[PEAK] peak.security: permissionFor problem
Radek Kanovsky
rk at dat.cz
Fri Feb 11 10:42:35 EST 2005
On Fri, Feb 11, 2005 at 09:46:56AM -0500, Phillip J. Eby wrote:
> >For example:
> >
> > [
> > (Signature(
> > (2, <function dispatch_by_inequalities at
> >0xb7bdbf7c>)=Inequality(=='user'),
> > (1, <function dispatch_by_mro at 0xb7bdb95c>)=Context, # web.Context
> > (0, <function dispatch_by_mro at 0xb7bdb95c>)=Context), #
> >security.Context
> > <function declared_permission at 0xb7a0902c>
> > ),
> > (Signature(...same signature...),
> > (Signature(...same signature...),
> > ]
>
> I notice you're not showing the function here for the other two
> signatures. I'm guessing they are all <function declared_permission>, but
> do they have the same addresses, or different ones?
Group contains exactly three identical signatures with the same address:
try :
perm = ctx.policy.permissionFor(ob,name)
except dispatch.AmbiguousMethod, am :
g = am.args[0]
assert len(g) == 3
assert g[0][0] is g[1][0] is g[2][0]
assert g[0][1] is g[1][1] is g[2][1]
raise
Traceback:
[...]
File "src/peak/web/environ.py", line 418, in traverseDefault
loc = traverseAttr(ctx,ob,ns,name,qname,NOT_FOUND)
File "src/peak/web/environ.py", line 332, in traverseAttr
perm = ctx.policy.permissionFor(ob,name)
File "<string>", line 5, in permissionFor
File "src/dispatch/strategy.py", line 808, in ambiguous
raise AmbiguousMethod(group)
> The signatures you've shown above are of the form "self in security.Context
> and subject in web.Context and name=='user'", so it is looking up what
> permission should be used for the 'user' attribute of a 'web.Context'
> object. It sounds as though there has been more than one declaration of
> this, though how that would happen I don't know.
I have checked it before. There is only one declaration.
> I suspect that the problem is that for some reason the metadata is being
> declared more than once, leading to a spurious apparent ambiguity. I may
> have to switch from a generic function to a dispatcher so that multiple
> declarations of the same metadata can be ignored.
_declare_permission is called only one time for subject==web.Context and
name=='user'. Permission is also correct, i.e. security.Anybody.
> Anyway, it sounds like a problem with either peak.security or peak.binding,
> more likely that peak.binding is somehow declaring some metadata more than
> once.
Some lazyModule issues??? BTW, application is simple CGI without threads.
RadekK
More information about the PEAK
mailing list