[Zope-dev] Unauthorized handling in Zope2

[Wichert Akkerman]

On 4/20/10 09:51 , yuppie wrote:
> Hi!
>
>
> Wichert Akkerman wrote:
>> v is the html as generated by my view. Reraising the exception transfers
>> control to the bare except in
>> ZPublisher.Publish.publish_module_standard, which generates the standard
>> site error page and returns that.
>
> Could it be that your v is unicode?
>
> Please let me know if the attached patch fixes the issue.

Unauthorised is doing stupid things here:

(Pdb) p v
Unauthorized()
(Pdb) p unicode(v)
u''
(Pdb) p str(v)
*** UnicodeEncodeError: UnicodeEncodeError('ascii',
      u'<!DOCTYPE html...', 1175, 1176, 'ordinal not in range(128)')

I added an extra change (see diff below) to fix that, after which things 
seemed to work. Still, I can not see any good reason to reraise 
Unauthorised exceptions if there is a valid exception view for them. 
This approach feels like we are attacking the symptom instead of fixing 
the problem.

Wichert.



Index: zExceptions/unauthorized.py
===================================================================
--- zExceptions/unauthorized.py	(revision 111171)
+++ zExceptions/unauthorized.py	(working copy)
@@ -58,17 +57,20 @@

          self.needed=needed

-    def __str__(self):
+    def __unicode__(self):
          if self.message is not None: return self.message
          if self.name is not None:
-            return ("You are not allowed to access '%s' in this context"
+            return (u"You are not allowed to access '%s' in this context"
                      % self.name)
          elif self.value is not None:
-            return ("You are not allowed to access '%s' in this context"
+            return (u"You are not allowed to access '%s' in this context"
                      % self.getValueName())
          return repr(self)

+    def __str__(self):
+        return str(self.__unicode__())

+
      def getValueName(self):
          v=self.value
          vname=getattr(v, '__name__', None)