[Grok-dev] In Grok Web Dev book, where in ZODB under app root does the user's security data get saved?

Uli Fouquet uli at gnufix.de
Mon Jan 30 09:43:10 UTC 2012

Hi Matt,

Am Montag, den 30.01.2012, 00:25 +0000 schrieb Matt Rutherford:
> I implemented (with a few edits for latest Grok version) my own PAU as
> a LocalUtility according to the end of Chapter 7 in the Grok web dev
> book. I'd like to base my app model around the user Account object
> detailed here, which is stored in the UserFolder container object that
> itself is an attribute of my authenticator plugin LocalUtility. But
> looking for these objects in the ZODB I cannot find it under my
> toplevel App object. I can see the
> 'grokcore.site.directive.local_utility' attribute and from this can
> get a grokcore.site.directive.LocalUtilityInfo object which gives some
> properties of the authenticator plugin that I want to access but not
> the underlying model.

These grokcore.site... attributes are normally only helpers for grok to
setup local utils when you add a grok.Application (aka
grokcore.site.Site) instance to your ZODB. You shouldn't have to fiddle
around with them under normal circumstances.

During a request (i.e. from inside a view/viewlet/etc.) you can then do
something like this (I will start with looking up a PAU as this is often

  from zope.component import getUtility
  from zope.authentication.interfaces import IAuthentication
  mypau = getUtility(IAuthentication)

This works, because during a request the Zope publisher sets the 'site'
according to the requested object.

Sample: when requesting 'http://localhost:8080/myapp/item/@@index', for
this request 'myapp' will be set as site if it is a grok.Application or
grokcore.site.Site instance.

If you then ask for a utility, the machinery will first lookup 'local'
ones (i.e. ones registered with your site or application) and only
proceed to the global registry if it cannot find the requested
utility/adapter in the site.

> How should I access my authenticator plugin and it's UserFolder
> attribute from my bin/python-console prompt?

If you're not 'in a site' (for instance in the console or in a test),
you can also set the site manually and then proceed in the usual way:: 

  from zope.component import getUtility
  from zope.component.hooks import setSite
  from zope.authentication.interfaces import IAuthentication
  mypau = getUtility(IAuthentication)

where 'myapp' of course has to be a grok.Application or Site instance
_already stored in the ZODB_. In the console something like::

  myapp = root['myapp']

will give you that (if you created some application called 'myapp'

In tests you can normally do the same except that here you normally have
to create the Application instance first and store it in the ZODB::

  myapp = MyApp()
  getRootFolder()['myapp'] = MyApp()
  myapp = getRootFolder()['myapp']
  mypau = getUtility(IAuthentication)

All that was about PluggableAuthenticationUtilities (PAUs). But you can
retrieve all locally registered authenticators and the like accordingly.
Just change the interface and additionally ask for a name::

  from zope.component import getUtility
  from zope.component.hooks import setSite
  from zope.pluggableauth.interfaces import IAuthenticatorPlugin
  myauthplugin = getUtility(IAuthenticatorPlugin, name='users')

This should give you the local authenticator, given it was registered
locally (not globally) under the name ``users`` (see the grok.name()
directive in your authenticator definition).

The other samples above should work with authenticators and similar as
well when passing the correct interface and name. The trick, overall, is
to set the site correctly before doing the utility lookup.

Hope that helps,


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://mail.zope.org/pipermail/grok-dev/attachments/20120130/8d115c90/attachment.sig>

More information about the Grok-dev mailing list