Zope tips

I'm back from a visit to Zope headquarters in Fredericksburg, Virginia. I was there to attend the training seminar that supports Zope Corporation's TurboIntranet product, but it was also a great opportunity to refresh my understanding of the various layers of underlying Zope technology.

Although I use Zope, I've yet to incorporate some of the more recently-added layers -- including the Content Management Framework and Zope Page Templates -- into my use of the product. I also picked up on some basic best practices for managing Zope. One is the use of the INSTANCE_HOME environment variable to separate Zope's database, extensions, and installed products from the software installation, so that it's easier to upgrade the base software.

Another is ExternalEditor, a server product and helper app combo -- written by Casey Duncan, the instructor for the course I attended -- that enables you to launch an external editor instead of editing Zope scripts and templates inside the TEXTAREA widgets supplied by Zope's management interface. I haven't gotten it working with Mozilla Firebird yet, but with IE it works like a charm.

One of the challenges of working in any complex object-oriented framework is figuring out, given some object, just what you can do with it. Python handles this nicely with dir, which if you haven't seen it, goes like this:

>>> import re
>>> dir (re)
['DOTALL', 'I', 'IGNORECASE', 'L', 'LOCALE', 'M', 'MULTILINE', 'S', 'U', 'UNICODE', 'VERBOSE', 'X', '__all__', '__builtins__', '__doc__', '__file__', '__name__', 'compile', 'engine', 'error', 'escape', 'findall', 'match', 'purge', 'search', 'split', 'sub', 'subn', 'template']

The first line imports the regular expression module. Then dir (re) asks the module to report what it knows how to do. The re.findall method is the one I use most often, but when I've been away from Python for a while I can forget its name. This is how I remember it.

Although Zope's written in Python, you lose this immediacy because like any Web application server, Zope introduces a bunch of intermediate layers: templates, scripts, the browser. But I learned of a few ways to make exploring Zope a more interactive affair. A Zope Product called DocFinder enables you to append /showDocumentation to any Zope URL and reveal the docstrings (documentation) for all the classes from which the object represented by that URL is made. Of course this information is, as DocFinder's author Dieter Maurer notes, "unreliable" -- that is, it presumes the docstring is useful and correct. But what is reliable -- and incredibly useful -- is simply to know what are the available methods and their parameters.

Another incredibly useful add-on product is VerboseSecurity. When a Zope operation is blocked by a security check, I've often struggled to figure out what was the reason for the failed access. As a matter of fact, one such puzzle arose during the class I attended, and VerboseSecurity revealed the solution. As the docs explain, you wouldn't want to dump this information to the browser, because you don't want to give away any details about your security setup. But for developers, VerboseSecurity -- which logs informative messages to the console -- is a terrific resource.

Former URL: http://weblog.infoworld.com/udell/2003/07/24.html#a755