tags:

views:

472

answers:

2

I like to use IPython's zope profile to inspect my Plone instance, but a few annoying permissions differences come up compared to inserting a breakpoint and hitting it with the admin user.

For example, I would like to iterate over the content objects in an unpublished testing folder. This query will return no results in the shell, but works from a breakpoint.

$ bin/instance shell
$ ipython --profile=zope

from Products.CMFPlone.utils import getToolByName
catalog = getToolByName(context, 'portal_catalog')
catalog({'path':'Plone/testing'})

Can I authenticate as admin or otherwise rejigger the permissions to fully manipulate my site from ipython?

+1  A: 

Just use catalog.search({'path':'Plone/testing'}). It performs the same query as catalog() but does not filter the results based on the current user's permissions.

IPython's zope profile does provide a method utils.su('username') to change the current user, but it does not recognize the admin user (defined in /acl_users instead of /Plone/acl_users) and after calling it subsequent calls to catalog() fail with AttributeError: 'module' object has no attribute 'checkPermission'.

joeforker
+1  A: 

here's the (very dirty) code I use to manage my plone app from the debug shell. It may requires some updates depending on your versions of Zope and Plone.

from sys import stdin, stdout, exit
import base64
from thread import get_ident
from ZPublisher.HTTPRequest import HTTPRequest
from ZPublisher.HTTPResponse import HTTPResponse
from ZPublisher.BaseRequest import RequestContainer
from ZPublisher import Publish

from AccessControl import ClassSecurityInfo, getSecurityManager
from AccessControl.SecurityManagement import newSecurityManager
from AccessControl.User import UnrestrictedUser

def loginAsUnrestrictedUser():
    """Exemple of use :
        old_user = loginAsUnrestrictedUser()
        # Manager stuff
        loginAsUser(old_user)
    """
    current_user = getSecurityManager().getUser()
    newSecurityManager(None, UnrestrictedUser('manager', '', ['Manager'], []))
    return current_user

def loginAsUser(user):
    newSecurityManager(None, user)

def makerequest(app, stdout=stdout, query_string=None, user_pass=None):
    """Make a request suitable for CMF sites & Plone
      - user_pass = "user:pass"
    """
    # copy from Testing.makerequest
    resp = HTTPResponse(stdout=stdout)
    env = {}
    env['SERVER_NAME'] = 'lxtools.makerequest.fr'
    env['SERVER_PORT'] = '80'
    env['REQUEST_METHOD'] = 'GET'
    env['REMOTE_HOST'] = 'a.distant.host'
    env['REMOTE_ADDR'] = '77.77.77.77'
    env['HTTP_HOST']   = '127.0.0.1'
    env['HTTP_USER_AGENT'] = 'LxToolsUserAgent/1.0'
    env['HTTP_ACCEPT']='image/gif, image/x-xbitmap, image/jpeg, */* '
    if user_pass:
        env['HTTP_AUTHORIZATION']="Basic %s" % base64.encodestring(user_pass)
    if query_string:
        p_q = query_string.split('?')
        if   len(p_q) == 1: 
            env['PATH_INFO'] = p_q[0]
        elif len(p_q) == 2: 
            (env['PATH_INFO'], env['QUERY_STRING'])=p_q
        else: 
            raise TypeError, ''
    req = HTTPRequest(stdin, env, resp)
    req['URL1']=req['URL'] # fix for CMFQuickInstaller
    #
    # copy/hacked from Localizer __init__ patches
    # first put the needed values in the request
    req['HTTP_ACCEPT_CHARSET'] = 'latin-9'
    #req.other['AcceptCharset'] = AcceptCharset(req['HTTP_ACCEPT_CHARSET'])
    #
    req['HTTP_ACCEPT_LANGUAGE'] = 'fr'
    #accept_language = AcceptLanguage(req['HTTP_ACCEPT_LANGUAGE'])
    #req.other['AcceptLanguage'] = accept_language 
    # XXX For backwards compatibility
    #req.other['USER_PREF_LANGUAGES'] = accept_language
    #req.other['AcceptLanguage'] = accept_language 
    #
    # Plone stuff
    #req['plone_skin'] = 'Plone Default'
    #
    # then store the request in Publish._requests
    # with the thread id
    id = get_ident()
    if hasattr(Publish, '_requests'):
        # we do not have _requests inside ZopeTestCase
        Publish._requests[id] = req
    # add a brainless session container
    req['SESSION'] = {}
    #
    # ok, let's wrap
    return app.__of__(RequestContainer(REQUEST = req))


def debug_init(app):
    loginAsUnrestrictedUser()
    app = makerequest(app)
    return app

This lives in a wshelpers Zope product. Once the debug shell launched, it's just a matter of;

>> from Products.wshelpers import wsdebug
>> app = wsdebug.debug_init(app)
>> # now you're logged in as admin
bruno desthuilliers