Google Groups Home
Help | Sign in
TurboGears Trunk
Home
+ new post
Pages
Files
About this group
Join this group
tgrepozewho
Options
There are currently too many topics in this group that display first. To make this topic appear first, remove this option from another topic.
There was an error processing your request. Please try again.
flag
   12 messages - Collapse all
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
percious  
View profile
  More options May 7, 4:12 pm
From: percious <ch...@percious.com>
Date: Wed, 7 May 2008 13:12:57 -0700 (PDT)
Local: Wed, May 7 2008 4:12 pm
Subject: tgrepozewho
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
I tried putting tgrepozewho up on our linux server and it failed
wonderfully.  Something about userid being a long that it doesnt
like.  Where is the right place to cast the userid into a string?

cheers.
-chris

URL: http://sccdata:13001/login_handler?came_from=http://sccdata:13001/
File '/var/scratch/sccdata/sites/mbms/lib/python2.5/site-packages/
WebError-0.8a-py2.5.egg/weberror/evalexception/middleware.py', line
364 in respond
  app_iter = self.application(environ, detect_start_response)
File '/var/scratch/sccdata/sites/mbms/lib/python2.5/site-packages/
ToscaWidgets-0.8.5-py2.5.egg/tw/core/middleware.py', line 39 in
__call__
  return self.wsgi_app(environ, start_response)
File '/var/scratch/sccdata/sites/mbms/lib/python2.5/site-packages/
Paste-1.6-py2.5.egg/paste/registry.py', line 334 in __call__
  app_iter = self.application(environ, start_response)
File '/var/scratch/sccdata/sites/mbms/lib/python2.5/site-packages/
ToscaWidgets-0.8.5-py2.5.egg/tw/core/middleware.py', line 54 in
wsgi_app
  app_iter = self.application(environ, start_response)
File '/var/scratch/sccdata/sites/mbms/lib/python2.5/site-packages/
Beaker-0.9.4-py2.5.egg/beaker/middleware.py', line 75 in __call__
  return self.app(environ, start_response)
File '/var/scratch/sccdata/sites/mbms/lib/python2.5/site-packages/
Beaker-0.9.4-py2.5.egg/beaker/middleware.py', line 147 in __call__
  return self.wrap_app(environ, session_start_response)
File '/var/scratch/sccdata/sites/mbms/lib/python2.5/site-packages/
Routes-1.8-py2.5.egg/routes/middleware.py', line 99 in __call__
  response = self.app(environ, start_response)
File '/var/scratch/sccdata/sites/mbms/lib/python2.5/site-packages/
repoze.who-0.9.1-py2.5.egg/repoze/who/middleware.py', line 131 in
__call__
  remember_headers = identifier.remember(environ, identity)
File '/var/scratch/sccdata/sites/mbms/lib/python2.5/site-packages/
repoze.who-0.9.1-py2.5.egg/repoze/who/plugins/form.py', line 59 in
remember
  return rememberer.remember(environ, identity)
File '/var/scratch/sccdata/sites/mbms/lib/python2.5/site-packages/
repoze.who-0.9.1-py2.5.egg/repoze/who/plugins/auth_tkt.py', line 130
in remember
  new_cookie_value = ticket.cookie_value()
File '/var/scratch/sccdata/sites/mbms/lib/python2.5/site-packages/
Paste-1.6-py2.5.egg/paste/auth/auth_tkt.py', line 102 in cookie_value
  v = '%s%08x%s!' % (self.digest(), int(self.time), self.userid)
File '/var/scratch/sccdata/sites/mbms/lib/python2.5/site-packages/
Paste-1.6-py2.5.egg/paste/auth/auth_tkt.py', line 99 in digest
  self.user_data)
File '/var/scratch/sccdata/sites/mbms/lib/python2.5/site-packages/
Paste-1.6-py2.5.egg/paste/auth/auth_tkt.py', line 169 in
calculate_digest
  + tokens + '\0' + user_data).hexdigest()
TypeError: cannot concatenate 'str' and 'long' objects


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
chrism  
View profile
  More options May 7, 7:20 pm
From: chrism <chr...@plope.com>
Date: Wed, 7 May 2008 16:20:42 -0700 (PDT)
Local: Wed, May 7 2008 7:20 pm
Subject: Re: tgrepozewho
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
I thought I fixed this in 0.9.1.  You might have found an additional
bug.  I've only tested under Python 2.4 using Paste 1.5, that may be
the difference. :-(  There is code in repoze.who's plugins/auth_tkt.py
that is meant to cast an integer to a string on egress and back again
on ingress but it doesn't handle longs.  Can you try the following
patch?

Index: repoze/who/plugins/auth_tkt.py
===================================================================
--- repoze/who/plugins/auth_tkt.py      (revision 995)
+++ repoze/who/plugins/auth_tkt.py      (working copy)
@@ -15,6 +15,7 @@

     userid_type_encoders = {
         int: ('int', str),
+        long: ('int', str),
         }

     def __init__(self, secret, cookie_name='auth_tkt',


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
chrism  
View profile
  More options May 7, 7:23 pm
From: chrism <chr...@plope.com>
Date: Wed, 7 May 2008 16:23:24 -0700 (PDT)
Local: Wed, May 7 2008 7:23 pm
Subject: Re: tgrepozewho
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
I should probably also mention that I'm getting this list in digest
mode currently, so if you need a response fast, please cc me.

- C

On May 7, 4:12 pm, percious <ch...@percious.com> wrote:


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
chrism  
View profile
  More options May 7, 7:30 pm
From: chrism <chr...@plope.com>
Date: Wed, 7 May 2008 16:30:36 -0700 (PDT)
Local: Wed, May 7 2008 7:30 pm
Subject: Re: tgrepozewho
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
See also:

http://lists.repoze.org/pipermail/repoze-checkins/2008-May/000768.html

On May 7, 7:20 pm, chrism <chr...@plope.com> wrote:


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
percious  
View profile
  More options May 8, 2:58 pm
From: percious <ch...@percious.com>
Date: Thu, 8 May 2008 11:58:01 -0700 (PDT)
Local: Thurs, May 8 2008 2:58 pm
Subject: Re: tgrepozewho
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
chris,

Thanks for the fix.  Works great now....  Now if we could only get a
way to authorize on TG Controllers (ie. requires) we would be in good
shape.  I will probably be writing this code at the next sprint.

cheers.
-chris

On May 7, 5:30 pm, chrism <chr...@plope.com> wrote:


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
chrism  
View profile
  More options May 9, 10:52 am
From: chrism <chr...@plope.com>
Date: Fri, 9 May 2008 07:52:38 -0700 (PDT)
Local: Fri, May 9 2008 10:52 am
Subject: Re: tgrepozewho
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
Isn't this what the "require" function in
http://svn.turbogears.org/projects/tgrepozewho/trunk/tgrepozewho/auth...
does?

On May 8, 2:58 pm, percious <ch...@percious.com> wrote:


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Florent Aide  
View profile
  More options May 9, 10:55 am
From: "Florent Aide" <florent.a...@gmail.com>
Date: Fri, 9 May 2008 16:55:37 +0200
Local: Fri, May 9 2008 10:55 am
Subject: Re: [tg-trunk] Re: tgrepozewho
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author

On Fri, May 9, 2008 at 4:52 PM, chrism <chr...@plope.com> wrote:

> Isn't this what the "require" function in
> http://svn.turbogears.org/projects/tgrepozewho/trunk/tgrepozewho/auth...
> does?

nope, what ChrisP wants is to be able to protect a full controller
without being forced to used a decorator on each exposed method.
This is something that is still needed.

Florent.


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Mark Ramm  
View profile
  More options May 11, 12:24 am
From: "Mark Ramm" <mark.mchristen...@gmail.com>
Date: Sun, 11 May 2008 00:24:05 -0400
Local: Sun, May 11 2008 12:24 am
Subject: Re: [tg-trunk] Re: tgrepozewho
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author

> nope, what ChrisP wants is to be able to protect a full controller
> without being forced to used a decorator on each exposed method.
> This is something that is still needed.

I think I have a sample of something that could work for this
somewhere, I'll try to post it up somewhere (or just add it to
tgrepozewho) in the next couple of days.

--Mark Ramm


    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Mark Ramm  
View profile
  More options May 11, 12:45 am
From: "Mark Ramm" <mark.mchristen...@gmail.com>
Date: Sun, 11 May 2008 00:45:00 -0400
Subject: Re: [tg-trunk] Re: tgrepozewho
Reply to author | Forward | Print | Individual message | Show original | Report this message | Find messages by this author
I probably won't have much time to look at this until Tuesday or
perhaps even Wednesday.   But I did find the code....

Here's the code snipit Jonathan sent me a  while back::

from pylons.controllers.util import abort
from pylons.controllers.objectdispatch import iscontroller
from tg import expose
import inspect

def walk_controller(root_class, controller):
    if hasattr(controller, 'lookup'):
        lookup = controller.lookup
        @expose()
        def new_lookup(*args, **kwargs):
            root_class._perform_validation()
            return lookup(*args, **kwargs)
        controller.lookup = new_lookup

    for name, value in inspect.getmembers(controller):
        if inspect.ismethod(value):
            if iscontroller(value):
                value.decoration.hooks['before_call'].append(
                    root_class._perform_validation
                )
        elif hasattr(value, '__class__'):
            if name.startswith('__') and name.endswith('__'): continue
            walk_controller(root_class, value)

class SecuredControllerMeta(type):
    def __init__(cls, name, bases, dict_):
        walk_controller(cls, cls)

class SecuredController(object):
    __metaclass__ = SecuredControllerMeta

    @classmethod
    def check_permissions(cls):
        return True

    @classmethod
    def _perform_validation(cls, *args, **kwargs):
        if not cls.check_permissions():
            abort(401, 'Unauthorized')

Basically this ensures that the classmethod check_permissions is
called (at the before_call hook) for every method in the class, or any
of it's member objects.

Obviously we could extend this so that we do identity predicate checks
specifically.  But as long as check_permission returns a boolian value
we're good.

And we might be able to tweek the dispatch mechanism a bit to
eliminate the need for some of this stuff.   This works, but it's not
particularly efficient at object instantiation time...

--Mark

On Sun, May 11, 2008 at 12:24 AM, Mark Ramm <mark.mchristen...@gmail.com> wrote:
>> nope, what ChrisP wants is to be able to protect a full controller
>> without being forced to used a decorator on each exposed method.
>> This is something that is still needed.

> I think I have a sample of something that could work for this
> somewhere, I'll try to post it up somewhere (or just add it to
> tgrepozewho) in the next couple of days.

> --Mark Ramm

--
Mark Ramm-Christensen
email: mark at compoundthinking dot com
blog: www.compoundthinking.com/blog

    Reply to author    Forward  
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.