[ZOPE] using re.compile(...) raises an HTTP401 (basic authencication) ??????

Penfold spam at spam.com
Wed May 2 17:32:41 EDT 2001

PythonScript products in Zope run in a protected environment, similar to a
Bastion environment.
Basically, various things including attribute access is checked on the fly
and verified by a SecurityManager.

Your problem is that you are allowed to *import re* ... you're just not
allowed to do anything with it ;-)
ie  re.compile ends up calling __careful_get_attr(re, 'compile') and the
securityManager says "NO!!"

Check out the code in the PythonScript product if you want to see how this
stuff works.

Solutions ? Well, easiest is to create this as an External Python Script ...
they can do anything they like.

"Gilles Lenfant" <glenfant.nospam at bigfoot.com> wrote in message
news:9cphc3$cu9$1 at news2.isdnet.net...
> Can't understand this !!!
> I made a simple ZOPE python script for checking some text fields (runs OK)
> The same script checks an e-mail field and when testing (the "Test" tab
> the parameter/value form), the browser raises a user/password login box
> (HTTP status 401 I guess)
> === my script==
> ...
> import string
> import re
> ...
> # Test other fields with <string> package resources (OK)
> ...
> # Test of e-mail address
> email = string.strip(email)
> if len(email) == 0:
>     errortext = errortext + '<li>You must provide a mail address</li>\n'
> else:
>     # Execution of next line raises the
>     mailre = re.compile(r'^([\w at .=/_-]+)@([\w-]+)(\.[\w-]+)*$')
>     if not mailre.match(email):
>         errortext = errortext + '<li>%s is not a valid mail
> % email
> ...
> ====end====
> AFAIK, "re" is not in the current ZOPE namespace when executing the
> Note: when I remove the e-mail check, the test just runs fine (including
> "import re")!
> Can anybody help ?

More information about the Python-list mailing list