IRC log of #zope3-dev for Thursday, 2005-09-08

« Wednesday, 2005-09-07 Index Friday, 2005-09-09 »
*** vlado has joined #zope3-dev00:00
jhauserwill this be a german speaking sprint?00:02
projekt01Half of them speak german, I think it depends in which group you are working.00:04
jhauserok, then it's better if I write it down in english00:05
*** sashav has quit IRC00:05
projekt01srichter, does your changes (Publisher Response API) affect the jsonserver implementation?00:13
*** vlado has quit IRC00:25
*** projekt01 has quit IRC00:48
srichterprojekt01: most likely, but everything has BBB01:13
*** yota has quit IRC01:27
*** fdrake has left #zope3-dev01:27
srichterbenji_york: do we want to move testbrowser into Zope 3 trunk?01:30
srichternow that Py 2.4 has been approved01:30
benji_york*has* 2.4 been approved?01:30
srichteryes01:30
benji_yorkand even if so, has testbrowser been "approved"?01:31
srichterno ;-) but noone has objected01:31
srichtersilence is consent :-)01:31
GaryPosterAnd since it relies on ClientForm et al we have to get that in ZPL if it's going to be in the core01:31
benji_yorkok, go for it01:31
srichterand I doubt Jim would veto this :-)01:31
GaryPosterum01:31
GaryPosterstop?01:31
GaryPoster:-)01:31
srichterspeak01:31
srichternow or .... ;-)01:32
GaryPosterOK, so you are going to relicense ClientForm et al as ZPL?01:32
srichterno, of course not01:32
GaryPoster(Benji explained to me that we could do that)01:32
benji_yorkwe can, but I don't see the point01:33
GaryPoster(and I believed him :-) )01:33
srichterwe have to very carefully state the requirements inour License file01:33
srichterin fact I would like to experiment a bit with release files later on and try to distribute those modules and packages in a separate file01:34
GaryPosterAch, I'm late.  My concern is that you are going to include testbrowser, which has dependencies on other packages.  I'm tentatively ok with that for large, important components, a la lxml, but requiring installation of four packages seems unpleasant.01:34
srichterwe can make the choice how we want to do this01:34
srichterI would really like a vendor import section of the repository01:35
srichterthen we just use external links, instead in having it in the code01:35
GaryPosterhm, seems like a bigger decision than I have time for now.  That's my concern, anyway.01:36
srichterI guess I'll probe Jim tomorrow01:36
GaryPostereek!01:37
* benji_york wonders if srichter is an alien01:37
srichter:-)01:37
srichterI connect some electrodes to his brain and suck up some knowledge :-)01:38
benji_yorkl8r all01:40
*** benji_york has quit IRC01:40
*** projekt01 has joined #zope3-dev01:42
srichterprojekt01: most likely, but everything has BBB01:43
projekt01cool01:44
projekt01btw, do you know how I can delete a object on a view on this object and redirect to the parent container? I run into a location error because the object doesn't exist when redirect is called after delete the object itself.01:46
srichterjust call redirect before delete01:47
srichteror forward the request to a view of the container01:47
projekt01Ok, I try this. I need to do this in a activity where I like to delete the object if I click on the transition "delete"01:49
*** J1m has quit IRC01:51
*** GaryPoster has quit IRC01:54
projekt01srichter, do you know if I can call "self.participant.activity.workItemFinished(self)" and then delete the object in a workitem's finish method01:59
*** bskahan has joined #zope3-dev02:04
projekt01srichter, I found a way, get a reference in the view from the parent of the object, delete the object and set the parent again, then the redirect is working.02:26
projekt01I hope the object get removed from the ZODB since only the view has the reference to the parent and the object02:27
*** ignas has quit IRC02:29
*** jinty has quit IRC03:11
*** stub has joined #zope3-dev03:25
*** tiredbones has quit IRC03:27
*** projekt01 has quit IRC03:30
*** __gotcha has quit IRC04:13
*** __gotcha__ has joined #zope3-dev04:13
*** __gotcha__ is now known as __gotcha04:13
*** __gotcha__ has joined #zope3-dev05:23
*** __gotcha has quit IRC05:40
*** roym has quit IRC05:54
*** tvon has quit IRC07:21
*** Jim7J1AJH has quit IRC07:33
*** Aiste has quit IRC08:12
*** tvon has joined #zope3-dev08:15
*** philiKON has joined #zope3-dev08:32
*** j-w has joined #zope3-dev09:03
*** hdima has joined #zope3-dev09:19
*** yota has joined #zope3-dev09:28
*** MJ has quit IRC10:02
*** jhauser_ has joined #zope3-dev10:04
*** mgedmin has joined #zope3-dev10:06
*** jhauser has quit IRC10:07
*** Alef has joined #zope3-dev10:15
*** sashav has joined #zope3-dev10:22
*** tarek has joined #zope3-dev10:29
*** mgedmin has quit IRC10:30
*** projekt01 has joined #zope3-dev10:56
*** mgedmin has joined #zope3-dev11:18
bob2hrm11:19
*** regebro has quit IRC11:22
*** regebro has joined #zope3-dev11:25
bob2I should just be able to register a new browser:page for random built-in classes, right?11:25
projekt01bob2, random built-in, what's that?11:26
bob2projekt01: e.g., I should be able to register a new view for zope.app.file.File11:27
*** MJ has joined #zope3-dev11:27
projekt01of corse, you also can override exisiting views in the override.zcml11:28
mgedminbob2, yes -- but why would you want to do that instead of registering a view for IFile?11:28
projekt01ah, you like to register a view on a class not to a interface?11:30
*** vlado has joined #zope3-dev11:30
bob2hm, putting it on the interface did not work11:34
bob2hrm11:36
bob2due to layers confusing me, it seems11:36
bob2and I'm being confused by how formlib generates edit forms11:37
*** regebro has quit IRC11:48
*** regebro_ has joined #zope3-dev11:48
*** stub has quit IRC11:55
*** Aiste has joined #zope3-dev12:09
*** Theuni has quit IRC12:19
*** Theuni has joined #zope3-dev12:20
*** stub has joined #zope3-dev12:31
*** BjornT has quit IRC12:53
*** stub has quit IRC12:54
*** regebro has joined #zope3-dev12:55
*** J1m has joined #zope3-dev13:00
*** BjornT has joined #zope3-dev13:16
*** faassen has joined #zope3-dev13:19
*** BjornT has quit IRC13:30
*** vlado has quit IRC13:32
*** vlado has joined #zope3-dev13:32
*** anguenot has joined #zope3-dev13:35
*** drzoltron_ has joined #zope3-dev13:45
*** vlado has quit IRC13:53
*** BjornT has joined #zope3-dev13:53
*** vlado has joined #zope3-dev14:00
*** vlado has joined #zope3-dev14:03
*** ignas has joined #zope3-dev14:13
*** J1m has quit IRC14:15
*** tiredbones has joined #zope3-dev14:18
*** srichter has quit IRC14:28
*** stub has joined #zope3-dev14:31
*** srichter has joined #zope3-dev14:31
*** ChanServ sets mode: +o srichter14:32
*** zopepaul has joined #zope3-dev14:48
*** d2m has joined #zope3-dev14:49
*** zopepaul has quit IRC14:57
*** niemeyer has joined #zope3-dev15:06
*** drzoltron_ has quit IRC15:27
*** regebro has quit IRC15:30
*** drzoltron_ has joined #zope3-dev15:35
*** benji_york has joined #zope3-dev15:35
*** regebro has joined #zope3-dev15:38
*** drzoltron_ has quit IRC15:42
*** tav has quit IRC15:52
*** mgedmin has quit IRC16:10
*** stub has quit IRC16:16
*** Jim7J1AJH has joined #zope3-dev16:18
srichterhey everyone16:22
srichterhow would you like the switch between twisted and zserver to work?16:23
anguenothi Stephan16:23
srichterhi16:23
anguenotwhat do you propose ? :)16:24
bob2"well" :p16:24
srichterregister ZServer server types as ZServer-*, i.e. ZServer-HTTP16:25
srichtermake twisted the default by naming them: HTTP, HTTPS, FTP, SFTP, ...16:25
anguenotI'm +1 on this16:25
srichterHave two zope.conf.in files: zope.conf.in (twisted) and zope-zserver.conf.in (ZServer)16:25
srichterso all you have to do is to use zope-zserver.conf.in, if you want to run ZServer16:26
bob2does this mean all the issues with twisted have been sorted out?16:26
*** ignas has quit IRC16:26
*** J1m has joined #zope3-dev16:26
srichterI think we will also need to install a feature called "zserver" and "twisted" based on the server used, because some pacakges, like the TaskScheduler will only work with Twsited16:27
srichterbob2: well, there haven't been any lately16:27
bob2hm, I thought it still was a slight speed regression16:27
srichterit's absolutely minimal16:28
srichterthe publisher takes much much more time than the server code16:28
srichterthe ratio is about 1:10016:28
bob2oh, ok, sounds reasonable then16:28
srichterJ1m: I just asked:16:29
srichterhow would you like the switch between twisted and zserver to work?16:29
srichterJ1m: I think I can have twisted well integrated somewhen in the next week or so16:30
philiKONsrichter, what was all that about that twisted cannot be hooked up as simple server types because there need to be more zconfig directives for ssl etc.16:51
philiKON?16:51
philiKONbtw, i would rather have one zope.conf file with the zserver section being commented out16:51
srichterwell, the conf can be very different16:54
srichterright, so we have SSL info16:54
srichterbut really, they are two totally different things16:55
srichterI think we should have two zope.conf.in files to make the difference clear16:55
philiKONhmm ok16:55
philiKONbtw, it's not only about the .in files16:55
philiKONconcerns instances too16:55
srichterabsolutely16:56
srichterI think we will add a mkzopeinstance enhancement that lets you select the server16:56
philiKONgood idea16:57
*** MrTopf has joined #zope3-dev16:58
*** xenru has joined #zope3-dev16:59
J1msrichter, let's make this simpler.16:59
srichterok, I am really open for suggestions17:00
J1mLet's just have once zope.conf.in configured to use twisted in some basic way.17:00
J1mOld zope.conf giles should work and continue to use zserver.17:00
J1mOld zope.conf files should work and continue to use zserver.17:00
J1mLet's do something basic, get it on the trunk, and get a lot more people to try it out before Nov 1.17:01
srichterok17:01
J1mLots of people develop against the trunk, so I think it would be exercised well.17:01
srichterok17:03
*** sashav has quit IRC17:18
*** hdima has quit IRC17:18
*** douglasc has joined #zope3-dev17:20
srichterJ1m: do you think that we will permanently switch to twisted?17:21
J1mum17:22
J1mfor some definition of switch, yes.17:23
J1mI'm *mainly* interested in switching to WSGI.17:23
J1mI'm happy for twised to be included and be the server used in the default config.17:24
J1mI'd sort of prefer to configure the server and the application separately.17:24
srichterI am just trying to estimate whether it will be worth factoring out common code between zope.app.server and zope.app.twisted17:25
J1mThat is, someone shoudl configure their WSGI server.17:25
J1mThat is, someone should configure their WSGI server.17:25
J1mThe way they do this might not be Zope specific.17:25
J1mIf Twisted has a WSGI server, I don't think we should maintain our own configuration mechanism for it, at least not in general.17:26
J1mA wsgo server should have some way of saying how to run an application.17:26
*** regebro has quit IRC17:26
srichtermmh, but then we have to subscribe to Twisted's way of running a server, which is quiet a bit different17:26
J1mZope, would then have it's own config file.17:26
srichterand involves those tac files17:26
J1mThis the price and the benefit of getting out of the server business.17:27
srichteras Itamar put it: It's the difference between running Zope in Twisted or Twsited in Zope17:27
srichterclearly both should be possible17:27
srichterbut which one do we support?17:27
J1mPerhaps we can have a *dirt simple^ configuration for the twisted server that people use by default.17:27
J1mIf people want to customize anything, however, they should use the configuration mechanism provided by the server.17:28
J1mIf they don't like that mechanism, then maybe they'll pick a different server.17:28
philiKONso, in the end, zope.conf will be for zodb config, logging config and, if desired, zserver config. but not twisted config17:28
philiKON?17:28
srichterwe really need to do some tests getting Zope running and then connecting it to twisted17:28
J1mphiliKON, basically yes, sans zserver config.17:29
philiKONhow would zserver be configured?17:29
J1mIt would probably have it's own .conf file.17:29
J1mIt would probably use ZConfig.17:29
philiKONa zserver.conf?17:29
philiKON+117:29
faassenI'm currently lost in security proxy land, trying to understand when they're there and when they're not.17:30
faassenin a method on an object anything can be done, as 'self' is unproxied, correct?17:30
J1mBut let me repeat my goal, fwiw: I don't want to be in the server business.17:30
faassenand if I get objects through, for instance, the catalog, they're also unproxied, correct?17:30
J1mfaassen, correct.17:30
faassenokay.17:31
J1mfaassen, let's take a step back.17:31
faassenokay, I'm trying to work through the consequences.17:31
J1mif you get an object from a proxied source, the result will be proxied (excluding rocks, of course).17:31
philiKONJ1m, yup, exactly. let's get out of the server business. that also means that configuring zope the application server doesn't mean you configure the server at the same time. so, +1 from me on all that17:32
faassenJ1m: yeah, I understand that part.17:32
J1mIf you get an object from an unproxied source, the source has an option of proxying it for you.17:32
J1mBut generally it doesn't.17:32
faassenJ1m: how does the source have an option?17:32
faassenJ1m: I mean, the source could be programmed so that it does that.17:33
philiKONfaassen, it can return proxify(obj)17:33
J1mexactly17:33
J1mself is never poxied.17:33
faassenJ1m: and the framework proxies objects when traversing inside ZPT, for one.17:33
faassenJ1m: and 'context' on a view is proxied, correct?17:33
J1m(Unless of course, the method chooses to proxy it in the method body.)17:33
J1mfaassen, the context of a view or adapter is proxied if the view or adapter adapts a proxied object.17:34
J1m(and if the view doesn't unproxy it's context)17:34
J1mLet's look at how this usually happens.17:35
J1mIn Zope 3, we view a URL as an untrusted program.17:35
J1mThe publication object that interprets a URL is an "untrustred interpreter".17:35
J1m(Untrusted interpreters are described in some detail in a .txt file in zope.security.)17:36
J1mAn untrusted interpreter arranges that any object that comes in is proxied.17:36
J1mSo the objects being found via traversal are proxied.17:36
J1mWhen we adapt them, the adapters adapt proxied objects.17:36
faassenunless it's a trusted adapter, I guess.17:37
philiKONyup17:37
philiKONthen the adapter itself is proxied17:37
J1m(An adapter may be defined as a "trusted adapter", in which case, we automatically unproxy it's context.17:37
J1myup17:37
J1mNow, if a method adapts self, the adapter's context will not be proxied.17:38
faassenanyway, I'm trying to figure out what the consequences are of these basics, I think I got the basics, more or less, but didn't get that the consequences are more involved than I originally thought.17:38
faassenso reasoning about it is harder than I'd like.17:38
J1mYes.17:38
faassenI mean, if it's so easy to 'accidentally' lose proxies by passing self along to a function, for instance.17:38
faassen(or to an adapter factory, same principle)17:38
faassenand it's also easy to not get them in the first place, by doing a catalog query.17:39
faassenI'm trying to convince myself that this isn't necessarily a bad thing. :)17:39
J1mYes, this is an issue.17:39
J1mIt is potentially a bad thing.17:39
faassenright.17:39
faassenokay, then I think my understanding of proxies is more or less complete. :)17:39
J1mThis is why, four our projects, we often provide components or APIs that automatically proxy objects gotten from the intid utility.17:40
faassenso basically you can't really depend on proxies and make all views public.17:40
J1mIt has been argued that the intid utility should proxy objects by default.17:40
faassenI mean, you can't depend on context-object security and make all views public.17:40
J1mNot without thinking about it.17:41
faassenbut it's also not exactly desirable to make the views protected only and make the content objects nonsecure.17:41
faassenwell, it's something that's quite involved and the average programmer won't think about it.17:41
J1mOne thing we want, but don't have yet is an untrusted adapter.17:41
philiKONat least i found it more desirable to have no proxies at all and manage security solely on views/adapters than the other way around17:41
J1mA good thing about Z3 relative to Z2 is that it makes it much harder for the programmer to not think about security. :_17:42
faassenwell, but that's also a problem if you want Z3 to be popular.17:42
faassenI may be willing to figure out why something doesn't work and reason about involved proxy interactions.17:42
faassenbut not everybody is willing or capable of doing so.17:42
faassenanyway, what I find myself doing repeatedly is..17:43
J1manyway, an untrusted adapter would have the property that whenever you proxied an untrusted adapter, it would be rebound to trusted contexts.17:43
faassenreason about why something is not allowed.17:43
faassenconclude I know why ti's not allowed.17:43
faassenand then decide, but I need to do this anyway.17:43
faassenrip off the proxy and continue.17:43
faassenI guess anyone can learn to call this, but then you'll see a lot of voodoo removeSecurityProxy sprinkled through everything.17:44
J1msure17:44
J1mAnd this is a problem.17:44
faassenwhich isn't conductive to security either.17:44
J1mBut the alternative seems to be to be less secure.17:44
faassenI mean, I already find myself placing them in many places in the codecase.17:44
faassencodebase.17:44
faassenand I thought they were supposed to be a hack.17:44
faassenbut I frequently honestly can't come up with a saner way to do it.17:44
faassenin part that's inexperience, but in part I expect that just is the most straightforward way.17:45
J1mThey aren't a hack, but they are a powerful tool that should be used with great care.17:45
faassenwould it make sense to have a decorator that rips off proxies from incoming arguments to a method?17:45
J1mas long as you think about it, and preferably include a comment explaining your reasoning, I see no harm in them.17:45
faassenso you can say @trusted17:45
J1mMaybe.17:46
*** whiteRook has joined #zope3-dev17:46
J1mOf course, if overused, that could be a problem too.17:46
J1mAfter all, you need to be just as careful about remobing security proxies when things are passed to you when it's done automatically.17:46
faassenanyway, the thing that bugs me is that on the one hand the security system gets in my face too oftne.17:47
faassenand on the other hand I discover it has holes.17:47
J1mI'm less worried about adapters because it's much more difficult for untrusted code to fake an adapter call than it is to call methods.17:47
faassenso I do more work than I'd like and still don't know whether my app has security.17:47
faassenanyway, so on the one hand I appreciate the system telling me, hey, cannot do.17:48
faassenand it seems pretty pervasive, but then today I figured out it doesn't do that in some cases.17:48
J1mI am far more concerned about the holes than I am about it getting in my face.17:48
faassenwell, I'm concerned about that part too, as I really think a newbie will be lost.17:48
J1mI think we need to think about these,17:48
faassenright.17:48
J1mBut there are waaaaaay fewer of these in Z3 than there are in Z2.17:49
faassenso what do you think about the newbie case?17:49
faassen(I think in part the holes get automatically plugged as traversal to something from a view proxies things again, correct?)17:49
*** whiteRook has left #zope3-dev17:49
faassen(or just calling something on a view)17:49
J1mFrankly I'm not sure what to expect of a "newbie".17:49
faassenwell, I had to expend quite a bit of brainpower to understand why sometimes I need to remove a proxy.17:50
faassenand I think that some people would be lost, as I think I have a decent amount of programming brainpower.17:50
J1mI'm not too worried about the "self" case BTW.17:50
benji_yorkI wonder if a "newbe-mode" might be interesting, no (or less) security, but wouldn't bind to any address other than 127.0.0.1 or something17:50
faassenand I also worry that if I feel lazy or tired, I'll just not figure it out and waste time.17:51
faassenbenji_york: well, it's more than just newbies.17:51
faassenit's just that reasoning about proxies is quite involved.17:51
bradb"Newbie" can also be written as "someone who wants to get something done on a tight deadline" or "someone who wants to be productive in Zope 3 without having a profound knowledge of the CA".17:51
faassenand I'm not sure that people can be expected to do so.17:51
benji_yorkI was specifically thinking about scaring people away while evaluating Z317:51
faassenbradb: exactly.17:51
faassenbenji_york: I think ti's broader than that, as people evaluating Z3 will usually evaluate it by actually trying to build something useful.17:51
faassenanyway, the security system is powerful and helpful, but it's also the one thing I worry most about as reasoning about it is hard.17:52
benji_yorkfaassen, if so they can't be bothered to make sure their useful thing is secure, I don't know what to say17:52
J1mexactly17:52
faassenbenji_york: many things are useful without needing complicated security models.17:52
benji_yorkalthough we can try to make security easier, I just don't know how much easier it can get17:52
faassenI realize security is complicated.17:52
J1mMy experience is that simple applications can generally make security declarations and forget about it.17:53
J1mSimple applications generally don't have to remove security proxies.17:53
J1mAt least, that has been my experience.17:53
faassenJ1m: that may be correct, I'm not sure.17:53
J1mI would tell people to assume things are proxied and declare permissions appropriately.17:54
J1mWith the important and vastly simplifying exception of self.17:54
faassenJ1m: I'm not sure what is 'simple'. in the app I'm working with, roles get acquired in some cases (which makes life hard if the object isn't attached to what it acquires from yet), and various role mappings are manipulated by users who cannot be given the permission to fully change the mappings everywhere.17:54
faassenI'm not sure how often such use cases appear in applications.17:55
faassenanyway, I don't really have an answer.17:55
J1mWell, one could argue is that a simple application is one without authenticated users.17:55
faassenI just am worried about it and am thinking about this.17:55
J1mIt's a valid and valuable worry.17:55
J1msometimes I think it would be fun to tale a year off and do research on usability of security systems.17:56
J1mToo bad I have bills to pay. :)17:56
J1ms/tale/take17:57
faassenyeah. well, perhaps a mode that doesn't do much in the way of securit at all would be useful.17:57
faassenI mean, there are many productive web systems that don't bother about worrying about security on the framework level.17:58
J1mPerhaps17:58
faassenlike PHP or, I believe, RoR.17:58
benji_yorkI worry that that would be an "attractive nusance"...17:58
benji_york...people would build apps in "easy mode", and late in the game try to turn security on and find it insurmountably difficult to get it to work17:58
faassenwell, I hope some hybrid model is possible instead, 'security on the outside', for instance. only secure views.17:58
faassenbenji_york: yes, that may be a problem.17:59
srichterso we could implement a permissive security policy that simply allows anything to be done17:59
faassenbenji_york: in fact, this attractive nuisance already exists.17:59
benji_yorksecurity has to be baked in17:59
faassenbenji_york: if you log in as a manager, you can do anything.17:59
faassenbenji_york: and you *do* only notice security problems if you log in as a non manager.17:59
*** efge has joined #zope3-dev17:59
faassenso perhaps we should remove the system user then. :)18:00
benji_yorkfaassen, so that would be a good recommendation for developers, don't log in as manager (just as you don't test software by running it as root)18:00
faassenbenji_york: yes, perhaps we can make it easier for users to get set up that way then.18:01
benji_yorkat least when logging in, you make a consious choice as who to be, if you're just anonymous you'll see the security problems immediately18:01
faassenbenji_york: yes, but that's even easier to accomplish, logging in, than a security policy. :)18:01
benji_yorkoh, and I wouldn't mention PHP (above) as being a good example of anything relating to security :)18:02
faassenbenji_york: I'm not saying it's a good example security wise.18:02
faassenI mean, I think it's clear Zope 3 as a framework is way better at security than most web frameworks.18:02
faassenand on the one hand that's good.18:02
faassenbut on the other hand I worry this will put off people early, and I hope we'll get brilliant ideas to mitigate that.18:02
faassenanyway, food for thought.18:04
faassenJ1m: thanks for helping with the proxy confusion.18:04
andrew_mfunny, just what i needed right now (removeSecurityProxy)18:10
*** j-w has quit IRC18:13
*** mgedmin has joined #zope3-dev18:15
*** ignas has joined #zope3-dev18:16
*** tiredbones has left #zope3-dev18:17
srichterJ1m: I think we will need two different startup scripts for twisted and zserver; at least without having some restructuring to do18:18
*** bradb has left #zope3-dev18:18
srichterJ1m: z3.py calls specifically zope.app.server.main.main()18:18
srichtertwisted uses zope.app.twisted.main.main()18:19
srichterwe could have an option for z3.py to select the server18:25
srichterz3.py -s zserver and z3.py -s twisted18:25
srichterthoughts?18:25
philiKONnote that this also, actually primarily concerns runzope18:26
philiKONz3.py is just a checkout detail18:26
srichterof course18:26
philiKONrunzope is how the enduser will see it18:26
philiKONrunzope -s zserver sucks18:26
srichterthe end user will do it differently18:26
benji_yorksrichter, J1m is AFK at the moment18:26
philiKON(it's also in zopectl)18:26
srichterthey will select the server during mkzopeinstance18:26
srichterbenji_york: any comment? :-)18:27
philiKONsrichter, ah, ok18:27
philiKONsrichter, so mkzopeinstance could fill in the necessary blanks18:27
benji_yorkumm, I have to read it first... :)18:27
srichter:-)18:27
philiKONsrichter, or, perhaps we have a zserverskel and a twistedskel18:27
srichter:-(18:27
srichteractually this will not work for several reasons18:28
philiKONanyway, why not rename z3.py to zserver.py and introduce a twisted.py18:28
philiKONin the checkout18:28
srichter(that have to do with zpkgtools)18:28
benji_yorkI think an option to runzope wouldn't be bad, as long as the current "preferred" server is used by default18:28
benji_yorkI would stay away from multiple skels18:28
philiKONyeah18:28
philiKONi wasn't actually so much talking about multiple skel dirs18:28
philiKONmore talking about the concept of having different skeleton scripts and confs for zserver and twisted18:29
philiKONsorry for being confusing18:29
benji_yorkNP18:29
philiKONanyway, why not rename z3.py to zserver.py and introduce a twisted.py18:29
srichterthat is pretty much what I did now18:29
srichterthough it seems a bit lame18:29
benji_yorkwell, you don't really want to run zserver or twisted, you want to run zope under a particular HTTP server18:30
srichterright, this will come later18:31
philiKONyeah, but won't people know what we mean?18:31
srichterright now we manage the server from within Zope18:31
srichterwe have to turn this around18:31
* mgedmin wonders whether 'serverengine twisted|zserver' in zope.conf would work or not18:31
srichterhowever, this is a bit of work, since we have to understand the startup and run code for every supoprted server18:31
srichtermgedmin: definitely with some abstraction18:32
srichtermgedmin: but it would involve a day of work or so18:32
benji_yorkhow about a somple server.conf that says what server to use and use .tac files for twisted and zserver.conf for zserver (removing neccesary things from zope.conf perhaps)18:34
benji_yorktoo many conf files?18:34
philiKONbenji_york, that's sort of what jim proposed18:34
philiKONleave server config to whatever mechanism the server has18:34
philiKONzope.conf would just deal with zodb and logging conf18:34
benji_yorkyep18:34
philiKONi'm +118:34
srichterthis is a huge change18:35
srichterbecause very established patterns will be removed and changed18:35
benji_yorkyep, so is supporting more than one server18:35
srichterI am +1, but the above is a risk to consider18:35
benji_yorkdefiniately18:36
projekt01why not load additional config from the main conf file, like apache does it for its virtual hosts?18:37
* srichter just noticed that the twisted FTP code is broken :-(18:37
projekt01so you have a central file where you can check the config18:37
srichterprojekt01: this does not solve the problem18:38
projekt01Ok ;-(18:38
srichterthe question is really, if we want to switch to Twisted's server setup mechanism or use a similar one to the one we have now (and that is currently implemented)18:39
*** sashav has joined #zope3-dev18:39
srichterI really like our conf system18:39
projekt01me too18:39
srichterit is much more firendly to the admin18:39
srichtertac files are python18:39
srichterand they would be fairly big, I think18:40
mgedminas a random unix admin, I am familiar with plain text config files, and mysterious twisted inventions like *.tac/*.tap/whatever confuse me18:40
mgedminmaybe that's because I never took the time to read the documentation or try them out ;)18:40
srichterbut as sysadmin you should not be required to learn the specific conf format for every software you run18:41
srichterand learn a language on the side18:41
srichterokay, I think I just convinced myself that keeping conf files has a lot of value18:42
srichterso the remaining question is how we determine the server engine to use18:42
srichterto summarize:18:42
*** regebro has joined #zope3-dev18:43
srichter1. Use different startup scripts in SVN and have somewhere an option for releases, such as mkzopeinstance18:43
srichter2. Use serverengine option in zope.conf18:43
srichterI am fine with both approaches; I would just like to decide on one :-)18:43
srichtergotta run18:48
*** srichter has quit IRC18:48
*** vlado has quit IRC19:00
*** niemeyer is now known as nie_lunch19:04
mgedminit would be hard to change the decision later on if you determine it at mkzopeinstance time19:11
mgedminso I'm for (2)19:11
*** MJ has quit IRC19:22
*** vlado has joined #zope3-dev19:28
*** MrTopf has quit IRC19:34
*** douglasc has quit IRC19:39
*** tvon has quit IRC19:41
*** tvon has joined #zope3-dev19:42
*** benji_york has quit IRC19:50
*** benji_yor1 has joined #zope3-dev19:51
*** nie_lunch is now known as niemeyer19:51
*** benji_yor1 is now known as benji_york19:51
*** fdrake has joined #zope3-dev20:17
benji_yorkhi fdrake!20:17
fdrakeyou benji!20:18
benji_yorksomeone set us up the bomb!20:18
*** faassen has quit IRC20:18
philiKONhi fdrake20:18
fdrakehey philiKON20:19
*** tav has joined #zope3-dev20:22
*** alga has joined #zope3-dev20:31
*** tiredbones has joined #zope3-dev20:51
*** bskahan has quit IRC20:52
*** bskahan has joined #zope3-dev21:14
*** tarek has quit IRC21:15
*** zopepaul has joined #zope3-dev21:15
*** regebro has quit IRC21:16
*** MJ has joined #zope3-dev21:19
*** jinty has joined #zope3-dev21:27
*** SureshZ has joined #zope3-dev21:44
*** efge has quit IRC21:48
*** srichter has joined #zope3-dev21:49
*** ChanServ sets mode: +o srichter21:51
srichterJ1m: how much longer are you at work? I am about to leave school, then it will be better to talk21:54
mphttp://wiki.zope3.pl/static/zope-apidoc/++apidoc++/Code/    ;]22:00
mgedminnice and fast22:01
mpwget22:02
mpstatic22:02
srichterwow, how much memory does it take up?22:02
mphowever, it *was* fast when I downloaded it22:03
srichterI did this once and it used a lot of space for the menu options22:03
mpbtw, it would be nice to improve apidoc, so it can really generate static pages22:03
srichterI am working on a static version for APIdoc where the menus are JS-based22:03
mpmake it downloadable with wget - it would be pretty usable22:04
mprelative links etc22:04
srichterits on my 3.2 list;l however I would appreciate some help any time :-)22:05
srichterthe main outstanding issues are: JS version of interface search (easy I think) and JS version of menus22:05
benji_yorksrichter, J1m is AFK, but will be back in a minute22:06
*** zopepaul has quit IRC22:06
srichterok, I will go home now and be back online shortly22:06
mphttp://horpah.hell.org.pl/apidoc-css-link.patch.txt22:07
mp;)22:07
*** deo has joined #zope3-dev22:07
srichterplease check this in22:08
mphow?22:08
*** srichter has quit IRC22:08
mpwho?22:08
mgedminmp, how much dik space does it eat?22:09
mp95Mzope-apidoc22:10
mp8,8Mzope-apidoc.tgz22:10
J1mmp, wget has an option to convert absolute links to relative links.22:10
mpargh22:10
mp195Mzope-apidoc22:10
mp8,8Mzope-apidoc.tgz22:10
mpJ1m: I used that, but I would be nice to be able to just download pages and have them fully functionall.. there could be even option to get reference as single big html file or page-per-chapter - just like lot's of gnu and open source sofware has22:12
mphttp://www.gnu.org/software/gawk/manual/ like here22:12
mgedminsometimes I wish zope had @@relative_url in addition to @@absolute_url22:13
mphm, is it that difficult?22:13
mgedminthe url of the current page is available in the request, so it should be possible22:14
mgedmintake the absolute url, see if there's a common prefix, rip it out, perhaps add some ../22:14
J1mNot a common prefix.22:14
mpin simple version it should attach ../ to get parent of both objects, then get down to target by appending ids and '/'-s22:14
J1mThe current page's base would need to be a prefix of the desired url.22:15
mgedminJ1m, is your new test runner merged to the trunk?22:15
mpso, there should be "@@almost_working_relative_url_not_guarantees_use_at_our_own_risk" :>22:16
mpbecause usually described behaviour might be enough :)22:16
J1mmgedmin, not yet.22:18
*** alga has quit IRC22:21
*** mgedmin has quit IRC22:21
*** xenru has quit IRC22:31
SteveAJ1m: what should publishTraverse do if the name doesn't go anywhere?22:35
SteveAshould it raise UrlNotFound (or whatever it is called)22:35
SteveA?22:35
J1mYes22:36
SteveAi just had it reported to me that in the zope3 we're using for launchpad, if you define a page in zcml that uses a class and attribute22:36
SteveAand you go to a URL that is .../thatview/somethingthatisnotthere22:37
SteveAyou get a 500 internal server error, rather than the expected 40422:37
J1msounds like a bug22:37
SteveAso, i guess that can be fixed in the publishTraverse that is used in the constructed classes for the page / view directives22:37
J1myup22:37
SteveAokay.  do you know if it needs fixing elsewhere than the trunk?22:38
J1mhm22:38
J1mIt would br nice to fix it on the 3.1 branch.22:38
J1mas well22:39
*** tvon has quit IRC22:42
*** srichter has joined #zope3-dev22:49
*** ChanServ sets mode: +o srichter22:50
srichterbenji_york: is Jim on his computer?22:51
benji_yorknot ATM, but will BRB22:51
srichterok22:51
*** ignas has quit IRC23:01
*** tiredbones has quit IRC23:16
mpsrichter: if you asked *me* to check in, then I don't have write access to repo23:27
srichtermp: have you asked for write permssion? :-)23:32
srichtermp: J1m can give you access once you signed the contributor agreement23:32
*** projekt01 has quit IRC23:33
*** projekt01 has joined #zope3-dev23:34
*** benji_york has quit IRC23:34
srichterJ1m: should the logging setup ZConfig stuff be part of the server or the application?23:35
srichterwe have eventlogs and access logs; clearly the latter is server, but what about the eventlog?23:35
srichteris it even used?23:35
*** sashav has quit IRC23:39
fdrakethe event log is certainly used23:41
fdrakethat's where all the interesting stuff goes :-)23:41
srichterso should it be part of the app server or the network server setup?23:42
fdrakethat's a good question still23:42
fdrakethe way they both use the logging package is important, but I don't think it bounds the answer in any way23:43
J1mThe event log should go in the app, imo23:44
srichtermmh, the problem is that I am splitting up the app server configuration from the network server configuration23:44
srichterok, that's what I have now23:44
fdrakeso we need to be careful to document the way the logging package is used by the different parts, so that a server will know what it needs to do to live nicely together with the other logs23:45
srichternot really23:46
srichterbecause the server config imports the app one23:47
srichterI just need to split it so that in case we only want to bring up the app, we have only the subset to deal with23:47
srichterohhh, now I see what you are saying23:47
fdrakeit's not a problem, it's just a documentation requirement23:47
srichterI guess it will be fine, since we use the standard logging mechnism for Python23:47
srichteryep, I agree23:48
fdrakeso it probably needs a collector issue for now, unless you're ready to write the doc23:49
fdrakeI can write it, but not right now.23:49
srichterI'll keep it in mind for now :-)23:50
*** tvon has joined #zope3-dev23:50
srichterfdrake: how can I define an app.xml that is a schema and that I can also import into another XML file?23:52
*** niemeyer is now known as nie_coffee23:56
« Wednesday, 2005-09-07 Index Friday, 2005-09-09 »

Generated by irclog2html.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!