JZUG Wiki - SiteAccess

Other Uses of Access Rules

Embedded Session Values

Sometimes it would be nice to be able to embed a variable/value in the middle of a URL, rather than having to tack a query string onto the end. It can be essential, such as when you want parameterized pages to be spiderable (spiders don't like query strings).

One way to accomplish this is with an Access Rule. For example, suppose we created a Zope folder called Session, containing the following DTML Method Access Rule:

<dtml-let stack="REQUEST['TraversalRequestNameStack']">
Don't intercept management requests
<dtml-unless "stack[0][:6]==manage">
  Is the next path segment a positive integer?
  <dtml-if "_.int(stack[-1])>0">
    Save it and remove it from the path
    <dtml-call "REQUEST.set(SessionID, stack.pop())">
    Add it back into the logical path
    <dtml-call "REQUEST.setVirtualRoot(REQUEST.steps+[SessionID])">
  <dtml-else>
    <dtml-raise type="Invalid">Invalid Session ID!</dtml-raise>
  </dtml-if>
</dtml-unless>
</dtml-let>

Then the request URI http://www.mysite.com/foo/Session/84076/step3 will publish the Zope object at /foo/Session/step3, with variable SessionID set to 84076. Thanks to acquisition, step3 doesn't need to be in Session. Session may be empty except for the Access Rule, or it may contain session-management objects.

When writing this kind of Access Rule, it is useful to remember the following:

REQUEST['TraversalRequestNameStack']? is the stack of Ids yet to be traversed.
REQUEST.steps is the list of Ids already traversed.
You can manipulate the path stack with append, insert, pop, and similar list operations.
You should not manipulate steps, instead using REQUEST.setVirtualRoot(path) to alter the apparent traversal history and URL generation.

Last edited Mon, 11 Sep 2006 02:19:26 +0900 Edit this page