stack/erp5: backport some Zope fixes WIP

5ea832b7 · Jérome Perrin · 7691a33a · 5ea832b7 · 5ea832b7 · 5ea832b7
Commit 5ea832b7 authored Sep 19, 2023 by Jérome Perrin
3 changed files
--- a/component/egg-patch/Zope/0001-WSGIPublisher-set-REMOTE_USER-even-in-case-of-error-.patch
+++ b/component/egg-patch/Zope/0001-WSGIPublisher-set-REMOTE_USER-even-in-case-of-error-.patch
+From 1f0be881320f440cec05eb838fa42c5ddf56a57c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?J=C3=A9rome=20Perrin?= <jerome@nexedi.com>
+Date: Tue, 19 Sep 2023 15:19:51 +0900
+Subject: [PATCH 1/2] WSGIPublisher: set REMOTE_USER even in case of error
+ (#1156)
+
+This fixes a problem that user name was empty in access log for error pages.
+
+Fixes #1155
+
+---------
+
+Co-authored-by: Michael Howitz <icemac@gmx.net>
+---
+ src/ZPublisher/WSGIPublisher.py            | 13 +++++++------
+ src/ZPublisher/tests/test_WSGIPublisher.py |  9 +++++++++
+ 2 files changed, 16 insertions(+), 6 deletions(-)
+
+diff --git a/src/ZPublisher/WSGIPublisher.py b/src/ZPublisher/WSGIPublisher.py
+index bd0ae1d17..09b2c44c9 100644
+--- a/src/ZPublisher/WSGIPublisher.py
+++ b/src/ZPublisher/WSGIPublisher.py
+@@ -382,12 +382,13 @@ def publish_module(environ, start_response,
+             try:
+                 with load_app(module_info) as new_mod_info:
+                     with transaction_pubevents(request, response):
+-                        response = _publish(request, new_mod_info)
+-
+-                        user = getSecurityManager().getUser()
+-                        if user is not None and \
+-                           user.getUserName() != 'Anonymous User':
+-                            environ['REMOTE_USER'] = user.getUserName()
+                        try:
+                            response = _publish(request, new_mod_info)
+                        finally:
+                            user = getSecurityManager().getUser()
+                            if user is not None and \
+                               user.getUserName() != 'Anonymous User':
+                                environ['REMOTE_USER'] = user.getUserName()
+                 break
+             except TransientError:
+                 if request.supports_retry():
+diff --git a/src/ZPublisher/tests/test_WSGIPublisher.py b/src/ZPublisher/tests/test_WSGIPublisher.py
+index 989970f24..38e402ab3 100644
+--- a/src/ZPublisher/tests/test_WSGIPublisher.py
+++ b/src/ZPublisher/tests/test_WSGIPublisher.py
+@@ -822,6 +822,15 @@ class TestPublishModule(ZopeTestCase):
+         self._callFUT(environ, start_response, _publish)
+         self.assertFalse('REMOTE_USER' in environ)
+ 
+    def test_set_REMOTE_USER_environ_error(self):
+        environ = self._makeEnviron()
+        start_response = DummyCallable()
+        _publish = DummyCallable()
+        _publish._raise = ValueError()
+        with self.assertRaises(ValueError):
+            self._callFUT(environ, start_response, _publish)
+        self.assertEqual(environ['REMOTE_USER'], user_name)
+
+     def test_webdav_source_port(self):
+         from ZPublisher import WSGIPublisher
+         old_webdav_source_port = WSGIPublisher._WEBDAV_SOURCE_PORT
+-- 
+2.39.2
+
--- a/component/egg-patch/Zope/0002-mapply-wip.patch
+++ b/component/egg-patch/Zope/0002-mapply-wip.patch
+From d439b58562670886b3247829aa9ff053b6aaf7fe Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?J=C3=A9rome=20Perrin?= <jerome@nexedi.com>
+Date: Tue, 19 Sep 2023 06:28:54 +0200
+Subject: [PATCH 2/2] mapply wip
+
+---
+ src/ZPublisher/mapply.py            |  5 ++++-
+ src/ZPublisher/tests/test_mapply.py | 21 ++++++++++++++++++---
+ 2 files changed, 22 insertions(+), 4 deletions(-)
+
+diff --git a/src/ZPublisher/mapply.py b/src/ZPublisher/mapply.py
+index 19deeacf4..41c9ed7e1 100644
+--- a/src/ZPublisher/mapply.py
+++ b/src/ZPublisher/mapply.py
+@@ -21,7 +21,7 @@ def default_call_object(object, args, context):
+ 
+ 
+ def default_missing_name(name, context):
+-    raise TypeError('argument %s was ommitted' % name)
+    raise TypeError('argument %s was omitted' % name)
+ 
+ 
+ def default_handle_class(klass, context):
+@@ -61,6 +61,9 @@ def mapply(object, positional=(), keyword={},
+             positional.insert(0, missing_name('self', context))
+         if len(positional) > nargs:
+             raise TypeError('too many arguments')
+        for a, name in zip(positional, names):
+            if name in keyword:
+                raise TypeError('multiple values for argument %s' % name)
+         args = positional
+     else:
+         if bind and nargs and names[0] == 'self':
+diff --git a/src/ZPublisher/tests/test_mapply.py b/src/ZPublisher/tests/test_mapply.py
+index d31f6d61b..d08a5c979 100644
+--- a/src/ZPublisher/tests/test_mapply.py
+++ b/src/ZPublisher/tests/test_mapply.py
+@@ -28,11 +28,10 @@ class MapplyTests(unittest.TestCase):
+         def compute(a, b, c=4):
+             return '%d%d%d' % (a, b, c)
+ 
+-        values = {'a': 2, 'b': 3, 'c': 5}
+-        v = mapply(compute, (), values)
+        v = mapply(compute, (), {'a': 2, 'b': 3, 'c': 5})
+         self.assertEqual(v, '235')
+ 
+-        v = mapply(compute, (7,), values)
+        v = mapply(compute, (7,), {'b': 3, 'c': 5})
+         self.assertEqual(v, '735')
+ 
+     def testClass(self):
+@@ -115,3 +114,19 @@ class MapplyTests(unittest.TestCase):
+ 
+         ob = NoCallButAcquisition().__of__(Root())
+         self.assertRaises(TypeError, mapply, ob, (), {})
+
+    def testErrors(self):
+        def compute(a, b, c=4):
+            return '%d%d%d' % (a, b, c)
+
+        with self.assertRaisesRegex(TypeError, 'argument a was omitted'):
+            mapply(compute, (), {})
+
+        with self.assertRaisesRegex(TypeError, 'argument b was omitted'):
+            mapply(compute, (1, ), {})
+
+        with self.assertRaisesRegex(TypeError, 'multiple values for argument b'):
+            mapply(compute, (1, 2, ), {'b': 3})
+
+        with self.assertRaisesRegex(TypeError, 'too many arguments'):
+            mapply(compute, (1, 2, 3, 4), {})
+-- 
+2.39.2
+
--- a/stack/erp5/buildout.cfg
+++ b/stack/erp5/buildout.cfg
@@ -700,6 +700,10 @@ PyPDF2-patches = ${:_profile_base_location_}/../../component/egg-patch/PyPDF2/00
 PyPDF2-patch-options = -p1
 python-magic-patches = ${:_profile_base_location_}/../../component/egg-patch/python_magic/magic.patch#de0839bffac17801e39b60873a6c2068
 python-magic-patch-options = -p1
+Zope-patches =
+  ${:_profile_base_location_}/../../component/egg-patch/Zope/0001-WSGIPublisher-set-REMOTE_USER-even-in-case-of-error-.patch#857a12707cbbeb2ec3d518fac51c6591
+  ${:_profile_base_location_}/../../component/egg-patch/Zope/0002-mapply-wip.patch#56928a9d0b25b344feb0b6ead7bc5e48
+Zope-patch-options = -p1
 # backported security patches for waitress-1.4.4 from Debian 1.4.4-1.1+deb11u1 package.
 waitress-patches =
  ${:_profile_base_location_}/../../component/egg-patch/waitress/CVE-2022-24761-1.patch#a0508880f24662e48a20ce3bcbf440c2
@@ -748,6 +752,7 @@ python-ldap = 2.4.32+SlapOSPatched001
 python-magic = 0.4.12+SlapOSPatched001
 PyPDF2 = 1.26.0+SlapOSPatched001
 waitress = 1.4.4+SlapOSPatched006
+Zope = 4.8.8+SlapOSPatched002
 ## https://lab.nexedi.com/nexedi/slapos/merge_requests/648
 pylint = 1.4.4+SlapOSPatched002
 # astroid 1.4.1 breaks testDynamicClassGeneration