MoinMoinChat/Logs/moin-dev/2009-03-31

2009-03-31T00:01:35  <ThomasWaldmann> PawelPacana: wanna mumble, too? :)
2009-03-31T00:02:32  <ThomasWaldmann> dimazest: ""
2009-03-31T00:05:03  <ThomasWaldmann> starshine_away: do you have a mumble client? we could do some latency test chat :)
2009-03-31T00:07:21  <ronny> ThomasWaldmann: mumble?
2009-03-31T00:07:25  <dennda> yeah
2009-03-31T00:07:28  <dennda> voice conferencing
2009-03-31T00:07:31  <dennda> usually used by gamers
2009-03-31T00:07:38  <ronny> ah, i see
2009-03-31T00:07:40  <ronny> can it encrypt?
2009-03-31T00:07:44  <dennda> yes
2009-03-31T00:08:09  <dennda> provides me with a "self-signed certificate" warning when connecting to a server
2009-03-31T00:08:14  <cbx33> yes
2009-03-31T00:08:15  <cbx33> me too
2009-03-31T00:08:23  <dennda> ronny: join too :-)
2009-03-31T00:08:58  <ronny> dennda: currently installing
2009-03-31T00:09:20  <ronny> might take some time tho
2009-03-31T00:09:29  <ronny> need to compile qt-opengl first
2009-03-31T00:09:37  <dennda> was quite straightforward for the rest of us
2009-03-31T00:09:38  <dennda> wtf?
2009-03-31T00:09:48  <dennda> gentoo?
2009-03-31T00:09:52  <TheSheep> lol
2009-03-31T00:10:05  <cbx33> qt-opengl....for viewing peoples voice in 3D?
2009-03-31T00:10:14  <TheSheep> opengl? for a voice app?
2009-03-31T00:10:24  <TheSheep> it has those fancy diagrams...
2009-03-31T00:11:14  <ronny> dennda: yeah, im doing more c/c++/vala things, gento is ultimatively more nice there
2009-03-31T00:12:06  <ronny> and im preparing an application for a hg api gsoc
2009-03-31T00:12:18  <dennda> for hg?
2009-03-31T00:12:49  <TheSheep> yay, hg is getting a lot of attention
2009-03-31T00:12:50  <ronny> yeah, currently im identifying rough edges and weird api parts, then i need to wire up a reasonable coherent application
2009-03-31T00:13:00  <dennda> ok
2009-03-31T00:13:16  <ronny> its a bit selfish, i also want better apis for anyvc
2009-03-31T00:13:36  <ronny> http://bitbucket.org/RonnyPfannschmidt/anyvc/src/tip/anyvc/workdir/hg.py#cl-32 <- those things aint funny
2009-03-31T00:15:37  <TheSheep> I hate it that some commands just fail silently if you don't have the right locks
2009-03-31T00:16:21  <TheSheep> ronny: aah, we have that in the parser api too
2009-03-31T00:16:41  <TheSheep> ronny: even with StringIO and stdout redirection
2009-03-31T00:17:38  <TheSheep> ut of curiosity, does anyone of you use the right ctrl key?
2009-03-31T00:17:46  <TheSheep> out*
2009-03-31T00:18:57  <ronny> not really
2009-03-31T00:19:13  <ronny> ok, waht mumble server
2009-03-31T00:20:02  <dennda> ronny: clanfr 91
2009-03-31T00:20:13  <TheSheep> clanfr [91]
2009-03-31T00:20:16  <dennda> ronny: find that one from the server list; do NOT enter it directly as the server adress
2009-03-31T00:20:20  <dennda> that's the servers name
2009-03-31T00:20:23  <TheSheep> (91 is *not* a port number)
2009-03-31T00:23:13  <dreimark> TheSheep: good idea "color using border-bottom"
2009-03-31T00:24:54  <TheSheep> dreimark: early versions of my wiki did that
2009-03-31T00:25:58  <TheSheep> but they showed the time since the last edit
2009-03-31T00:27:16  <cbx33> right
2009-03-31T00:27:22  <cbx33> I'm shattered guys
2009-03-31T00:27:28  <dennda> hm?
2009-03-31T00:27:32  <cbx33> tired
2009-03-31T00:27:37  <cbx33> off to bed now
2009-03-31T00:27:41  <dennda> ok, gn8
2009-03-31T00:27:53  <TheSheep> sweet dreams
2009-03-31T00:28:00  <dreimark> good night
2009-03-31T00:31:22  <CIA-13> Thomas Waldmann <tw AT waldmann-edv DOT de> default * 4309:357ad7160d15 1.8/MoinMoin/config/__init__.py: add mumble protocol (nice and good quality F/OSS VOIP conference chat software)
2009-03-31T00:32:49  <dennda> heh
2009-03-31T00:32:49  <ronny> silence?
2009-03-31T00:32:54  <dennda> yeah
2009-03-31T00:32:58  <dennda> shall we sing?
2009-03-31T00:33:02  <ronny> NO
2009-03-31T00:33:17  <TheSheep> I'm going to bed, good night, have fun
2009-03-31T00:48:14  *** cbx33 has quit IRC
2009-03-31T01:18:57  <PawelPacana> mumble rumble ;)
2009-03-31T03:13:34  *** dimazest_ has joined #moin-dev
2009-03-31T03:29:59  *** dimazest has quit IRC
2009-03-31T05:04:11  *** dimazest_ has quit IRC
2009-03-31T05:07:41  *** dimazest has joined #moin-dev
2009-03-31T05:51:44  *** dimazest_ has joined #moin-dev
2009-03-31T06:16:18  *** dimazest has quit IRC
2009-03-31T07:29:23  *** dimazest has joined #moin-dev
2009-03-31T07:48:32  *** dimazest_ has quit IRC
2009-03-31T07:49:24  *** dimazest has quit IRC
2009-03-31T08:15:07  <ThomasWaldmann> moin
2009-03-31T08:24:48  *** dimazest has joined #moin-dev
2009-03-31T08:26:52  *** dimazest has quit IRC
2009-03-31T08:30:24  *** dimazest has joined #moin-dev
2009-03-31T08:37:12  *** dimazest has quit IRC
2009-03-31T08:38:07  *** dimazest has joined #moin-dev
2009-03-31T08:51:23  *** dimazest has quit IRC
2009-03-31T09:10:39  *** dimazest has joined #moin-dev
2009-03-31T09:39:32  *** dimazest has quit IRC
2009-03-31T09:45:34  <dreimark> moin
2009-03-31T09:53:38  *** dimazest has joined #moin-dev
2009-03-31T10:13:33  *** dimazest has joined #moin-dev
2009-03-31T10:20:52  *** dimazest has quit IRC
2009-03-31T10:25:07  *** dimazest has joined #moin-dev
2009-03-31T10:25:47  *** dimazest has quit IRC
2009-03-31T10:33:23  *** dimazest has joined #moin-dev
2009-03-31T10:50:58  *** cbx33 has joined #moin-dev
2009-03-31T10:52:55  <cbx33> mornin all
2009-03-31T11:43:51  <PawelPacana> moin
2009-03-31T12:21:42  *** dimazest has quit IRC
2009-03-31T12:58:17  *** dimazest has joined #moin-dev
2009-03-31T13:27:05  <cbx33> moin moin PawelPacana
2009-03-31T13:35:28  <dennda> oioi
2009-03-31T13:39:30  <cbx33> hey dennda
2009-03-31T13:43:07  <dennda> hey :-)
2009-03-31T13:43:19  <dennda> sun is shining, girl survived the plane flight, happy day
2009-03-31T13:57:41  *** dimazest has quit IRC
2009-03-31T14:05:14  *** dimazest has joined #moin-dev
2009-03-31T16:10:20  *** dimazest has joined #moin-dev
2009-03-31T16:24:19  *** dimazest has quit IRC
2009-03-31T16:26:47  <CIA-13> Reimar Bauer <rb.proj AT googlemail DOT com> default * 4310:307c423cf0d1 1.8/MoinMoin/macro/TableOfContents.py: macro.TableOfContents: bug fix for MoinMoinBugs/TableOfContentsIgnoresSectionNumbersPragma
2009-03-31T16:34:04  <dreimark> hmm in 1.9 pulling from 1.8 shows me two heads currently.
2009-03-31T16:35:48  *** dimazest has joined #moin-dev
2009-03-31T16:38:27  *** dimazest has quit IRC
2009-03-31T16:39:20  <dreimark> bbl
2009-03-31T17:00:00  <ThomasWaldmann> re
2009-03-31T17:18:40  *** dimazest has joined #moin-dev
2009-03-31T17:24:11  *** dimazest has quit IRC
2009-03-31T17:35:23  *** dimazest has joined #moin-dev
2009-03-31T17:59:44  *** dimazest has quit IRC
2009-03-31T19:21:04  <dreimark> re
2009-03-31T19:45:51  *** dimazest has joined #moin-dev
2009-03-31T20:01:03  *** starshine_away has quit IRC
2009-03-31T20:09:29  *** dimazest_ has joined #moin-dev
2009-03-31T20:24:57  *** dimazest has quit IRC
2009-03-31T20:35:34  *** dimazest has joined #moin-dev
2009-03-31T20:49:43  *** dimazest_ has quit IRC
2009-03-31T20:51:04  <ThomasWaldmann>  re
2009-03-31T20:59:55  <cbx33> Hey
2009-03-31T21:00:00  <cbx33> how is everyone
2009-03-31T21:00:13  <ThomasWaldmann> moin cbx33
2009-03-31T21:00:20  <dennda> cbx33: ThomasWaldmann and I were just discussing a technical detail of the ACL middleware
2009-03-31T21:00:32  <dennda> you need to somehow pass the username to the middleware
2009-03-31T21:00:33  <cbx33> awesome
2009-03-31T21:00:46  <cbx33> how is it done presently?
2009-03-31T21:00:50  <dennda> it isn't
2009-03-31T21:01:00  <cbx33> well acl is done
2009-03-31T21:01:12  <dennda> the plan is this
2009-03-31T21:01:14  <dennda> e.g.
2009-03-31T21:01:23  <dennda> view action -> acl middleware -> specific backend
2009-03-31T21:01:33  <dennda> the acl middleware and the specific backend share the same API
2009-03-31T21:01:40  <dennda> so the acl middleware is optional
2009-03-31T21:02:20  * ThomasWaldmann is well
2009-03-31T21:02:20  <dennda> now while we *could* do get_item(itemname, username) in the acl middleware, that would break any call to get_item when the ACL middleware is not used
2009-03-31T21:02:50  <dennda> so the question arises whether we want the acl middleware to be optional or mandatory
2009-03-31T21:03:13  <dennda> if optional, further thought must be given on how to best accomplish that
2009-03-31T21:03:31  <dennda> we don't want a username on the lower storage layer
2009-03-31T21:03:53  <cbx33> why not?
2009-03-31T21:05:36  <dennda> you could do that, but that'd be a layering violation
2009-03-31T21:05:43  <ThomasWaldmann> i think the wrapping of storage backend into acl backend has to be done per request
2009-03-31T21:06:00  <ThomasWaldmann> but that doesnt mean that the storage backend has to be initialized per request
2009-03-31T21:06:27  <dennda> cbx33: before doing such things I tend to give the other options some thought and maybe fall back to it as a last resort ;)
2009-03-31T21:06:35  <cbx33> of course
2009-03-31T21:07:25  <TheSheep> you can have a no-op acl middleware...
2009-03-31T21:07:37  <dennda> that's another idea
2009-03-31T21:07:56  <dennda> but that'd mean introducing some stupid middleware that basically does nothing just to keep the API perfectly clean
2009-03-31T21:08:00  <dennda> if I got you right, TheSheep
2009-03-31T21:08:08  <TheSheep> yeah
2009-03-31T21:08:10  <dennda> (on a lower level)
2009-03-31T21:08:23  <cbx33> sometimes that's the downside to abstraction
2009-03-31T21:08:24  <dennda> the actions would still always pass a username
2009-03-31T21:08:32  <TheSheep> a separate layer, really, as the api on both sides would be different
2009-03-31T21:08:39  <dennda> so you'd need to make that stupid middleware mandatory
2009-03-31T21:08:54  <dennda> and if you do that you can as well make the acl middleware mandatory in the first place...
2009-03-31T21:09:06  <cbx33> well.....imho the acl middle ware should be mandatory
2009-03-31T21:09:15  <dennda> that's the question
2009-03-31T21:09:23  <cbx33> it's part of the core system
2009-03-31T21:09:24  <dennda> and I don't know I know enough moin usecases to answer it
2009-03-31T21:09:38  <cbx33> well if the default is that it's not enforcing anyting
2009-03-31T21:09:42  <cbx33> I don't see an isue
2009-03-31T21:09:47  <TheSheep> it would be nice to have different possible access control schemes
2009-03-31T21:09:50  <TheSheep> pluggable
2009-03-31T21:09:53  <dennda> ThomasWaldmann: I didn't quite get your idea. can you elaborate?
2009-03-31T21:10:04  <ThomasWaldmann> the backends will have some different params anyway depending on what the backend is doing
2009-03-31T21:10:18  <ThomasWaldmann> so the acl backend could just get the user obj
2009-03-31T21:10:22  <dennda> what part of the backends?
2009-03-31T21:10:49  <cbx33> acl needs to be in the core middle ware....so that people devloping backends don't need to worry about it
2009-03-31T21:11:05  <cbx33> but ..... it should be mandatory...imho.....and just pass-through by default
2009-03-31T21:11:15  <dennda> well yeah, if it's mandatory there's no issue
2009-03-31T21:11:48  <dennda> then it's *always* view action -> acl middleware -> specific backend and all actions use the acl middlewares api
2009-03-31T21:11:53  <dennda> *always*
2009-03-31T21:12:12  <cbx33> yes
2009-03-31T21:12:20  <dennda> I'd just like someones comment on whether or not it should be mandatory
2009-03-31T21:12:21  <cbx33> and I think personally that' the best way to go
2009-03-31T21:12:54  <dennda> cbx33: I agree, I'm just afraid to miss any usecase
2009-03-31T21:13:05  <cbx33> of course
2009-03-31T21:13:18  <cbx33> but if it's transparent....and replaces and acl at the moment
2009-03-31T21:13:29  <TheSheep> dennda: how about stacking acl middlewares?
2009-03-31T21:13:43  <dennda> TheSheep: --verbose
2009-03-31T21:14:14  <dennda> i'll take a shower. bbiab
2009-03-31T21:14:19  <ThomasWaldmann> what i mean is that acl middleware api could be maybe == backend api
2009-03-31T21:14:20  <TheSheep> dennda: if it's a normal middle ware (api on both ends is the same), then you can stack several ones, for example have separate middleware to check groups, and separate to check users
2009-03-31T21:14:30  <TheSheep> and rise exceptions if no access
2009-03-31T21:14:43  <dennda> ThomasWaldmann: with or without passing a username?
2009-03-31T21:15:02  <TheSheep> dennda: the username would be passed to the object, not to the method calls
2009-03-31T21:15:29  <dennda> TheSheep: sure, but if the API we currently have is the same for the ACL middleware, how does the acl middleware know what user is trying to get an item/revision?
2009-03-31T21:15:43  <dennda> what object?
2009-03-31T21:15:48  <dennda> anyway, shower
2009-03-31T21:15:57  <TheSheep> request -> auth -> action -> wrap storage in acl middleware with user -> storage
2009-03-31T21:16:12  <ThomasWaldmann> aclmiddleware.__init__(self, user, backend)
2009-03-31T21:16:44  <cbx33> bath
2009-03-31T21:16:58  <TheSheep> ThomasWaldmann: the bad thing is that you can't really cache things in it then
2009-03-31T21:17:25  <ThomasWaldmann> caching can be done in the backend, not in the aclmiddleware
2009-03-31T21:17:45  <ThomasWaldmann> hmm, you even can cache a bit there, bit it only will live for 1 request
2009-03-31T21:18:03  <TheSheep> alternatively, the middleware could have a wrap method, that would monkey-patch the storage with user info
2009-03-31T21:18:36  <ThomasWaldmann> and what does storage backend do with the user?
2009-03-31T21:18:37  <TheSheep> I know that it's dirty, but possible
2009-03-31T21:19:15  <TheSheep> I like how wsgi works -- passing around the environment that can be augmented
2009-03-31T21:19:19  <TheSheep> with additional info
2009-03-31T21:19:56  <ThomasWaldmann> if we have 1 storage backend per process, we can't patch user into that object, we can just pass it
2009-03-31T21:20:07  <TheSheep> yeah
2009-03-31T21:20:28  <TheSheep> so, do we extend the api with an optional user argument?
2009-03-31T21:21:15  <TheSheep> or maybe the acl plugin should be just a factory of storage wrappers?
2009-03-31T21:21:21  <ThomasWaldmann> well, the real backends don't need user, but they could ignore a user param if they get one
2009-03-31T21:21:32  *** grzywacz has joined #moin-dev
2009-03-31T21:22:25  <ThomasWaldmann> then you could maybe use an unwrapped storage backend in place of a acl wrapped one
2009-03-31T21:22:38  * TheSheep --> bed, good night
2009-03-31T21:22:58  <ThomasWaldmann> hmm, tiring topic :D
2009-03-31T21:23:12  <ThomasWaldmann> gn TheSheep
2009-03-31T21:29:54  <dennda> ThomasWaldmann: aclmiddleware.__init__(self, user, backend) <-- do the actions do that before calling get_item()?
2009-03-31T21:30:15  <ThomasWaldmann> once at the beginning of the request
2009-03-31T21:30:35  <dennda> ThomasWaldmann: aclmiddleware is always the same object?
2009-03-31T21:30:48  <ThomasWaldmann> for one request, yes
2009-03-31T21:31:44  <dennda> I was under the impression that all requests use the data_backend and user_backend defined in the wiki config. How do you do that on a per-request-level?
2009-03-31T21:31:58  <dennda> because if aclmiddleware stays the same object that won't work due to concurrency problems
2009-03-31T21:32:05  <ThomasWaldmann> by using a lambda
2009-03-31T21:32:29  <ThomasWaldmann> aclmiddleware is per request, not per cfg
2009-03-31T21:33:09  <ThomasWaldmann> maybe look at the code of melita and reimar and me from last year for ldapgroups
2009-03-31T21:34:23  <dennda> so aclmiddleware is an attribute of request? (i.e., accessible via request.aclmiddleware?)
2009-03-31T21:35:03  <ThomasWaldmann> or of some context as it is called in 1.9
2009-03-31T21:35:40  <dennda> so for every request, you instanciate a new aclmiddleware object for that request (since the request is thrown away after it has been processed)
2009-03-31T21:35:50  <ThomasWaldmann> yes
2009-03-31T21:35:57  * dreimark is tired
2009-03-31T21:36:01  <dennda> I'm just wondering whether that's too expensive
2009-03-31T21:36:25  <ThomasWaldmann> one can add a caching manager for that later
2009-03-31T21:36:45  <ThomasWaldmann> but initializing the acl layer does not need to do much
2009-03-31T21:37:19  <ThomasWaldmann> the constant acls from the cfg can be kept in cfg.cache.... in "precompiled" form
2009-03-31T21:37:20  <dennda> well you always get the usual "create an instance of that class" overhead
2009-03-31T21:37:40  <ThomasWaldmann> that's peanuts compared to a disk or db access
2009-03-31T21:38:05  <ThomasWaldmann> or a network data transfer
2009-03-31T21:38:20  <dennda> and you'd need to access get_item via request.aclmiddleware.get_item which then dispatches to data_backend.get_item
2009-03-31T21:38:29  <ThomasWaldmann> yes
2009-03-31T21:38:37  <dennda> is that what we want?
2009-03-31T21:38:52  <ThomasWaldmann> as long as we don't have a better idea :)
2009-03-31T21:39:25  <ThomasWaldmann> for the beginning, we can keep it simple. except if we notice that there is a real problem.
2009-03-31T21:40:45  <ThomasWaldmann> btw, where is the api docs again from last summer?
2009-03-31T21:40:55  <dennda> I'd just go with making the aclmiddleware mandatory and adding a username parameter to the middlewares get_item method
2009-03-31T21:41:01  <dennda> umm
2009-03-31T21:41:02  <dennda> lemme check
2009-03-31T21:41:34  <ThomasWaldmann> then we need to give the user all the time...
2009-03-31T21:41:36  <dennda> I remember having written some wiki page and the pydoc docstrings
2009-03-31T21:41:56  <dennda> yeah
2009-03-31T21:42:09  <dennda> you either need to give the user all the time or access the methods on the request.aclmiddleware...
2009-03-31T21:42:17  <dennda> it's both the same issue
2009-03-31T21:42:48  <dennda> namely: having those incompatible calls in the action (incompatible with the lower level storage api)
2009-03-31T21:43:09  <ThomasWaldmann> you need to access the backend by something anyway so it is not that much the same effort for callers
2009-03-31T21:43:47  <ThomasWaldmann> if you would use the data_backend directly, it would be request.cfg.data_backend.get_item()
2009-03-31T21:44:10  <dennda> if you later decide to make acls optional, you need to either rip out all the user arguments or change the object the method is invoked on...
2009-03-31T21:44:37  <ThomasWaldmann> no
2009-03-31T21:45:18  <dennda> I think you are right though
2009-03-31T21:45:22  <ThomasWaldmann> we need just that dummy acl thing
2009-03-31T21:45:57  <ThomasWaldmann> my idea from 10mins ago with ignoring user params is invalid, because that would mean we create the real storage backend per request
2009-03-31T21:46:19  <ThomasWaldmann> which is a dumb idea for expensive init (like SQL DBMS)
2009-03-31T21:46:50  <dennda> which idea precisely?
2009-03-31T21:47:05  <ThomasWaldmann> so we will have some kind of acl middleware in any case (dummy or real), it will have the same api as the backends
2009-03-31T21:47:22  <ThomasWaldmann> dennda: to directly use a storage backend in place of the aclmiddleware
2009-03-31T21:47:23  <dennda> yes
2009-03-31T21:47:36  <ThomasWaldmann> without dummy middleware
2009-03-31T21:47:38  <dennda> yeah you'd need a dummy
2009-03-31T21:48:00  <dennda> ok
2009-03-31T21:48:01  <ThomasWaldmann> not because of api, but because of object creation and lifetime
2009-03-31T21:48:27  <dennda> data_backend should always stay the same
2009-03-31T21:48:37  <dennda> so the dummy just dispatches to request.cfg.data_backend
2009-03-31T21:48:58  <dennda> if we agree on this, it means we got our solution :-)
2009-03-31T21:48:59  <ThomasWaldmann> yes
2009-03-31T21:49:01  <dennda> great
2009-03-31T21:49:21  <dennda> sad
2009-03-31T21:49:26  <dennda> nothing to mumble about now
2009-03-31T21:49:27  <ThomasWaldmann> and it also needs to use user_backend
2009-03-31T21:49:37  <dennda> i was going to suggest that :D
2009-03-31T21:49:52  <ThomasWaldmann> for Known:
2009-03-31T21:50:02  <dennda> yes sure, and it also needs to support methods other than get_item.. I was just giving an example OBdA
2009-03-31T21:50:45  <ThomasWaldmann> btw, if acl checks fail, i want some pretty exception
2009-03-31T21:52:06  <ThomasWaldmann> so that the developer of some action will just use try: get the item except PermissionDenied: handle it
2009-03-31T21:52:23  <cbx33> so
2009-03-31T21:52:39  <cbx33> I'm confused now are we mandating the acl middle ware, whether it acts in passthrough or not
2009-03-31T21:52:51  <ThomasWaldmann> and if that developer fails to do that, the wiki user will just get a not so nice server error, but never data he should not see
2009-03-31T21:53:13  <ThomasWaldmann> cbx33: dummy or real acl middleware is mandatory
2009-03-31T21:53:43  <cbx33> dummy being?
2009-03-31T21:53:53  <ThomasWaldmann> just passing through everything
2009-03-31T21:54:00  <cbx33> right
2009-03-31T21:54:19  <cbx33> so is this going to be AMW in a special mode, or a seperate MW?
2009-03-31T21:54:20  <ThomasWaldmann> it is just because the dummy gets destroyed at end of request,
2009-03-31T21:54:33  <ThomasWaldmann> but we do not want to destroy the real backend object
2009-03-31T21:54:41  <cbx33> isn't that going to be more expensive
2009-03-31T21:54:42  <ThomasWaldmann> so that sql db connections stay connected
2009-03-31T21:54:56  <cbx33> why note keep the AMW but put it into a special pass through mode
2009-03-31T21:55:04  <dennda> AMW?
2009-03-31T21:55:06  <cbx33> then it doesn't need to be created/nor destroyed
2009-03-31T21:55:09  <cbx33> ACLMiddleWAre
2009-03-31T21:55:14  * cbx33 got tired of typing it
2009-03-31T21:55:17  <dennda> ;)
2009-03-31T21:55:37  <ThomasWaldmann> well, I guess it doesn't matter much
2009-03-31T21:55:50  <ThomasWaldmann> maybe just using a separate class is easier
2009-03-31T21:56:07  <ThomasWaldmann> and even a bit faster (saves one "if" at least :)
2009-03-31T21:56:11  <cbx33> heh
2009-03-31T21:56:14  <cbx33> tbph
2009-03-31T21:56:26  <dennda> to be precise here? (just guessing)
2009-03-31T21:56:26  <cbx33> i think the AMW should be used in all cases......
2009-03-31T21:56:33  <cbx33> if ther eis no acl in the page it doesn't need to do anything
2009-03-31T21:57:15  <ThomasWaldmann> cbx33: it needs to fetch the page to see that there is no acl
2009-03-31T21:57:26  <dennda> doesn't matter
2009-03-31T21:57:29  <ThomasWaldmann> or rather that page's metadata
2009-03-31T21:57:38  <dennda> you need to create an object on a per request basis anyways
2009-03-31T21:57:47  <dennda> whether that is a dummy or real AMW doesn't matter
2009-03-31T21:58:12  <ThomasWaldmann> in any case, the protected thing (or mode) will be the default
2009-03-31T21:58:36  * ThomasWaldmann .oO(less security bugs)
2009-03-31T21:59:02  <dennda> ?
2009-03-31T21:59:08  <cbx33> ThomasWaldmann, indeed
2009-03-31T21:59:17  <dennda> if no acls present, nobody may rwx the page?
2009-03-31T21:59:34  <cbx33> the default acl is rw everyone isn't it?
2009-03-31T21:59:36  <ThomasWaldmann> dennda: it won't be AMW.__init__(...,  unsecure=True)
2009-03-31T21:59:56  * dennda wonders why you always call __init__ explicitly
2009-03-31T22:00:31  <ThomasWaldmann> yeah, that's superfluous
2009-03-31T22:01:00  <ThomasWaldmann> ok, shall we run one server start plus one request here? :)
2009-03-31T22:02:10  <dennda> what do you mean?
2009-03-31T22:02:49  <ThomasWaldmann> running some pseudocode in a irc channel :)
2009-03-31T22:03:31  * dennda is so not getting the joke
2009-03-31T22:05:18  <ThomasWaldmann> request hits wiki server
2009-03-31T22:05:25  <ThomasWaldmann> moin loads config
2009-03-31T22:05:45  <ThomasWaldmann> in config, data_be and user_be are initialized
2009-03-31T22:05:46  <dennda> (once)
2009-03-31T22:05:58  <ThomasWaldmann> yes
2009-03-31T22:06:22  <ThomasWaldmann> then it processes the request (e.g. show item FOO)
2009-03-31T22:07:04  <dennda> puts a AMW into the request
2009-03-31T22:07:10  <ThomasWaldmann> receives username or userid somehow (cookie e.g.)
2009-03-31T22:08:10  <ThomasWaldmann> queries user_be for the user profile (if we only have a uid, we will also have a username now)
2009-03-31T22:09:30  <ThomasWaldmann> creates request.storage = AMW(user, data_be, user_be)
2009-03-31T22:10:17  <ThomasWaldmann> dispatches to show action
2009-03-31T22:10:52  <ThomasWaldmann> in show:
2009-03-31T22:10:55  <ThomasWaldmann> try:
2009-03-31T22:11:16  <ThomasWaldmann>    item = request.storage.get_item(pagename)
2009-03-31T22:11:23  <ThomasWaldmann> except PermissionDenied:
2009-03-31T22:11:32  <ThomasWaldmann>     msg("you are not...")
2009-03-31T22:11:52  <ThomasWaldmann> render(item.data)
2009-03-31T22:12:04  <ThomasWaldmann> what's wrong? :)
2009-03-31T22:12:25  <dennda> item may not exist
2009-03-31T22:12:39  <ThomasWaldmann> except NoItem:
2009-03-31T22:12:41  <ThomasWaldmann>  ...
2009-03-31T22:13:17  <dennda> what creates request.storage? isn't that done upon the request objects initialization?
2009-03-31T22:13:47  <ThomasWaldmann> yes
2009-03-31T22:14:07  <ThomasWaldmann> or early in request processing
2009-03-31T22:14:12  <dennda> how does the dispatching to the show action work?
2009-03-31T22:14:38  <ThomasWaldmann> request.values['action'] has its name
2009-03-31T22:15:10  <dennda> ok; what part of moin creates the request object and calls the appropriate action?
2009-03-31T22:16:36  <ThomasWaldmann> it is all in wsgiapp right now iirc
2009-03-31T22:17:21  <dennda> the user passed to the AMW is some user object with may.read etc. methods that I don't know yet?
2009-03-31T22:17:28  <ThomasWaldmann> but we need to be more detailed about what happens when somebody calls get_item on the AMW
2009-03-31T22:17:51  <ThomasWaldmann> no user.may any more
2009-03-31T22:18:11  <dennda> how does the AMW perform the check, then?
2009-03-31T22:18:14  <ThomasWaldmann> that was a nicely readable thing, but we now don't need to do it everywhere
2009-03-31T22:18:44  <ThomasWaldmann> ok, amw receives a get_item(itemname="FOO") call
2009-03-31T22:18:48  <dennda> I was under the impression that the AMW uses already existing code to determine whether some action is allowed or not
2009-03-31T22:19:07  <ThomasWaldmann> yes, the acl code is there
2009-03-31T22:19:13  <dennda> good
2009-03-31T22:19:30  <ThomasWaldmann> amw now fetches FOO's metadata
2009-03-31T22:19:48  <ThomasWaldmann> and gets the page ACL from it (or "")
2009-03-31T22:19:58  <ThomasWaldmann> ehrm, or acl_rights_default
2009-03-31T22:20:24  <ThomasWaldmann> creates an acl object of it
2009-03-31T22:20:56  <ThomasWaldmann> runs username through before, page, after acl objects (or some hierarchical processing)
2009-03-31T22:21:25  <ThomasWaldmann> if acl denies: raise PermissionDenied
2009-03-31T22:21:54  <ThomasWaldmann> return self.backend.samemethod(...)
2009-03-31T22:23:06  <dennda> yes
2009-03-31T22:23:30  <dennda> I'll need to take a deeper look at how the actual acl checks have to be performed, but the principle itself is clear
2009-03-31T22:23:41  <cbx33> sounds good to me
2009-03-31T22:23:49  <cbx33> the details I'm a little fuzzy on
2009-03-31T22:23:54  <cbx33> but looks good in principle
2009-03-31T22:24:19  <dennda> we'll work it out :-)
2009-03-31T22:24:40  * dennda feels much more confident this GSoC than he felt last year
2009-03-31T22:25:23  <dennda> btw: ubuntu withdrew their GSoC participation
2009-03-31T22:25:40  <dennda> *AFTER* having been accepted as org...
2009-03-31T22:26:10  <cbx33> ahh
2009-03-31T22:26:12  <cbx33> I did wonder
2009-03-31T22:26:39  <dennda> I'm happy not having applied for one of their tasks...
2009-03-31T22:27:19  <ThomasWaldmann> huh?
2009-03-31T22:27:31  <ThomasWaldmann> what happen?
2009-03-31T22:27:50  <ThomasWaldmann> (don't tell "war has begun")
2009-03-31T22:27:52  <dennda> "we don't feel like being able to provide as much love to our students as we should"
2009-03-31T22:28:07  <dennda> "so kthxbai"
2009-03-31T22:28:31  <ThomasWaldmann> hmm, not enough mentors or mentors dropping out
2009-03-31T22:29:06  <dennda> sth like that
2009-03-31T22:29:14  <dennda> pity
2009-03-31T22:29:25  <dennda> that could have been pocoo's slot ;)
2009-03-31T22:30:07  <cbx33> as someone who has mentored for Ubuntu in the past
2009-03-31T22:30:11  <cbx33> it's probably for the best
2009-03-31T22:30:48  <cbx33> the organisation wasn't great
2009-03-31T22:32:10  <dennda> sure
2009-03-31T22:32:27  <dennda> still sad for students interested in the project and other organizations that weren't chosen
2009-03-31T22:34:10  <cbx33> of course
2009-03-31T22:34:13  <ThomasWaldmann> i don't quite understand that, though. I would've expected ubuntu having 10..100x the workforce than we at moin have.
2009-03-31T22:40:57  <dennda> oh, i still need to get that application done... ;)
2009-03-31T22:41:00  <dennda> let's not forget that...
2009-03-31T22:43:15  <ThomasWaldmann> :D
2009-03-31T22:56:14  * dreimark wonders about the ubuntu decision
2009-03-31T23:05:24  <dreimark> students please begin submitting propsals
2009-03-31T23:05:32  <dreimark> Please help us get an accurate sense of how many proposals will be
2009-03-31T23:05:32  <dreimark> submitted for GSoC 2009 by asking your students to submit their
2009-03-31T23:05:33  <dreimark> proposals to the GSoC 2009 site *now*.
2009-03-31T23:05:37  <dreimark> from leslie on the mailing list
2009-03-31T23:06:03  <dennda> mine's not finished...
2009-03-31T23:06:30  <ThomasWaldmann> first finish it. but do it asap.
2009-03-31T23:06:44  <dennda> last year I was able to modify it as much as I wanted before the deadline... can I do that this year to?
2009-03-31T23:06:59  <ThomasWaldmann> i only know about commenting feature
2009-03-31T23:07:12  <ThomasWaldmann> i don't know if you can edit the proposal itself
2009-03-31T23:07:21  <dennda> i could last year.. lemme ask #gsoc
2009-03-31T23:07:49  <dreimark> "They are welcome to link to the
2009-03-31T23:07:49  <dreimark> wiki page, mailing list thread, forum topic, etc. where their
2009-03-31T23:07:49  <dreimark> proposals are under discussion and refinement as part of the proposal
2009-03-31T23:07:50  <dreimark> submission process.[0]"
2009-03-31T23:08:11  <dennda> editing seems to be possible
2009-03-31T23:08:20  <ThomasWaldmann> good :)
2009-03-31T23:08:32  <dennda> just won't be revisioned I guess ;)
2009-03-31T23:08:34  <ThomasWaldmann> then submit now and continue editing
2009-03-31T23:08:38  <dennda> jup
2009-03-31T23:09:14  <dreimark> for others searching for that feature "To review which proposals you have submitted or to make edits to your proposal, click on "List my Student Proposals" in the left hand navigation menu."
2009-03-31T23:19:03  <ThomasWaldmann> 2 proposals yet, btw
2009-03-31T23:20:28  <dreimark> and 1 of them not verbose detailed
2009-03-31T23:22:00  <ThomasWaldmann> i increased our wanted slot count to 5 (as we have 5 mentors currently)
2009-03-31T23:23:48  <dreimark> btw where is that code search by google before it was in labs
2009-03-31T23:27:49  <ThomasWaldmann> http://www.google.com/codesearch
2009-03-31T23:28:16  <dreimark> it isn't mentioned on the goolge search page or ?
2009-03-31T23:28:21  <dreimark> thanks
2009-03-31T23:29:03  <ThomasWaldmann> i found it via code.google.com and searching a bit there
2009-03-31T23:36:40  <ThomasWaldmann> http://tech.slashdot.org/article.pl?sid=09/03/31/1827203&art_pos=4
2009-03-31T23:41:16  <dreimark> ThomasWaldmann: can we use an env var for plugin_static and serve that by make_static_serving_app too?
2009-03-31T23:41:25  <ThomasWaldmann> cool, Python development changes to Mercurial DVCS
2009-03-31T23:41:30  <dreimark> old
2009-03-31T23:41:45  <dreimark> but yeah cool
2009-03-31T23:46:38  <dreimark> good night
2009-03-31T23:50:09  <dennda> it's three applications now...
2009-03-31T23:52:24  <ThomasWaldmann> :)
MoinMoin: MoinMoinChat/Logs/moin-dev/2009-03-31 (last edited 2009-03-30 22:15:02 by IrcLogImporter)