Discussion:
[Zope3-Users] Referencing objects
Michael Seifert
2011-02-04 14:38:04 UTC
Permalink
Hello everyone,

I recently started a Zope3 project, but I am stuck at the very
beginning. Although I have some experience with Zope2, the more flexible
approach to developing web applications was giving me a really hard
start. Let me point out my situation:
I created a container hierarchy which is stored in ZODB. Say I have a
set of object types A, B, C, D, whose relationships look like the
following (edges represent containment, i.e. A contains B,... where B
and D are in subcontainers of A):

A
/ \
B D
|
C

C has an attribute referencing an object of type D. As this attribute is
mandatory on creation, I created a vocabulary, which ascends the
hierarchy from the current context until it reaches A and returns all
objects of type D.
Now the part that doesn't work:
While ascending from C to B and from B to A works fine, descending from
A to D returns a security proxied object and since these objects cannot
be pickled, I cannot store it's reference in the attribute of C.

1. Is this the way it's meant to be done? :) What is your opinion of
storing B and D objects in subcontainers of A?
2. Are there any means to turn the vocabulary into trusted code, so it
will not be encapsulated in a proxy (without deactivating the security
proxy)?
3. How do you reference objects like you do with foreign keys in
relational databases? I want to do this to prevent objects from being
saved multiple times.


Thanks in advance and best regards
Michael
Thierry Florac
2011-02-04 16:04:33 UTC
Permalink
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,


Le vendredi 4 février 2011,
Michael Seifert <***@gmx.net> a écrit :
======================================================================
Post by Michael Seifert
Hello everyone,
I recently started a Zope3 project, but I am stuck at the very
beginning. Although I have some experience with Zope2, the more
flexible approach to developing web applications was giving me a
I created a container hierarchy which is stored in ZODB. Say I have a
set of object types A, B, C, D, whose relationships look like the
following (edges represent containment, i.e. A contains B,... where B
A
/ \
B D
|
C
C has an attribute referencing an object of type D. As this attribute
is mandatory on creation, I created a vocabulary, which ascends the
hierarchy from the current context until it reaches A and returns all
objects of type D.
While ascending from C to B and from B to A works fine, descending
from A to D returns a security proxied object and since these objects
cannot be pickled, I cannot store it's reference in the attribute of
C.
1. Is this the way it's meant to be done? :) What is your opinion of
storing B and D objects in subcontainers of A?
That shouldn't be a problem, it's not different when you use a "basic"
folder-like container which, internally, stores sub-objects in an
internal b-tree container ; the only difference here is that you own
two internal containment attributes.
Post by Michael Seifert
2. Are there any means to turn the vocabulary into trusted code, so it
will not be encapsulated in a proxy (without deactivating the security
proxy)?
Perhaps can you use the "removeSecurityProxy" function ?
Post by Michael Seifert
3. How do you reference objects like you do with foreign keys in
relational databases? I want to do this to prevent objects from being
saved multiple times.
If the targetted object is persistent (and so a subclass of
"Persistent" class), it should be stored only once in the database
(just try to alter properties of an object and check if the other one
is also modified or not to check !)
Another way I commonly use to store references is to store only an
IIntIds utility reference, which is an integer ; the benefit of this
is that this value can easilly be indexed.

Regards,
Thierry
- --
Chef de projets intranet/internet
Office National des Forêts - Département Informatique
2, Avenue de Saint-Mandé
75570 Paris Cedex 12
Tél. : 01 40 19 59 64
Fax. : 01 40 19 58 85
Mél. : ***@onf.fr
Web. : http://www.onf.fr
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iEYEARECAAYFAk1MI5EACgkQNl1a1Vtu7wrpzACeLPBWLaKoVVQn+fueivqnwhJb
jSwAn1LWhDCBnleB
Michael Seifert
2011-02-21 12:28:00 UTC
Permalink
Post by Thierry Florac
Hi,
Le vendredi 4 février 2011,
======================================================================
Post by Michael Seifert
Hello everyone,
I recently started a Zope3 project, but I am stuck at the very
beginning. Although I have some experience with Zope2, the more
flexible approach to developing web applications was giving me a
I created a container hierarchy which is stored in ZODB. Say I have a
set of object types A, B, C, D, whose relationships look like the
following (edges represent containment, i.e. A contains B,... where B
A
/ \
B D
|
C
C has an attribute referencing an object of type D. As this attribute
is mandatory on creation, I created a vocabulary, which ascends the
hierarchy from the current context until it reaches A and returns all
objects of type D.
While ascending from C to B and from B to A works fine, descending
from A to D returns a security proxied object and since these objects
cannot be pickled, I cannot store it's reference in the attribute of
C.
1. Is this the way it's meant to be done? :) What is your opinion of
storing B and D objects in subcontainers of A?
That shouldn't be a problem, it's not different when you use a "basic"
folder-like container which, internally, stores sub-objects in an
internal b-tree container ; the only difference here is that you own
two internal containment attributes.
Post by Michael Seifert
2. Are there any means to turn the vocabulary into trusted code, so it
will not be encapsulated in a proxy (without deactivating the security
proxy)?
Perhaps can you use the "removeSecurityProxy" function ?
Post by Michael Seifert
3. How do you reference objects like you do with foreign keys in
relational databases? I want to do this to prevent objects from being
saved multiple times.
If the targetted object is persistent (and so a subclass of
"Persistent" class), it should be stored only once in the database
(just try to alter properties of an object and check if the other one
is also modified or not to check !)
Another way I commonly use to store references is to store only an
IIntIds utility reference, which is an integer ; the benefit of this
is that this value can easilly be indexed.
Regards,
Thierry
Thanks Thierry, your answer helped a lot.

I solved the issue with:
from zope.security.proxy import removeSecurityProxy
def vocab(context):
...
return SimpleVocabulary.fromValues([removeSecurityProxy(elem) for elem
in context.values()]))


Still, I have some questions regarding the security.

1.
When creating the vocabulary with
return SimpleVocabulary.fromValues([elem.someFunc() for elem in
context.values()]))
I noticed that elem in context.values() are not proxied yet, so the
actual wrapping must take place before the values are passed to the ZMI.
How does calling the removeSecurityProxy function prevent the objects
from being wrapped, since the wrapping takes place AFTER the function call?
(I had a look at the sources, but the implementation resides in
zope.security._proxy which is a binary .so file)


2.
The vocabularies are registered as utilities in the .zcml file(s).
Since access to objects from these vocabularies is not checked by a
security proxy: Is it therefore possible that any user can access the
vocabulary data?
If so, is there a way to restrict access to the utility vocabularies?

Regards,
Michael
Simon Elbaz
2011-02-21 13:44:46 UTC
Permalink
Hi,
Post by Thierry Florac
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Post by Thierry Florac
Hi,
Le vendredi 4 février 2011,
======================================================================
Post by Michael Seifert
Hello everyone,
I recently started a Zope3 project, but I am stuck at the very
beginning. Although I have some experience with Zope2, the more
flexible approach to developing web applications was giving me a
I created a container hierarchy which is stored in ZODB. Say I have a
set of object types A, B, C, D, whose relationships look like the
following (edges represent containment, i.e. A contains B,... where B
A
/ \
B D
|
C
C has an attribute referencing an object of type D. As this attribute
is mandatory on creation, I created a vocabulary, which ascends the
hierarchy from the current context until it reaches A and returns all
objects of type D.
While ascending from C to B and from B to A works fine, descending
from A to D returns a security proxied object and since these objects
cannot be pickled, I cannot store it's reference in the attribute of
C.
1. Is this the way it's meant to be done? :) What is your opinion of
storing B and D objects in subcontainers of A?
That shouldn't be a problem, it's not different when you use a "basic"
folder-like container which, internally, stores sub-objects in an
internal b-tree container ; the only difference here is that you own
two internal containment attributes.
Post by Michael Seifert
2. Are there any means to turn the vocabulary into trusted code, so it
will not be encapsulated in a proxy (without deactivating the security
proxy)?
Perhaps can you use the "removeSecurityProxy" function ?
Post by Michael Seifert
3. How do you reference objects like you do with foreign keys in
relational databases? I want to do this to prevent objects from being
saved multiple times.
If the targetted object is persistent (and so a subclass of
"Persistent" class), it should be stored only once in the database
(just try to alter properties of an object and check if the other one
is also modified or not to check !)
Another way I commonly use to store references is to store only an
IIntIds utility reference, which is an integer ; the benefit of this
is that this value can easilly be indexed.
Regards,
Thierry
Thanks Thierry, your answer helped a lot.
from zope.security.proxy import removeSecurityProxy
...
return SimpleVocabulary.fromValues([removeSecurityProxy(elem) for elem
in context.values()]))
Still, I have some questions regarding the security.
1.
When creating the vocabulary with
return SimpleVocabulary.fromValues([elem.someFunc() for elem in
context.values()]))
I noticed that elem in context.values() are not proxied yet, so the
actual wrapping must take place before the values are passed to the ZMI.
How does calling the removeSecurityProxy function prevent the objects
from being wrapped, since the wrapping takes place AFTER the function call?
(I had a look at the sources, but the implementation resides in
zope.security._proxy which is a binary .so file)
The removeSecurityProxy does not prevent the object from being proxied: it
allows the storage of the object in an attribute without its proxy.
The original object will always be proxied.
Post by Thierry Florac
2.
The vocabularies are registered as utilities in the .zcml file(s).
Since access to objects from these vocabularies is not checked by a
security proxy: Is it therefore possible that any user can access the
vocabulary data?
If so, is there a way to restrict access to the utility vocabularies?
You can use the utility permission attribute.
Post by Thierry Florac
Regards,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk1iWlAACgkQnzX+Jf4GTUxO2gCeIoKh8l+6QaGsDo07WKUT2Y94
BDQAn16rtkPVIIPo5N8a2K7A/SsOdoQU
=dHUQ
-----END PGP SIGNATURE-----
_______________________________________________
Zope3-users mailing list
https://mail.zope.org/mailman/listinfo/zope3-users
Regards,
Simon

Loading...