[Zope-dev] Broken authentication with zope.app.component 3.4.1 BBB code

Jim Fulton jim at zope.com
Sun Jul 19 16:40:39 EDT 2009


On Sun, Jul 19, 2009 at 4:25 PM, Marius Gedminas<marius at gedmin.as> wrote:
> On Sun, Jul 19, 2009 at 11:55:45AM -0400, Jim Fulton wrote:
...
>> You should use a generation to fix the problem rather hacking
>> __setstate__.  The hard part of this is figuring out where to put the
>> generation. I wonder where that standard schema manager is. Maybe you
>> should just create one for zope.app.component.
>
> It used to be in zope.app.generations.  I don't know how exactly the
> coordination for all that works now after the eggsplosion.

Maybe someone will enlighten us about where it went. :)

> Note that zope.app.component currently implements most of its BBB via
> __setstate__ methods that explicitly try to avoid dirtying the objects.
> I don't know the rationale for that -- maintaining the ability to roll
> back to ancient Zope without reverting transactions in Data.fs, or
> perhaps just avoiding write-on-read semantics?  That's part of why I
> asked for a review.

I was wondering about that myself.  I think this was more a matter of
bootstrapping.  It may have been that it would have been too hard to
write a evolution script because the evolution script might have
needed a working component registry.  I don't think this is the case
here.

If we can't find the old schema manager, I'd rather start a new one in
here (in zope.app.component.)  I think what it has to do is pretty
simple -- just check to make sure the __bases__ for the root component
registry is correct.

Jim

-- 
Jim Fulton


More information about the Zope-Dev mailing list