT
>>schema... no need for portal_factory!
>>
>>the next hurdle is getting the addform to work within plone's
>>main_template system.  things work well when i use a completely custom
>>five_template, but of course then the addform is missing all of the
>>typical site skinning.  when i try to modify five_template so that it
>>delegates to main_template (as, for example, the five_template that
>>comes w/ CMFonFive does), then i get an unauthorized error related to a
>>module import:
>>
>>
>>
>>Traceback (innermost last):
>>   Module ZPublisher.Publish, line 101, in publish
>>   Module ZPublisher.mapply, line 88, in mapply
>>   Module ZPublisher.Publish, line 39, in call_object
>>   Module Products.Five.browserconfigure, line 628, in __call__
>>   Module Shared.DC.Scripts.Bindings, line 306, in __call__
>>   Module Shared.DC.Scripts.Bindings, line 343, in _bindAndExec
>>   Module Products.PageTemplates.PageTemplateFile, line 106, in _exec
>>   Module Products.PageTemplates.PageTemplate, line 96, in pt_render
>>    - <ZopeTwoPageTemplateFile at 0x4860d20>
>>   Module TAL.TALInterpreter, line 190, in __call__
>>   Module TAL.TALInterpreter, line 234, in interpret
>>   Module TAL.TALInterpreter, line 671, in do_useMacro
>>   Module TAL.TALInterpreter, line 234, in interpret
>>   Module TAL.TALInterpreter, line 671, in do_useMacro
>>   Module TAL.TALInterpreter, line 234, in interpret
>>   Module TAL.TALInterpreter, line 409, in do_optTag_tal
>>   Module TAL.TALInterpreter, line 394, in do_optTag
>>   Module TAL.TALInterpreter, line 389, in no_tag
>>   Module TAL.TALInterpreter, line 234, in interpret
>>   Module TAL.TALInterpreter, line 671, in do_useMacro
>>   Module TAL.TALInterpreter, line 234, in interpret
>>   Module TAL.TALInterpreter, line 464, in do_setGlobal_tal
>>   Module Products.PageTemplates.TALES, line 221, in evaluate
>>    - URL: index
>>    - Line 3, Column 0
>>    - Expression: <PythonExpr modules['Products.CMFPlone'].IndexIterator>
>>    - Names:
>>       {'container': <SimpleViewClass from
>>/Users/rob/devzope/Products/Fate/meta/add.pt instance at 3cf4d20>,
>>        'context': <ATBTreeFolder instance at 4a116e0>,
>>        'default': <Products.PageTemplates.TALES.Default instance at
>>0x21af1e8>,
>>        'here': <ATBTreeFolder instance at 4a116e0>,
>>        'loop': <SafeMapping instance at 3eebab0>,
>>        'modules': <Products.Five.TrustedExpression._ModuleImporter
>>instance at 0x340b8c8>,
>>        'nothing': None,
>>        'options': {'args': (<SimpleViewClass from
>>/Users/rob/devzope/Products/Fate/meta/add.pt instance at 3cf4d20>,)},
>>        'repeat': <SafeMapping instance at 3eebab0>,
>>        'request': <HTTPRequest,
>>URL=http://127.0.0.1:6080/openplans/projects/add_project>,
>>        'root': <Application instance at 4a16950>,
>>        'template': <ZopeTwoPageTemplateFile at 0x4860d20>,
>>        'traverse_subpath': [],
>>        'user': rob,
>>        'view': <SimpleViewClass from
>>/Users/rob/devzope/Products/Fate/meta/add.pt instance at 3cf4d20>,
>>        'views': <zope.app.pagetemplate.viewpagetemplatefile.ViewMapper
>>object at 0x4c51ef0>}
>>   Module Products.PageTemplates.ZRPythonExpr, line 47, in __call__
>>    - __traceback_info__: modules['Products.CMFPlone'].IndexIterator
>>   Module Python expression
>>"modules['Products.CMFPlone'].IndexIterator", line 1, in <expression>
>>   Module AccessControl.ZopeGuards, line 71, in guarded_getitem
>>   Module AccessControl.ImplPython, line 407, in validate
>>   Module Products.VerboseSecurity.VerboseSecurityPolicy, line 151, in
>>validate
>>Unauthorized: The container has no security assertions.  Access to
>>'Products.CMFPlone' of (Products.Five.TrustedExpression._ModuleImporter
>>instance at 0x340b8c8) denied.
>>
>>
>>the problem seems to be that the security context is not set up
>>correctly within the addform's rendering environment.  the container
>>seems to be a SimpleViewClass instance, where SimpleViewClass is
>>dynamically created via a call to
>>Products.Five.browserconfigure.makeClassForTemplate().  i'm guessing
>>that if i can acquisition wrap this SimpleViewClass instance somewhere
>>within my persistent object hierarchy then the security look-ups would
>>start working, but i can't find where the instance is actually created.
>>  am i going in the right direction?  i've dug through the other threads
>>re: CMF and Five integration, but i haven't seen anything dealing w/
>>this security context issue.
>>
>>thx for any help,
>>
>>-r
>>
>>p.s.: as i'm using plone, you've probably surmised that i'm using CMF
>>1.4, not 1.5.
>>
>>_______________________________________________
>>z3-five mailing list
>>z3-five at codespeak.net
>>http://codespeak.net/mailman/listinfo/z3-five
>>
> 
> 
>

More information about the z3-five mailing list