[z3-five] Re: another newbie cmf/plone integration question...
Rob Miller
ra at burningman.com
Mon Jun 13 20:59:12 CEST 2005
On Jun 13, 2005, at 5:14 AM, Philipp von Weitershausen wrote:
> Sidnei da Silva wrote:
>> On Mon, Jun 13, 2005 at 12:35:27AM +0200, Philipp von Weitershausen
>> wrote:
>> | I'm CC-ing Sidnei. He's obviously got Five and CMF/Plone/AT going
>> and | maybe he can share some input. Maybe this whole issue can be
>> resolved | quickly. In that case we should just make sure to provide
>> docs in the | right place so that this doesn't happen again.
>> I haven't digged into the problem. Just applied the patch Whit sent to
>> the mailing list and it started working so I didn't worry too
>> much. The patch didn't make much sense though from reading it *wink*.
>
> Whit's patch? Hmm. I vaguely recall something. Got a URL at hand?
here's the bug report and patch that sidnei was referring to, it's
exactly the same problem i've been having:
http://codespeak.net/issues/z3/issue10
i applied the patch to TrustedExpression.py (replacing the
_ModuleImporter class w/ SecureModuleImporter) and was able to get past
the module import problem. i haven't quite got everything working yet,
but i'm closer.
i tried to generate a failing unit test according to your suggestion,
philipp, but was unable to do so... first i created a bogus test
module, but was able to import it in a page template w/o any problem.
then, just to try it, i changed the test template so that it would also
import the CMFPlone module. not meant for checking in, of course,
since Five clearly does not depend on Plone, but i wanted to at least
locally reproduce the problem in the unit tests. no luck, though...
the unit test passes, the import succeeds in the testing environment.
it's worth noting that i did not explicitly specify these modules as
importable. also, i tried using both 'restrictedTraverse' and
'unrestrictedTraverse' in the test, to no avail.
philipp, in answer to your earlier question, the root of the plone site
is the bound container for most old-style skin templates.
i'm not sure if there are potential issues w/ using the
SecureModuleImporter over the _ModuleImporter class... it seems to me
that it makes more sense to use the pre-existing importer rather than
our own, unless there are known issues. even though this fixes the
problem, however, it still is probably a good idea to fix up the
container binding, since that may cause other problems.
-r
More information about the z3-five
mailing list