| | |
| | | 1.1.1 (2009-11-21) |
| | | ================== |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - "Hybrid mode" applications (applications which explicitly used |
| | | traversal *after* url dispatch via ``<route>`` paths containing the |
| | | ``*traverse`` element) were broken in 1.1-final and all 1.1 alpha |
| | | and beta releases. Views registered without a ``route_name`` route |
| | | shadowed views registered with a ``route_name`` inappropriately. |
| | | |
| | | 1.1 (2009-11-15) |
| | | 1.1 (2011-07-22) |
| | | ================ |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Added the ``pyramid.renderers.null_renderer`` object as an API. The null |
| | | renderer is an object that can be used in advanced integration cases as |
| | | input to the view configuration ``renderer=`` argument. When the null |
| | | renderer is used as a view renderer argument, Pyramid avoids converting the |
| | | view callable result into a Response object. This is useful if you want to |
| | | reuse the view configuration and lookup machinery outside the context of |
| | | its use by the Pyramid router. This feature was added for consumption by |
| | | the ``pyramid_rpc`` package, which uses view configuration and lookup |
| | | outside the context of a router in exactly this way. ``pyramid_rpc`` has |
| | | been broken under 1.1 since 1.1b1; adding it allows us to make it work |
| | | again. |
| | | |
| | | - Change all scaffolding templates that point to docs.pylonsproject.org to |
| | | use ``/projects/pyramid/current`` rather than ``/projects/pyramid/dev``. |
| | | |
| | | Internals |
| | | --------- |
| | | |
| | | - Remove dead IRouteRequirement interface from ``repoze.bfg.zcml`` |
| | | module. |
| | | - Remove ``compat`` code that served only the purpose of providing backwards |
| | | compatibility with Python 2.4. |
| | | |
| | | - Add a deprecation warning for non-API function |
| | | ``pyramid.renderers.renderer_from_name`` which has seen use in the wild. |
| | | |
| | | - Add a ``clone`` method to ``pyramid.renderers.RendererHelper`` for use by |
| | | the ``pyramid.view.view_config`` decorator. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Improve the "Extending an Existing Application" narrative chapter. |
| | | - Fixed two typos in wiki2 (SQLA + URL Dispatch) tutorial. |
| | | |
| | | - Add more sections to the "Defending Design" chapter. |
| | | - Reordered chapters in narrative section for better new user friendliness. |
| | | |
| | | 1.1b4 (2009-11-12) |
| | | - Added more indexing markers to sections in documentation. |
| | | |
| | | 1.1b4 (2011-07-18) |
| | | ================== |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Use ``alsoProvides`` in the urldispatch module to attach an |
| | | interface to the request rather than ``directlyProvides`` to avoid |
| | | disturbing interfaces set in a NewRequest event handler. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Move 1.0.1 and previous changelog to HISTORY.txt. |
| | | |
| | | - Add examples to ``repoze.bfg.url.model_url`` docstring. |
| | | |
| | | - Add "Defending BFG Design" chapter to frontpage docs. |
| | | |
| | | Templates |
| | | --------- |
| | | |
| | | - Remove ``ez_setup.py`` and its import from all paster templates, |
| | | samples, and tutorials for ``distribute`` compatibility. The |
| | | documentation already explains how to install virtualenv (which will |
| | | include some ``setuptools`` package), so these files, imports and |
| | | usages were superfluous. |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - The ``options`` kw arg to the ``repoze.bfg.router.make_app`` |
| | | function is deprecated. In its place is the keyword argument |
| | | ``settings``. The ``options`` keyword continues to work, and a |
| | | deprecation warning is not emitted when it is detected. However, |
| | | the paster templates, code samples, and documentation now make |
| | | reference to ``settings`` rather than ``options``. This |
| | | change/deprecation was mainly made for purposes of clarity and |
| | | symmetry with the ``get_settings()`` API and dicussions of |
| | | "settings" in various places in the docs: we want to use the same |
| | | name to refer to the same thing everywhere. |
| | | |
| | | 1.1b3 (2009-11-06) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - ``repoze.bfg.testing.registerRoutesMapper`` testing facility added. |
| | | This testing function registers a routes "mapper" object in the |
| | | registry, for tests which require its presence. This function is |
| | | documented in the ``repoze.bfg.testing`` API documentation. |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Compound statements that used an assignment entered into in an |
| | | interactive IPython session invoked via ``paster bfgshell`` no |
| | | longer fail to mutate the shell namespace correctly. For example, |
| | | this set of statements used to fail:: |
| | | |
| | | In [2]: def bar(x): return x |
| | | ...: |
| | | In [3]: list(bar(x) for x in 'abc') |
| | | Out[3]: NameError: 'bar' |
| | | |
| | | In this release, the ``bar`` function is found and the correct |
| | | output is now sent to the console. Thanks to Daniel Holth for the |
| | | patch. |
| | | |
| | | - The ``bfgshell`` command did not function properly; it was still |
| | | expecting to be able to call the root factory with a bare |
| | | ``environ`` rather than a request object. |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - The ``repoze.bfg.scripting.get_root`` function now expects a |
| | | ``request`` object as its second argument rather than an |
| | | ``environ``. |
| | | |
| | | 1.1b2 (2009-11-02) |
| | | ================== |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Prevent PyPI installation failure due to ``easy_install`` trying way |
| | | too hard to guess the best version of Paste. When ``easy_install`` |
| | | pulls from PyPI it reads links off various pages to determine "more |
| | | up to date" versions. It incorrectly picks up a link for an ancient |
| | | version of a package named "Paste-Deploy-0.1" (note the dash) when |
| | | trying to find the "Paste" distribution and somehow believes it's |
| | | the latest version of "Paste". It also somehow "helpfully" decides |
| | | to check out a version of this package from SVN. We pin the Paste |
| | | dependency version to a version greater than 1.7 to work around |
| | | this ``easy_install`` bug. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Fix "Hybrid" narrative chapter: stop claiming that ``<view>`` |
| | | statements that mention a route_name need to come afer (in XML |
| | | order) the ``<route>`` statement which creates the route. This |
| | | hasn't been true since 1.1a1. |
| | | |
| | | - "What's New in ``repoze.bfg`` 1.1" document added to narrative |
| | | documentation. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Add a new event type: ``repoze.bfg.events.AfterTraversal``. Events |
| | | of this type will be sent after traversal is completed, but before |
| | | any view code is invoked. Like ``repoze.bfg.events.NewRequest``, |
| | | This event will have a single attribute: ``request`` representing |
| | | the current request. Unlike the request attribute of |
| | | ``repoze.bfg.events.NewRequest`` however, during an AfterTraversal |
| | | event, the request object will possess attributes set by the |
| | | traverser, most notably ``context``, which will be the context used |
| | | when a view is found and invoked. The interface |
| | | ``repoze.bfg.events.IAfterTraversal`` can be used to subscribe to |
| | | the event. For example:: |
| | | |
| | | <subscriber for="repoze.bfg.interfaces.IAfterTraversal" |
| | | handler="my.app.handle_after_traverse"/> |
| | | |
| | | Like any framework event, a subscriber function should expect one |
| | | parameter: ``event``. |
| | | |
| | | Dependencies |
| | | ------------ |
| | | |
| | | - Rather than depending on ``chameleon.core`` and ``chameleon.zpt`` |
| | | distributions individually, depend on Malthe's repackaged |
| | | ``Chameleon`` distribution (which includes both ``chameleon.core`` |
| | | and ``chameleon.zpt``). |
| | | |
| | | 1.1b1 (2009-11-01) |
| | | ================== |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - The routes root factory called route factories and the default route |
| | | factory with an environ rather than a request. One of the symptoms |
| | | of this bug: applications generated using the ``bfg_zodb`` paster |
| | | template in 1.1a9 did not work properly. |
| | | |
| | | - Reinstate ``renderer`` alias for ``view_renderer`` in the |
| | | ``<route>`` ZCML directive (in-the-wild 1.1a bw compat). |
| | | |
| | | - ``bfg_routesalchemy`` paster template: change ``<route>`` |
| | | declarations: rename ``renderer`` attribute to ``view_renderer``. |
| | | |
| | | - Header values returned by the ``authtktauthenticationpolicy`` |
| | | ``remember`` and ``forget`` methods would be of type ``unicode``. |
| | | This violated the WSGI spec, causing a ``TypeError`` to be raised |
| | | when these headers were used under ``mod_wsgi``. |
| | | |
| | | - If a BFG app that had a route matching the root URL was mounted |
| | | under a path in modwsgi, ala ``WSGIScriptAlias /myapp |
| | | /Users/chrism/projects/modwsgi/env/bfg.wsgi``, the home route (a |
| | | route with the path of ``'/'`` or ``''``) would not match when the |
| | | path ``/myapp`` was visited (only when the path ``/myapp/`` was |
| | | visited). This is now fixed: if the urldispatch root factory notes |
| | | that the PATH_INFO is empty, it converts it to a single slash before |
| | | trying to do matching. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - In ``<route>`` declarations in tutorial ZCML, rename ``renderer`` |
| | | attribute to ``view_renderer`` (fwd compat). |
| | | |
| | | - Fix various tutorials broken by 1.1a9 ``<route>`` directive changes. |
| | | |
| | | Internal |
| | | -------- |
| | | |
| | | - Deal with a potential circref in the traversal module. |
| | | |
| | | 1.1a9 (2009-10-31) |
| | | ================== |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - An incorrect ZCML conflict would be encountered when the |
| | | ``request_param`` predicate attribute was used on the ZCML ``view`` |
| | | directive if any two otherwise same-predicated views had the |
| | | combination of a predicate value with an ``=`` sign and one without |
| | | (e.g. ``a`` vs. ``a=123``). |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - In previous versions of BFG, the "root factory" (the ``get_root`` |
| | | callable passed to ``make_app`` or a function pointed to by the |
| | | ``factory`` attribute of a route) was called with a "bare" WSGI |
| | | environment. In this version, and going forward, it will be called |
| | | with a ``request`` object. The request object passed to the factory |
| | | implements dictionary-like methods in such a way that existing root |
| | | factory code which expects to be passed an environ will continue to |
| | | work. |
| | | |
| | | - The ``__call__`` of a plugin "traverser" implementation (registered |
| | | as an adapter for ``ITraverser`` or ``ITraverserFactory``) will now |
| | | receive a *request* as the single argument to its ``__call__`` |
| | | method. In previous versions it was passed a WSGI ``environ`` |
| | | object. The request object passed to the factory implements |
| | | dictionary-like methods in such a way that existing traverser code |
| | | which expects to be passed an environ will continue to work. |
| | | |
| | | - The ZCML ``route`` directive's attributes ``xhr``, |
| | | ``request_method``, ``path_info``, ``request_param``, ``header`` and |
| | | ``accept`` are now *route* predicates rather than *view* predicates. |
| | | If one or more of these predicates is specified in the route |
| | | configuration, all of the predicates must return true for the route |
| | | to match a request. If one or more of the route predicates |
| | | associated with a route returns ``False`` when checked during a |
| | | request, the route match fails, and the next match in the routelist |
| | | is tried. This differs from the previous behavior, where no route |
| | | predicates existed and all predicates were considered view |
| | | predicates, because in that scenario, the next route was not tried. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Various changes were made to narrative and API documentation |
| | | supporting the change from passing a request rather than an environ |
| | | to root factories and traversers. |
| | | |
| | | Internal |
| | | -------- |
| | | |
| | | - The request implements dictionary-like methods that mutate and query |
| | | the WSGI environ. This is only for the purpose of backwards |
| | | compatibility with root factories which expect an ``environ`` rather |
| | | than a request. |
| | | |
| | | - The ``repoze.bfg.request.create_route_request_factory`` function, |
| | | which returned a request factory was removed in favor of a |
| | | ``repoze.bfg.request.route_request_interface`` function, which |
| | | returns an interface. |
| | | |
| | | - The ``repoze.bfg.request.Request`` class, which is a subclass of |
| | | ``webob.Request`` now defines its own ``__setattr__``, |
| | | ``__getattr__`` and ``__delattr__`` methods, which override the |
| | | default WebOb behavior. The default WebOb behavior stores |
| | | attributes of the request in ``self.environ['webob.adhoc_attrs']``, |
| | | and retrieves them from that dictionary during a ``__getattr__``. |
| | | This behavior was undesirable for speed and "expectation" reasons. |
| | | Now attributes of the ``request`` are stored in ``request.__dict__`` |
| | | (as you otherwise might expect from an object that did not override |
| | | these methods). |
| | | |
| | | - The router no longer calls ``repoze.bfg.traversal._traverse`` and |
| | | does its work "inline" (speed). |
| | | |
| | | - Reverse the order in which the router calls the request factory and |
| | | the root factory. The request factory is now called first; the |
| | | resulting request is passed to the root factory. |
| | | |
| | | - The ``repoze.bfg.request.request_factory`` function has been |
| | | removed. Its functionality is no longer required. |
| | | |
| | | - The "routes root factory" that wraps the default root factory when |
| | | there are routes mentioned in the configuration now attaches an |
| | | interface to the request via ``zope.interface.directlyProvides``. |
| | | This replaces logic in the (now-gone) |
| | | ``repoze.bfg.request.request_factory`` function. |
| | | |
| | | - The ``route`` and ``view`` ZCML directives now register an interface |
| | | as a named utility (retrieved from |
| | | ``repoze.bfg.request.route_request_interface``) rather than a |
| | | request factory (the previous return value of the now-missing |
| | | ``repoze.bfg.request.create_route_request_factory``. |
| | | |
| | | - The ``repoze.bfg.functional`` module was renamed to |
| | | ``repoze.bfg.compat``. |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - Explicitly revert the feature introduced in 1.1a8: where the name |
| | | ``root`` is available as an attribute of the request before a |
| | | NewRequest event is emitted. This makes some potential future |
| | | features impossible, or at least awkward (such as grouping traversal |
| | | and view lookup into a single adapter lookup). |
| | | |
| | | - The ``containment``, ``attr`` and ``renderer`` attributes of the |
| | | ``route`` ZCML directive were removed. |
| | | |
| | | 1.1a8 (2009-10-27) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Add ``path_info`` view configuration predicate. |
| | | |
| | | - ``paster bfgshell`` now supports IPython if it's available for |
| | | import. Thanks to Daniel Holth for the initial patch. |
| | | |
| | | - Add ``repoze.bfg.testing.registerSettings`` API, which is documented |
| | | in the "repoze.bfg.testing" API chapter. This allows for |
| | | registration of "settings" values obtained via |
| | | ``repoze.bfg.settings.get_settings()`` for use in unit tests. |
| | | |
| | | - The name ``root`` is available as an attribute of the request |
| | | slightly earlier now (before a NewRequest event is emitted). |
| | | ``root`` is the result of the application "root factory". |
| | | |
| | | - Added ``max_age`` parameter to ``authtktauthenticationpolicy`` ZCML |
| | | directive. If this value is set, it must be an integer representing |
| | | the number of seconds which the auth tkt cookie will survive. |
| | | Mainly, its existence allows the auth_tkt cookie to survive across |
| | | browser sessions. |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Fix bug encountered during "scan" (when ``<scan ..>`` directive is |
| | | used in ZCML) introduced in 1.1a7. Symptom: ``AttributeError: |
| | | object has no attribute __provides__`` raised at startup time. |
| | | |
| | | - The ``reissue_time`` argument to the ``authtktauthenticationpolicy`` |
| | | ZCML directive now actually works. When it is set to an integer |
| | | value, an authticket set-cookie header is appended to the response |
| | | whenever a request requires authentication and 'now' minus the |
| | | authticket's timestamp is greater than ``reissue_time`` seconds. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Add a chapter titled "Request and Response" to the narrative |
| | | documentation, content cribbed from the WebOb documentation. |
| | | |
| | | - Call out predicate attributes of ZCML directive within "Views" |
| | | - Added a section entitled "Writing a Script" to the "Command-Line Pyramid" |
| | | chapter. |
| | | |
| | | - Fix route_url documentation (``_query`` argument documented as |
| | | ``query`` and ``_anchor`` argument documented as ``anchor``). |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - The ``authtkt`` authentication policy ``remember`` method now no |
| | | longer honors ``token`` or ``userdata`` keyword arguments. |
| | | - We added the ``pyramid.scripting.make_request`` API too hastily in 1.1b3. |
| | | It has been removed. Sorry for any inconvenience. Use the |
| | | ``pyramid.request.Request.blank`` API instead. |
| | | |
| | | Internal |
| | | Features |
| | | -------- |
| | | |
| | | - Change how ``bfg_view`` decorator works when used as a class method |
| | | decorator. In 1.1a7, the``scan``directive actually tried to grope |
| | | every class in scanned package at startup time, calling ``dir`` |
| | | against each found class, and subsequently invoking ``getattr`` |
| | | against each thing found by ``dir`` to see if it was a method. This |
| | | led to some strange symptoms (e.g. ``AttributeError: object has no |
| | | attribute __provides__``), and was generally just a bad idea. Now, |
| | | instead of groping classes for methods at startup time, we just |
| | | cause the ``bfg_view`` decorator itself to populate the method's |
| | | class' ``__dict__`` when it is used as a method decorator. This |
| | | also requires a nasty _getframe thing but it's slightly less nasty |
| | | than the startup time groping behavior. This is essentially a |
| | | reversion back to 1.1a6 "grokking" behavior plus some special magic |
| | | for using the ``bfg_view`` decorator as method decorator inside the |
| | | ``bfg_view`` class itself. |
| | | - The ``paster pshell``, ``paster pviews``, and ``paster proutes`` commands |
| | | each now under the hood uses ``pyramid.paster.bootstrap``, which makes it |
| | | possible to supply an ``.ini`` file without naming the "right" section in |
| | | the file that points at the actual Pyramid application. Instead, you can |
| | | generally just run ``paster {pshell|proutes|pviews} development.ini`` and |
| | | it will do mostly the right thing. |
| | | |
| | | - The router now checks for a ``global_response_headers`` attribute of |
| | | the request object before returning a response. If this value |
| | | exists, it is presumed to be a sequence of two-tuples, representing |
| | | a set of headers to append to the 'normal' response headers. This |
| | | feature is internal, rather than exposed externally, because it's |
| | | unclear whether it will stay around in the long term. It was added |
| | | to support the ``reissue_time`` feature of the authtkt |
| | | authentication policy. |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - The interface ITraverserFactory is now just an alias for ITraverser. |
| | | - Omit custom environ variables when rendering a custom exception template in |
| | | ``pyramid.httpexceptions.WSGIHTTPException._set_default_attrs``; |
| | | stringifying thse may trigger code that should not be executed; see |
| | | https://github.com/Pylons/pyramid/issues/239 |
| | | |
| | | 1.1a7 (2009-10-18) |
| | | 1.1b3 (2011-07-15) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - More than one ``@bfg_view`` decorator may now be stacked on top of |
| | | any number of others. Each invocation of the decorator registers a |
| | | single view configuration. For instance, the following combination |
| | | of decorators and a function will register two view configurations |
| | | for the same view callable:: |
| | | - Fix corner case to ease semifunctional testing of views: create a new |
| | | rendererinfo to clear out old registry on a rescan. See |
| | | https://github.com/Pylons/pyramid/pull/234. |
| | | |
| | | from repoze.bfg.view import bfg_view |
| | | - New API class: ``pyramid.static.static_view``. This supersedes the |
| | | deprecated ``pyramid.view.static`` class. ``pyramid.static.static_view`` |
| | | by default serves up documents as the result of the request's |
| | | ``path_info``, attribute rather than it's ``subpath`` attribute (the |
| | | inverse was true of ``pyramid.view.static``, and still is). |
| | | ``pyramid.static.static_view`` exposes a ``use_subpath`` flag for use when |
| | | you want the static view to behave like the older deprecated version. |
| | | |
| | | @bfg_view(name='edit') |
| | | @bfg_view(name='change') |
| | | def edit(context, request): |
| | | pass |
| | | - A new API function ``pyramid.paster.bootstrap`` has been added to make |
| | | writing scripts that bootstrap a Pyramid environment easier, e.g.:: |
| | | |
| | | This makes it possible to associate more than one view configuration |
| | | with a single callable without requiring any ZCML. |
| | | from pyramid.paster import bootstrap |
| | | info = bootstrap('/path/to/my/development.ini') |
| | | request = info['request'] |
| | | print request.route_url('myroute') |
| | | |
| | | - The ``@bfg_view`` decorator can now be used against a class method:: |
| | | - A new API function ``pyramid.scripting.prepare`` has been added. It is a |
| | | lower-level analogue of ``pyramid.paster.boostrap`` that accepts a request |
| | | and a registry instead of a config file argument, and is used for the same |
| | | purpose:: |
| | | |
| | | from webob import Response |
| | | from repoze.bfg.view import bfg_view |
| | | from pyramid.scripting import prepare |
| | | info = prepare(registry=myregistry) |
| | | request = info['request'] |
| | | print request.route_url('myroute') |
| | | |
| | | class MyView(object): |
| | | def __init__(self, context, request): |
| | | self.context = context |
| | | self.request = request |
| | | - A new API function ``pyramid.scripting.make_request`` has been added. The |
| | | resulting request will have a ``registry`` attribute. It is meant to be |
| | | used in conjunction with ``pyramid.scripting.prepare`` and/or |
| | | ``pyramid.paster.bootstrap`` (both of which accept a request as an |
| | | argument):: |
| | | |
| | | @bfg_view(name='hello') |
| | | def amethod(self): |
| | | return Response('hello from %s!' % self.context) |
| | | from pyramid.scripting import make_request |
| | | request = make_request('/') |
| | | |
| | | When the bfg_view decorator is used against a class method, a view |
| | | is registered for the *class* (it's a "class view" where the "attr" |
| | | happens to be the name of the method it is attached to), so the |
| | | class it's defined within must have a suitable constructor: one that |
| | | accepts ``context, request`` or just ``request``. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Added ``Changing the Traverser`` and ``Changing How |
| | | :mod:`repoze.bfg.url.model_url` Generates a URL`` to the "Hooks" |
| | | narrative chapter of the docs. |
| | | |
| | | Internal |
| | | -------- |
| | | |
| | | - Remove ``ez_setup.py`` and imports of it within ``setup.py``. In |
| | | the new world, and as per virtualenv setup instructions, people will |
| | | already have either setuptools or distribute. |
| | | |
| | | 1.1a6 (2009-10-15) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Add ``xhr``, ``accept``, and ``header`` view configuration |
| | | predicates to ZCML view declaration, ZCML route declaration, and |
| | | ``bfg_view`` decorator. See the ``Views`` narrative documentation |
| | | chapter for more information about these predicates. |
| | | |
| | | - Add ``setUp`` and ``tearDown`` functions to the |
| | | ``repoze.bfg.testing`` module. Using ``setUp`` in a test setup and |
| | | ``tearDown`` in a test teardown is now the recommended way to do |
| | | component registry setup and teardown. Previously, it was |
| | | recommended that a single function named |
| | | ``repoze.bfg.testing.cleanUp`` be called in both the test setup and |
| | | tear down. ``repoze.bfg.testing.cleanUp`` still exists (and will |
| | | exist "forever" due to its widespread use); it is now just an alias |
| | | for ``repoze.bfg.testing.setUp`` and is nominally deprecated. |
| | | |
| | | - The BFG component registry is now available in view and event |
| | | subscriber code as an attribute of the request |
| | | ie. ``request.registry``. This fact is currently undocumented |
| | | except for this note, because BFG developers never need to interact |
| | | with the registry directly anywhere else. |
| | | |
| | | - The BFG component registry now inherits from ``dict``, meaning that |
| | | it can optionally be used as a simple dictionary. *Component* |
| | | registrations performed against it via e.g. ``registerUtility``, |
| | | ``registerAdapter``, and similar API methods are kept in a |
| | | completely separate namespace than its dict members, so using the |
| | | its component API methods won't effect the keys and values in the |
| | | dictionary namespace. Likewise, though the component registry |
| | | "happens to be" a dictionary, use of mutating dictionary methods |
| | | such as ``__setitem__`` will have no influence on any component |
| | | registrations made against it. In other words, the registry object |
| | | you obtain via e.g. ``repoze.bfg.threadlocal.get_current_registry`` |
| | | or ``request.registry`` happens to be both a component registry and |
| | | a dictionary, but using its component-registry API won't impact data |
| | | added to it via its dictionary API and vice versa. This is a |
| | | forward compatibility move based on the goals of "marco". |
| | | |
| | | - Expose and document ``repoze.bfg.testing.zcml_configure`` API. This |
| | | function populates a component registry from a ZCML file for testing |
| | | purposes. It is documented in the "Unit and Integration Testing" |
| | | chapter. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Virtual hosting narrative docs chapter updated with info about |
| | | ``mod_wsgi``. |
| | | |
| | | - Point all index URLs at the literal 1.1 index (this alpha cycle may |
| | | go on a while). |
| | | |
| | | - Various tutorial test modules updated to use |
| | | ``repoze.bfg.testing.setUp`` and ``repoze.bfg.testing.tearDown`` |
| | | methods in order to encourage this as best practice going forward. |
| | | |
| | | - Added "Creating Integration Tests" section to unit testing narrative |
| | | documentation chapter. As a result, the name of the unittesting |
| | | chapter is now "Unit and Integration Testing". |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - Importing ``getSiteManager`` and ``get_registry`` from |
| | | ``repoze.bfg.registry`` is no longer supported. These imports were |
| | | deprecated in repoze.bfg 1.0. Import of ``getSiteManager`` should |
| | | be done as ``from zope.component import getSiteManager``. Import of |
| | | ``get_registry`` should be done as ``from repoze.bfg.threadlocal |
| | | import get_current_registry``. This was done to prevent a circular |
| | | import dependency. |
| | | |
| | | - Code bases which alternately invoke both |
| | | ``zope.testing.cleanup.cleanUp`` and ``repoze.bfg.testing.cleanUp`` |
| | | (treating them equivalently, using them interchangeably) in the |
| | | setUp/tearDown of unit tests will begin to experience test failures |
| | | due to lack of test isolation. The "right" mechanism is |
| | | ``repoze.bfg.testing.cleanUp`` (or the combination of |
| | | ``repoze.bfg.testing.setUp`` and |
| | | ``repoze.bfg.testing.tearDown``). but a good number of legacy |
| | | codebases will use ``zope.testing.cleanup.cleanUp`` instead. We |
| | | support ``zope.testing.cleanup.cleanUp`` but not in combination with |
| | | ``repoze.bfg.testing.cleanUp`` in the same codebase. You should use |
| | | one or the other test cleanup function in a single codebase, but not |
| | | both. |
| | | |
| | | Internal |
| | | -------- |
| | | |
| | | - Created new ``repoze.bfg.configuration`` module which assumes |
| | | responsibilities previously held by the ``repoze.bfg.registry`` and |
| | | ``repoze.bfg.router`` modules (avoid a circular import dependency). |
| | | |
| | | - The result of the ``zope.component.getSiteManager`` function in unit |
| | | tests set up with ``repoze.bfg.testing.cleanUp`` or |
| | | ``repoze.bfg.testing.setUp`` will be an instance of |
| | | ``repoze.bfg.registry.Registry`` instead of the global |
| | | ``zope.component.globalregistry.base`` registry. This also means |
| | | that the threadlocal ZCA API functions such as ``getAdapter`` and |
| | | ``getUtility`` as well as internal BFG machinery (such as |
| | | ``model_url`` and ``route_url``) will consult this registry within |
| | | unit tests. This is a forward compatibility move based on the goals |
| | | of "marco". |
| | | |
| | | - Removed ``repoze.bfg.testing.addCleanUp`` function and associated |
| | | module-scope globals. This was never an API. |
| | | |
| | | 1.1a5 (2009-10-10) |
| | | ================== |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Change "Traversal + ZODB" and "URL Dispatch + SQLAlchemy" Wiki |
| | | tutorials to make use of the new-to-1.1 "renderer" feature (return |
| | | dictionaries from all views). |
| | | |
| | | - Add tests to the "URL Dispatch + SQLAlchemy" tutorial after the |
| | | "view" step. |
| | | |
| | | - Added a diagram of model graph traversal to the "Traversal" |
| | | narrative chapter of the documentation. |
| | | |
| | | - An ``exceptions`` API chapter was added, documenting the new |
| | | ``repoze.bfg.exceptions`` module. |
| | | |
| | | - Describe "request-only" view calling conventions inside the |
| | | urldispatch narrative chapter, where it's most helpful. |
| | | |
| | | - Add a diagram which explains the operation of the BFG router to the |
| | | "Router" narrative chapter. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Add a new ``repoze.bfg.testing`` API: ``registerRoute``, for |
| | | registering routes to satisfy calls to |
| | | e.g. ``repoze.bfg.url.route_url`` in unit tests. |
| | | |
| | | - The ``notfound`` and ``forbidden`` ZCML directives now accept the |
| | | following addtional attributes: ``attr``, ``renderer``, and |
| | | ``wrapper``. These have the same meaning as they do in the context |
| | | of a ZCML ``view`` directive. |
| | | |
| | | - For behavior like Django's ``APPEND_SLASH=True``, use the |
| | | ``repoze.bfg.view.append_slash_notfound_view`` view as the Not Found |
| | | view in your application. When this view is the Not Found view |
| | | (indicating that no view was found), and any routes have been |
| | | defined in the configuration of your application, if the value of |
| | | ``PATH_INFO`` does not already end in a slash, and if the value of |
| | | ``PATH_INFO`` *plus* a slash matches any route's path, do an HTTP |
| | | redirect to the slash-appended PATH_INFO. Note that this will |
| | | *lose* ``POST`` data information (turning it into a GET), so you |
| | | shouldn't rely on this to redirect POST requests. |
| | | |
| | | - Speed up ``repoze.bfg.location.lineage`` slightly. |
| | | |
| | | - Speed up ``repoze.bfg.encode.urlencode`` (nee' |
| | | ``repoze.bfg.url.urlencode``) slightly. |
| | | |
| | | - Speed up ``repoze.bfg.traversal.model_path``. |
| | | |
| | | - Speed up ``repoze.bfg.traversal.model_path_tuple`` slightly. |
| | | |
| | | - Speed up ``repoze.bfg.traversal.traverse`` slightly. |
| | | |
| | | - Speed up ``repoze.bfg.url.model_url`` slightly. |
| | | |
| | | - Speed up ``repoze.bfg.url.route_url`` slightly. |
| | | |
| | | - Sped up ``repoze.bfg.traversal.ModelGraphTraverser:__call__`` |
| | | slightly. |
| | | |
| | | - Minor speedup of ``repoze.bfg.router.Router.__call__``. |
| | | |
| | | - New ``repoze.bfg.exceptions`` module was created to house exceptions |
| | | that were previously sprinkled through various modules. |
| | | |
| | | Internal |
| | | -------- |
| | | |
| | | - Move ``repoze.bfg.traversal._url_quote`` into ``repoze.bfg.encode`` |
| | | as ``url_quote``. |
| | | - New API attribute ``pyramid.config.global_registries`` is an iterable |
| | | object that contains references to every Pyramid registry loaded into the |
| | | current process via ``pyramid.config.Configurator.make_app``. It also has |
| | | a ``last`` attribute containing the last registry loaded. This is used by |
| | | the scripting machinery, and is available for introspection. |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - The import of ``repoze.bfg.view.NotFound`` is deprecated in favor of |
| | | ``repoze.bfg.exceptions.NotFound``. The old location still |
| | | functions, but emits a deprecation warning. |
| | | - The ``pyramid.view.static`` class has been deprecated in favor of the newer |
| | | ``pyramid.static.static_view`` class. A deprecation warning is raised when |
| | | it is used. You should replace it with a reference to |
| | | ``pyramid.static.static_view`` with the ``use_subpath=True`` argument. |
| | | |
| | | - The import of ``repoze.bfg.security.Unauthorized`` is deprecated in |
| | | favor of ``repoze.bfg.exceptions.Forbidden``. The old location |
| | | still functions but emits a deprecation warning. The rename from |
| | | ``Unauthorized`` to ``Forbidden`` brings parity to the the name of |
| | | the exception and the system view it invokes when raised. |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | - Without a mo-file loaded for the combination of domain/locale, |
| | | ``pyramid.i18n.Localizer.pluralize`` run using that domain/locale |
| | | combination raised an inscrutable "translations object has no attr |
| | | 'plural'" error. Now, instead it "works" (it uses a germanic pluralization |
| | | by default). It's nonsensical to try to pluralize something without |
| | | translations for that locale/domain available, but this behavior matches |
| | | the behavior of ``pyramid.i18n.Localizer.translate`` so it's at least |
| | | consistent; see https://github.com/Pylons/pyramid/issues/235. |
| | | |
| | | - We previously had a Unicode-aware wrapper for the |
| | | ``urllib.urlencode`` function named ``repoze.bfg.url.urlencode`` |
| | | which delegated to the stdlib function, but which marshalled all |
| | | unicode values to utf-8 strings before calling the stdlib version. |
| | | A newer replacement now lives in ``repoze.bfg.encode`` The |
| | | replacement does not delegate to the stdlib. |
| | | 1.1b2 (2011-07-13) |
| | | ================== |
| | | |
| | | The replacement diverges from the stdlib implementation and the |
| | | previous ``repoze.bfg.url`` url implementation inasmuch as its |
| | | ``doseq`` argument is now a decoy: it always behaves in the |
| | | ``doseq=True`` way (which is the only sane behavior) for speed |
| | | purposes. |
| | | Features |
| | | -------- |
| | | |
| | | The old import location (``repoze.bfg.url.urlencode``) still |
| | | functions and has not been deprecated. |
| | | - New environment setting ``PYRAMID_PREVENT_HTTP_CACHE`` and new |
| | | configuration file value ``prevent_http_cache``. These are synomymous and |
| | | allow you to prevent HTTP cache headers from being set by Pyramid's |
| | | ``http_cache`` machinery globally in a process. see the "Influencing HTTP |
| | | Caching" section of the "View Configuration" narrative chapter and the |
| | | detailed documentation for this setting in the "Environment Variables and |
| | | Configuration Settings" narrative chapter. |
| | | |
| | | - In 0.8a7, the return value expected from an object implementing |
| | | ``ITraverserFactory`` was changed from a sequence of values to a |
| | | dictionary containing the keys ``context``, ``view_name``, |
| | | ``subpath``, ``traversed``, ``virtual_root``, ``virtual_root_path``, |
| | | and ``root``. Until now, old-style traversers which returned a |
| | | sequence have continued to work but have generated a deprecation |
| | | warning. In this release, traversers which return a sequence |
| | | instead of a dictionary will no longer work. |
| | | Behavior Changes |
| | | ---------------- |
| | | |
| | | 1.1a4 (2009-09-23) |
| | | - Previously, If a ``BeforeRender`` event subscriber added a value via the |
| | | ``__setitem__`` or ``update`` methods of the event object with a key that |
| | | already existed in the renderer globals dictionary, a ``KeyError`` was |
| | | raised. With the deprecation of the "add_renderer_globals" feature of the |
| | | configurator, there was no way to override an existing value in the |
| | | renderer globals dictionary that already existed. Now, the event object |
| | | will overwrite an older value that is already in the globals dictionary |
| | | when its ``__setitem__`` or ``update`` is called (as well as the new |
| | | ``setdefault`` method), just like a plain old dictionary. As a result, for |
| | | maximum interoperability with other third-party subscribers, if you write |
| | | an event subscriber meant to be used as a BeforeRender subscriber, your |
| | | subscriber code will now need to (using ``.get`` or ``__contains__`` of the |
| | | event object) ensure no value already exists in the renderer globals |
| | | dictionary before setting an overriding value. |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - The ``Configurator.add_route`` method allowed two routes with the same |
| | | route to be added without an intermediate ``config.commit()``. If you now |
| | | receive a ``ConfigurationError`` at startup time that appears to be |
| | | ``add_route`` related, you'll need to either a) ensure that all of your |
| | | route names are unique or b) call ``config.commit()`` before adding a |
| | | second route with the name of a previously added name or c) use a |
| | | Configurator that works in ``autocommit`` mode. |
| | | |
| | | - The ``pyramid_routesalchemy`` and ``pyramid_alchemy`` scaffolds |
| | | inappropriately used ``DBSession.rollback()`` instead of |
| | | ``transaction.abort()`` in one place. |
| | | |
| | | - We now clear ``request.response`` before we invoke an exception view; an |
| | | exception view will be working with a request.response that has not been |
| | | touched by any code prior to the exception. |
| | | |
| | | - Views associated with routes with spaces in the route name may not have |
| | | been looked up correctly when using Pyramid with ``zope.interface`` 3.6.4 |
| | | and better. See https://github.com/Pylons/pyramid/issues/232. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Wiki2 (SQLAlchemy + URL Dispatch) tutorial ``models.initialize_sql`` didn't |
| | | match the ``pyramid_routesalchemy`` scaffold function of the same name; it |
| | | didn't get synchronized when it was changed in the scaffold. |
| | | |
| | | - New documentation section in View Configuration narrative chapter: |
| | | "Influencing HTTP Caching". |
| | | |
| | | 1.1b1 (2011-07-10) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - It is now possible to invoke ``paster pshell`` even if the paste ini file |
| | | section name pointed to in its argument is not actually a Pyramid WSGI |
| | | application. The shell will work in a degraded mode, and will warn the |
| | | user. See "The Interactive Shell" in the "Creating a Pyramid Project" |
| | | narrative documentation section. |
| | | |
| | | - ``paster pshell`` now offers more built-in global variables by default |
| | | (including ``app`` and ``settings``). See "The Interactive Shell" in the |
| | | "Creating a Pyramid Project" narrative documentation section. |
| | | |
| | | - It is now possible to add a ``[pshell]`` section to your application's .ini |
| | | configuration file, which influences the global names available to a pshell |
| | | session. See "Extending the Shell" in the "Creating a Pyramid Project" |
| | | narrative documentation chapter. |
| | | |
| | | - The ``config.scan`` method has grown a ``**kw`` argument. ``kw`` argument |
| | | represents a set of keyword arguments to pass to the Venusian ``Scanner`` |
| | | object created by Pyramid. (See the Venusian documentation for more |
| | | information about ``Scanner``). |
| | | |
| | | - New request property: ``json_body``. This property will return the |
| | | JSON-decoded variant of the request body. If the request body is not |
| | | well-formed JSON, this property will raise an exception. |
| | | |
| | | - A new value ``http_cache`` can be used as a view configuration |
| | | parameter. |
| | | |
| | | When you supply an ``http_cache`` value to a view configuration, the |
| | | ``Expires`` and ``Cache-Control`` headers of a response generated by the |
| | | associated view callable are modified. The value for ``http_cache`` may be |
| | | one of the following: |
| | | |
| | | - A nonzero integer. If it's a nonzero integer, it's treated as a number |
| | | of seconds. This number of seconds will be used to compute the |
| | | ``Expires`` header and the ``Cache-Control: max-age`` parameter of |
| | | responses to requests which call this view. For example: |
| | | ``http_cache=3600`` instructs the requesting browser to 'cache this |
| | | response for an hour, please'. |
| | | |
| | | - A ``datetime.timedelta`` instance. If it's a ``datetime.timedelta`` |
| | | instance, it will be converted into a number of seconds, and that number |
| | | of seconds will be used to compute the ``Expires`` header and the |
| | | ``Cache-Control: max-age`` parameter of responses to requests which call |
| | | this view. For example: ``http_cache=datetime.timedelta(days=1)`` |
| | | instructs the requesting browser to 'cache this response for a day, |
| | | please'. |
| | | |
| | | - Zero (``0``). If the value is zero, the ``Cache-Control`` and |
| | | ``Expires`` headers present in all responses from this view will be |
| | | composed such that client browser cache (and any intermediate caches) are |
| | | instructed to never cache the response. |
| | | |
| | | - A two-tuple. If it's a two tuple (e.g. ``http_cache=(1, |
| | | {'public':True})``), the first value in the tuple may be a nonzero |
| | | integer or a ``datetime.timedelta`` instance; in either case this value |
| | | will be used as the number of seconds to cache the response. The second |
| | | value in the tuple must be a dictionary. The values present in the |
| | | dictionary will be used as input to the ``Cache-Control`` response |
| | | header. For example: ``http_cache=(3600, {'public':True})`` means 'cache |
| | | for an hour, and add ``public`` to the Cache-Control header of the |
| | | response'. All keys and values supported by the |
| | | ``webob.cachecontrol.CacheControl`` interface may be added to the |
| | | dictionary. Supplying ``{'public':True}`` is equivalent to calling |
| | | ``response.cache_control.public = True``. |
| | | |
| | | Providing a non-tuple value as ``http_cache`` is equivalent to calling |
| | | ``response.cache_expires(value)`` within your view's body. |
| | | |
| | | Providing a two-tuple value as ``http_cache`` is equivalent to calling |
| | | ``response.cache_expires(value[0], **value[1])`` within your view's body. |
| | | |
| | | If you wish to avoid influencing, the ``Expires`` header, and instead wish |
| | | to only influence ``Cache-Control`` headers, pass a tuple as ``http_cache`` |
| | | with the first element of ``None``, e.g.: ``(None, {'public':True})``. |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Framework wrappers of the original view (such as http_cached and so on) |
| | | relied on being able to trust that the response they were receiving was an |
| | | IResponse. It wasn't always, because the response was resolved by the |
| | | router instead of early in the view wrapping process. This has been fixed. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Added a section in the "Webob" chapter named "Dealing With A JSON-Encoded |
| | | Request Body" (usage of ``request.json_body``). |
| | | |
| | | Behavior Changes |
| | | ---------------- |
| | | |
| | | - The ``paster pshell``, ``paster proutes``, and ``paster pviews`` commands |
| | | now take a single argument in the form ``/path/to/config.ini#sectionname`` |
| | | rather than the previous 2-argument spelling ``/path/to/config.ini |
| | | sectionname``. ``#sectionname`` may be omitted, in which case ``#main`` is |
| | | assumed. |
| | | |
| | | 1.1a4 (2011-07-01) |
| | | ================== |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - On 64-bit Linux systems, views that were members of a multiview |
| | | (orderings of views with predicates) were not evaluated in the |
| | | proper order. Symptom: in a configuration that had two views with |
| | | the same name but one with a ``request_method=POST`` predicate and |
| | | one without, the one without the predicate would be called |
| | | unconditionally (even if the request was a POST request). Thanks |
| | | much to Sebastien Douche for providing the buildbots that pointed |
| | | this out. |
| | | - ``pyramid.testing.DummyRequest`` now raises deprecation warnings when |
| | | attributes deprecated for ``pyramid.request.Request`` are accessed (like |
| | | ``response_content_type``). This is for the benefit of folks running unit |
| | | tests which use DummyRequest instead of a "real" request, so they know |
| | | things are deprecated without necessarily needing a functional test suite. |
| | | |
| | | Documentation |
| | | ------------- |
| | | - The ``pyramid.events.subscriber`` directive behaved contrary to the |
| | | documentation when passed more than one interface object to its |
| | | constructor. For example, when the following listener was registered:: |
| | | |
| | | - Added a tutorial which explains how to use ``repoze.session`` |
| | | (ZODB-based sessions) in a ZODB-based repoze.bfg app. |
| | | @subscriber(IFoo, IBar) |
| | | def expects_ifoo_events_and_ibar_events(event): |
| | | print event |
| | | |
| | | - Added a tutorial which explains how to add ZEO to a ZODB-based |
| | | ``repoze.bfg`` application. |
| | | The Events chapter docs claimed that the listener would be registered and |
| | | listening for both ``IFoo`` and ``IBar`` events. Instead, it registered an |
| | | "object event" subscriber which would only be called if an IObjectEvent was |
| | | emitted where the object interface was ``IFoo`` and the event interface was |
| | | ``IBar``. |
| | | |
| | | - Added a tutorial which explains how to run a ``repoze.bfg`` |
| | | application under `mod_wsgi <http://code.google.com/p/modwsgi/>`_. |
| | | See "Running a repoze.bfg Application under mod_wsgi" in the |
| | | tutorials section of the documentation. |
| | | The behavior now matches the documentation. If you were relying on the |
| | | buggy behavior of the 1.0 ``subscriber`` directive in order to register an |
| | | object event subscriber, you must now pass a sequence to indicate you'd |
| | | like to register a subscriber for an object event. e.g.:: |
| | | |
| | | @subscriber([IFoo, IBar]) |
| | | def expects_object_event(object, event): |
| | | print object, event |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Add a ``repoze.bfg.url.static_url`` API which is capable of |
| | | generating URLs to static resources defined by the ``<static>`` ZCML |
| | | directive. See the "Views" narrative chapter's section titled |
| | | "Generating Static Resource URLs" for more information. |
| | | |
| | | - Add a ``string`` renderer. This renderer converts a non-Response |
| | | return value of any view callble into a string. It is documented in |
| | | the "Views" narrative chapter. |
| | | |
| | | - Give the ``route`` ZCML directive the ``view_attr`` and |
| | | ``view_renderer`` parameters (bring up to speed with 1.1a3 |
| | | features). These can also be spelled as ``attr`` and ``renderer``. |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - An object implementing the ``IRenderer`` interface (and |
| | | ``ITemplateRenderer`, which is a subclass of ``IRenderer``) must now |
| | | accept an extra ``system`` argument in its ``__call__`` method |
| | | implementation. Values computed by the system (as opposed to by the |
| | | view) are passed by the system in the ``system`` parameter, which |
| | | will always be a dictionary. Keys in the dictionary include: |
| | | ``view`` (the view object that returned the value), |
| | | ``renderer_name`` (the template name or simple name of the |
| | | renderer), ``context`` (the context object passed to the view), and |
| | | ``request`` (the request object passed to the view). Previously |
| | | only ITemplateRenderers received system arguments as elements inside |
| | | the main ``value`` dictionary. |
| | | |
| | | Internal |
| | | -------- |
| | | |
| | | - The way ``bfg_view`` declarations are scanned for has been modified. |
| | | This should have no external effects. |
| | | |
| | | - Speed: do not register an ITraverserFactory in configure.zcml; |
| | | instead rely on queryAdapter and a manual default to |
| | | ModelGraphTraverser. |
| | | |
| | | - Speed: do not register an IContextURL in configure.zcml; instead |
| | | rely on queryAdapter and a manual default to TraversalContextURL. |
| | | |
| | | - General speed microimprovements for helloworld benchmark: replace |
| | | try/excepts with statements which use 'in' keyword. |
| | | |
| | | 1.1a3 (2009-09-16) |
| | | ================== |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - The "Views" narrative chapter in the documentation has been updated |
| | | extensively to discuss "renderers". |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - A ``renderer`` attribute has been added to view configurations, |
| | | replacing the previous (1.1a2) version's ``template`` attribute. A |
| | | "renderer" is an object which accepts the return value of a view and |
| | | converts it to a string. This includes, but is not limited to, |
| | | templating systems. |
| | | |
| | | - A new interface named ``IRenderer`` was added. The existing |
| | | interface, ``ITemplateRenderer`` now derives from this new |
| | | interface. This interface is internal. |
| | | |
| | | - A new interface named ``IRendererFactory`` was added. An existing |
| | | interface named ``ITemplateRendererFactory`` now derives from this |
| | | interface. This interface is internal. |
| | | |
| | | - The ``view`` attribute of the ``view`` ZCML directive is no longer |
| | | required if the ZCML directive also has a ``renderer`` attribute. |
| | | This is useful when the renderer is a template renderer and no names |
| | | need be passed to the template at render time. |
| | | |
| | | - A new zcml directive ``renderer`` has been added. It is documented |
| | | in the "Views" narrative chapter of the documentation. |
| | | |
| | | - A ZCML ``view`` directive (and the associated ``bfg_view`` |
| | | decorator) can now accept a "wrapper" value. If a "wrapper" value |
| | | is supplied, it is the value of a separate view's *name* attribute. |
| | | When a view with a ``wrapper`` attribute is rendered, the "inner" |
| | | view is first rendered normally. Its body is then attached to the |
| | | request as "wrapped_body", and then a wrapper view name is looked up |
| | | and rendered (using ``repoze.bfg.render_view_to_response``), passed |
| | | the request and the context. The wrapper view is assumed to do |
| | | something sensible with ``request.wrapped_body``, usually inserting |
| | | its structure into some other rendered template. This feature makes |
| | | it possible to specify (potentially nested) "owrap" relationships |
| | | between views using only ZCML or decorators (as opposed always using |
| | | ZPT METAL and analogues to wrap view renderings in outer wrappers). |
| | | |
| | | Dependencies |
| | | ------------ |
| | | |
| | | - When used under Python < 2.6, BFG now has an installation time |
| | | dependency on the ``simplejson`` package. |
| | | - Add JSONP renderer (see "JSONP renderer" in the Renderers chapter of the |
| | | documentation). |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - The ``repoze.bfg.testing.registerDummyRenderer`` API has been |
| | | deprecated in favor of |
| | | ``repoze.bfg.testing.registerTemplateRenderer``. A deprecation |
| | | warning is *not* issued at import time for the former name; it will |
| | | exist "forever"; its existence has been removed from the |
| | | documentation, however. |
| | | - Deprecated the ``set_renderer_globals_factory`` method of the Configurator |
| | | and the ``renderer_globals`` Configurator constructor parameter. |
| | | |
| | | - The ``repoze.bfg.templating.renderer_from_cache`` function has been |
| | | moved to ``repoze.bfg.renderer.template_renderer_factory``. This |
| | | was never an API, but code in the wild was spotted that used it. A |
| | | deprecation warning is issued at import time for the former. |
| | | Documentation |
| | | ------------- |
| | | |
| | | - The Wiki and Wiki2 tutorial "Tests" chapters each had two bugs: neither did |
| | | told the user to depend on WebTest, and 2 tests failed in each as the |
| | | result of changes to Pyramid itself. These issues have been fixed. |
| | | |
| | | - Move 1.0.X CHANGES.txt entries to HISTORY.txt. |
| | | |
| | | 1.1a3 (2011-06-26) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Added ``mako.preprocessor`` config file parameter; allows for a Mako |
| | | preprocessor to be specified as a Python callable or Python dotted name. |
| | | See https://github.com/Pylons/pyramid/pull/183 for rationale. |
| | | |
| | | Bug fixes |
| | | --------- |
| | | |
| | | - Pyramid would raise an AttributeError in the Configurator when attempting |
| | | to set a ``__text__`` attribute on a custom predicate that was actually a |
| | | classmethod. See https://github.com/Pylons/pyramid/pull/217 . |
| | | |
| | | - Accessing or setting deprecated response_* attrs on request |
| | | (e.g. ``response_content_type``) now issues a deprecation warning at access |
| | | time rather than at rendering time. |
| | | |
| | | 1.1a2 (2011-06-22) |
| | | ================== |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - 1.1a1 broke Akhet by not providing a backwards compatibility import shim |
| | | for ``pyramid.paster.PyramidTemplate``. Now one has been added, although a |
| | | deprecation warning is emitted when Akhet imports it. |
| | | |
| | | - If multiple specs were provided in a single call to |
| | | ``config.add_translation_dirs``, the directories were inserted into the |
| | | beginning of the directory list in the wrong order: they were inserted in |
| | | the reverse of the order they were provided in the ``*specs`` list (items |
| | | later in the list were added before ones earlier in the list). This is now |
| | | fixed. |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - The ``ITemplateRenderer`` interface has been changed. Previously |
| | | its ``__call__`` method accepted ``**kw``. It now accepts a single |
| | | positional parameter named ``kw`` (REVISED: it accepts two |
| | | positional parameters as of 1.1a4: ``value`` and ``system``). This |
| | | is mostly an internal change, but it was exposed in APIs in one |
| | | place: if you've used the |
| | | ``repoze.bfg.testing.registerDummyRenderer`` API in your tests with |
| | | a custom "renderer" argument with your own renderer implementation, |
| | | you will need to change that renderer implementation to accept |
| | | ``kw`` instead of ``**kw`` in its ``__call__`` method (REVISED: make |
| | | it accept ``value`` and ``system`` positional arguments as of 1.1a4). |
| | | - The pyramid Router attempted to set a value into the key |
| | | ``environ['repoze.bfg.message']`` when it caught a view-related exception |
| | | for backwards compatibility with applications written for ``repoze.bfg`` |
| | | during error handling. It did this by using code that looked like so:: |
| | | |
| | | - The ``ITemplateRendererFactory`` interface has been changed. |
| | | Previously its ``__call__`` method accepted an ``auto_reload`` |
| | | keyword parameter. Now its ``__call__`` method accepts no keyword |
| | | parameters. Renderers are now themselves responsible for |
| | | determining details of auto-reload. This is purely an internal |
| | | change. This interface was never external. |
| | | # "why" is an exception object |
| | | try: |
| | | msg = why[0] |
| | | except: |
| | | msg = '' |
| | | |
| | | - The ``template_renderer`` ZCML directive introduced in 1.1a2 has |
| | | been removed. It has been replaced by the ``renderer`` directive. |
| | | environ['repoze.bfg.message'] = msg |
| | | |
| | | - The previous release (1.1a2) added a view configuration attribute |
| | | named ``template``. In this release, the attribute has been renamed |
| | | to ``renderer``. This signifies that the attribute is more generic: |
| | | it can now be not just a template name but any renderer name (ala |
| | | ``json``). |
| | | Use of the value ``environ['repoze.bfg.message']`` was docs-deprecated in |
| | | Pyramid 1.0. Our standing policy is to not remove features after a |
| | | deprecation for two full major releases, so this code was originally slated |
| | | to be removed in Pyramid 1.2. However, computing the |
| | | ``repoze.bfg.message`` value was the source of at least one bug found in |
| | | the wild (https://github.com/Pylons/pyramid/issues/199), and there isn't a |
| | | foolproof way to both preserve backwards compatibility and to fix the bug. |
| | | Therefore, the code which sets the value has been removed in this release. |
| | | Code in exception views which relies on this value's presence in the |
| | | environment should now use the ``exception`` attribute of the request |
| | | (e.g. ``request.exception[0]``) to retrieve the message instead of relying |
| | | on ``request.environ['repoze.bfg.message']``. |
| | | |
| | | - In the previous release (1.1a2), the Chameleon text template |
| | | renderer was used if the system didn't associate the ``template`` |
| | | view configuration value with a filename with a "known" extension. |
| | | In this release, you must use a ``renderer`` attribute which is a |
| | | path that ends with a ``.txt`` extension |
| | | (e.g. ``templates/foo.txt``) to use the Chameleon text renderer. |
| | | |
| | | 1.1a2 (2009-09-14) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - A ZCML ``view`` directive (and the associated ``bfg_view`` |
| | | decorator) can now accept an "attr" value. If an "attr" value is |
| | | supplied, it is considered a method named of the view object to be |
| | | called when the response is required. This is typically only good |
| | | for views that are classes or instances (not so useful for |
| | | functions, as functions typically have no methods other than |
| | | ``__call__``). |
| | | |
| | | - A ZCML ``view`` directive (and the associated ``bfg_view`` |
| | | decorator) can now accept a "template" value. If a "template" value |
| | | is supplied, and the view callable returns a dictionary, the |
| | | associated template is rendered with the dictionary as keyword |
| | | arguments. See the section named "Views That Have a ``template``" |
| | | in the "Views" narrative documentation chapter for more information. |
| | | |
| | | 1.1a1 (2009-09-06) |
| | | ================== |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - "tests" module removed from the bfg_alchemy paster template; these |
| | | tests didn't work. |
| | | |
| | | - Bugfix: the ``discriminator`` for the ZCML "route" directive was |
| | | incorrect. It was possible to register two routes that collided |
| | | without the system spitting out a ConfigurationConflictError at |
| | | startup time. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Feature addition: view predicates. These are exposed as the |
| | | ``request_method``, ``request_param``, and ``containment`` |
| | | attributes of a ZCML ``view`` declaration, or the respective |
| | | arguments to a ``@bfg_view`` decorator. View predicates can be used |
| | | to register a view for a more precise set of environment parameters |
| | | than was previously possible. For example, you can register two |
| | | views with the same ``name`` with different ``request_param`` |
| | | attributes. If the ``request.params`` dict contains 'foo' |
| | | (request_param="foo"), one view might be called; if it contains |
| | | 'bar' (request_param="bar"), another view might be called. |
| | | ``request_param`` can also name a key/value pair ala ``foo=123``. |
| | | This will match only when the ``foo`` key is in the request.params |
| | | dict and it has the value '123'. This particular example makes it |
| | | possible to write separate view functions for different form |
| | | submissions. The other predicates, ``containment`` and |
| | | ``request_method`` work similarly. ``containment`` is a view |
| | | predicate that will match only when the context's graph lineage has |
| | | an object possessing a particular class or interface, for example. |
| | | ``request_method`` is a view predicate that will match when the HTTP |
| | | ``REQUEST_METHOD`` equals some string (eg. 'POST'). |
| | | |
| | | - The ``@bfg_view`` decorator now accepts three additional arguments: |
| | | ``request_method``, ``request_param``, and ``containment``. |
| | | ``request_method`` is used when you'd like the view to match only a |
| | | request with a particular HTTP ``REQUEST_METHOD``; a string naming |
| | | the ``REQUEST_METHOD`` can also be supplied as ``request_type`` for |
| | | backwards compatibility. ``request_param`` is used when you'd like |
| | | a view to match only a request that contains a particular |
| | | ``request.params`` key (with or without a value). ``containment`` |
| | | is used when you'd like to match a request that has a context that |
| | | has some class or interface in its graph lineage. These are |
| | | collectively known as "view predicates". |
| | | |
| | | - The ``route`` ZCML directive now honors ``view_request_method``, |
| | | ``view_request_param`` and ``view_containment`` attributes, which |
| | | pass along these values to the associated view if any is provided. |
| | | Additionally, the ``request_type`` attribute can now be spelled as |
| | | ``view_request_type``, and ``permission`` can be spelled as |
| | | ``view_permission``. Any attribute which starts with ``view_`` can |
| | | now be spelled without the ``view_`` prefix, so ``view_for`` can be |
| | | spelled as ``for`` now, etc. Both forms are documented in the |
| | | urldispatch narraitve documentation chapter. |
| | | |
| | | - The ``request_param`` ZCML view directive attribute (and its |
| | | ``bfg_view`` decorator cousin) can now specify both a key and a |
| | | value. For example, ``request_param="foo=123"`` means that the foo |
| | | key must have a value of ``123`` for the view to "match". |
| | | |
| | | - Allow ``repoze.bfg.traversal.find_interface`` API to use a class |
| | | object as the argument to compare against the ``model`` passed in. |
| | | This means you can now do ``find_interface(model, SomeClass)`` and |
| | | the first object which is found in the lineage which has |
| | | ``SomeClass`` as its class (or the first object found which has |
| | | ``SomeClass`` as any of its superclasses) will be returned. |
| | | |
| | | - Added ``static`` ZCML directive which registers a route for a view |
| | | that serves up files in a directory. See the "Views" narrative |
| | | documentation chapter's "Serving Static Resources Using a ZCML |
| | | Directive" section for more information. |
| | | |
| | | - The ``repoze.bfg.view.static`` class now accepts a string as its |
| | | first argument ("root_dir") that represents a package-relative name |
| | | e.g. ``somepackage:foo/bar/static``. This is now the preferred |
| | | mechanism for spelling package-relative static paths using this |
| | | class. A ``package_name`` keyword argument has been left around for |
| | | backwards compatibility. If it is supplied, it will be honored. |
| | | |
| | | - The API ``repoze.bfg.testing.registerView`` now takes a |
| | | ``permission`` argument. Use this instead of using |
| | | ``repoze.bfg.testing.registerViewPermission``. |
| | | |
| | | - The ordering of route declarations vs. the ordering of view |
| | | declarations that use a "route_name" in ZCML no longer matters. |
| | | Previously it had been impossible to use a route_name from a route |
| | | that had not yet been defined in ZCML (order-wise) within a "view" |
| | | declaration. |
| | | |
| | | - The repoze.bfg router now catches both |
| | | ``repoze.bfg.security.Unauthorized`` and |
| | | ``repoze.bfg.view.NotFound`` exceptions while rendering a view. |
| | | When the router catches an ``Unauthorized``, it returns the |
| | | registered forbidden view. When the router catches a ``NotFound``, |
| | | it returns the registered notfound view. |
| | | |
| | | Internal |
| | | -------- |
| | | |
| | | - Change urldispatch internals: Route object is now constructed using |
| | | a path, a name, and a factory instead of a name, a matcher, a |
| | | generator, and a factory. |
| | | |
| | | - Move (non-API) default_view, default_forbidden_view, and |
| | | default_notfound_view functions into the ``repoze.bfg.view`` module |
| | | (moved from ``repoze.bfg.router``). |
| | | |
| | | - Removed ViewPermissionFactory from ``repoze.bfg.security``. View |
| | | permission checking is now done by registering and looking up an |
| | | ISecuredView. |
| | | |
| | | - The ``static`` ZCML directive now uses a custom root factory when |
| | | constructing a route. |
| | | |
| | | - The interface ``IRequestFactories`` was removed from the |
| | | repoze.bfg.interfaces module. This interface was never an API. |
| | | |
| | | - The function named ``named_request_factories`` and the data |
| | | structure named ``DEFAULT_REQUEST_FACTORIES`` have been removed from |
| | | the ``repoze.bfg.request`` module. These were never APIs. |
| | | |
| | | - The ``IViewPermissionFactory`` interface has been removed. This was |
| | | never an API. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Request-only-convention examples in the "Views" narrative |
| | | documentation were broken. |
| | | |
| | | - Fixed documentation bugs related to forget and remember in security API |
| | | docs. |
| | | |
| | | - Fixed documentation for ``repoze.bfg.view.static`` (in narrative |
| | | ``Views`` chapter). |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - The API ``repoze.bfg.testing.registerViewPermission`` has been |
| | | deprecated. |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - The interfaces ``IPOSTRequest``, ``IGETRequest``, ``IPUTRequest``, |
| | | ``IDELETERequest``, and ``IHEADRequest`` have been removed from the |
| | | ``repoze.bfg.interfaces`` module. These were not documented as APIs |
| | | post-1.0. Instead of using one of these, use a ``request_method`` |
| | | ZCML attribute or ``request_method`` bfg_view decorator parameter |
| | | containing an HTTP method name (one of ``GET``, ``POST``, ``HEAD``, |
| | | ``PUT``, ``DELETE``) instead of one of these interfaces if you were |
| | | using one explicitly. Passing a string in the set (``GET``, |
| | | ``HEAD``, ``PUT``, ``POST``, ``DELETE``) as a ``request_type`` |
| | | argument will work too. Rationale: instead of relying on interfaces |
| | | attached to the request object, BFG now uses a "view predicate" to |
| | | determine the request type. |
| | | |
| | | - Views registered without the help of the ZCML ``view`` directive are |
| | | now responsible for performing their own authorization checking. |
| | | |
| | | - The ``registry_manager`` backwards compatibility alias importable |
| | | from "repoze.bfg.registry", deprecated since repoze.bfg 0.9 has been |
| | | removed. If you are tring to use the registry manager within a |
| | | debug script of your own, use a combination of the |
| | | "repoze.bfg.paster.get_app" and "repoze.bfg.scripting.get_root" APIs |
| | | instead. |
| | | |
| | | - The ``INotFoundAppFactory`` interface has been removed; it has |
| | | been deprecated since repoze.bfg 0.9. If you have something like |
| | | the following in your ``configure.zcml``:: |
| | | |
| | | <utility provides="repoze.bfg.interfaces.INotFoundAppFactory" |
| | | component="helloworld.factories.notfound_app_factory"/> |
| | | |
| | | Replace it with something like:: |
| | | |
| | | <notfound |
| | | view="helloworld.views.notfound_view"/> |
| | | |
| | | See "Changing the Not Found View" in the "Hooks" chapter of the |
| | | documentation for more information. |
| | | |
| | | - The ``IUnauthorizedAppFactory`` interface has been removed; it has |
| | | been deprecated since repoze.bfg 0.9. If you have something like |
| | | the following in your ``configure.zcml``:: |
| | | |
| | | <utility provides="repoze.bfg.interfaces.IUnauthorizedAppFactory" |
| | | component="helloworld.factories.unauthorized_app_factory"/> |
| | | |
| | | Replace it with something like:: |
| | | |
| | | <forbidden |
| | | view="helloworld.views.forbidden_view"/> |
| | | |
| | | See "Changing the Forbidden View" in the "Hooks" chapter of the |
| | | documentation for more information. |
| | | |
| | | - ``ISecurityPolicy``-based security policies, deprecated since |
| | | repoze.bfg 0.9, have been removed. If you have something like this |
| | | in your ``configure.zcml``, it will no longer work:: |
| | | |
| | | <utility |
| | | provides="repoze.bfg.interfaces.ISecurityPolicy" |
| | | factory="repoze.bfg.security.RemoteUserInheritingACLSecurityPolicy" |
| | | /> |
| | | |
| | | If ZCML like the above exists in your application, you will receive |
| | | an error at startup time. Instead of the above, you'll need |
| | | something like:: |
| | | |
| | | <remoteuserauthenticationpolicy/> |
| | | <aclauthorizationpolicy/> |
| | | |
| | | This is just an example. See the "Security" chapter of the |
| | | repoze.bfg documentation for more information about configuring |
| | | security policies. |
| | | |
| | | - Custom ZCML directives which register an authentication or |
| | | authorization policy (ala "authtktauthenticationpolicy" or |
| | | "aclauthorizationpolicy") should register the policy "eagerly" in |
| | | the ZCML directive instead of from within a ZCML action. If an |
| | | authentication or authorization policy is not found in the component |
| | | registry by the view machinery during deferred ZCML processing, view |
| | | security will not work as expected. |
| | | |
| | | 1.0.1 (2009-07-22) |
| | | ================== |
| | | |
| | | - Added support for ``has_resource``, ``resource_isdir``, and |
| | | ``resource_listdir`` to the resource "OverrideProvider"; this fixes |
| | | a bug with a symptom that a file could not be overridden in a |
| | | resource directory unless a file with the same name existed in the |
| | | original directory being overridden. |
| | | |
| | | - Fixed documentation bug showing invalid test for values from the |
| | | ``matchdict``: they are stored as attributes of the ``Article``, rather |
| | | than subitems. |
| | | |
| | | - Fixed documentation bug showing wrong environment key for the ``matchdict`` |
| | | produced by the matching route. |
| | | |
| | | - Added a workaround for a bug in Python 2.6, 2.6.1, and 2.6.2 having |
| | | to do with a recursion error in the mimetypes module when trying to |
| | | serve static files from Paste's FileApp: |
| | | http://bugs.python.org/issue5853. Symptom: File |
| | | "/usr/lib/python2.6/mimetypes.py", line 244, in guess_type return |
| | | guess_type(url, strict) RuntimeError: maximum recursion depth |
| | | exceeded. Thanks to Armin Ronacher for identifying the symptom and |
| | | pointing out a fix. |
| | | |
| | | - Minor edits to tutorials for accuracy based on feedback. |
| | | |
| | | - Declared Paste and PasteDeploy dependencies. |
| | | |
| | | 1.0 (2009-07-05) |
| | | ================ |
| | | |
| | | - Retested and added some content to GAE tutorial. |
| | | |
| | | - Edited "Extending" narrative docs chapter. |
| | | |
| | | - Added "Deleting the Database" section to the "Defining Models" |
| | | chapter of the traversal wiki tutorial. |
| | | |
| | | - Spell checking of narratives and tutorials. |
| | | |
| | | 1.0b2 (2009-07-03) |
| | | ================== |
| | | |
| | | - ``remoteuserauthenticationpolicy`` ZCML directive didn't work |
| | | without an ``environ_key`` directive (didn't match docs). |
| | | |
| | | - Fix ``configure_zcml`` filespec check on Windows. Previously if an |
| | | absolute filesystem path including a drive letter was passed as |
| | | ``filename`` (or as ``configure_zcml`` in the options dict) to |
| | | ``repoze.bfg.router.make_app``, it would be treated as a |
| | | package:resource_name specification. |
| | | |
| | | - Fix inaccuracies and import errors in bfgwiki (traversal+ZODB) and |
| | | bfgwiki2 (urldispatch+SA) tutorials. |
| | | |
| | | - Use bfgsite index for all tutorial setup.cfg files. |
| | | |
| | | - Full documentation grammar/style/spelling audit. |
| | | |
| | | 1.0b1 (2009-07-02) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Allow a Paste config file (``configure_zcml``) value or an |
| | | environment variable (``BFG_CONFIGURE_ZCML``) to name a ZCML file |
| | | (optionally package-relative) that will be used to bootstrap the |
| | | application. Previously, the integrator could not influence which |
| | | ZCML file was used to do the boostrapping (only the original |
| | | application developer could do so). |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Added a "Resources" chapter to the narrative documentation which |
| | | explains how to override resources within one package from another |
| | | package. |
| | | |
| | | - Added an "Extending" chapter to the narrative documentation which |
| | | explains how to extend or modify an existing BFG application using |
| | | another Python package and ZCML. |
| | | |
| | | 1.0a9 (2009-07-01) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Make it possible to pass strings in the form |
| | | "package_name:relative/path" to APIs like ``render_template``, |
| | | ``render_template_to_response``, and ``get_template``. Sometimes |
| | | the package in which a caller lives is a direct namespace package, |
| | | so the module which is returned is semi-useless for navigating from. |
| | | In this way, the caller can control the horizontal and vertical of |
| | | where things get looked up from. |
| | | |
| | | 1.0a8 (2009-07-01) |
| | | ================== |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - Deprecate the ``authentication_policy`` and ``authorization_policy`` |
| | | arguments to ``repoze.bfg.router.make_app``. Instead, developers |
| | | should use the various authentication policy ZCML directives |
| | | (``repozewho1authenticationpolicy``, |
| | | ``remoteuserauthenticationpolicy`` and |
| | | ``authtktauthenticationpolicy``) and the `aclauthorizationpolicy`` |
| | | authorization policy directive as described in the changes to the |
| | | "Security" narrative documenation chapter and the wiki tutorials. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Add three new ZCML directives which configure authentication |
| | | policies: |
| | | |
| | | - ``repozewho1authenticationpolicy`` |
| | | |
| | | - ``remoteuserauthenticationpolicy`` |
| | | |
| | | - ``authtktauthenticationpolicy`` |
| | | |
| | | - Add a new ZCML directive which configures an ACL authorization |
| | | policy named ``aclauthorizationpolicy``. |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Bug fix: when a ``repoze.bfg.resource.PackageOverrides`` class was |
| | | instantiated, and the package it was overriding already had a |
| | | ``__loader__`` attribute, it would fail at startup time, even if the |
| | | ``__loader__`` attribute was another PackageOverrides instance. We |
| | | now replace any ``__loader__`` that is also a PackageOverrides |
| | | instance. Symptom: ``ConfigurationExecutionError: <type |
| | | 'exceptions.TypeError'>: Package <module 'karl.views' from |
| | | '/Users/chrism/projects/osi/bfgenv/src/karl/karl/views/__init__.pyc'> |
| | | already has a __loader__ (probably a module in a zipped egg)``. |
| | | |
| | | 1.0a7 (2009-06-30) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Add a ``reload_resources`` configuration file setting (aka the |
| | | ``BFG_RELOAD_RESOURCES`` environment variable). When this is set to |
| | | true, the server never needs to be restarted when moving files |
| | | between directory resource overrides (esp. for templates currently). |
| | | |
| | | - Add a ``reload_all`` configuration file setting (aka the |
| | | ``BFG_RELOAD_ALL`` environment variable) that implies both |
| | | ``reload_resources`` and ``reload_templates``. |
| | | |
| | | - The ``static`` helper view class now uses a ``PackageURLParser`` in |
| | | order to allow for the overriding of static resources (CSS / logo |
| | | files, etc) using the ``resource`` ZCML directive. The |
| | | ``PackageURLParser`` class was added to a (new) ``static`` module in |
| | | BFG; it is a subclass of the ``StaticURLParser`` class in |
| | | ``paste.urlparser``. |
| | | |
| | | - The ``repoze.bfg.templating.renderer_from_cache`` function now |
| | | checks for the ``reload_resources`` setting; if it's true, it does |
| | | not register a template renderer (it won't use the registry as a |
| | | template renderer cache). |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Add ``pkg_resources`` to the glossary. |
| | | |
| | | - Update the "Environment" docs to note the existence of |
| | | ``reload_resources`` and ``reload_all``. |
| | | |
| | | - Updated the ``bfg_alchemy`` paster template to include two views: |
| | | the view on the root shows a list of links to records; the view on |
| | | a record shows the details for that object. |
| | | |
| | | Internal |
| | | -------- |
| | | |
| | | - Use a colon instead of a tab as the separator between package name |
| | | and relpath to form the "spec" when register a ITemplateRenderer. |
| | | |
| | | - Register a ``repoze.bfg.resource.OverrideProvider`` as a |
| | | pkg_resources provider only for modules which are known to have |
| | | overrides, instead of globally, when a <resource> directive is used |
| | | (performance). |
| | | |
| | | 1.0a6 (2009-06-29) |
| | | ================== |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Use ``caller_package`` function instead of ``caller_module`` |
| | | function within ``templating`` to avoid needing to name the caller |
| | | module in resource overrides (actually match docs). |
| | | |
| | | - Make it possible to override templates stored directly in a module |
| | | with templates in a subdirectory of the same module, stored directly |
| | | within another module, or stored in a subdirectory of another module |
| | | (actually match docs). |
| | | |
| | | 1.0a5 (2009-06-28) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - A new ZCML directive exists named "resource". This ZCML directive |
| | | allows you to override Chameleon templates within a package (both |
| | | directories full of templates and individual template files) with |
| | | other templates in the same package or within another package. This |
| | | allows you to "fake out" a view's use of a template, causing it to |
| | | retrieve a different template than the one actually named by a |
| | | relative path to a call like |
| | | ``render_template_to_response('templates/mytemplate.pt')``. For |
| | | example, you can override a template file by doing:: |
| | | |
| | | <resource |
| | | to_override="some.package:templates/mytemplate.pt" |
| | | override_with="another.package:othertemplates/anothertemplate.pt" |
| | | /> |
| | | |
| | | The string passed to "to_override" and "override_with" is named a |
| | | "specification". The colon separator in a specification separates |
| | | the package name from a package-relative directory name. The colon |
| | | and the following relative path are optional. If they are not |
| | | specified, the override attempts to resolve every lookup into a |
| | | package from the directory of another package. For example:: |
| | | |
| | | <resource |
| | | to_override="some.package" |
| | | override_with="another.package" |
| | | /> |
| | | |
| | | |
| | | Individual subdirectories within a package can also be overridden:: |
| | | |
| | | <resource |
| | | to_override="some.package:templates/" |
| | | override_with="another.package:othertemplates/" |
| | | /> |
| | | |
| | | If you wish to override a directory with another directory, you must |
| | | make sure to attach the slash to the end of both the ``to_override`` |
| | | specification and the ``override_with`` specification. If you fail |
| | | to attach a slash to the end of a specification that points a |
| | | directory, you will get unexpected results. You cannot override a |
| | | directory specification with a file specification, and vice versa (a |
| | | startup error will occur if you try). |
| | | |
| | | You cannot override a resource with itself (a startup error will |
| | | occur if you try). |
| | | |
| | | Only individual *package* resources may be overridden. Overrides |
| | | will not traverse through subpackages within an overridden package. |
| | | This means that if you want to override resources for both |
| | | ``some.package:templates``, and ``some.package.views:templates``, |
| | | you will need to register two overrides. |
| | | |
| | | The package name in a specification may start with a dot, meaning |
| | | that the package is relative to the package in which the ZCML file |
| | | resides. For example:: |
| | | |
| | | <resource |
| | | to_override=".subpackage:templates/" |
| | | override_with="another.package:templates/" |
| | | /> |
| | | |
| | | Overrides for the same ``to_overrides`` specification can be named |
| | | multiple times within ZCML. Each ``override_with`` path will be |
| | | consulted in the order defined within ZCML, forming an override |
| | | search path. |
| | | |
| | | Resource overrides can actually override resources other than |
| | | templates. Any software which uses the ``pkg_resources`` |
| | | ``get_resource_filename``, ``get_resource_stream`` or |
| | | ``get_resource_string`` APIs will obtain an overridden file when an |
| | | override is used. However, the only built-in facility which uses |
| | | the ``pkg_resources`` API within BFG is the templating stuff, so we |
| | | only call out template overrides here. |
| | | |
| | | - Use the ``pkg_resources`` API to locate template filenames instead |
| | | of dead-reckoning using the ``os.path`` module. |
| | | |
| | | - The ``repoze.bfg.templating`` module now uses ``pkg_resources`` to |
| | | locate and register template files instead of using an absolute |
| | | path name. |
| | | |
| | | 1.0a4 (2009-06-25) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Cause ``:segment`` matches in route paths to put a Unicode-decoded |
| | | and URL-dequoted value in the matchdict for the value matched. |
| | | Previously a non-decoded non-URL-dequoted string was placed in the |
| | | matchdict as the value. |
| | | |
| | | - Cause ``*remainder`` matches in route paths to put a *tuple* in the |
| | | matchdict dictionary in order to be able to present Unicode-decoded |
| | | and URL-dequoted values for the traversal path. Previously a |
| | | non-decoded non-URL-dequoted string was placed in the matchdict as |
| | | the value. |
| | | |
| | | - Add optional ``max_age`` keyword value to the ``remember`` method of |
| | | ``repoze.bfg.authentication.AuthTktAuthenticationPolicy``; if this |
| | | value is passed to ``remember``, the generated cookie will have a |
| | | corresponding Max-Age value. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Add information to the URL Dispatch narrative documentation about |
| | | path pattern matching syntax. |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Make ``route_url`` URL-quote segment replacements during generation. |
| | | Remainder segments are not quoted. |
| | | |
| | | 1.0a3 (2009-06-24) |
| | | ================== |
| | | |
| | | Implementation Changes |
| | | ---------------------- |
| | | |
| | | - ``repoze.bfg`` no longer relies on the Routes package to interpret |
| | | URL paths. All known existing ``path`` patterns will continue to |
| | | work with the reimplemented logic, which lives in |
| | | ``repoze.bfg.urldispatch``. ``<route>`` ZCML directives which use |
| | | certain attributes (uncommon ones) may not work (see "Backwards |
| | | Incompatibilities" below). |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - ``model_url`` when passed a request that was generated as a result |
| | | of a route match would fail in a call to ``route.generate``. |
| | | |
| | | - BFG-on-GAE didn't work due to a corner case bug in the fallback |
| | | Python implementation of ``threading.local`` (symptom: |
| | | "Initialization arguments are not supported"). Thanks to Michael |
| | | Bernstein for the bug report. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Added a "corner case" explanation to the "Hybrid Apps" chapter |
| | | explaining what to do when "the wrong" view is matched. |
| | | |
| | | - Use ``repoze.bfg.url.route_url`` API in tutorials rather than Routes |
| | | ``url_for`` API. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Added the ``repoze.bfg.url.route_url`` API. This API allows you to |
| | | generate URLs based on ``<route>`` declarations. See the URL |
| | | Dispatch narrative chapter and the "repoze.bfg.url" module API |
| | | documentation for more information. |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - As a result of disusing Routes, using the Routes ``url_for`` API |
| | | inside a BFG application (as was suggested by previous iterations of |
| | | tutorials) will no longer work. Use the |
| | | ``repoze.bfg.url.route_url`` method instead. |
| | | |
| | | - The following attributes on the ``<route>`` ZCML directive no longer |
| | | work: ``encoding``, ``static``, ``filter``, ``condition_method``, |
| | | ``condition_subdomain``, ``condition_function``, ``explicit``, or |
| | | ``subdomains``. These were all Routes features. |
| | | |
| | | - The ``<route>`` ZCML directive no longer supports the |
| | | ``<requirement>`` subdirective. This was a Routes feature. |
| | | |
| | | 1.0a2 (2009-06-23) |
| | | ================== |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - The ``bfg_routesalchemy`` paster template app tests failed due to a |
| | | mismatch between test and view signatures. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Add a ``view_for`` attribute to the ``route`` ZCML directive. This |
| | | attribute should refer to an interface or a class (ala the ``for`` |
| | | attribute of the ``view`` ZCML directive). |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Conditional documentation in installation section ("how to install a |
| | | Python interpreter"). |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - The ``callback`` argument of the ``repoze.bfg.authentication`` |
| | | authentication policies named ``RepozeWho1AuthenticationPolicy``, |
| | | ``RemoteUserAuthenticationPolicy``, and |
| | | ``AuthTktAuthenticationPolicy`` now must accept two positional |
| | | arguments: the orginal argument accepted by each (userid or |
| | | identity) plus a second argument, which will be the current request. |
| | | Apologies, this is required to service finding groups when there is |
| | | no "global" database connection. |
| | | |
| | | 1.0a1 (2009-06-22) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - A new ZCML directive was added named ``notfound``. This ZCML |
| | | directive can be used to name a view that should be invoked when the |
| | | request can't otherwise be resolved to a view callable. For example:: |
| | | |
| | | <notfound |
| | | view="helloworld.views.notfound_view"/> |
| | | |
| | | - A new ZCML directive was added named ``forbidden``. This ZCML |
| | | directive can be used to name a view that should be invoked when a |
| | | view callable for a request is found, but cannot be invoked due to |
| | | an authorization failure. For example:: |
| | | |
| | | <forbidden |
| | | view="helloworld.views.forbidden_view"/> |
| | | |
| | | - Allow views to be *optionally* defined as callables that accept only |
| | | a request object, instead of both a context and a request (which |
| | | still works, and always will). The following types work as views in |
| | | this style: |
| | | |
| | | - functions that accept a single argument ``request``, e.g.:: |
| | | |
| | | def aview(request): |
| | | pass |
| | | |
| | | - new and old-style classes that have an ``__init__`` method that |
| | | accepts ``self, request``, e.g.:: |
| | | |
| | | def View(object): |
| | | __init__(self, request): |
| | | pass |
| | | |
| | | - Arbitrary callables that have a ``__call__`` method that accepts |
| | | ``self, request``, e.g.:: |
| | | |
| | | def AView(object): |
| | | def __call__(self, request): |
| | | pass |
| | | view = AView() |
| | | |
| | | This likely should have been the calling convention all along, as |
| | | the request has ``context`` as an attribute already, and with views |
| | | called as a result of URL dispatch, having the context in the |
| | | arguments is not very useful. C'est la vie. |
| | | |
| | | - Cache the absolute path in the caller's package globals within |
| | | ``repoze.bfg.path`` to get rid of repeated (expensive) calls to |
| | | os.path.abspath. |
| | | |
| | | - Add ``reissue_time`` and ``timeout`` parameters to |
| | | ``repoze.bfg.authentication.AuthTktAuthenticationPolicy`` |
| | | constructor. If these are passed, cookies will be reset every so |
| | | often (cadged from the same change to repoze.who lately). |
| | | |
| | | - The matchdict related to the matching of a Routes route is available |
| | | on the request as the ``matchdict`` attribute: |
| | | ``request.matchdict``. If no route matched, this attribute will be |
| | | None. |
| | | |
| | | - Make 404 responses slightly cheaper by showing |
| | | ``environ["PATH_INFO"]`` on the notfound result page rather than the |
| | | fullly computed URL. |
| | | |
| | | - Move LRU cache implementation into a separate package |
| | | (``repoze.lru``). |
| | | |
| | | - The concepts of traversal and URL dispatch have been unified. It is |
| | | now possible to use the same sort of factory as both a traversal |
| | | "root factory" and what used to be referred to as a urldispatch |
| | | "context factory". |
| | | |
| | | - When the root factory argument (as a first argument) passed to |
| | | ``repoze.bfg.router.make_app`` is ``None``, a *default* root factory |
| | | is used. This is in support of using routes as "root finders"; it |
| | | supplants the idea that there is a default |
| | | ``IRoutesContextFactory``. |
| | | |
| | | - The `view`` ZCML statement and the ``repoze.bfg.view.bfg_view`` |
| | | decorator now accept an extra argument: ``route_name``. If a |
| | | ``route_name`` is specified, it must match the name of a previously |
| | | defined ``route`` statement. When it is specified, the view will |
| | | only be called when that route matches during a request. |
| | | |
| | | - It is now possible to perfom traversal *after* a route has matched. |
| | | Use the pattern ``*traverse`` in a ``<route>`` ``path`` attribute |
| | | within ZCML, and the path remainder which it matches will be used as |
| | | a traversal path. |
| | | |
| | | - When any route defined matches, the WSGI environment will now |
| | | contain a key ``bfg.routes.route`` (the Route object which matched), |
| | | and a key ``bfg.routes.matchdict`` (the result of calling route.match). |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - Utility registrations against |
| | | ``repoze.bfg.interfaces.INotFoundView`` and |
| | | ``repoze.bfg.interfaces.IForbiddenView`` are now deprecated. Use |
| | | the ``notfound`` and ``forbidden`` ZCML directives instead (see the |
| | | "Hooks" chapter for more information). Such registrations will |
| | | continue to work, but the notfound and forbidden directives do |
| | | "extra work" to ensure that the callable named by the directive can |
| | | be called by the router even if it's a class or |
| | | request-argument-only view. |
| | | |
| | | Removals |
| | | -------- |
| | | |
| | | - The ``IRoutesContext``, ``IRoutesContextFactory``, and |
| | | ``IContextNotFound`` interfaces were removed from |
| | | ``repoze.bfg.interfaces``. These were never APIs. |
| | | |
| | | - The ``repoze.bfg.urldispatch.RoutesContextNotFound``, |
| | | ``repoze.bfg.urldispatch.RoutesModelTraverser`` and |
| | | ``repoze.bfg.urldispatch.RoutesContextURL`` classes were removed. |
| | | These were also never APIs. |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - Moved the ``repoze.bfg.push`` module, which implemented the ``pushpage`` |
| | | decorator, into a separate distribution, ``repoze.bfg.pushpage``. |
| | | Applications which used this decorator should continue to work after |
| | | adding that distribution to their installation requirements. |
| | | |
| | | - Changing the default request factory via an IRequestFactory utility |
| | | registration (as used to be documented in the "Hooks" chapter's |
| | | "Changing the request factory" section) is no longer supported. The |
| | | dance to manufacture a request is complicated as a result of |
| | | unifying traversal and url dispatch, making it highly unlikely for |
| | | anyone to be able to override it properly. For those who just want |
| | | to decorate or modify a request, use a NewRequestEvent subscriber |
| | | (see the Events chapter in the documentation). |
| | | |
| | | - The ``repoze.bfg.IRequestFactory`` interface was removed. See the |
| | | bullet above for why. |
| | | |
| | | - Routes "context factories" (spelled as the factory argument to a |
| | | route statement in ZCML) must now expect the WSGI environ as a |
| | | single argument rather than a set of keyword arguments. They can |
| | | obtain the match dictionary by asking for |
| | | environ['bfg.routes.matchdict']. This is the same set of keywords |
| | | that used to be passed to urldispatch "context factories" in BFG 0.9 |
| | | and below. |
| | | |
| | | - Using the ``@zope.component.adapter`` decorator on a bfg view |
| | | function no longer works. Use the ``@repoze.bfg.view.bfg_view`` |
| | | decorator instead to mark a function (or a class) as a view. |
| | | |
| | | - The name under which the matching route object is found in the |
| | | environ was changed from ``bfg.route`` to ``bfg.routes.route``. |
| | | |
| | | - Finding the root is now done *before* manufacturing a request object |
| | | (and sending a new request event) within the router (it used to be |
| | | performed afterwards). |
| | | |
| | | - Adding ``*path_info`` to a route no longer changes the PATH_INFO for |
| | | a request that matches using URL dispatch. This feature was only |
| | | there to service the ``repoze.bfg.wsgi.wsgiapp2`` decorator and it |
| | | did it wrong; use ``*subpath`` instead now. |
| | | |
| | | - The values of ``subpath``, ``traversed``, and ``virtual_root_path`` |
| | | attached to the request object are always now tuples instead of |
| | | lists (performance). |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - The ``bfg_alchemy`` Paster template named "repoze.tm" in its |
| | | pipeline rather than "repoze.tm2", causing the startup to fail. |
| | | |
| | | - Move BBB logic for registering an |
| | | IAuthenticationPolicy/IForbiddenView/INotFoundView based on older |
| | | concepts from the router module's ``make_app`` function into the |
| | | ``repoze.bfg.zcml.zcml_configure`` callable, to service |
| | | compatibility with scripts that use "zope.configuration.xmlconfig" |
| | | (replace with ``repoze.bfg.zml.zcml_configure`` as necessary to get |
| | | BBB logic) |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Add interface docs related to how to create authentication policies |
| | | and authorization policies to the "Security" narrative chapter. |
| | | |
| | | - Added a (fairly sad) "Combining Traversal and URL Dispatch" chapter |
| | | to the narrative documentation. This explains the usage of |
| | | ``*traverse`` and ``*subpath`` in routes URL patters. |
| | | |
| | | - A "router" chapter explaining the request/response lifecycle at a |
| | | high level was added. |
| | | |
| | | - Replaced all mentions and explanations of a routes "context factory" |
| | | with equivalent explanations of a "root factory" (context factories |
| | | have been disused). |
| | | |
| | | - Updated Routes bfgwiki2 tutorial to reflect the fact that context |
| | | factories are now no longer used. |
| | | |
| | | 0.9.1 (2009-06-02) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Add API named ``repoze.bfg.settings.get_settings`` which retrieves a |
| | | derivation of values passed as the ``options`` value of |
| | | ``repoze.bfg.router.make_app``. This API should be preferred |
| | | instead of using getUtility(ISettings). I added a new |
| | | ``repoze.bfg.settings`` API document as well. |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Restored missing entry point declaration for bfg_alchemy paster |
| | | template, which was accidentally removed in 0.9. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Fix a reference to ``wsgiapp`` in the ``wsgiapp2`` API documentation |
| | | within the ``repoze.bfg.wsgi`` module. |
| | | |
| | | API Removals |
| | | ------------ |
| | | |
| | | - The ``repoze.bfg.location.locate`` API was removed: it didn't do |
| | | enough to be very helpful and had a misleading name. |
| | | |
| | | 0.9 (2009-06-01) |
| | | ================ |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - It was not possible to register a custom ``IRoutesContextFactory`` |
| | | for use as a default context factory as documented in the "Hooks" |
| | | chapter. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - The ``request_type`` argument of ZCML ``view`` declarations and |
| | | ``bfg_view`` decorators can now be one of the strings ``GET``, |
| | | ``POST``, ``PUT``, ``DELETE``, or ``HEAD`` instead of a reference to |
| | | the respective interface type imported from |
| | | ``repoze.bfg.interfaces``. |
| | | |
| | | - The ``route`` ZCML directive now accepts ``request_type`` as an |
| | | alias for its ``condition_method`` argument for symmetry with the |
| | | ``view`` directive. |
| | | |
| | | - The ``bfg_routesalchemy`` paster template now provides a unit test |
| | | and actually uses the database during a view rendering. |
| | | |
| | | Removals |
| | | -------- |
| | | |
| | | - Remove ``repoze.bfg.threadlocal.setManager``. It was only used in |
| | | unit tests. |
| | | |
| | | - Remove ``repoze.bfg.wsgi.HTTPException``, |
| | | ``repoze.bfg.wsgi.NotFound``, and ``repoze.bfg.wsgi.Unauthorized``. |
| | | These classes were disused with the introduction of the |
| | | ``IUnauthorizedView`` and ``INotFoundView`` machinery. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Add description to narrative templating chapter about how to use |
| | | Chameleon text templates. |
| | | |
| | | - Changed Views narrative chapter to use method strings rather than |
| | | interface types, and moved advanced interface type usage to Events |
| | | narrative chapter. |
| | | |
| | | - Added a Routes+SQLAlchemy wiki tutorial. |
| | | |
| | | 0.9a8 (2009-05-31) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - It is now possible to register a custom |
| | | ``repoze.bfg.interfaces.INotFoundView`` for a given application. |
| | | This feature replaces the |
| | | ``repoze.bfg.interfaces.INotFoundAppFactory`` feature previously |
| | | described in the Hooks chapter. The INotFoundView will be called |
| | | when the framework detects that a view lookup done as a result of a |
| | | request fails; it should accept a context object and a request |
| | | object; it should return an IResponse object (a webob response, |
| | | basically). See the Hooks narrative chapter of the BFG docs for |
| | | more info. |
| | | |
| | | - The error presented when a view invoked by the router returns a |
| | | non-response object now includes the view's name for troubleshooting |
| | | purposes. |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - A "new response" event is emitted for forbidden and notfound views. |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - The ``repoze.bfg.interfaces.INotFoundAppFactory`` interface has been |
| | | deprecated in favor of using the new |
| | | ``repoze.bfg.interfaces.INotFoundView`` mechanism. |
| | | |
| | | Renames |
| | | ------- |
| | | |
| | | - Renamed ``repoze.bfg.interfaces.IForbiddenResponseFactory`` to |
| | | ``repoze.bfg.interfaces.IForbiddenView``. |
| | | |
| | | 0.9a7 (2009-05-30) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Remove "context" argument from ``effective_principals`` and |
| | | ``authenticated_userid`` function APIs in ``repoze.bfg.security``, |
| | | effectively a doing reversion to 0.8 and before behavior. Both |
| | | functions now again accept only the ``request`` parameter. |
| | | |
| | | 0.9a6 (2009-05-29) |
| | | 1.1a1 (2011-06-20) |
| | | ================== |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Changed "BFG Wiki" tutorial to use AuthTktAuthenticationPolicy |
| | | rather than repoze.who. |
| | | - The term "template" used to refer to both "paster templates" and "rendered |
| | | templates" (templates created by a rendering engine. i.e. Mako, Chameleon, |
| | | Jinja, etc.). "Paster templates" will now be refered to as "scaffolds", |
| | | whereas the name for "rendered templates" will remain as "templates." |
| | | |
| | | - The ``wiki`` (ZODB+Traversal) tutorial was updated slightly. |
| | | |
| | | - The ``wiki2`` (SQLA+URL Dispatch) tutorial was updated slightly. |
| | | |
| | | - Make ``pyramid.interfaces.IAuthenticationPolicy`` and |
| | | ``pyramid.interfaces.IAuthorizationPolicy`` public interfaces, and refer to |
| | | them within the ``pyramid.authentication`` and ``pyramid.authorization`` |
| | | API docs. |
| | | |
| | | - Render the function definitions for each exposed interface in |
| | | ``pyramid.interfaces``. |
| | | |
| | | - Add missing docs reference to |
| | | ``pyramid.config.Configurator.set_view_mapper`` and refer to it within |
| | | Hooks chapter section named "Using a View Mapper". |
| | | |
| | | - Added section to the "Environment Variables and ``.ini`` File Settings" |
| | | chapter in the narrative documentation section entitled "Adding a Custom |
| | | Setting". |
| | | |
| | | - Added documentation for a "multidict" (e.g. the API of ``request.POST``) as |
| | | interface API documentation. |
| | | |
| | | - Added a section to the "URL Dispatch" narrative chapter regarding the new |
| | | "static" route feature. |
| | | |
| | | - Added "What's New in Pyramid 1.1" to HTML rendering of documentation. |
| | | |
| | | - Added API docs for ``pyramid.authentication.SessionAuthenticationPolicy``. |
| | | |
| | | - Added API docs for ``pyramid.httpexceptions.exception_response``. |
| | | |
| | | - Added "HTTP Exceptions" section to Views narrative chapter including a |
| | | description of ``pyramid.httpexceptions.exception_response``. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Add an AuthTktAuthenticationPolicy. This policy retrieves |
| | | credentials from an auth_tkt cookie managed by the application |
| | | itself (instead of relying on an upstream data source for |
| | | authentication data). See the Security API chapter of the |
| | | documentation for more info. |
| | | - Add support for language fallbacks: when trying to translate for a |
| | | specific territory (such as ``en_GB``) fall back to translations |
| | | for the language (ie ``en``). This brings the translation behaviour in line |
| | | with GNU gettext and fixes partially translated texts when using C |
| | | extensions. |
| | | |
| | | - Allow RemoteUserAuthenticationPolicy and |
| | | RepozeWho1AuthenticationPolicy to accept various constructor |
| | | arguments. See the Security API chapter of the documentation for |
| | | more info. |
| | | - New authentication policy: |
| | | ``pyramid.authentication.SessionAuthenticationPolicy``, which uses a session |
| | | to store credentials. |
| | | |
| | | 0.9a5 (2009-05-28) |
| | | ================== |
| | | - Accessing the ``response`` attribute of a ``pyramid.request.Request`` |
| | | object (e.g. ``request.response`` within a view) now produces a new |
| | | ``pyramid.response.Response`` object. This feature is meant to be used |
| | | mainly when a view configured with a renderer needs to set response |
| | | attributes: all renderers will use the Response object implied by |
| | | ``request.response`` as the response object returned to the router. |
| | | |
| | | Features |
| | | -------- |
| | | ``request.response`` can also be used by code in a view that does not use a |
| | | renderer, however the response object that is produced by |
| | | ``request.response`` must be returned when a renderer is not in play (it is |
| | | not a "global" response). |
| | | |
| | | - Add a ``get_app`` API functions to the ``paster`` module. This |
| | | obtains a WSGI application from a config file given a config file |
| | | name and a section name. See the ``repoze.bfg.paster`` API docs for |
| | | - Integers and longs passed as ``elements`` to ``pyramid.url.resource_url`` |
| | | or ``pyramid.request.Request.resource_url`` e.g. ``resource_url(context, |
| | | request, 1, 2)`` (``1`` and ``2`` are the ``elements``) will now be |
| | | converted implicitly to strings in the result. Previously passing integers |
| | | or longs as elements would cause a TypeError. |
| | | |
| | | - ``pyramid_alchemy`` paster template now uses ``query.get`` rather than |
| | | ``query.filter_by`` to take better advantage of identity map caching. |
| | | |
| | | - ``pyramid_alchemy`` paster template now has unit tests. |
| | | |
| | | - Added ``pyramid.i18n.make_localizer`` API (broken out from |
| | | ``get_localizer`` guts). |
| | | |
| | | - An exception raised by a NewRequest event subscriber can now be caught by |
| | | an exception view. |
| | | |
| | | - It is now possible to get information about why Pyramid raised a Forbidden |
| | | exception from within an exception view. The ``ACLDenied`` object returned |
| | | by the ``permits`` method of each stock authorization policy |
| | | (``pyramid.interfaces.IAuthorizationPolicy.permits``) is now attached to |
| | | the Forbidden exception as its ``result`` attribute. Therefore, if you've |
| | | created a Forbidden exception view, you can see the ACE, ACL, permission, |
| | | and principals involved in the request as |
| | | eg. ``context.result.permission``, ``context.result.acl``, etc within the |
| | | logic of the Forbidden exception view. |
| | | |
| | | - Don't explicitly prevent the ``timeout`` from being lower than the |
| | | ``reissue_time`` when setting up an ``AuthTktAuthenticationPolicy`` |
| | | (previously such a configuration would raise a ``ValueError``, now it's |
| | | allowed, although typically nonsensical). Allowing the nonsensical |
| | | configuration made the code more understandable and required fewer tests. |
| | | |
| | | - A new paster command named ``paster pviews`` was added. This command |
| | | prints a summary of potentially matching views for a given path. See the |
| | | section entitled "Displaying Matching Views for a Given URL" in the "View |
| | | Configuration" chapter of the narrative documentation for more information. |
| | | |
| | | - The ``add_route`` method of the Configurator now accepts a ``static`` |
| | | argument. If this argument is ``True``, the added route will never be |
| | | considered for matching when a request is handled. Instead, it will only |
| | | be useful for URL generation via ``route_url`` and ``route_path``. See the |
| | | section entitled "Static Routes" in the URL Dispatch narrative chapter for |
| | | more information. |
| | | |
| | | - Add a new module named ``scripting``. It contains a ``get_root`` |
| | | API function, which, provided a Router instance, returns a traversal |
| | | root object and a "closer". See the ``repoze.bfg.scripting`` API |
| | | docs for more info. |
| | | - A default exception view for the context |
| | | ``pyramid.interfaces.IExceptionResponse`` is now registered by default. |
| | | This means that an instance of any exception response class imported from |
| | | ``pyramid.httpexceptions`` (such as ``HTTPFound``) can now be raised from |
| | | within view code; when raised, this exception view will render the |
| | | exception to a response. |
| | | |
| | | 0.9a4 (2009-05-27) |
| | | ================== |
| | | - A function named ``pyramid.httpexceptions.exception_response`` is a |
| | | shortcut that can be used to create HTTP exception response objects using |
| | | an HTTP integer status code. |
| | | |
| | | - The Configurator now accepts an additional keyword argument named |
| | | ``exceptionresponse_view``. By default, this argument is populated with a |
| | | default exception view function that will be used when a response is raised |
| | | as an exception. When ``None`` is passed for this value, an exception view |
| | | for responses will not be registered. Passing ``None`` returns the |
| | | behavior of raising an HTTP exception to that of Pyramid 1.0 (the exception |
| | | will propagate to middleware and to the WSGI server). |
| | | |
| | | - The ``pyramid.request.Request`` class now has a ``ResponseClass`` interface |
| | | which points at ``pyramid.response.Response``. |
| | | |
| | | - The ``pyramid.response.Response`` class now has a ``RequestClass`` |
| | | interface which points at ``pyramid.request.Request``. |
| | | |
| | | - It is now possible to return an arbitrary object from a Pyramid view |
| | | callable even if a renderer is not used, as long as a suitable adapter to |
| | | ``pyramid.interfaces.IResponse`` is registered for the type of the returned |
| | | object by using the new |
| | | ``pyramid.config.Configurator.add_response_adapter`` API. See the section |
| | | in the Hooks chapter of the documentation entitled "Changing How Pyramid |
| | | Treats View Responses". |
| | | |
| | | - The Pyramid router will now, by default, call the ``__call__`` method of |
| | | WebOb response objects when returning a WSGI response. This means that, |
| | | among other things, the ``conditional_response`` feature of WebOb response |
| | | objects will now behave properly. |
| | | |
| | | - New method named ``pyramid.request.Request.is_response``. This method |
| | | should be used instead of the ``pyramid.view.is_response`` function, which |
| | | has been deprecated. |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Try checking for an "old style" security policy *after* we parse |
| | | ZCML (thinko). |
| | | - URL pattern markers used in URL dispatch are permitted to specify a custom |
| | | regex. For example, the pattern ``/{foo:\d+}`` means to match ``/12345`` |
| | | (foo==12345 in the match dictionary) but not ``/abc``. However, custom |
| | | regexes in a pattern marker which used squiggly brackets did not work. For |
| | | example, ``/{foo:\d{4}}`` would fail to match ``/1234`` and |
| | | ``/{foo:\d{1,2}}`` would fail to match ``/1`` or ``/11``. One level of |
| | | inner squiggly brackets is now recognized so that the prior two patterns |
| | | given as examples now work. See also |
| | | https://github.com/Pylons/pyramid/issues/#issue/123. |
| | | |
| | | 0.9a3 (2009-05-27) |
| | | ================== |
| | | - Don't send port numbers along with domain information in cookies set by |
| | | AuthTktCookieHelper (see https://github.com/Pylons/pyramid/issues/131). |
| | | |
| | | Features |
| | | -------- |
| | | - ``pyramid.url.route_path`` (and the shortcut |
| | | ``pyramid.request.Request.route_url`` method) now include the WSGI |
| | | SCRIPT_NAME at the front of the path if it is not empty (see |
| | | https://github.com/Pylons/pyramid/issues/135). |
| | | |
| | | - Allow IAuthenticationPolicy and IAuthorizationPolicy to be |
| | | overridden via ZCML registrations (do ZCML parsing after |
| | | registering these in router.py). |
| | | - ``pyramid.testing.DummyRequest`` now has a ``script_name`` attribute (the |
| | | empty string). |
| | | |
| | | Documentation |
| | | ------------- |
| | | - Don't quote ``:@&+$,`` symbols in ``*elements`` passed to |
| | | ``pyramid.url.route_url`` or ``pyramid.url.resource_url`` (see |
| | | https://github.com/Pylons/pyramid/issues#issue/141). |
| | | |
| | | - Added "BFG Wiki" tutorial to documentation; it describes |
| | | step-by-step how to create a traversal-based ZODB application with |
| | | authentication. |
| | | - Include SCRIPT_NAME in redirects issued by |
| | | ``pyramid.view.append_slash_notfound_view`` (see |
| | | https://github.com/Pylons/pyramid/issues#issue/149). |
| | | |
| | | - Static views registered with ``config.add_static_view`` which also included |
| | | a ``permission`` keyword argument would not work as expected, because |
| | | ``add_static_view`` also registered a route factory internally. Because a |
| | | route factory was registered internally, the context checked by the Pyramid |
| | | permission machinery never had an ACL. ``add_static_view`` no longer |
| | | registers a route with a factory, so the default root factory will be used. |
| | | |
| | | - ``config.add_static_view`` now passes extra keyword arguments it receives |
| | | to ``config.add_route`` (calling add_static_view is mostly logically |
| | | equivalent to adding a view of the type ``pyramid.static.static_view`` |
| | | hooked up to a route with a subpath). This makes it possible to pass e.g., |
| | | ``factory=`` to ``add_static_view`` to protect a particular static view |
| | | with a custom ACL. |
| | | |
| | | - ``testing.DummyRequest`` used the wrong registry (the global registry) as |
| | | ``self.registry`` if a dummy request was created *before* ``testing.setUp`` |
| | | was executed (``testing.setUp`` pushes a local registry onto the |
| | | threadlocal stack). Fixed by implementing ``registry`` as a property for |
| | | DummyRequest instead of eagerly assigning an attribute. |
| | | See also https://github.com/Pylons/pyramid/issues/165 |
| | | |
| | | - When visiting a URL that represented a static view which resolved to a |
| | | subdirectory, the ``index.html`` of that subdirectory would not be served |
| | | properly. Instead, a redirect to ``/subdir`` would be issued. This has |
| | | been fixed, and now visiting a subdirectory that contains an ``index.html`` |
| | | within a static view returns the index.html properly. See also |
| | | https://github.com/Pylons/pyramid/issues/67. |
| | | |
| | | - Redirects issued by a static view did not take into account any existing |
| | | ``SCRIPT_NAME`` (such as one set by a url mapping composite). Now they do. |
| | | |
| | | - The ``pyramid.wsgi.wsgiapp2`` decorator did not take into account the |
| | | ``SCRIPT_NAME`` in the origin request. |
| | | |
| | | - The ``pyramid.wsgi.wsgiapp2`` decorator effectively only worked when it |
| | | decorated a view found via traversal; it ignored the ``PATH_INFO`` that was |
| | | part of a url-dispatch-matched view. |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - Added deprecations for imports of ``ACLSecurityPolicy``, |
| | | ``InheritingACLSecurityPolicy``, ``RemoteUserACLSecurityPolicy``, |
| | | ``RemoteUserInheritingACLSecurityPolicy``, ``WhoACLSecurityPolicy``, |
| | | and ``WhoInheritingACLSecurityPolicy`` from the |
| | | ``repoze.bfg.security`` module; for the meantime (for backwards |
| | | compatibility purposes) these live in the ``repoze.bfg.secpols`` |
| | | module. Note however, that the entire concept of a "security |
| | | policy" is deprecated in BFG in favor of separate authentication and |
| | | authorization policies, so any use of a security policy will |
| | | generate additional deprecation warnings even if you do start using |
| | | ``repoze.bfg.secpols``. ``repoze.bfg.secpols`` will disappear in a |
| | | future release of ``repoze.bfg``. |
| | | - Deprecated all assignments to ``request.response_*`` attributes (for |
| | | example ``request.response_content_type = 'foo'`` is now deprecated). |
| | | Assignments and mutations of assignable request attributes that were |
| | | considered by the framework for response influence are now deprecated: |
| | | ``response_content_type``, ``response_headerlist``, ``response_status``, |
| | | ``response_charset``, and ``response_cache_for``. Instead of assigning |
| | | these to the request object for later detection by the rendering machinery, |
| | | users should use the appropriate API of the Response object created by |
| | | accessing ``request.response`` (e.g. code which does |
| | | ``request.response_content_type = 'abc'`` should be changed to |
| | | ``request.response.content_type = 'abc'``). |
| | | |
| | | Deprecated Import Alias Removals |
| | | -------------------------------- |
| | | - Passing view-related parameters to |
| | | ``pyramid.config.Configurator.add_route`` is now deprecated. Previously, a |
| | | view was permitted to be connected to a route using a set of ``view*`` |
| | | parameters passed to the ``add_route`` method of the Configurator. This |
| | | was a shorthand which replaced the need to perform a subsequent call to |
| | | ``add_view``. For example, it was valid (and often recommended) to do:: |
| | | |
| | | - Remove ``repoze.bfg.template`` module. All imports from this |
| | | package have been deprecated since 0.3.8. Instead, import |
| | | ``get_template``, ``render_template``, and |
| | | ``render_template_to_response`` from the |
| | | ``repoze.bfg.chameleon_zpt`` module. |
| | | config.add_route('home', '/', view='mypackage.views.myview', |
| | | view_renderer='some/renderer.pt') |
| | | |
| | | - Remove backwards compatibility import alias for |
| | | ``repoze.bfg.traversal.split_path`` (deprecated since 0.6.5). This |
| | | must now be imported as ``repoze.bfg.traversal.traversal_path``). |
| | | Passing ``view*`` arguments to ``add_route`` is now deprecated in favor of |
| | | connecting a view to a predefined route via ``Configurator.add_view`` using |
| | | the route's ``route_name`` parameter. As a result, the above example |
| | | should now be spelled:: |
| | | |
| | | - Remove backwards compatibility import alias for |
| | | ``repoze.bfg.urldispatch.RoutesContext`` (deprecated since 0.6.5). |
| | | This must now be imported as |
| | | ``repoze.bfg.urldispatch.DefaultRoutesContext``. |
| | | config.add_route('home', '/') |
| | | config.add_view('mypackage.views.myview', route_name='home') |
| | | renderer='some/renderer.pt') |
| | | |
| | | - Removed backwards compatibility import aliases for |
| | | ``repoze.bfg.router.get_options`` and ``repoze.bfg.router.Settings`` |
| | | (deprecated since 0.6.2). These both must now be imported from |
| | | ``repoze.bfg.settings``. |
| | | This deprecation was done to reduce confusion observed in IRC, as well as |
| | | to (eventually) reduce documentation burden (see also |
| | | https://github.com/Pylons/pyramid/issues/164). A deprecation warning is |
| | | now issued when any view-related parameter is passed to |
| | | ``Configurator.add_route``. |
| | | |
| | | - Removed backwards compatibility import alias for |
| | | ``repoze.bfg.interfaces.IRootPolicy`` (deprecated since 0.6.2). It |
| | | must be imported as ``repoze.bfg.interfaces.IRootFactory`` now. |
| | | - Passing an ``environ`` dictionary to the ``__call__`` method of a |
| | | "traverser" (e.g. an object that implements |
| | | ``pyramid.interfaces.ITraverser`` such as an instance of |
| | | ``pyramid.traversal.ResourceTreeTraverser``) as its ``request`` argument |
| | | now causes a deprecation warning to be emitted. Consumer code should pass a |
| | | ``request`` object instead. The fact that passing an environ dict is |
| | | permitted has been documentation-deprecated since ``repoze.bfg`` 1.1, and |
| | | this capability will be removed entirely in a future version. |
| | | |
| | | - Removed backwards compatibility import alias for |
| | | ``repoze.bfg.interfaces.ITemplate`` (deprecated since 0.4.4). It |
| | | must be imported as ``repoze.bfg.interfaces.ITemplateRenderer`` now. |
| | | - The following (undocumented, dictionary-like) methods of the |
| | | ``pyramid.request.Request`` object have been deprecated: ``__contains__``, |
| | | ``__delitem__``, ``__getitem__``, ``__iter__``, ``__setitem__``, ``get``, |
| | | ``has_key``, ``items``, ``iteritems``, ``itervalues``, ``keys``, ``pop``, |
| | | ``popitem``, ``setdefault``, ``update``, and ``values``. Usage of any of |
| | | these methods will cause a deprecation warning to be emitted. These |
| | | methods were added for internal compatibility in ``repoze.bfg`` 1.1 (code |
| | | that currently expects a request object expected an environ object in BFG |
| | | 1.0 and before). In a future version, these methods will be removed |
| | | entirely. |
| | | |
| | | - Removed backwards compatibility import alias for |
| | | ``repoze.bfg.interfaces.ITemplateFactory`` (deprecated since 0.4.4). |
| | | It must be imported as |
| | | ``repoze.bfg.interfaces.ITemplateRendererFactory`` now. |
| | | - Deprecated ``pyramid.view.is_response`` function in favor of (newly-added) |
| | | ``pyramid.request.Request.is_response`` method. Determining if an object |
| | | is truly a valid response object now requires access to the registry, which |
| | | is only easily available as a request attribute. The |
| | | ``pyramid.view.is_response`` function will still work until it is removed, |
| | | but now may return an incorrect answer under some (very uncommon) |
| | | circumstances. |
| | | |
| | | - Removed backwards compatibility import alias for |
| | | ``repoze.bfg.chameleon_zpt.ZPTTemplateFactory`` (deprecated since |
| | | 0.4.4). This must be imported as ``repoze.bfg.ZPTTemplateRenderer`` |
| | | now. |
| | | Behavior Changes |
| | | ---------------- |
| | | |
| | | 0.9a2 (2009-05-27) |
| | | ================== |
| | | - The default Mako renderer is now configured to escape all HTML in |
| | | expression tags. This is intended to help prevent XSS attacks caused by |
| | | rendering unsanitized input from users. To revert this behavior in user's |
| | | templates, they need to filter the expression through the 'n' filter. |
| | | For example, ${ myhtml | n }. |
| | | See https://github.com/Pylons/pyramid/issues/193. |
| | | |
| | | Features |
| | | -------- |
| | | - A custom request factory is now required to return a request object that |
| | | has a ``response`` attribute (or "reified"/lazy property) if they the |
| | | request is meant to be used in a view that uses a renderer. This |
| | | ``response`` attribute should be an instance of the class |
| | | ``pyramid.response.Response``. |
| | | |
| | | - A paster command has been added named "bfgshell". This command can |
| | | be used to get an interactive prompt with your BFG root object in |
| | | the global namespace. E.g.:: |
| | | - The JSON and string renderer factories now assign to |
| | | ``request.response.content_type`` rather than |
| | | ``request.response_content_type``. |
| | | |
| | | bin/paster bfgshell /path/to/myapp.ini myapp |
| | | - Each built-in renderer factory now determines whether it should change the |
| | | content type of the response by comparing the response's content type |
| | | against the response's default content type; if the content type is the |
| | | default content type (usually ``text/html``), the renderer changes the |
| | | content type (to ``application/json`` or ``text/plain`` for JSON and string |
| | | renderers respectively). |
| | | |
| | | See the ``Project`` chapter in the BFG documentation for more |
| | | - The ``pyramid.wsgi.wsgiapp2`` now uses a slightly different method of |
| | | figuring out how to "fix" ``SCRIPT_NAME`` and ``PATH_INFO`` for the |
| | | downstream application. As a result, those values may differ slightly from |
| | | the perspective of the downstream application (for example, ``SCRIPT_NAME`` |
| | | will now never possess a trailing slash). |
| | | |
| | | - Previously, ``pyramid.request.Request`` inherited from |
| | | ``webob.request.Request`` and implemented ``__getattr__``, ``__setattr__`` |
| | | and ``__delattr__`` itself in order to overidde "adhoc attr" WebOb behavior |
| | | where attributes of the request are stored in the environ. Now, |
| | | ``pyramid.request.Request`` object inherits from (the more recent) |
| | | ``webob.request.BaseRequest`` instead of ``webob.request.Request``, which |
| | | provides the same behavior. ``pyramid.request.Request`` no longer |
| | | implements its own ``__getattr__``, ``__setattr__`` or ``__delattr__`` as a |
| | | result. |
| | | |
| | | - ``pyramid.response.Response`` is now a *subclass* of |
| | | ``webob.response.Response`` (in order to directly implement the |
| | | ``pyramid.interfaces.IResponse`` interface). |
| | | |
| | | - The "exception response" objects importable from ``pyramid.httpexceptions`` |
| | | (e.g. ``HTTPNotFound``) are no longer just import aliases for classes that |
| | | actually live in ``webob.exc``. Instead, we've defined our own exception |
| | | classes within the module that mirror and emulate the ``webob.exc`` |
| | | exception response objects almost entirely. See the "Design Defense" doc |
| | | section named "Pyramid Uses its Own HTTP Exception Classes" for more |
| | | information. |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - The name ``repoze.bfg.registry.registry_manager`` was never an API, |
| | | but scripts in the wild were using it to set up an environment for |
| | | use under a debug shell. A backwards compatibility shim has been |
| | | added for this purpose, but the feature is deprecated. |
| | | |
| | | 0.9a1 (2009-5-27) |
| | | ================= |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - New API functions named ``forget`` and ``remember`` are available in |
| | | the ``security`` module. The ``forget`` function returns headers |
| | | which will cause the currently authenticated user to be logged out |
| | | when set in a response. The ``remember`` function (when passed the |
| | | proper arguments) will return headers which will cause a principal |
| | | to be "logged in" when set in a response. See the Security API |
| | | chapter of the docs for more info. |
| | | |
| | | - New keyword arguments to the ``repoze.bfg.router.make_app`` call |
| | | have been added: ``authentication_policy`` and |
| | | ``authorization_policy``. These should, respectively, be an |
| | | implementation of an authentication policy (an object implementing |
| | | the ``repoze.bfg.interfaces.IAuthenticationPolicy`` interface) and |
| | | an implementation of an authorization policy (an object implementing |
| | | ``repoze.bfg.interfaces.IAuthorizationPolicy)``. Concrete |
| | | implementations of authentication policies exist in |
| | | ``repoze.bfg.authentication``. Concrete implementations of |
| | | authorization policies exist in ``repoze.bfg.authorization``. |
| | | |
| | | Both ``authentication_policy`` and ``authorization_policy`` default |
| | | to ``None``. |
| | | |
| | | If ``authentication_policy`` is ``None``, but |
| | | ``authorization_policy`` is *not* ``None``, then |
| | | ``authorization_policy`` is ignored (the ability to do authorization |
| | | depends on authentication). |
| | | |
| | | If the ``authentication_policy`` argument is *not* ``None``, and the |
| | | ``authorization_policy`` argument *is* ``None``, the authorization |
| | | policy defaults to an authorization implementation that uses ACLs |
| | | (``repoze.bfg.authorization.ACLAuthorizationPolicy``). |
| | | |
| | | We no longer encourage configuration of "security policies" using |
| | | ZCML, as previously we did for ``ISecurityPolicy``. This is because |
| | | it's not uncommon to need to configure settings for concrete |
| | | authorization or authentication policies using paste .ini |
| | | parameters; the app entry point for your application is the natural |
| | | place to do this. |
| | | |
| | | - Two new abstractions have been added in the way of adapters used by |
| | | the system: an ``IAuthorizationPolicy`` and an |
| | | ``IAuthenticationPolicy``. A combination of these (as registered by |
| | | the ``securitypolicy`` ZCML directive) take the place of the |
| | | ``ISecurityPolicy`` abstraction in previous releases of repoze.who. |
| | | The API functions in ``repoze.who.security`` (such as |
| | | ``authentication_userid``, ``effective_principals``, |
| | | ``has_permission``, and so on) have been changed to try to make use |
| | | of these new adapters. If you're using an older ``ISecurityPolicy`` |
| | | adapter, the system will still work, but it will print deprecation |
| | | warnings when such a policy is used. |
| | | |
| | | - The way the (internal) IViewPermission utilities registered via ZCML |
| | | are invoked has changed. They are purely adapters now, returning a |
| | | boolean result, rather than returning a callable. You shouldn't have |
| | | been using these anyway. ;-) |
| | | |
| | | - New concrete implementations of IAuthenticationPolicy have been |
| | | added to the ``repoze.bfg.authentication`` module: |
| | | ``RepozeWho1AuthenticationPolicy`` which uses ``repoze.who`` |
| | | identity to retrieve authentication data from and |
| | | ``RemoteUserAuthenticationPolicy``, which uses the ``REMOTE_USER`` |
| | | value in the WSGI environment to retrieve authentication data. |
| | | |
| | | - A new concrete implementation of IAuthorizationPolicy has been added |
| | | to the ``repoze.bfg.authorization`` module: |
| | | ``ACLAuthorizationPolicy`` which uses ACL inheritance to do |
| | | authorization. |
| | | |
| | | - It is now possible to register a custom |
| | | ``repoze.bfg.interfaces.IForbiddenResponseFactory`` for a given |
| | | application. This feature replaces the |
| | | ``repoze.bfg.interfaces.IUnauthorizedAppFactory`` feature previously |
| | | described in the Hooks chapter. The IForbiddenResponseFactory will |
| | | be called when the framework detects an authorization failure; it |
| | | should accept a context object and a request object; it should |
| | | return an IResponse object (a webob response, basically). Read the |
| | | below point for more info and see the Hooks narrative chapter of the |
| | | BFG docs for more info. |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - Custom NotFound and Forbidden (nee' Unauthorized) WSGI applications |
| | | (registered as a utility for INotFoundAppFactory and |
| | | IUnauthorizedAppFactory) could rely on an environment key named |
| | | ``message`` describing the circumstance of the response. This key |
| | | has been renamed to ``repoze.bfg.message`` (as per the WSGI spec, |
| | | which requires environment extensions to contain dots). |
| | | - Pyramid no longer supports Python 2.4. Python 2.5 or better is required to |
| | | run Pyramid 1.1+. |
| | | |
| | | Deprecations |
| | | - The Pyramid router now, by default, expects response objects returned from |
| | | view callables to implement the ``pyramid.interfaces.IResponse`` interface. |
| | | Unlike the Pyramid 1.0 version of this interface, objects which implement |
| | | IResponse now must define a ``__call__`` method that accepts ``environ`` |
| | | and ``start_response``, and which returns an ``app_iter`` iterable, among |
| | | other things. Previously, it was possible to return any object which had |
| | | the three WebOb ``app_iter``, ``headerlist``, and ``status`` attributes as |
| | | a response, so this is a backwards incompatibility. It is possible to get |
| | | backwards compatibility back by registering an adapter to IResponse from |
| | | the type of object you're now returning from view callables. See the |
| | | section in the Hooks chapter of the documentation entitled "Changing How |
| | | Pyramid Treats View Responses". |
| | | |
| | | - The ``pyramid.interfaces.IResponse`` interface is now much more extensive. |
| | | Previously it defined only ``app_iter``, ``status`` and ``headerlist``; now |
| | | it is basically intended to directly mirror the ``webob.Response`` API, |
| | | which has many methods and attributes. |
| | | |
| | | - The ``pyramid.httpexceptions`` classes named ``HTTPFound``, |
| | | ``HTTPMultipleChoices``, ``HTTPMovedPermanently``, ``HTTPSeeOther``, |
| | | ``HTTPUseProxy``, and ``HTTPTemporaryRedirect`` now accept ``location`` as |
| | | their first positional argument rather than ``detail``. This means that |
| | | you can do, e.g. ``return pyramid.httpexceptions.HTTPFound('http://foo')`` |
| | | rather than ``return |
| | | pyramid.httpexceptions.HTTPFound(location='http//foo')`` (the latter will |
| | | of course continue to work). |
| | | |
| | | Dependencies |
| | | ------------ |
| | | |
| | | - The ``repoze.bfg.interfaces.IUnauthorizedAppFactory`` interface has |
| | | been deprecated in favor of using the new |
| | | ``repoze.bfg.interfaces.IForbiddenResponseFactory`` mechanism. |
| | | - Pyramid now depends on WebOb >= 1.0.2 as tests depend on the bugfix in that |
| | | release: "Fix handling of WSGI environs with missing ``SCRIPT_NAME``". |
| | | (Note that in reality, everyone should probably be using 1.0.4 or better |
| | | though, as WebOb 1.0.2 and 1.0.3 were effectively brownbag releases.) |
| | | |
| | | - The ``view_execution_permitted`` API should now be imported from the |
| | | ``repoze.bfg.security`` module instead of the ``repoze.bfg.view`` |
| | | module. |
| | | |
| | | - The ``authenticated_userid`` and ``effective_principals`` APIs in |
| | | ``repoze.bfg.security`` used to only take a single argument |
| | | (request). They now accept two arguments (``context`` and |
| | | ``request``). Calling them with a single argument is still |
| | | supported but issues a deprecation warning. (NOTE: this change was |
| | | reverted in 0.9a7; meaning the 0.9 versions of these functions |
| | | again accept ``request`` only, just like 0.8 and before). |
| | | |
| | | - Use of "old-style" security policies (those base on ISecurityPolicy) |
| | | is now deprecated. See the "Security" chapter of the docs for info |
| | | about activating an authorization policy and an authentication poicy. |
| | | |
| | | 0.8.1 (2009-05-21) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Class objects may now be used as view callables (both via ZCML and |
| | | via use of the ``bfg_view`` decorator in Python 2.6 as a class |
| | | decorator). The calling semantics when using a class as a view |
| | | callable is similar to that of using a class as a Zope "browser |
| | | view": the class' ``__init__`` must accept two positional parameters |
| | | (conventionally named ``context``, and ``request``). The resulting |
| | | instance must be callable (it must have a ``__call__`` method). |
| | | When called, the instance should return a response. For example:: |
| | | |
| | | from webob import Response |
| | | |
| | | class MyView(object): |
| | | def __init__(self, context, request): |
| | | self.context = context |
| | | self.request = request |
| | | |
| | | def __call__(self): |
| | | return Response('hello from %s!' % self.context) |
| | | |
| | | See the "Views" chapter in the documentation and the |
| | | ``repoze.bfg.view`` API documentation for more information. |
| | | |
| | | - Removed the pickling of ZCML actions (the code that wrote |
| | | ``configure.zcml.cache`` next to ``configure.zcml`` files in |
| | | projects). The code which managed writing and reading of the cache |
| | | file was a source of subtle bugs when users switched between |
| | | imperative (e.g. ``@bfg_view``) registrations and declarative |
| | | registrations (e.g. the ``view`` directive in ZCML) on the same |
| | | project. On a moderately-sized project (535 ZCML actions and 15 ZCML |
| | | files), executing actions read from the pickle was saving us only |
| | | about 200ms (2.5 sec vs 2.7 sec average). On very small projects (1 |
| | | ZCML file and 4 actions), startup time was comparable, and sometimes |
| | | even slower when reading from the pickle, and both ways were so fast |
| | | that it really just didn't matter anyway. |
| | | |
| | | 0.8 (2009-05-18) |
| | | 1.0 (2011-01-30) |
| | | ================ |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Added a ``traverse`` function to the ``repoze.bfg.traversal`` |
| | | module. This function may be used to retrieve certain values |
| | | computed during path resolution. See the Traversal API chapter of |
| | | the documentation for more information about this function. |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - Internal: ``ITraverser`` callables should now return a dictionary |
| | | rather than a tuple. Up until 0.7.0, all ITraversers were assumed |
| | | to return a 3-tuple. In 0.7.1, ITraversers were assumed to return a |
| | | 6-tuple. As (by evidence) it's likely we'll need to add further |
| | | information to the return value of an ITraverser callable, 0.8 |
| | | assumes that an ITraverser return a dictionary with certain elements |
| | | in it. See the ``repoze.bfg.interfaces.ITraverser`` interface for |
| | | the list of keys that should be present in the dictionary. |
| | | ``ITraversers`` which return tuples will still work, although a |
| | | deprecation warning will be issued. |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - If your code used the ITraverser interface directly (not via an API |
| | | function such as ``find_model``) via an adapter lookup, you'll need |
| | | to change your code to expect a dictionary rather than a 3- or |
| | | 6-tuple if your code ever gets return values from the default |
| | | ModelGraphTraverser or RoutesModelTraverser adapters. |
| | | |
| | | 0.8a7 (2009-05-16) |
| | | ================== |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - The ``RoutesMapper`` class in ``repoze.bfg.urldispatch`` has been |
| | | removed, as well as its documentation. It had been deprecated since |
| | | 0.6.3. Code in ``repoze.bfg.urldispatch.RoutesModelTraverser`` |
| | | which catered to it has also been removed. |
| | | |
| | | - The semantics of the ``route`` ZCML directive have been simplified. |
| | | Previously, it was assumed that to use a route, you wanted to map a |
| | | route to an externally registered view. The new ``route`` directive |
| | | instead has a ``view`` attribute which is required, specifying the |
| | | dotted path to a view callable. When a route directive is |
| | | processed, a view is *registered* using the name attribute of the |
| | | route directive as its name and the callable as its value. The |
| | | ``view_name`` and ``provides`` attributes of the ``route`` directive |
| | | are therefore no longer used. Effectively, if you were previously |
| | | using the ``route`` directive, it means you must change a pair of |
| | | ZCML directives that look like this:: |
| | | |
| | | <route |
| | | name="home" |
| | | path="" |
| | | view_name="login" |
| | | factory=".models.root.Root" |
| | | /> |
| | | |
| | | <view |
| | | for=".models.root.Root" |
| | | name="login" |
| | | view=".views.login_view" |
| | | /> |
| | | |
| | | To a ZCML directive that looks like this:: |
| | | |
| | | <route |
| | | name="home" |
| | | path="" |
| | | view=".views.login_view" |
| | | factory=".models.root.Root" |
| | | /> |
| | | |
| | | In other words, to make old code work, remove the ``view`` |
| | | directives that were only there to serve the purpose of backing |
| | | ``route`` directives, and move their ``view=`` attribute into the |
| | | ``route`` directive itself. |
| | | |
| | | This change also necessitated that the ``name`` attribute of the |
| | | ``route`` directive is now required. If you were previously using |
| | | ``route`` directives without a ``name`` attribute, you'll need to |
| | | add one (the name is arbitrary, but must be unique among all |
| | | ``route`` and ``view`` statements). |
| | | |
| | | The ``provides`` attribute of the ``route`` directive has also been |
| | | removed. This directive specified a sequence of interface types |
| | | that the generated context would be decorated with. Since route |
| | | views are always generated now for a single interface |
| | | (``repoze.bfg.IRoutesContext``) as opposed to being looked up |
| | | arbitrarily, there is no need to decorate any context to ensure a |
| | | view is found. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Added API docs for the ``repoze.bfg.testing`` methods |
| | | ``registerAdapter``, ``registerUtiity``, ``registerSubscriber``, and |
| | | ``cleanUp``. |
| | | - Fixed bug in ZODB Wiki tutorial (missing dependency on ``docutils`` in |
| | | "models" step within ``setup.py``). |
| | | |
| | | - Added glossary entry for "root factory". |
| | | - Removed API documentation for ``pyramid.testing`` APIs named |
| | | ``registerDummySecurityPolicy``, ``registerResources``, ``registerModels``, |
| | | ``registerEventListener``, ``registerTemplateRenderer``, |
| | | ``registerDummyRenderer``, ``registerView``, ``registerUtility``, |
| | | ``registerAdapter``, ``registerSubscriber``, ``registerRoute``, |
| | | and ``registerSettings``. |
| | | |
| | | - Noted existence of ``repoze.bfg.pagetemplate`` template bindings in |
| | | "Available Add On Template System Bindings" in Templates chapter in |
| | | narrative docs. |
| | | - Moved "Using ZODB With ZEO" and "Using repoze.catalog Within Pyramid" |
| | | tutorials out of core documentation and into the Pyramid Tutorials site |
| | | (http://docs.pylonsproject.org/projects/pyramid_tutorials/dev/). |
| | | |
| | | - Update "Templates" narrative chapter in docs (expand to show a |
| | | sample template and correct macro example). |
| | | - Changed "Cleaning up After a Request" section in the URL Dispatch chapter |
| | | to use ``request.add_finished_callback`` instead of jamming an object with |
| | | a ``__del__`` into the WSGI environment. |
| | | |
| | | Features |
| | | -------- |
| | | - Remove duplication of ``add_route`` API documentation from URL Dispatch |
| | | narrative chapter. |
| | | |
| | | - Courtesty Carlos de la Guardia, added an ``alchemy`` Paster |
| | | template. This paster template sets up a BFG project that uses |
| | | SQAlchemy (with SQLite) and uses traversal to resolve URLs. (no |
| | | Routes areused). This template can be used via ``paster create -t |
| | | bfg_alchemy``. |
| | | |
| | | - The Routes ``Route`` object used to resolve the match is now put |
| | | into the environment as ``bfg.route`` when URL dispatch is used. |
| | | |
| | | - You can now change the default Routes "context factory" globally. |
| | | See the "ZCML Hooks" chapter of the documentation (in the "Changing |
| | | the Default Routes Context Factory" section). |
| | | |
| | | 0.8a6 (2009-05-11) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Added a ``routesalchemy`` Paster template. This paster template |
| | | sets up a BFG project that uses SQAlchemy (with SQLite) and uses |
| | | Routes exclusively to resolve URLs (no traversal root factory is |
| | | used). This template can be used via ``paster create -t |
| | | bfg_routesalchemy``. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Added documentation to the URL Dispatch chapter about how to catch |
| | | the root URL using a ZCML ``route`` directive. |
| | | |
| | | - Added documentation to the URL Dispatch chapter about how to perform |
| | | a cleanup function at the end of a request (e.g. close the SQL |
| | | connection). |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - In version 0.6.3, passing a ``get_root`` callback (a "root factory") |
| | | to ``repoze.bfg.router.make_app`` became optional if any ``route`` |
| | | declaration was made in ZCML. The intent was to make it possible to |
| | | disuse traversal entirely, instead relying entirely on URL dispatch |
| | | (Routes) to resolve all contexts. However a compound set of bugs |
| | | prevented usage of a Routes-based root view (a view which responds |
| | | to "/"). One bug existed in `repoze.bfg.urldispatch``, another |
| | | existed in Routes itself. |
| | | |
| | | To resolve this issue, the urldispatch module was fixed, and a fork |
| | | of the Routes trunk was put into the "dev" index named |
| | | ``Routes-1.11dev-chrism-home``. The source for the fork exists at |
| | | `http://bitbucket.org/chrism/routes-home/ |
| | | <http://bitbucket.org/chrism/routes-home/>`_; its contents have been |
| | | merged into the Routes trunk (what will be Routes 1.11). |
| | | |
| | | 0.8a5 (2009-05-08) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Two new security policies were added: |
| | | RemoteUserInheritingACLSecurityPolicy and |
| | | WhoInheritingACLSecurityPolicy. These are security policies which |
| | | take into account *all* ACLs defined in the lineage of a context |
| | | rather than stopping at the first ACL found in a lineage. See the |
| | | "Security" chapter of the API documentation for more information. |
| | | |
| | | - The API and narrative documentation dealing with security was |
| | | changed to introduce the new "inheriting" security policy variants. |
| | | |
| | | - Added glossary entry for "lineage". |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - The security policy previously named |
| | | ``RepozeWhoIdentityACLSecurityPolicy`` now has the slightly saner |
| | | name of ``WhoACLSecurityPolicy``. A deprecation warning is emitted |
| | | when this policy is imported under the "old" name; usually this is |
| | | due to its use in ZCML within your application. If you're getting |
| | | this deprecation warning, change your ZCML to use the new name, |
| | | e.g. change:: |
| | | |
| | | <utility |
| | | provides="repoze.bfg.interfaces.ISecurityPolicy" |
| | | factory="repoze.bfg.security.RepozeWhoIdentityACLSecurityPolicy" |
| | | /> |
| | | |
| | | To:: |
| | | |
| | | <utility |
| | | provides="repoze.bfg.interfaces.ISecurityPolicy" |
| | | factory="repoze.bfg.security.WhoACLSecurityPolicy" |
| | | /> |
| | | |
| | | 0.8a4 (2009-05-04) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - ``zope.testing`` is no longer a direct dependency, although our |
| | | dependencies (such as ``zope.interface``, ``repoze.zcml``, etc) |
| | | still depend on it. |
| | | |
| | | - Tested on Google App Engine. Added a tutorial to the documentation |
| | | explaining how to deploy a BFG app to GAE. |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - Applications which rely on ``zope.testing.cleanup.cleanUp`` in unit |
| | | tests can still use that function indefinitely. However, for |
| | | maximum forward compatibility, they should import ``cleanUp`` from |
| | | ``repoze.bfg.testing`` instead of from ``zope.testing.cleanup``. |
| | | The BFG paster templates and docs have been changed to use this |
| | | function instead of the ``zope.testing.cleanup`` version. |
| | | |
| | | 0.8a3 (2009-05-03) |
| | | =================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Don't require a successful import of ``zope.testing`` at BFG |
| | | application runtime. This allows us to get rid of ``zope.testing`` |
| | | on platforms like GAE which have file limits. |
| | | |
| | | 0.8a2 (2009-05-02) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - We no longer include the ``configure.zcml`` of the ``chameleon.zpt`` |
| | | package within the ``configure.zcml`` of the "repoze.bfg.includes" |
| | | package. This has been a no-op for some time now. |
| | | |
| | | - The ``repoze.bfg.chameleon_zpt`` package no longer imports from |
| | | ``chameleon.zpt`` at module scope, deferring the import until later |
| | | within a method call. The ``chameleon.zpt`` package can't be |
| | | imported on platforms like GAE. |
| | | |
| | | 0.8a1 (2009-05-02) |
| | | ================== |
| | | |
| | | Deprecation Warning and Import Alias Removals |
| | | --------------------------------------------- |
| | | |
| | | - Since version 0.6.1, a deprecation warning has been emitted when the |
| | | name ``model_url`` is imported from the ``repoze.bfg.traversal`` |
| | | module. This import alias (and the deprecation warning) has been |
| | | removed. Any import of the ``model_url`` function will now need to |
| | | be done from ``repoze.bfg.url``; any import of the name |
| | | ``model_url`` from ``repoze.bfg.traversal`` will now fail. This was |
| | | done to remove a dependency on zope.deferredimport. |
| | | |
| | | - Since version 0.6.5, a deprecation warning has been emitted when the |
| | | name ``RoutesModelTraverser`` is imported from the |
| | | ``repoze.bfg.traversal`` module. This import alias (and the |
| | | deprecation warning) has been removed. Any import of the |
| | | ``RoutesModelTraverser`` class will now need to be done from |
| | | ``repoze.bfg.urldispatch``; any import of the name |
| | | ``RoutesModelTraverser`` from ``repoze.bfg.traversal`` will now |
| | | fail. This was done to remove a dependency on zope.deferredimport. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - This release of ``repoze.bfg`` is "C-free". This means it has no |
| | | hard dependencies on any software that must be compiled from C |
| | | source at installation time. In particular, ``repoze.bfg`` no |
| | | longer depends on the ``lxml`` package. |
| | | |
| | | This change has introduced some backwards incompatibilities, |
| | | described in the "Backwards Incompatibilities" section below. |
| | | |
| | | - This release was tested on Windows XP. It appears to work fine and |
| | | all the tests pass. |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | Incompatibilities related to making ``repoze.bfg`` "C-free": |
| | | |
| | | - Removed the ``repoze.bfg.chameleon_genshi`` module, and thus support |
| | | for Genshi-style chameleon templates. Genshi-style Chameleon |
| | | templates depend upon ``lxml``, which is implemented in C (as |
| | | opposed to pure Python) and the ``repoze.bfg`` core is "C-free" as |
| | | of this release. You may get Genshi-style Chameleon support back by |
| | | installing the ``repoze.bfg.chameleon_genshi`` package availalable |
| | | from http://svn.repoze.org/repoze.bfg.chameleon_genshi (also |
| | | available in the index at http://dist.repoze.org/bfg/0.8/simple). |
| | | All existing code that depended on the ``chameleon_genshi`` module |
| | | prior to this release of ``repoze.bfg`` should work without change |
| | | after this addon is installed. |
| | | |
| | | - Removed the ``repoze.bfg.xslt`` module and thus support for XSL |
| | | templates. The ``repoze.bfg.xslt`` module depended upon ``lxml``, |
| | | which is implemented in C, and the ``repoze.bfg`` core is "C-free" |
| | | as of this release. You bay get XSL templating back by installing |
| | | the ``repoze.bfg.xslt`` package available from |
| | | http://svn.repoze.org/repoze.bfg.xslt/ (also available in the index |
| | | at http://dist.repoze.org/bfg/0.8/simple). All existing code that |
| | | depended upon the ``xslt`` module prior to this release of |
| | | ``repoze.bfg`` should work without modification after this addon is |
| | | installed. |
| | | |
| | | - Removed the ``repoze.bfg.interfaces.INodeTemplateRenderer`` |
| | | interface and the an old b/w compat aliases from that interface to |
| | | ``repoze.bfg.interfaces.INodeTemplate``. This interface must now be |
| | | imported from the ``repoze.bfg.xslt.interfaces`` package after |
| | | installation of the ``repoze.bfg.xslt`` addon package described |
| | | above as ``repoze.bfg.interfaces.INodeTemplateRenderer``. This |
| | | interface was never part of any public API. |
| | | |
| | | Other backwards incompatibilities: |
| | | |
| | | - The ``render_template`` function in ``repoze.bfg.chameleon_zpt`` |
| | | returns Unicode instead of a string. Likewise, the individual |
| | | values returned by the iterable created by the |
| | | ``render_template_to_iterable`` function are also each Unicode. |
| | | This is actually a backwards incompatibility inherited from our new |
| | | use of the combination of ``chameleon.core`` 1.0b32 (the |
| | | non-lxml-depending version) and ``chameleon.zpt`` 1.0b16+ ; the |
| | | ``chameleon.zpt`` PageTemplateFile implementation used to return a |
| | | string, but now returns Unicode. |
| | | |
| | | 0.7.1 (2009-05-01) |
| | | ================== |
| | | |
| | | Index-Related |
| | | ------------- |
| | | |
| | | - The canonical package index location for ``repoze.bfg`` has changed. |
| | | The "old" index (http://dist.repoze.org/lemonade/dev/simple) has |
| | | been superseded by a new index location |
| | | (`http://dist.repoze.org/bfg/current/simple |
| | | <http://dist.repoze.org/bfg/current/simple>`_). The installation |
| | | documentation has been updated as well as the ``setup.cfg`` file in |
| | | this package. The "lemonade" index still exists, but it is not |
| | | guaranteed to have the latest BFG software in it, nor will it be |
| | | maintained in the future. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - The "paster create" templates have been modified to use links to the |
| | | new "bfg.repoze.org" and "docs.repoze.org" websites. |
| | | |
| | | - Added better documentation for virtual hosting at a URL prefix |
| | | within the virtual hosting docs chapter. |
| | | |
| | | - The interface for ``repoze.bfg.interfaces.ITraverser`` and the |
| | | built-in implementations that implement the interface |
| | | (``repoze.bfg.traversal.ModelGraphTraverser``, and |
| | | ``repoze.bfg.urldispatch.RoutesModelTraverser``) now expect the |
| | | ``__call__`` method of an ITraverser to return 3 additional |
| | | arguments: ``traversed``, ``virtual_root``, and |
| | | ``virtual_root_path`` (the old contract was that the ``__call__`` |
| | | method of an ITraverser returned; three arguments, the contract new |
| | | is that it returns six). ``traversed`` will be a sequence of |
| | | Unicode names that were traversed (including the virtual root path, |
| | | if any) or ``None`` if no traversal was performed, ``virtual_root`` |
| | | will be a model object representing the virtual root (or the |
| | | physical root if traversal was not performed), and |
| | | ``virtual_root_path`` will be a sequence representing the virtual |
| | | root path (a sequence of Unicode names) or ``None`` if traversal was |
| | | not performed. |
| | | |
| | | Six arguments are now returned from BFG ITraversers. They are |
| | | returned in this order: ``context``, ``view_name``, ``subpath``, |
| | | ``traversed``, ``virtual_root``, and ``virtual_root_path``. |
| | | |
| | | Places in the BFG code which called an ITraverser continue to accept |
| | | a 3-argument return value, although BFG will generate and log a |
| | | warning when one is encountered. |
| | | |
| | | - The request object now has the following attributes: ``traversed`` |
| | | (the sequence of names traversed or ``None`` if traversal was not |
| | | performed), ``virtual_root`` (the model object representing the |
| | | virtual root, including the virtual root path if any), and |
| | | ``virtual_root_path`` (the seuquence of names representing the |
| | | virtual root path or ``None`` if traversal was not performed). |
| | | |
| | | - A new decorator named ``wsgiapp2`` was added to the |
| | | ``repoze.bfg.wsgi`` module. This decorator performs the same |
| | | function as ``repoze.bfg.wsgi.wsgiapp`` except it fixes up the |
| | | ``SCRIPT_NAME``, and ``PATH_INFO`` environment values before |
| | | invoking the WSGI subapplication. |
| | | |
| | | - The ``repoze.bfg.testing.DummyRequest`` object now has default |
| | | attributes for ``traversed``, ``virtual_root``, and |
| | | ``virtual_root_path``. |
| | | |
| | | - The RoutesModelTraverser now behaves more like the Routes |
| | | "RoutesMiddleware" object when an element in the match dict is named |
| | | ``path_info`` (usually when there's a pattern like |
| | | ``http://foo/*path_info``). When this is the case, the |
| | | ``PATH_INFO`` environment variable is set to the value in the match |
| | | dict, and the ``SCRIPT_NAME`` is appended to with the prefix of the |
| | | original ``PATH_INFO`` not including the value of the new variable. |
| | | |
| | | - The notfound debug now shows the traversed path, the virtual root, |
| | | and the virtual root path too. |
| | | |
| | | - Speed up / clarify 'traversal' module's 'model_path', 'model_path_tuple', |
| | | and '_model_path_list' functions. |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - In previous releases, the ``repoze.bfg.url.model_url``, |
| | | ``repoze.bfg.traversal.model_path`` and |
| | | ``repoze.bfg.traversal.model_path_tuple`` functions always ignored |
| | | the ``__name__`` argument of the root object in a model graph ( |
| | | effectively replacing it with a leading ``/`` in the returned value) |
| | | when a path or URL was generated. The code required to perform this |
| | | operation was not efficient. As of this release, the root object in |
| | | a model graph *must* have a ``__name__`` attribute that is either |
| | | ``None`` or the empty string (``''``) for URLs and paths to be |
| | | generated properly from these APIs. If your root model object has a |
| | | ``__name__`` argument that is not one of these values, you will need |
| | | to change your code for URLs and paths to be generated properly. If |
| | | your model graph has a root node with a string ``__name__`` that is |
| | | not null, the value of ``__name__`` will be prepended to every path |
| | | and URL generated. |
| | | |
| | | - The ``repoze.bfg.location.LocationProxy`` class and the |
| | | ``repoze.bfg.location.ClassAndInstanceDescr`` class have both been |
| | | removed in order to be able to eventually shed a dependency on |
| | | ``zope.proxy``. Neither of these classes was ever an API. |
| | | |
| | | - In all previous releases, the ``repoze.bfg.location.locate`` |
| | | function worked like so: if a model did not explicitly provide the |
| | | ``repoze.bfg.interfaces.ILocation`` interface, ``locate`` returned a |
| | | ``LocationProxy`` object representing ``model`` with its |
| | | ``__parent__`` attribute assigned to ``parent`` and a ``__name__`` |
| | | attribute assigned to ``__name__``. In this release, the |
| | | ``repoze.bfg.location.locate`` function simply jams the ``__name__`` |
| | | and ``__parent__`` attributes on to the supplied model |
| | | unconditionally, no matter if the object implements ILocation or |
| | | not, and it never returns a proxy. This was done because the |
| | | LocationProxy behavior has now moved into an add-on package |
| | | (``repoze.bfg.traversalwrapper``), in order to eventually be able to |
| | | shed a dependency on ``zope.proxy``. |
| | | |
| | | - In all previous releases, by default, if traversal was used (as |
| | | opposed to URL-dispatch), and the root object supplied |
| | | the``repoze.bfg.interfaces.ILocation`` interface, but the children |
| | | returned via its ``__getitem__`` returned an object that did not |
| | | implement the same interface, ``repoze.bfg`` provided some |
| | | implicit help during traversal. This traversal feature wrapped |
| | | subobjects from the root (and thereafter) that did not implement |
| | | ``ILocation`` in proxies which automatically provided them with a |
| | | ``__name__`` and ``__parent__`` attribute based on the name being |
| | | traversed and the previous object traversed. This feature has now |
| | | been removed from the base ``repoze.bfg`` package for purposes of |
| | | eventually shedding a dependency on ``zope.proxy``. |
| | | |
| | | In order to re-enable the wrapper behavior for older applications |
| | | which cannot be changed, register the "traversalwrapper" |
| | | ``ModelGraphTraverser`` as the traversal policy, rather than the |
| | | default ``ModelGraphTraverser``. To use this feature, you will need |
| | | to install the ``repoze.bfg.traversalwrapper`` package (an add-on |
| | | package, available at |
| | | http://svn.repoze.org/repoze.bfg.traversalwrapper) Then change your |
| | | application's ``configure.zcml`` to include the following stanza: |
| | | |
| | | <adapter |
| | | factory="repoze.bfg.traversalwrapper.ModelGraphTraverser" |
| | | provides="repoze.bfg.interfaces.ITraverserFactory" |
| | | for="*" |
| | | /> |
| | | |
| | | When this ITraverserFactory is used instead of the default, no |
| | | object in the graph (even the root object) must supply a |
| | | ``__name__`` or ``__parent__`` attribute. Even if subobjects |
| | | returned from the root *do* implement the ILocation interface, |
| | | these will still be wrapped in proxies that override the object's |
| | | "real" ``__parent__`` and ``__name__`` attributes. |
| | | |
| | | See also changes to the "Models" chapter of the documentation (in |
| | | the "Location-Aware Model Instances") section. |
| | | |
| | | 0.7.0 (2009-04-11) |
| | | ================== |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Fix a bug in ``repoze.bfg.wsgi.HTTPException``: the content length |
| | | was returned as an int rather than as a string. |
| | | |
| | | - Add explicit dependencies on ``zope.deferredimport``, |
| | | ``zope.deprecation``, and ``zope.proxy`` for forward compatibility |
| | | reasons (``zope.component`` will stop relying on |
| | | ``zope.deferredimport`` soon and although we use it directly, it's |
| | | only a transitive dependency, and ''zope.deprecation`` and |
| | | ``zope.proxy`` are used directly even though they're only transitive |
| | | dependencies as well). |
| | | |
| | | - Using ``model_url`` or ``model_path`` against a broken model graph |
| | | (one with models that had a non-root model with a ``__name__`` of |
| | | ``None``) caused an inscrutable error to be thrown: ( if not |
| | | ``_must_quote[cachekey].search(s): TypeError: expected string or |
| | | buffer``). Now URLs and paths generated against graphs that have |
| | | None names in intermediate nodes will replace the None with the |
| | | empty string, and, as a result, the error won't be raised. Of |
| | | course the URL or path will still be bogus. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Make it possible to have ``testing.DummyTemplateRenderer`` return |
| | | some nondefault string representation. |
| | | |
| | | - Added a new ``anchor`` keyword argument to ``model_url``. If |
| | | ``anchor`` is present, its string representation will be used |
| | | as a named anchor in the generated URL (e.g. if ``anchor`` is |
| | | passed as ``foo`` and the model URL is |
| | | ``http://example.com/model/url``, the generated URL will be |
| | | ``http://example.com/model/url#foo``). |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - The default request charset encoding is now ``utf-8``. As a result, |
| | | the request machinery will attempt to decode values from the utf-8 |
| | | encoding to Unicode automatically when they are obtained via |
| | | ``request.params``, ``request.GET``, and ``request.POST``. The |
| | | previous behavior of BFG was to return a bytestring when a value was |
| | | accessed in this manner. This change will break form handling code |
| | | in apps that rely on values from those APIs being considered |
| | | bytestrings. If you are manually decoding values from form |
| | | submissions in your application, you'll either need to change the |
| | | code that does that to expect Unicode values from |
| | | ``request.params``, ``request.GET`` and ``request.POST``, or you'll |
| | | need to explicitly reenable the previous behavior. To reenable the |
| | | previous behavior, add the following to your application's |
| | | ``configure.zcml``:: |
| | | |
| | | <subscriber for="repoze.bfg.interfaces.INewRequest" |
| | | handler="repoze.bfg.request.make_request_ascii"/> |
| | | |
| | | See also the documentation in the "Views" chapter of the BFG docs |
| | | entitled "Using Views to Handle Form Submissions (Unicode and |
| | | Character Set Issues)". |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Add a section to the narrative Views chapter entitled "Using Views |
| | | to Handle Form Submissions (Unicode and Character Set Issues)" |
| | | explaining implicit decoding of form data values. |
| | | |
| | | 0.6.9 (2009-02-16) |
| | | ================== |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - lru cache was unstable under concurrency (big surprise!) when it |
| | | tried to redelete a key in the cache that had already been deleted. |
| | | Symptom: line 64 in put:del data[oldkey]:KeyError: '/some/path'. |
| | | Now we just ignore the key error if we can't delete the key (it has |
| | | already been deleted). |
| | | |
| | | - Empty location names in model paths when generating a URL using |
| | | ``repoze.bfg.model_url`` based on a model obtained via traversal are |
| | | no longer ignored in the generated URL. This means that if a |
| | | non-root model object has a ``__name__`` of ``''``, the URL will |
| | | reflect it (e.g. ``model_url`` will generate ``http://foo/bar//baz`` |
| | | if an object with the ``__name__`` of ``''`` is a child of bar and |
| | | the parent of baz). URLs generated with empty path segments are, |
| | | however, still irresolveable by the model graph traverser on request |
| | | ingress (the traverser strips empty path segment names). |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Microspeedups of ``repoze.bfg.traversal.model_path``, |
| | | ``repoze.bfg.traversal.model_path_tuple``, |
| | | ``repoze.bfg.traversal.quote_path_segment``, and |
| | | ``repoze.bfg.url.urlencode``. |
| | | |
| | | - add zip_safe = false to setup.cfg. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Add a note to the ``repoze.bfg.traversal.quote_path_segment`` API |
| | | docs about caching of computed values. |
| | | |
| | | Implementation Changes |
| | | ---------------------- |
| | | |
| | | - Simplification of |
| | | ``repoze.bfg.traversal.TraversalContextURL.__call__`` (it now uses |
| | | ``repoze.bfg.traversal.model_path`` instead of rolling its own |
| | | path-generation). |
| | | |
| | | 0.6.8 (2009-02-05) |
| | | ================== |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - The ``repoze.bfg.traversal.model_path`` API now returns a *quoted* |
| | | string rather than a string represented by series of unquoted |
| | | elements joined via ``/`` characters. Previously it returned a |
| | | string or unicode object representing the model path, with each |
| | | segment name in the path joined together via ``/`` characters, |
| | | e.g. ``/foo /bar``. Now it returns a string, where each segment is |
| | | a UTF-8 encoded and URL-quoted element e.g. ``/foo%20/bar``. This |
| | | change was (as discussed briefly on the repoze-dev maillist) |
| | | necessary to accomodate model objects which themselves have |
| | | ``__name__`` attributes that contain the ``/`` character. |
| | | |
| | | For people that have no models that have high-order Unicode |
| | | ``__name__`` attributes or ``__name__`` attributes with values that |
| | | require URL-quoting with in their model graphs, this won't cause any |
| | | issue. However, if you have code that currently expects |
| | | ``model_path`` to return an unquoted string, or you have an existing |
| | | application with data generated via the old method, and you're too |
| | | lazy to change anything, you may wish replace the BFG-imported |
| | | ``model_path`` in your code with this function (this is the code of |
| | | the "old" ``model_path`` implementation):: |
| | | |
| | | from repoze.bfg.location import lineage |
| | | |
| | | def i_am_too_lazy_to_move_to_the_new_model_path(model, *elements): |
| | | rpath = [] |
| | | for location in lineage(model): |
| | | if location.__name__: |
| | | rpath.append(location.__name__) |
| | | path = '/' + '/'.join(reversed(rpath)) |
| | | if elements: |
| | | suffix = '/'.join(elements) |
| | | path = '/'.join([path, suffix]) |
| | | return path |
| | | |
| | | - The ``repoze.bfg.traversal.find_model`` API no longer implicitly |
| | | converts unicode representations of a full path passed to it as a |
| | | Unicode object into a UTF-8 string. Callers should either use |
| | | prequoted path strings returned by |
| | | ``repoze.bfg.traversal.model_path``, or tuple values returned by the |
| | | result of ``repoze.bfg.traversal.model_path_tuple`` or they should |
| | | use the guidelines about passing a string ``path`` argument |
| | | described in the ``find_model`` API documentation. |
| | | |
| | | Bugfixes |
| | | -------- |
| | | |
| | | - Each argument contained in ``elements`` passed to |
| | | ``repoze.bfg.traversal.model_path`` will now have any ``/`` |
| | | characters contained within quoted to ``%2F`` in the returned |
| | | string. Previously, ``/`` characters in elements were left unquoted |
| | | (a bug). |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - A ``repoze.bfg.traversal.model_path_tuple`` API was added. This API |
| | | is an alternative to ``model_path`` (which returns a string); |
| | | ``model_path_tuple`` returns a model path as a tuple (much like |
| | | Zope's ``getPhysicalPath``). |
| | | |
| | | - A ``repoze.bfg.traversal.quote_path_segment`` API was added. This |
| | | API will quote an individual path segment (string or unicode |
| | | object). See the ``repoze.bfg.traversal`` API documentation for |
| | | more information. |
| | | |
| | | - The ``repoze.bfg.traversal.find_model`` API now accepts "path |
| | | tuples" (see the above note regarding ``model_path_tuple``) as well |
| | | as string path representations (from |
| | | ``repoze.bfg.traversal.model_path``) as a ``path`` argument. |
| | | |
| | | - Add ` `renderer`` argument (defaulting to None) to |
| | | ``repoze.bfg.testing.registerDummyRenderer``. This makes it |
| | | possible, for instance, to register a custom renderer that raises an |
| | | exception in a unit test. |
| | | |
| | | Implementation Changes |
| | | ---------------------- |
| | | |
| | | - Moved _url_quote function back to ``repoze.bfg.traversal`` from |
| | | ``repoze.bfg.url``. This is not an API. |
| | | |
| | | 0.6.7 (2009-01-27) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - The ``repoze.bfg.url.model_url`` API now works against contexts |
| | | derived from Routes URL dispatch (``Routes.util.url_for`` is called |
| | | under the hood). |
| | | |
| | | - "Virtual root" support for traversal-based applications has been |
| | | added. Virtual root support is useful when you'd like to host some |
| | | model in a ``repoze.bfg`` model graph as an application under a |
| | | URL pathname that does not include the model path itself. For more |
| | | information, see the (new) "Virtual Hosting" chapter in the |
| | | - Remove duplication of API and narrative documentation in |
| | | ``pyramid.view.view_config`` API docs by pointing to |
| | | ``pyramid.config.add_view`` documentation and narrative chapter |
| | | documentation. |
| | | |
| | | - A ``repoze.bfg.traversal.virtual_root`` API has been added. When |
| | | called, it returns the virtual root object (or the physical root |
| | | object if no virtual root has been specified). |
| | | - Removed some API documentation duplicated in narrative portions of |
| | | documentation |
| | | |
| | | Implementation Changes |
| | | ---------------------- |
| | | |
| | | - ``repoze.bfg.traversal.RoutesModelTraverser`` has been moved to |
| | | ``repoze.bfg.urldispatch``. |
| | | |
| | | - ``model_url`` URL generation is now performed via an adapter lookup |
| | | based on the context and the request. |
| | | |
| | | - ZCML which registers two adapters for the ``IContextURL`` interface |
| | | has been added to the configure.zcml in ``repoze.bfg.includes``. |
| | | |
| | | 0.6.6 (2009-01-26) |
| | | ================== |
| | | |
| | | Implementation Changes |
| | | ---------------------- |
| | | |
| | | - There is an indirection in ``repoze.bfg.url.model_url`` now that |
| | | consults a utility to generate the base model url (without extra |
| | | elements or a query string). Eventually this will service virtual |
| | | hosting; for now it's undocumented and should not be hooked. |
| | | |
| | | 0.6.5 (2009-01-26) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - You can now override the NotFound and Unauthorized responses that |
| | | ``repoze.bfg`` generates when a view cannot be found or cannot be |
| | | invoked due to lack of permission. See the "ZCML Hooks" chapter in |
| | | the docs for more information. |
| | | |
| | | - Added Routes ZCML directive attribute explanations in documentation. |
| | | |
| | | - Added a ``traversal_path`` API to the traversal module; see the |
| | | "traversal" API chapter in the docs. This was a function previously |
| | | known as ``split_path`` that was not an API but people were using it |
| | | anyway. Unlike ``split_path``, it now returns a tuple instead of a |
| | | list (as its values are cached). |
| | | |
| | | Behavior Changes |
| | | ---------------- |
| | | |
| | | - The ``repoze.bfg.view.render_view_to_response`` API will no longer |
| | | raise a ValueError if an object returned by a view function it calls |
| | | does not possess certain attributes (``headerlist``, ``app_iter``, |
| | | ``status``). This API used to attempt to perform a check using the |
| | | ``is_response`` function in ``repoze.bfg.view``, and raised a |
| | | ``ValueError`` if the ``is_response`` check failed. The |
| | | responsibility is now the caller's to ensure that the return value |
| | | from a view function is a "real" response. |
| | | |
| | | - WSGI environ dicts passed to ``repoze.bfg`` 's Router must now |
| | | contain a REQUEST_METHOD key/value; if they do not, a KeyError will |
| | | be raised (speed). |
| | | |
| | | - It is no longer permissible to pass a "nested" list of principals to |
| | | ``repoze.bfg.ACLAuthorizer.permits`` (e.g. ``['fred', ['larry', |
| | | 'bob']]``). The principals list must be fully expanded. This |
| | | feature was never documented, and was never an API, so it's not a |
| | | backwards incompatibility. |
| | | |
| | | - It is no longer permissible for a security ACE to contain a "nested" |
| | | list of permissions (e.g. ``(Allow, Everyone, ['read', ['view', |
| | | ['write', 'manage']]])`)`. The list must instead be fully expanded |
| | | (e.g. ``(Allow, Everyone, ['read', 'view', 'write', 'manage])``). This |
| | | feature was never documented, and was never an API, so it's not a |
| | | backwards incompatibility. |
| | | |
| | | - The ``repoze.bfg.urldispatch.RoutesRootFactory`` now injects the |
| | | ``wsgiorg.routing_args`` environment variable into the environ when |
| | | a route matches. This is a tuple of ((), routing_args) where |
| | | routing_args is the value that comes back from the routes mapper |
| | | match (the "match dict"). |
| | | |
| | | - The ``repoze.bfg.traversal.RoutesModelTraverser`` class now wants to |
| | | obtain the ``view_name`` and ``subpath`` from the |
| | | ``wsgiorgs.routing_args`` environment variable. It falls back to |
| | | obtaining these from the context for backwards compatibility. |
| | | |
| | | Implementation Changes |
| | | ---------------------- |
| | | |
| | | - Get rid of ``repoze.bfg.security.ACLAuthorizer``: the |
| | | ``ACLSecurityPolicy`` now does what it did inline. |
| | | |
| | | - Get rid of ``repoze.bfg.interfaces.NoAuthorizationInformation`` |
| | | exception: it was used only by ``ACLAuthorizer``. |
| | | |
| | | - Use a homegrown NotFound error instead of ``webob.exc.HTTPNotFound`` |
| | | (the latter is slow). |
| | | |
| | | - Use a homegrown Unauthorized error instead of |
| | | ``webob.exc.Unauthorized`` (the latter is slow). |
| | | |
| | | - the ``repoze.bfg.lru.lru_cached`` decorator now uses functools.wraps |
| | | in order to make documentation of LRU-cached functions possible. |
| | | |
| | | - Various speed micro-tweaks. |
| | | - Removed "Overall Flow of Authentication" from SQLAlchemy + URL Dispatch |
| | | wiki tutorial due to print space concerns (moved to Pyramid Tutorials |
| | | site). |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - ``repoze.bfg.testing.DummyModel`` did not have a ``get`` method; |
| | | it now does. |
| | | - Deprecated-since-BFG-1.2 APIs from ``pyramid.testing`` now properly emit |
| | | deprecation warnings. |
| | | |
| | | 0.6.4 (2009-01-23) |
| | | ================== |
| | | - Added ``egg:repoze.retry#retry`` middleware to the WSGI pipeline in ZODB |
| | | templates (retry ZODB conflict errors which occur in normal operations). |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | - Removed duplicate implementations of ``is_response``. Two competing |
| | | implementations existed: one in ``pyramid.config`` and one in |
| | | ``pyramid.view``. Now the one defined in ``pyramid.view`` is used |
| | | internally by ``pyramid.config`` and continues to be advertised as an API. |
| | | |
| | | - The ``unicode_path_segments`` configuration variable and the |
| | | ``BFG_UNICODE_PATH_SEGMENTS`` configuration variable have been |
| | | removed. Path segments are now always passed to model |
| | | ``__getitem__`` methods as unicode. "True" has been the default for |
| | | this setting since 0.5.4, but changing this configuration setting to |
| | | false allowed you to go back to passing raw path element strings to |
| | | model ``__getitem__`` methods. Removal of this knob services a |
| | | speed goal (we get about +80 req/s by removing the check), and it's |
| | | clearer just to always expect unicode path segments in model |
| | | ``__getitem__`` methods. |
| | | |
| | | Implementation Changes |
| | | ---------------------- |
| | | |
| | | - ``repoze.bfg.traversal.split_path`` now also handles decoding |
| | | path segments to unicode (for speed, because its results are |
| | | cached). |
| | | |
| | | - ``repoze.bfg.traversal.step`` was made a method of the |
| | | ModelGraphTraverser. |
| | | |
| | | - Use "precooked" Request subclasses |
| | | (e.g. ``repoze.bfg.request.GETRequest``) that correspond to HTTP |
| | | request methods within ``router.py`` when constructing a request |
| | | object rather than using ``alsoProvides`` to attach the proper |
| | | interface to an unsubclassed ``webob.Request``. This pattern is |
| | | purely an optimization (e.g. preventing calls to ``alsoProvides`` |
| | | means the difference between 590 r/s and 690 r/s on a MacBook 2GHz). |
| | | |
| | | - Tease out an extra 4% performance boost by changing the Router; |
| | | instead of using imported ZCA APIs, use the same APIs directly |
| | | against the registry that is an attribute of the Router. |
| | | |
| | | - The registry used by BFG is now a subclass of |
| | | ``zope.component.registry.Components`` (defined as |
| | | ``repoze.bfg.registry.Registry``); it has a ``notify`` method, a |
| | | ``registerSubscriptionAdapter`` and a ``registerHandler`` method. |
| | | If no subscribers are registered via ``registerHandler`` or |
| | | ``registerSubscriptionAdapter``, ``notify`` is a noop for speed. |
| | | |
| | | - The Allowed and Denied classes in ``repoze.bfg.security`` now are |
| | | lazier about constructing the representation of a reason message for |
| | | speed; ``repoze.bfg.view_execution_permitted`` takes advantage of |
| | | this. |
| | | |
| | | - The ``is_response`` check was sped up by about half at the expense |
| | | of making its code slightly uglier. |
| | | |
| | | New Modules |
| | | ----------- |
| | | |
| | | - ``repoze.bfg.lru`` implements an LRU cache class and a decorator for |
| | | internal use. |
| | | |
| | | 0.6.3 (2009-01-19) |
| | | 1.0b3 (2011-01-28) |
| | | ================== |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Readd ``root_policy`` attribute on Router object (as a property |
| | | which returns the IRootFactory utility). It was inadvertently |
| | | removed in 0.6.2. Code in the wild depended upon its presence |
| | | (esp. scripts and "debug" helpers). |
| | | - Use © instead of copyright symbol in paster templates / tutorial |
| | | templates for the benefit of folks who cutnpaste and save to a non-UTF8 |
| | | format. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - URL-dispatch has been overhauled: it is no longer necessary to |
| | | manually create a RoutesMapper in your application's entry point |
| | | callable in order to use URL-dispatch (aka `Routes |
| | | <http://routes.groovie.org>`_). A new ``route`` directive has been |
| | | added to the available list of ZCML directives. Each ``route`` |
| | | directive inserted into your application's ``configure.zcml`` |
| | | establishes a Routes mapper connection. If any ``route`` |
| | | declarations are made via ZCML within a particular application, the |
| | | ``get_root`` callable passed in to ``repoze.bfg.router.make_app`` |
| | | will automatically be wrapped in the equivalent of a RoutesMapper. |
| | | Additionally, the new ``route`` directive allows the specification |
| | | of a ``context_interfaces`` attribute for a route, this will be used |
| | | to tag the manufactured routes context with specific interfaces when |
| | | a route specifying a ``context_interfaces`` attribute is matched. |
| | | |
| | | - A new interface ``repoze.bfg.interfaces.IContextNotFound`` was |
| | | added. This interface is attached to a "dummy" context generated |
| | | when Routes cannot find a match and there is no "fallback" get_root |
| | | callable that uses traversal. |
| | | |
| | | - The ``bfg_starter`` and ``bfg_zodb`` "paster create" templates now |
| | | contain images and CSS which are displayed when the default page is |
| | | displayed after initial project generation. |
| | | |
| | | - Allow the ``repoze.bfg.view.static`` helper to be passed a relative |
| | | ``root_path`` name; it will be considered relative to the file in |
| | | which it was called. |
| | | |
| | | - The functionality of ``repoze.bfg.convention`` has been merged into |
| | | the core. Applications which make use of ``repoze.bfg.convention`` |
| | | will continue to work indefinitely, but it is recommended that apps |
| | | stop depending upon it. To do so, substitute imports of |
| | | ``repoze.bfg.convention.bfg_view`` with imports of |
| | | ``repoze.bfg.view.bfg_view``, and change the stanza in ZCML from |
| | | ``<convention package=".">`` to ``<scan package=".">``. As a result |
| | | of the merge, bfg has grown a new dependency: ``martian``. |
| | | |
| | | - View functions which use the pushpage decorator are now pickleable |
| | | (meaning their use won't prevent a ``configure.zcml.cache`` file |
| | | from being written to disk). |
| | | |
| | | - Instead of invariably using ``webob.Request`` as the "request |
| | | factory" (e.g. in the ``Router`` class) and ``webob.Response`` and |
| | | the "response factory" (e.g. in ``render_template_to_response``), |
| | | allow both to be overridden via a ZCML utility hook. See the "Using |
| | | ZCML Hooks" chapter of the documentation for more information. |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - The class ``repoze.bfg.urldispatch.RoutesContext`` has been renamed |
| | | to ``repoze.bfg.urldispatch.DefaultRoutesContext``. The class |
| | | should be imported by the new name as necessary (although in reality |
| | | it probably shouldn't be imported from anywhere except internally |
| | | within BFG, as it's not part of the API). |
| | | |
| | | Implementation Changes |
| | | ---------------------- |
| | | |
| | | - The ``repoze.bfg.wsgi.wsgiapp`` decorator now uses |
| | | ``webob.Request.get_response`` to do its work rather than relying on |
| | | homegrown WSGI code. |
| | | |
| | | - The ``repoze.bfg.view.static`` helper now uses |
| | | ``webob.Request.get_response`` to do its work rather than relying on |
| | | homegrown WSGI code. |
| | | |
| | | - The ``repoze.bfg.urldispatch.RoutesModelTraverser`` class has been |
| | | moved to ``repoze.bfg.traversal.RoutesModelTraverser``. |
| | | |
| | | - The ``repoze.bfg.registry.makeRegistry`` function was renamed to |
| | | ``repoze.bfg.registry.populateRegistry`` and now accepts a |
| | | ``registry`` argument (which should be an instance of |
| | | ``zope.component.registry.Components``). |
| | | |
| | | Documentation Additions |
| | | ----------------------- |
| | | |
| | | - Updated narrative urldispatch chapter with changes required by |
| | | ``<route..>`` ZCML directive. |
| | | |
| | | - Add a section on "Using BFG Security With URL Dispatch" into the |
| | | urldispatch chapter of the documentation. |
| | | |
| | | - Better documentation of security policy implementations that ship |
| | | with repoze.bfg. |
| | | |
| | | - Added a "Using ZPT Macros in repoze.bfg" section to the narrative |
| | | templating chapter. |
| | | |
| | | 0.6.2 (2009-01-13) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Tests can be run with coverage output if you've got ``nose`` |
| | | installed in the interpreter which you use to run tests. Using an |
| | | interpreter with ``nose`` installed, do ``python setup.py |
| | | nosetests`` within a checkout of the ``repoze.bfg`` package to see |
| | | test coverage output. |
| | | |
| | | - Added a ``post`` argument to the ``repoze.bfg.testing:DummyRequest`` |
| | | constructor. |
| | | |
| | | - Added ``__len__`` and ``__nonzero__`` to ``repoze.bfg.testing:DummyModel``. |
| | | |
| | | - The ``repoze.bfg.registry.get_options`` callable (now renamed to |
| | | ``repoze.bfg.setings.get_options``) used to return only |
| | | framework-specific keys and values in the dictionary it returned. |
| | | It now returns all the keys and values in the dictionary it is |
| | | passed *plus* any framework-specific settings culled from the |
| | | environment. As a side effect, all PasteDeploy application-specific |
| | | config file settings are made available as attributes of the |
| | | ``ISettings`` utility from within BFG. |
| | | |
| | | - Renamed the existing BFG paster template to ``bfg_starter``. Added |
| | | another template (``bfg_zodb``) showing default ZODB setup using |
| | | ``repoze.zodbconn``. |
| | | |
| | | - Add a method named ``assert_`` to the DummyTemplateRenderer. This |
| | | method accepts keyword arguments. Each key/value pair in the |
| | | keyword arguments causes an assertion to be made that the renderer |
| | | received this key with a value equal to the asserted value. |
| | | |
| | | - Projects generated by the paster templates now use the |
| | | ``DummyTemplateRenderer.assert_`` method in their view tests. |
| | | |
| | | - Make the (internal) thread local registry manager maintain a stack |
| | | of registries in order to make it possible to call one BFG |
| | | application from inside another. |
| | | |
| | | - An interface specific to the HTTP verb (GET/PUT/POST/DELETE/HEAD) is |
| | | attached to each request object on ingress. The HTTP-verb-related |
| | | interfaces are defined in ``repoze.bfg.interfaces`` and are |
| | | ``IGETRequest``, ``IPOSTRequest``, ``IPUTRequest``, |
| | | ``IDELETERequest`` and ``IHEADRequest``. These interfaces can be |
| | | specified as the ``request_type`` attribute of a bfg view |
| | | declaration. A view naming a specific HTTP-verb-matching interface |
| | | will be found only if the view is defined with a request_type that |
| | | matches the HTTP verb in the incoming request. The more general |
| | | ``IRequest`` interface can be used as the request_type to catch all |
| | | requests (and this is indeed the default). All requests implement |
| | | ``IRequest``. The HTTP-verb-matching idea was pioneered by |
| | | `repoze.bfg.restrequest |
| | | <http://pypi.python.org/pypi/repoze.bfg.restrequest/1.0.1>`_ . That |
| | | package is no longer required, but still functions fine. |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Fix a bug where the Paste configuration's ``unicode_path_segments`` |
| | | (and os.environ's ``BFG_UNICODE_PATH_SEGMENTS``) may have been |
| | | defaulting to false in some circumstances. It now always defaults |
| | | to true, matching the documentation and intent. |
| | | |
| | | - The ``repoze.bfg.traversal.find_model`` API did not work properly |
| | | when passed a ``path`` argument which was unicode and contained |
| | | high-order bytes when the ``unicode_path_segments`` or |
| | | ``BFG_UNICODE_PATH_SEGMENTS`` configuration variables were "true". |
| | | |
| | | - A new module was added: ``repoze.bfg.settings``. This contains |
| | | deployment-settings-related code. |
| | | |
| | | Implementation Changes |
| | | ---------------------- |
| | | |
| | | - The ``make_app`` callable within ``repoze.bfg.router`` now registers |
| | | the ``root_policy`` argument as a utility (unnamed, using the new |
| | | ``repoze.bfg.interfaces.IRootFactory`` as a provides interface) |
| | | rather than passing it as the first argument to the |
| | | ``repoze.bfg.router.Router`` class. As a result, the |
| | | ``repoze.bfg.router.Router`` router class only accepts a single |
| | | argument: ``registry``. The ``repoze.bfg.router.Router`` class |
| | | retrieves the root policy via a utility lookup now. The |
| | | ``repoze.bfg.router.make_app`` API also now performs some important |
| | | application registrations that were previously handled inside |
| | | ``repoze.bfg.registry.makeRegistry``. |
| | | |
| | | New Modules |
| | | ----------- |
| | | |
| | | - A ``repoze.bfg.settings`` module was added. It contains code |
| | | related to deployment settings. Most of the code it contains was |
| | | moved to it from the ``repoze.bfg.registry`` module. |
| | | |
| | | Behavior Changes |
| | | ---------------- |
| | | |
| | | - The ``repoze.bfg.settings.Settings`` class (an instance of which is |
| | | registered as a utility providing |
| | | ``repoze.bfg.interfaces.ISettings`` when any application is started) |
| | | now automatically calls ``repoze.bfg.settings.get_options`` on the |
| | | options passed to its constructor. This means that usage of |
| | | ``get_options`` within an application's ``make_app`` function is no |
| | | longer required (the "raw" ``options`` dict or None may be passed). |
| | | |
| | | - Remove old cold which attempts to recover from trying to unpickle a |
| | | ``z3c.pt`` template; Chameleon has been the templating engine for a |
| | | good long time now. Running repoze.bfg against a sandbox that has |
| | | pickled ``z3c.pt`` templates it will now just fail with an |
| | | unpickling error, but can be fixed by deleting the template cache |
| | | files. |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - Moved the ``repoze.bfg.registry.Settings`` class. This has been |
| | | moved to ``repoze.bfg.settings.Settings``. A deprecation warning is |
| | | issued when it is imported from the older location. |
| | | |
| | | - Moved the ``repoze.bfg.registry.get_options`` function This has been |
| | | moved to ``repoze.bfg.settings.get_options``. A deprecation warning |
| | | is issued when it is imported from the older location. |
| | | |
| | | - The ``repoze.bfg.interfaces.IRootPolicy`` interface was renamed |
| | | within the interfaces package. It has been renamed to |
| | | ``IRootFactory``. A deprecation warning is issued when it is |
| | | imported from the older location. |
| | | |
| | | 0.6.1 (2009-01-06) |
| | | ================== |
| | | |
| | | New Modules |
| | | ----------- |
| | | |
| | | - A new module ``repoze.bfg.url`` has been added. It contains the |
| | | ``model_url`` API (moved from ``repoze.bfg.traversal``) and an |
| | | implementation of ``urlencode`` (like Python's |
| | | ``urllib.urlencode``) which can handle Unicode keys and values in |
| | | parameters to the ``query`` argument. |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - The ``model_url`` function has been moved from |
| | | ``repoze.bfg.traversal`` into ``repoze.bfg.url``. It can still |
| | | be imported from ``repoze.bfg.traversal`` but an import from |
| | | ``repoze.bfg.traversal`` will emit a DeprecationWarning. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - A ``static`` helper class was added to the ``repoze.bfg.views`` |
| | | module. Instances of this class are willing to act as BFG views |
| | | which return static resources using files on disk. See the |
| | | ``repoze.bfg.view`` docs for more info. |
| | | |
| | | - The ``repoze.bfg.url.model_url`` API (nee' |
| | | ``repoze.bfg.traversal.model_url``) now accepts and honors a |
| | | keyword argument named ``query``. The value of this argument |
| | | will be used to compose a query string, which will be attached to |
| | | the generated URL before it is returned. See the API docs (in |
| | | the docs directory or `on the web |
| | | <http://static.repoze.org/bfgdocs>`_) for more information. |
| | | |
| | | 0.6 (2008-12-26) |
| | | ================ |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - Rather than prepare the "stock" implementations of the ZCML directives |
| | | from the ``zope.configuration`` package for use under ``repoze.bfg``, |
| | | ``repoze.bfg`` now makes available the implementations of directives |
| | | from the ``repoze.zcml`` package (see http://static.repoze.org/zcmldocs). |
| | | As a result, the ``repoze.bfg`` package now depends on the |
| | | ``repoze.zcml`` package, and no longer depends directly on the |
| | | ``zope.component``, ``zope.configuration``, ``zope.interface``, or |
| | | ``zope.proxy`` packages. |
| | | |
| | | The primary reason for this change is to enable us to eventually reduce |
| | | the number of inappropriate ``repoze.bfg`` Zope package dependencies, |
| | | as well as to shed features of dependent package directives that don't |
| | | make sense for ``repoze.bfg``. |
| | | |
| | | Note that currently the set of requirements necessary to use bfg has not |
| | | changed. This is due to inappropriate Zope package requirements in |
| | | ``chameleon.zpt``, which will hopefully be remedied soon. NOTE: in |
| | | lemonade index a 1.0b8-repozezcml0 package exists which does away with |
| | | these requirements. |
| | | |
| | | - BFG applications written prior to this release which expect the "stock" |
| | | ``zope.component`` ZCML directive implementations (e.g. ``adapter``, |
| | | ``subscriber``, or ``utility``) to function now must either 1) include |
| | | the ``meta.zcml`` file from ``zope.component`` manually (e.g. ``<include |
| | | package="zope.component" file="meta.zcml">``) and include the |
| | | ``zope.security`` package as an ``install_requires`` dependency or 2) |
| | | change the ZCML in their applications to use the declarations from |
| | | `repoze.zcml <http://static.repoze.org/zcmldocs/>`_ instead of the stock |
| | | declarations. ``repoze.zcml`` only makes available the ``adapter``, |
| | | ``subscriber`` and ``utility`` directives. |
| | | |
| | | In short, if you've got an existing BFG application, after this |
| | | update, if your application won't start due to an import error for |
| | | "zope.security", the fastest way to get it working again is to add |
| | | ``zope.security`` to the "install_requires" of your BFG |
| | | application's ``setup.py``, then add the following ZCML anywhere |
| | | in your application's ``configure.zcml``:: |
| | | |
| | | <include package="zope.component" file="meta.zcml"> |
| | | |
| | | Then re-``setup.py develop`` or reinstall your application. |
| | | |
| | | - The ``http://namespaces.repoze.org/bfg`` XML namespace is now the default |
| | | XML namespace in ZCML for paster-generated applications. The docs have |
| | | been updated to reflect this. |
| | | |
| | | - The copies of BFG's ``meta.zcml`` and ``configure.zcml`` were removed |
| | | from the root of the ``repoze.bfg`` package. In 0.3.6, a new package |
| | | named ``repoze.bfg.includes`` was added, which contains the "correct" |
| | | copies of these ZCML files; the ones that were removed were for backwards |
| | | compatibility purposes. |
| | | |
| | | - The BFG ``view`` ZCML directive no longer calls |
| | | ``zope.component.interface.provideInterface`` for the ``for`` interface. |
| | | We don't support ``provideInterface`` in BFG because it mutates the |
| | | global registry. |
| | | |
| | | Other |
| | | ----- |
| | | |
| | | - The minimum requirement for ``chameleon.core`` is now 1.0b13. The |
| | | minimum requirement for ``chameleon.zpt`` is now 1.0b8. The minimum |
| | | requirement for ``chameleon.genshi`` is now 1.0b2. |
| | | |
| | | - Updated paster template "ez_setup.py" to one that requires setuptools |
| | | 0.6c9. |
| | | |
| | | - Turn ``view_execution_permitted`` from the ``repoze.bfg.view`` module |
| | | into a documented API. |
| | | |
| | | - Doc cleanups. |
| | | |
| | | - Documented how to create a view capable of serving static resources. |
| | | |
| | | 0.5.6 (2008-12-18) |
| | | ================== |
| | | |
| | | - Speed up ``traversal.model_url`` execution by using a custom url quoting |
| | | function instead of Python's ``urllib.quote``, by caching URL path |
| | | segment quoting and encoding results, by disusing Python's |
| | | ``urlparse.urljoin`` in favor of a simple string concatenation, and by |
| | | using ``ob.__class__ is unicode`` rather than ``isinstance(ob, unicode)`` |
| | | in one strategic place. |
| | | |
| | | 0.5.5 (2008-12-17) |
| | | ================== |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - In the past, during traversal, the ModelGraphTraverser (the default |
| | | traverser) always passed each URL path segment to any ``__getitem__`` |
| | | method of a model object as a byte string (a ``str`` object). Now, by |
| | | default the ModelGraphTraverser attempts to decode the path segment to |
| | | Unicode (a ``unicode`` object) using the UTF-8 encoding before passing it |
| | | to the ``__getitem__`` method of a model object. This makes it possible |
| | | for model objects to be dumber in ``__getitem__`` when trying to resolve |
| | | a subobject, as model objects themselves no longer need to try to divine |
| | | whether or not to try to decode the path segment passed by the |
| | | traverser. |
| | | |
| | | Note that since 0.5.4, URLs generated by repoze.bfg's ``model_url`` API |
| | | will contain UTF-8 encoded path segments as necessary, so any URL |
| | | generated by BFG itself will be decodeable by the traverser. If another |
| | | application generates URLs to a BFG application, to be resolved |
| | | successully, it should generate the URL with UTF-8 encoded path segments |
| | | to be successfully resolved. The decoder is not at all magical: if a |
| | | non-UTF-8-decodeable path segment (e.g. one encoded using UTF-16 or some |
| | | other insanity) is passed in the URL, BFG will raise a ``TypeError`` with |
| | | a message indicating it could not decode the path segment. |
| | | |
| | | To turn on the older behavior, where path segments were not decoded to |
| | | Unicode before being passed to model object ``__getitem__`` by the |
| | | traverser, and were passed as a raw byte string, set the |
| | | ``unicode_path_segments`` configuration setting to a false value in your |
| | | BFG application's section of the paste .ini file, for example:: |
| | | |
| | | unicode_path_segments = False |
| | | |
| | | Or start the application using the ``BFG_UNICODE_PATH_SEGMENT`` envvar |
| | | set to a false value:: |
| | | |
| | | BFG_UNICODE_PATH_SEGMENTS=0 |
| | | |
| | | 0.5.4 (2008-12-13) |
| | | ================== |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - URL-quote "extra" element names passed in as ``**elements`` to the |
| | | ``traversal.model_url`` API. If any of these names is a Unicode string, |
| | | encode it to UTF-8 before URL-quoting. This is a slight backwards |
| | | incompatibility that will impact you if you were already UTF-8 encoding |
| | | or URL-quoting the values you passed in as ``elements`` to this API. |
| | | |
| | | Bugfixes |
| | | -------- |
| | | |
| | | - UTF-8 encode each segment in the model path used to generate a URL before |
| | | url-quoting it within the ``traversal.model_url`` API. This is a bugfix, |
| | | as Unicode cannot always be successfully URL-quoted. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Make it possible to run unit tests using a buildout-generated Python |
| | | "interpreter". |
| | | |
| | | - Add ``request.root`` to ``router.Router`` in order to have easy access to |
| | | the application root. |
| | | |
| | | 0.5.3 (2008-12-07) |
| | | ================== |
| | | |
| | | - Remove the ``ITestingTemplateRenderer`` interface. When |
| | | ``testing.registerDummyRenderer`` is used, it instead registers a dummy |
| | | implementation using ``ITemplateRenderer`` interface, which is checked |
| | | for when the built-in templating facilities do rendering. This change |
| | | also allows developers to make explcit named utility registrations in |
| | | the ZCML registry against ``ITemplateRenderer``; these will be found |
| | | before any on-disk template is looked up. |
| | | |
| | | 0.5.2 (2008-12-05) |
| | | ================== |
| | | |
| | | - The component registration handler for views (functions or class |
| | | instances) now observes component adaptation annotations (see |
| | | ``zope.component.adaptedBy``) and uses them before the fallback values |
| | | for ``for_`` and ``request_type``. This change does not affect existing |
| | | code insomuch as the code does not rely on these defaults when an |
| | | annotation is set on the view (unlikely). This means that for a |
| | | new-style class you can do ``zope.component.adapts(ISomeContext, |
| | | ISomeRequest)`` at class scope or at module scope as a decorator to a |
| | | bfg view function you can do ``@zope.component.adapter(ISomeContext, |
| | | ISomeRequest)``. This differs from r.bfg.convention inasmuch as you |
| | | still need to put something in ZCML for the registrations to get done; |
| | | it's only the defaults that will change if these declarations exist. |
| | | |
| | | - Strip all slashes from end and beginning of path in clean_path within |
| | | traversal machinery. |
| | | |
| | | 0.5.1 (2008-11-25) |
| | | ================== |
| | | |
| | | - Add ``keys``, ``items``, and ``values`` methods to |
| | | ``testing.DummyModel``. |
| | | |
| | | - Add __delitem__ method to ``testing.DummyModel``. |
| | | |
| | | 0.5.0 (2008-11-18) |
| | | ================== |
| | | |
| | | - Fix ModelGraphTraverser; don't try to change the ``__name__`` or |
| | | ``__parent__`` of an object that claims it implements ILocation during |
| | | traversal even if the ``__name__`` or ``__parent__`` of the object |
| | | traversed does not match the name used in the traversal step or the or |
| | | the traversal parent . Rationale: it was insane to do so. This bug was |
| | | only found due to a misconfiguration in an application that mistakenly |
| | | had intermediate persistent non-ILocation objects; traversal was causing |
| | | a persistent write on every request under this setup. |
| | | |
| | | - ``repoze.bfg.location.locate`` now unconditionally sets ``__name__`` and |
| | | ``__parent__`` on objects which provide ILocation (it previously only set |
| | | them conditionally if they didn't match attributes already present on the |
| | | object via equality). |
| | | |
| | | 0.4.9 (2008-11-17) |
| | | ================== |
| | | |
| | | - Add chameleon text template API (chameleon ${name} renderings where the |
| | | template does not need to be wrapped in any containing XML). |
| | | |
| | | - Change docs to explain install in terms of a virtualenv |
| | | (unconditionally). |
| | | |
| | | - Make pushpage decorator compatible with repoze.bfg.convention's |
| | | ``bfg_view`` decorator when they're stacked. |
| | | |
| | | - Add content_length attribute to testing.DummyRequest. |
| | | |
| | | - Change paster template ``tests.py`` to include a true unit test. Retain |
| | | old test as an integration test. Update documentation. |
| | | |
| | | - Document view registrations against classes and ``repoze.bfg.convention`` |
| | | in context. |
| | | |
| | | - Change the default paster template to register its single view against a |
| | | class rather than an interface. |
| | | |
| | | - Document adding a request type interface to the request via a subscriber |
| | | function in the events narrative documentation. |
| | | |
| | | 0.4.8 (2008-11-12) |
| | | ================== |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - ``repoze.bfg.traversal.model_url`` now always appends a slash to all |
| | | generated URLs unless further elements are passed in as the third and |
| | | following arguments. Rationale: views often use ``model_url`` without |
| | | the third-and-following arguments in order to generate a URL for a model |
| | | in order to point at the default view of a model. The URL that points to |
| | | the default view of the *root* model is technically ``http://mysite/`` as |
| | | opposed to ``http://mysite`` (browsers happen to ask for '/' implicitly |
| | | in the GET request). Because URLs are never automatically generated for |
| | | anything *except* models by ``model_url``, and because the root model is |
| | | not really special, we continue this pattern. The impact of this change |
| | | is minimal (at most you will have too many slashes in your URL, which BFG |
| | | deals with gracefully anyway). |
| | | |
| | | 0.4.7 (2008-11-11) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Allow ``testing.registerEventListener`` to be used with Zope 3 style |
| | | "object events" (subscribers accept more than a single event argument). |
| | | We extend the list with the arguments, rather than append. |
| | | |
| | | 0.4.6 (2008-11-10) |
| | | ================== |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - The ``model_path`` and ``model_url`` traversal APIs returned the wrong |
| | | value for the root object (e.g. ``model_path`` returned ``''`` for the |
| | | root object, while it should have been returning ``'/'``). |
| | | |
| | | 0.4.5 (2008-11-09) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Added a ``clone`` method and a ``__contains__`` method to the DummyModel |
| | | testing object. |
| | | |
| | | - Allow DummyModel objects to receive extra keyword arguments, which will |
| | | be attached as attributes. |
| | | |
| | | - The DummyTemplateRenderer now returns ``self`` as its implementation. |
| | | |
| | | 0.4.4 (2008-11-08) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Added a ``repoze.bfg.testing`` module to attempt to make it slightly |
| | | easier to write unittest-based automated tests of BFG applications. |
| | | Information about this module is in the documentation. |
| | | |
| | | - The default template renderer now supports testing better by looking for |
| | | ``ITestingTemplateRenderer`` using a relative pathname. This is exposed |
| | | indirectly through the API named ``registerTemplateRenderer`` in |
| | | ``repoze.bfg.testing``. |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - The names ``repoze.bfg.interfaces.ITemplate`` , |
| | | ``repoze.bfg.interfaces.ITemplateFactory`` and |
| | | ``repoze.bfg.interfaces.INodeTemplate`` have been deprecated. These |
| | | should now be imported as ``repoze.bfg.interfaces.ITemplateRenderer`` and |
| | | ``repoze.bfg.interfaces.ITemplateRendererFactory``, and |
| | | ``INodeTemplateRenderer`` respectively. |
| | | |
| | | - The name ``repoze.bfg.chameleon_zpt.ZPTTemplateFactory`` is deprecated. |
| | | Use ``repoze.bfg.chameleon_zpt.ZPTTemplateRenderer``. |
| | | |
| | | - The name ``repoze.bfg.chameleon_genshi.GenshiTemplateFactory`` is |
| | | deprecated. Use ``repoze.bfg.chameleon_genshi.GenshiTemplateRenderer``. |
| | | |
| | | - The name ``repoze.bfg.xslt.XSLTemplateFactory`` is deprecated. Use |
| | | ``repoze.bfg.xslt.XSLTemplateRenderer``. |
| | | |
| | | 0.4.3 (2008-11-02) |
| | | ================== |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Not passing the result of "get_options" as the second argument of |
| | | make_app could cause attribute errors when attempting to look up settings |
| | | against the ISettings object (internal). Fixed by giving the Settings |
| | | objects defaults for ``debug_authorization`` and ``debug_notfound``. |
| | | |
| | | - Return an instance of ``Allowed`` (rather than ``True``) from |
| | | ``has_permission`` when no security policy is in use. |
| | | |
| | | - Fix bug where default deny in authorization check would throw a TypeError |
| | | (use ``ACLDenied`` instead of ``Denied``). |
| | | |
| | | 0.4.2 (2008-11-02) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Expose a single ILogger named "repoze.bfg.debug" as a utility; this |
| | | logger is registered unconditionally and is used by the authorization |
| | | debug machinery. Applications may also make use of it as necessary |
| | | rather than inventing their own logger, for convenience. |
| | | |
| | | - The ``BFG_DEBUG_AUTHORIZATION`` envvar and the ``debug_authorization`` |
| | | config file value now only imply debugging of view-invoked security |
| | | checks. Previously, information was printed for every call to |
| | | ``has_permission`` as well, which made output confusing. To debug |
| | | ``has_permission`` checks and other manual permission checks, use the |
| | | debugger and print statements in your own code. |
| | | |
| | | - Authorization debugging info is now only present in the HTTP response |
| | | body oif ``debug_authorization`` is true. |
| | | |
| | | - The format of authorization debug messages was improved. |
| | | |
| | | - A new ``BFG_DEBUG_NOTFOUND`` envvar was added and a symmetric |
| | | ``debug_notfound`` config file value was added. When either is true, and |
| | | a NotFound response is returned by the BFG router (because a view could |
| | | not be found), debugging information is printed to stderr. When this |
| | | value is set true, the body of HTTPNotFound responses will also contain |
| | | the same debugging information. |
| | | |
| | | - ``Allowed`` and ``Denied`` responses from the security machinery are now |
| | | specialized into two types: ACL types, and non-ACL types. The |
| | | ACL-related responses are instances of ``repoze.bfg.security.ACLAllowed`` |
| | | and ``repoze.bfg.security.ACLDenied``. The non-ACL-related responses are |
| | | ``repoze.bfg.security.Allowed`` and ``repoze.bfg.security.Denied``. The |
| | | allowed-type responses continue to evaluate equal to things that |
| | | themselves evaluate equal to the ``True`` boolean, while the denied-type |
| | | responses continue to evaluate equal to things that themselves evaluate |
| | | equal to the ``False`` boolean. The only difference between the two |
| | | types is the information attached to them for debugging purposes. |
| | | |
| | | - Added a new ``BFG_DEBUG_ALL`` envvar and a symmetric ``debug_all`` config |
| | | file value. When either is true, all other debug-related flags are set |
| | | true unconditionally (e.g. ``debug_notfound`` and |
| | | ``debug_authorization``). |
| | | - ``pyramid.view.append_slash_notfound_view`` now preserves GET query |
| | | parameters across redirects. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Added info about debug flag changes. |
| | | - Beef up documentation related to ``set_default_permission``: explicitly |
| | | mention that default permissions also protect exception views. |
| | | |
| | | - Added a section to the security chapter named "Debugging Imperative |
| | | Authorization Failures" (for e.g. ``has_permssion``). |
| | | - Paster templates and tutorials now use spaces instead of tabs in their HTML |
| | | templates. |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Change default paster template generator to use ``Paste#http`` server |
| | | rather than ``PasteScript#cherrpy`` server. The cherrypy server has a |
| | | security risk in it when ``REMOTE_USER`` is trusted by the downstream |
| | | application. |
| | | |
| | | 0.4.1 (2008-10-28) |
| | | 1.0b2 (2011-01-24) |
| | | ================== |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - If the ``render_view_to_response`` function was called, if the view was |
| | | found and called, but it returned something that did not implement |
| | | IResponse, the error would pass by unflagged. This was noticed when I |
| | | created a view function that essentially returned None, but received a |
| | | NotFound error rather than a ValueError when the view was rendered. This |
| | | was fixed. |
| | | - The ``production.ini`` generated by all paster templates now have an |
| | | effective logging level of WARN, which prevents e.g. SQLAlchemy statement |
| | | logging and other inappropriate output. |
| | | |
| | | 0.4.0 (2008-10-03) |
| | | - The ``production.ini`` of the ``pyramid_routesalchemy`` and |
| | | ``pyramid_alchemy`` paster templates did not have a ``sqlalchemy`` logger |
| | | section, preventing ``paster serve production.ini`` from working. |
| | | |
| | | - The ``pyramid_routesalchemy`` and ``pyramid_alchemy`` paster templates used |
| | | the ``{{package}}`` variable in a place where it should have used the |
| | | ``{{project}}`` variable, causing applications created with uppercase |
| | | letters e.g. ``paster create -t pyramid_routesalchemy Dibbus`` to fail to |
| | | start when ``paster serve development.ini`` was used against the result. |
| | | See https://github.com/Pylons/pyramid/issues/#issue/107 |
| | | |
| | | - The ``render_view`` method of ``pyramid.renderers.RendererHelper`` passed |
| | | an incorrect value into the renderer for ``renderer_info``. It now passes |
| | | an instance of ``RendererHelper`` instead of a dictionary, which is |
| | | consistent with other usages. See |
| | | https://github.com/Pylons/pyramid/issues#issue/106 |
| | | |
| | | - A bug existed in the ``pyramid.authentication.AuthTktCookieHelper`` which |
| | | would break any usage of an AuthTktAuthenticationPolicy when one was |
| | | configured to reissue its tokens (``reissue_time`` < ``timeout`` / |
| | | ``max_age``). Symptom: ``ValueError: ('Invalid token %r', '')``. See |
| | | https://github.com/Pylons/pyramid/issues#issue/108. |
| | | |
| | | 1.0b1 (2011-01-21) |
| | | ================== |
| | | |
| | | Docs |
| | | ---- |
| | | |
| | | - An "Environment and Configuration" chapter was added to the narrative |
| | | portion of the documentation. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Ensure bfg doesn't generate warnings when running under Python |
| | | 2.6. |
| | | - The AuthTktAuthenticationPolicy now accepts a ``tokens`` parameter via |
| | | ``pyramid.security.remember``. The value must be a sequence of strings. |
| | | Tokens are placed into the auth_tkt "tokens" field and returned in the |
| | | auth_tkt cookie. |
| | | |
| | | - The environment variable ``BFG_RELOAD_TEMPLATES`` is now available |
| | | (serves the same purpose as ``reload_templates`` in the config file). |
| | | - Add ``wild_domain`` argument to AuthTktAuthenticationPolicy, which defaults |
| | | to ``True``. If it is set to ``False``, the feature of the policy which |
| | | sets a cookie with a wilcard domain will be turned off. |
| | | |
| | | - A new configuration file option ``debug_authorization`` was added. |
| | | This turns on printing of security authorization debug statements |
| | | to ``sys.stderr``. The ``BFG_DEBUG_AUTHORIZATION`` environment |
| | | variable was also added; this performs the same duty. |
| | | - Add a ``MANIFEST.in`` file to each paster template. See |
| | | https://github.com/Pylons/pyramid/issues#issue/95 |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - The environment variable ``BFG_SECURITY_DEBUG`` did not always work. |
| | | It has been renamed to ``BFG_DEBUG_AUTHORIZATION`` and fixed. |
| | | - ``testing.setUp`` now adds a ``settings`` attribute to the registry (both |
| | | when it's passed a registry without any settings and when it creates one). |
| | | |
| | | - The ``testing.setUp`` function now takes a ``settings`` argument, which |
| | | should be a dictionary. Its values will subsequently be available on the |
| | | returned ``config`` object as ``config.registry.settings``. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Added "What's New in Pyramid 1.0" chapter to HTML rendering of |
| | | documentation. |
| | | |
| | | - Merged caseman-master narrative editing branch, many wording fixes and |
| | | extensions. |
| | | |
| | | - Fix deprecated example showing ``chameleon_zpt`` API call in testing |
| | | narrative chapter. |
| | | |
| | | - Added "Adding Methods to the Configurator via ``add_directive``" section to |
| | | Advanced Configuration narrative chapter. |
| | | |
| | | - Add docs for ``add_finished_callback``, ``add_response_callback``, |
| | | ``route_path``, ``route_url``, and ``static_url`` methods to |
| | | ``pyramid.request.Request`` API docs. |
| | | |
| | | - Add (minimal) documentation about using I18N within Mako templates to |
| | | "Internationalization and Localization" narrative chapter. |
| | | |
| | | - Move content of "Forms" chapter back to "Views" chapter; I can't think of a |
| | | better place to put it. |
| | | |
| | | - Slightly improved interface docs for ``IAuthorizationPolicy``. |
| | | |
| | | - Minimally explain usage of custom regular expressions in URL dispatch |
| | | replacement markers within URL Dispatch chapter. |
| | | |
| | | Deprecations |
| | | ------------- |
| | | |
| | | - Using the ``pyramid.view.bfg_view`` alias for ``pyramid.view.view_config`` |
| | | (a backwards compatibility shim) now issues a deprecation warning. |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - Using ``testing.setUp`` now registers an ISettings utility as a side |
| | | effect. Some test code which queries for this utility after |
| | | ``testing.setUp`` via queryAdapter will expect a return value of ``None``. |
| | | This code will need to be changed. |
| | | |
| | | - When a ``pyramid.exceptions.Forbidden`` error is raised, its status code |
| | | now ``403 Forbidden``. It was previously ``401 Unauthorized``, for |
| | | backwards compatibility purposes with ``repoze.bfg``. This change will |
| | | cause problems for users of Pyramid with ``repoze.who``, which intercepts |
| | | ``401 Unauthorized`` by default, but allows ``403 Forbidden`` to pass |
| | | through. Those deployments will need to configure ``repoze.who`` to also |
| | | react to ``403 Forbidden``. |
| | | |
| | | - The default value for the ``cookie_on_exception`` parameter to |
| | | ``pyramid.session.UnencyrptedCookieSessionFactory`` is now ``True``. This |
| | | means that when view code causes an exception to be raised, and the session |
| | | has been mutated, a cookie will be sent back in the response. Previously |
| | | its default value was ``False``. |
| | | |
| | | Paster Templates |
| | | ---------------- |
| | | |
| | | - The ``pyramid_zodb``, ``pyramid_routesalchemy`` and ``pyramid_alchemy`` |
| | | paster templates now use a default "commit veto" hook when configuring the |
| | | ``repoze.tm2`` transaction manager in ``development.ini``. This prevents a |
| | | transaction from being committed when the response status code is within |
| | | the 400 or 500 ranges. See also |
| | | http://docs.repoze.org/tm2/#using-a-commit-veto. |
| | | |
| | | 1.0a10 (2011-01-18) |
| | | =================== |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - URL dispatch now properly handles a ``.*`` or ``*`` appearing in a regex |
| | | match when used inside brackets. Resolves issue #90. |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - The ``add_handler`` method of a Configurator has been removed from the |
| | | Pyramid core. Handlers are now a feature of the ``pyramid_handlers`` |
| | | package, which can be downloaded from PyPI. Documentation for the package |
| | | should be available via |
| | | http://pylonsproject.org/projects/pyramid_handlers/dev/, which describes how |
| | | to add a configuration statement to your ``main`` block to reobtain this |
| | | method. You will also need to add an ``install_requires`` dependency upon |
| | | ``pyramid_handlers`` to your ``setup.py`` file. |
| | | |
| | | - The ``load_zcml`` method of a Configurator has been removed from the |
| | | Pyramid core. Loading ZCML is now a feature of the ``pyramid_zcml`` |
| | | package, which can be downloaded from PyPI. Documentation for the package |
| | | should be available via |
| | | http://pylonsproject.org/projects/pyramid_zcml/dev/, which describes how |
| | | to add a configuration statement to your ``main`` block to reobtain this |
| | | method. You will also need to add an ``install_requires`` dependency upon |
| | | ``pyramid_zcml`` to your ``setup.py`` file. |
| | | |
| | | - The ``pyramid.includes`` subpackage has been removed. ZCML files which use |
| | | include the package ``pyramid.includes`` (e.g. ``<include |
| | | package="pyramid.includes"/>``) now must include the ``pyramid_zcml`` |
| | | package instead (e.g. ``<include package="pyramid_zcml"/>``). |
| | | |
| | | - The ``pyramid.view.action`` decorator has been removed from the Pyramid |
| | | core. Handlers are now a feature of the ``pyramid_handlers`` package. It |
| | | should now be imported from ``pyramid_handlers`` e.g. ``from |
| | | pyramid_handlers import action``. |
| | | |
| | | - The ``handler`` ZCML directive has been removed. It is now a feature of |
| | | the ``pyramid_handlers`` package. |
| | | |
| | | - The ``pylons_minimal``, ``pylons_basic`` and ``pylons_sqla`` paster |
| | | templates were removed. Use ``pyramid_sqla`` (available from PyPI) as a |
| | | generic replacement for Pylons-esque development. |
| | | |
| | | - The ``make_app`` function has been removed from the ``pyramid.router`` |
| | | module. It continues life within the ``pyramid_zcml`` package. This |
| | | leaves the ``pyramid.router`` module without any API functions. |
| | | |
| | | - The ``configure_zcml`` setting within the deployment settings (within |
| | | ``**settings`` passed to a Pyramid ``main`` function) has ceased to have any |
| | | meaning. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - ``pyramid.testing.setUp`` and ``pyramid.testing.tearDown`` have been |
| | | undeprecated. They are now the canonical setup and teardown APIs for test |
| | | configuration, replacing "direct" creation of a Configurator. This is a |
| | | change designed to provide a facade that will protect against any future |
| | | Configurator deprecations. |
| | | |
| | | - Add ``charset`` attribute to ``pyramid.testing.DummyRequest`` |
| | | (unconditionally ``UTF-8``). |
| | | |
| | | - Add ``add_directive`` method to configurator, which allows framework |
| | | extenders to add methods to the configurator (ala ZCML directives). |
| | | |
| | | - When ``Configurator.include`` is passed a *module* as an argument, it |
| | | defaults to attempting to find and use a callable named ``includeme`` |
| | | within that module. This makes it possible to use |
| | | ``config.include('some.module')`` rather than |
| | | ``config.include('some.module.somefunc')`` as long as the include function |
| | | within ``some.module`` is named ``includeme``. |
| | | |
| | | - The ``bfg2pyramid`` script now converts ZCML include tags that have |
| | | ``repoze.bfg.includes`` as a package attribute to the value |
| | | ``pyramid_zcml``. For example, ``<include package="repoze.bfg.includes">`` |
| | | will be converted to ``<include package="pyramid_zcml">``. |
| | | |
| | | Paster Templates |
| | | ---------------- |
| | | |
| | | - All paster templates now use ``pyramid.testing.setUp`` and |
| | | ``pyramid.testing.tearDown`` rather than creating a Configurator "by hand" |
| | | within their ``tests.py`` module, as per decision in features above. |
| | | |
| | | - The ``starter_zcml`` paster template has been moved to the ``pyramid_zcml`` |
| | | package. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - The wiki and wiki2 tutorials now use ``pyramid.testing.setUp`` and |
| | | ``pyramid.testing.tearDown`` rather than creating a Configurator "by hand", |
| | | as per decision in features above. |
| | | |
| | | - The "Testing" narrative chapter now explains ``pyramid.testing.setUp`` and |
| | | ``pyramid.testing.tearDown`` instead of Configurator creation and |
| | | ``Configurator.begin()`` and ``Configurator.end()``. |
| | | |
| | | - Document the ``request.override_renderer`` attribute within the narrative |
| | | "Renderers" chapter in a section named "Overriding A Renderer at Runtime". |
| | | |
| | | - The "Declarative Configuration" narrative chapter has been removed (it was |
| | | moved to the ``pyramid_zcml`` package). |
| | | |
| | | - Most references to ZCML in narrative chapters have been removed or |
| | | redirected to ``pyramid_zcml`` locations. |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - A deprecation warning is now issued when old API names from the |
| | | ``repoze.bfg.templates`` module are imported. |
| | | - Deprecation warnings related to import of the following API functions were |
| | | added: ``pyramid.traversal.find_model``, ``pyramid.traversal.model_path``, |
| | | ``pyramid.traversal.model_path_tuple``, ``pyramid.url.model_url``. The |
| | | instructions emitted by the deprecation warnings instruct the developer to |
| | | change these method spellings to their ``resource`` equivalents. This is a |
| | | consequence of the mass concept rename of "model" to "resource" performed |
| | | in 1.0a7. |
| | | |
| | | Backwards incompatibilities |
| | | --------------------------- |
| | | |
| | | - The ``BFG_SECURITY_DEBUG`` environment variable was renamed to |
| | | ``BFG_DEBUG_AUTHORIZATION``. |
| | | |
| | | 0.3.9 (2008-08-27) |
| | | 1.0a9 (2011-01-08) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - A ``repoze.bfg.location`` API module was added. |
| | | |
| | | Backwards incompatibilities |
| | | --------------------------- |
| | | |
| | | - Applications must now use the ``repoze.bfg.interfaces.ILocation`` |
| | | interface rather than ``zope.location.interfaces.ILocation`` to |
| | | represent that a model object is "location-aware". We've removed |
| | | a dependency on ``zope.location`` for cleanliness purposes: as |
| | | new versions of zope libraries are released which have improved |
| | | dependency information, getting rid of our dependence on |
| | | ``zope.location`` will prevent a newly installed repoze.bfg |
| | | application from requiring the ``zope.security``, egg, which not |
| | | truly used at all in a "stock" repoze.bfg setup. These |
| | | dependencies are still required by the stack at this time; this |
| | | is purely a futureproofing move. |
| | | |
| | | The security and model documentation for previous versions of |
| | | ``repoze.bfg`` recommended using the |
| | | ``zope.location.interfaces.ILocation`` interface to represent |
| | | that a model object is "location-aware". This documentation has |
| | | been changed to reflect that this interface should now be |
| | | imported from ``repoze.bfg.interfaces.ILocation`` instead. |
| | | |
| | | 0.3.8 (2008-08-26) |
| | | ================== |
| | | |
| | | Docs |
| | | ---- |
| | | |
| | | - Documented URL dispatch better in narrative form. |
| | | |
| | | Bug fixes |
| | | --------- |
| | | |
| | | - Routes URL dispatch did not have access to the WSGI environment, |
| | | so conditions such as method=GET did not work. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Add ``principals_allowed_by_permission`` API to security module. |
| | | |
| | | - Replace ``z3c.pt`` support with support for ``chameleon.zpt``. |
| | | Chameleon is the new name for the package that used to be named |
| | | ``z3c.pt``. NOTE: If you update a ``repoze.bfg`` SVN checkout |
| | | that you're using for development, you will need to run "setup.py |
| | | install" or "setup.py develop" again in order to obtain the |
| | | proper Chameleon packages. ``z3c.pt`` is no longer supported by |
| | | ``repoze.bfg``. All API functions that used to render ``z3c.pt`` |
| | | templates will work fine with the new packages, and your |
| | | templates should render almost identically. |
| | | |
| | | - Add a ``repoze.bfg.chameleon_zpt`` module. This module provides |
| | | Chameleon ZPT support. |
| | | |
| | | - Add a ``repoze.bfg.xslt`` module. This module provides XSLT |
| | | support. |
| | | |
| | | - Add a ``repoze.bfg.chameleon_genshi`` module. This provides |
| | | direct Genshi support, which did not exist previously. |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - Importing API functions directly from ``repoze.bfg.template`` is |
| | | now deprecated. The ``get_template``, ``render_template``, |
| | | ``render_template_to_response`` functions should now be imported |
| | | from ``repoze.chameleon_zpt``. The ``render_transform``, and |
| | | ``render_transform_to_response`` functions should now be imported |
| | | from ``repoze.bfg.xslt``. The ``repoze.bfg.template`` module |
| | | will remain around "forever" to support backwards compatibility. |
| | | |
| | | 0.3.7 (2008-09-09) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Add compatibility with z3c.pt 1.0a7+ (z3c.pt became a namespace package). |
| | | |
| | | Bug fixes |
| | | --------- |
| | | |
| | | - ``repoze.bfg.traversal.find_model`` function did not function properly. |
| | | |
| | | 0.3.6 (2008-09-04) |
| | | ================== |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Add startup process docs. |
| | | |
| | | - Allow configuration cache to be bypassed by actions which include special |
| | | "uncacheable" discriminators (for actions that have variable results). |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Move core repoze.bfg ZCML into a ``repoze.bfg.includes`` package so we |
| | | can use repoze.bfg better as a namespace package. Adjust the code |
| | | generator to use it. We've left around the ``configure.zcml`` in the |
| | | repoze.bfg package directly so as not to break older apps. |
| | | - The ``proutes`` command tried too hard to resolve the view for printing, |
| | | resulting in exceptions when an exceptional root factory was encountered. |
| | | Instead of trying to resolve the view, if it cannot, it will now just print |
| | | ``<unknown>``. |
| | | |
| | | - When a zcml application registry cache was unpickled, and it contained a |
| | | reference to an object that no longer existed (such as a view), bfg would |
| | | not start properly. |
| | | - The `self` argument was included in new methods of the ``ISession`` interface |
| | | signature, causing ``pyramid_beaker`` tests to fail. |
| | | |
| | | 0.3.5 (2008-09-01) |
| | | ================== |
| | | - Readd ``pyramid.traversal.model_path_tuple`` as an alias for |
| | | ``pyramid.traversal.resource_path_tuple`` for backwards compatibility. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Event notification is issued after application is created and configured |
| | | (``IWSGIApplicationCreatedEvent``). |
| | | - Add a new API ``pyramid.url.current_route_url``, which computes a URL based |
| | | on the "current" route (if any) and its matchdict values. |
| | | |
| | | - New API module: ``repoze.bfg.view``. This module contains the functions |
| | | named ``render_view_to_response``, ``render_view_to_iterable``, |
| | | ``render_view`` and ``is_response``, which are documented in the API |
| | | docs. These features aid programmatic (non-server-driven) view |
| | | execution. |
| | | - ``config.add_view`` now accepts a ``decorator`` keyword argument, a callable |
| | | which will decorate the view callable before it is added to the registry. |
| | | |
| | | 0.3.4 (2008-08-28) |
| | | ================== |
| | | - If a handler class provides an ``__action_decorator__`` attribute (usually |
| | | a classmethod or staticmethod), use that as the decorator for each view |
| | | registration for that handler. |
| | | |
| | | Backwards incompatibilities |
| | | - The ``pyramid.interfaces.IAuthenticationPolicy`` interface now specifies an |
| | | ``unauthenticated_userid`` method. This method supports an important |
| | | optimization required by people who are using persistent storages which do |
| | | not support object caching and whom want to create a "user object" as a |
| | | request attribute. |
| | | |
| | | - A new API has been added to the ``pyramid.security`` module named |
| | | ``unauthenticated_userid``. This API function calls the |
| | | ``unauthenticated_userid`` method of the effective security policy. |
| | | |
| | | - An ``unauthenticated_userid`` method has been added to the dummy |
| | | authentication policy returned by |
| | | ``pyramid.config.Configurator.testing_securitypolicy``. It returns the |
| | | same thing as that the dummy authentication policy's |
| | | ``authenticated_userid`` method. |
| | | |
| | | - The class ``pyramid.authentication.AuthTktCookieHelper`` is now an API. |
| | | This class can be used by third-party authentication policy developers to |
| | | help in the mechanics of authentication cookie-setting. |
| | | |
| | | - New constructor argument to Configurator: ``default_view_mapper``. Useful |
| | | to create systems that have alternate view calling conventions. A view |
| | | mapper allows objects that are meant to be used as view callables to have |
| | | an arbitrary argument list and an arbitrary result. The object passed as |
| | | ``default_view_mapper`` should implement the |
| | | ``pyramid.interfaces.IViewMapperFactory`` interface. |
| | | |
| | | - add a ``set_view_mapper`` API to Configurator. Has |
| | | the same result as passing ``default_view_mapper`` to the Configurator |
| | | constructor. |
| | | |
| | | - ``config.add_view`` now accepts a ``mapper`` keyword argument, which should |
| | | either be ``None``, a string representing a Python dotted name, or an |
| | | object which is an ``IViewMapperFactory``. This feature is not useful for |
| | | "civilians", only for extension writers. |
| | | |
| | | - Allow static renderer provided during view registration to be overridden at |
| | | request time via a request attribute named ``override_renderer``, which |
| | | should be the name of a previously registered renderer. Useful to provide |
| | | "omnipresent" RPC using existing rendered views. |
| | | |
| | | - Instances of ``pyramid.testing.DummyRequest`` now have a ``session`` |
| | | object, which is mostly a dictionary, but also implements the other session |
| | | API methods for flash and CSRF. |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - Make ``repoze.bfg`` a namespace package so we can allow folks to create |
| | | subpackages (e.g. ``repoze.bfg.otherthing``) within separate eggs. This |
| | | is a backwards incompatible change which makes it impossible to import |
| | | "make_app" and "get_options" from the ``repoze.bfg`` module directly. |
| | | This change will break all existing apps generated by the paster code |
| | | generator. Instead, you need to import these functions as |
| | | ``repoze.bfg.router:make_app`` and ``repoze.bfg.registry:get_options``, |
| | | respectively. Sorry folks, it has to be done now or never, and |
| | | definitely better now. |
| | | - Since the ``pyramid.interfaces.IAuthenticationPolicy`` interface now |
| | | specifies that a policy implementation must implement an |
| | | ``unauthenticated_userid`` method, all third-party custom authentication |
| | | policies now must implement this method. It, however, will only be called |
| | | when the global function named ``pyramid.security.unauthenticated_userid`` |
| | | is invoked, so if you're not invoking that, you will not notice any issues. |
| | | |
| | | - ``pyramid.interfaces.ISession.get_csrf_token`` now mandates that an |
| | | implementation should return a *new* token if one doesn't already exist in |
| | | the session (previously it would return None). The internal sessioning |
| | | implementation has been changed. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - The (weak) "Converting a CMF Application to Pyramid" tutorial has been |
| | | removed from the tutorials section. It was moved to the |
| | | ``pyramid_tutorials`` Github repository. |
| | | |
| | | - The "Resource Location and View Lookup" chapter has been replaced with a |
| | | variant of Rob Miller's "Much Ado About Traversal" (originally published at |
| | | http://blog.nonsequitarian.org/2010/much-ado-about-traversal/). |
| | | |
| | | - Many minor wording tweaks and refactorings (merged Casey Duncan's docs |
| | | fork, in which he is working on general editing). |
| | | |
| | | - Added (weak) description of new view mapper feature to Hooks narrative |
| | | chapter. |
| | | |
| | | - Split views chapter into 2: View Callables and View Configuration. |
| | | |
| | | - Reorder Renderers and Templates chapters after View Callables but before |
| | | View Configuration. |
| | | |
| | | - Merge Session Objects, Cross-Site Request Forgery, and Flash Messaging |
| | | chapter into a single Sessions chapter. |
| | | |
| | | - The Wiki and Wiki2 tutorials now have much nicer CSS and graphics. |
| | | |
| | | Internals |
| | | --------- |
| | | |
| | | - The "view derivation" code is now factored into a set of classes rather |
| | | than a large number of standalone functions (a side effect of the |
| | | view mapper refactoring). |
| | | |
| | | - The ``pyramid.renderer.RendererHelper`` class has grown a ``render_view`` |
| | | method, which is used by the default view mapper (a side effect of the |
| | | view mapper refactoring). |
| | | |
| | | - The object passed as ``renderer`` to the "view deriver" is now an instance |
| | | of ``pyramid.renderers.RendererHelper`` rather than a dictionary (a side |
| | | effect of view mapper refactoring). |
| | | |
| | | - The class used as the "page template" in ``pyramid.chameleon_text`` was |
| | | removed, in preference to using a Chameleon-inbuilt version. |
| | | |
| | | - A view callable wrapper registered in the registry now contains an |
| | | ``__original_view__`` attribute which references the original view callable |
| | | (or class). |
| | | |
| | | - The (non-API) method of all internal authentication policy implementations |
| | | previously named ``_get_userid`` is now named ``unauthenticated_userid``, |
| | | promoted to an API method. If you were overriding this method, you'll now |
| | | need to override it as ``unauthenticated_userid`` instead. |
| | | |
| | | - Remove (non-API) function of config.py named _map_view. |
| | | |
| | | 1.0a8 (2010-12-27) |
| | | ================== |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - The name ``registry`` was not available in the ``paster pshell`` |
| | | environment under IPython. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Add ``model_path`` API function to traversal module. |
| | | - If a resource implements a ``__resource_url__`` method, it will be called |
| | | as the result of invoking the ``pyramid.url.resource_url`` function to |
| | | generate a URL, overriding the default logic. See the new "Generating The |
| | | URL Of A Resource" section within the Resources narrative chapter. |
| | | |
| | | Bugfixes |
| | | - Added flash messaging, as described in the "Flash Messaging" narrative |
| | | documentation chapter. |
| | | |
| | | - Normalize path returned by repoze.bfg.caller_path. |
| | | - Added CSRF token generation, as described in the narrative chapter entitled |
| | | "Preventing Cross-Site Request Forgery Attacks". |
| | | |
| | | 0.3.3 (2008-08-23) |
| | | - Prevent misunderstanding of how the ``view`` and ``view_permission`` |
| | | arguments to add_route work by raising an exception during configuration if |
| | | view-related arguments exist but no ``view`` argument is passed. |
| | | |
| | | - Add ``paster proute`` command which displays a summary of the routing |
| | | table. See the narrative documentation section within the "URL Dispatch" |
| | | chapter entitled "Displaying All Application Routes". |
| | | |
| | | Paster Templates |
| | | ---------------- |
| | | |
| | | - The ``pyramid_zodb`` Paster template no longer employs ZCML. Instead, it |
| | | is based on scanning. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Added "Generating The URL Of A Resource" section to the Resources narrative |
| | | chapter (includes information about overriding URL generation using |
| | | ``__resource_url__``). |
| | | |
| | | - Added "Generating the Path To a Resource" section to the Resources |
| | | narrative chapter. |
| | | |
| | | - Added "Finding a Resource by Path" section to the Resources narrative |
| | | chapter. |
| | | |
| | | - Added "Obtaining the Lineage of a Resource" to the Resources narrative |
| | | chapter. |
| | | |
| | | - Added "Determining if a Resource is In The Lineage of Another Resource" to |
| | | Resources narrative chapter. |
| | | |
| | | - Added "Finding the Root Resource" to Resources narrative chapter. |
| | | |
| | | - Added "Finding a Resource With a Class or Interface in Lineage" to |
| | | Resources narrative chapter. |
| | | |
| | | - Added a "Flash Messaging" narrative documentation chapter. |
| | | |
| | | - Added a narrative chapter entitled "Preventing Cross-Site Request Forgery |
| | | Attacks". |
| | | |
| | | - Changed the "ZODB + Traversal Wiki Tutorial" based on changes to |
| | | ``pyramid_zodb`` Paster template. |
| | | |
| | | - Added "Advanced Configuration" narrative chapter which documents how to |
| | | deal with configuration conflicts, two-phase configuration, ``include`` and |
| | | ``commit``. |
| | | |
| | | - Fix API documentation rendering for ``pyramid.view.static`` |
| | | |
| | | - Add "Pyramid Provides More Than One Way to Do It" to Design Defense |
| | | documentation. |
| | | |
| | | - Changed "Static Assets" narrative chapter: clarify that ``name`` represents |
| | | a prefix unless it's a URL, added an example of a root-relative static view |
| | | fallback for URL dispatch, added an example of creating a simple view that |
| | | returns the body of a file. |
| | | |
| | | - Move ZCML usage in Hooks chapter to Declarative Configuration chapter. |
| | | |
| | | - Merge "Static Assets" chapter into the "Assets" chapter. |
| | | |
| | | - Added narrative documentation section within the "URL Dispatch" chapter |
| | | entitled "Displaying All Application Routes" (for ``paster proutes`` |
| | | command). |
| | | |
| | | 1.0a7 (2010-12-20) |
| | | ================== |
| | | |
| | | - Fix generated test.py module to use project name rather than package |
| | | name. |
| | | Terminology Changes |
| | | ------------------- |
| | | |
| | | 0.3.2 (2008-08-23) |
| | | - The Pyramid concept previously known as "model" is now known as "resource". |
| | | As a result: |
| | | |
| | | - The following API changes have been made:: |
| | | |
| | | pyramid.url.model_url -> |
| | | pyramid.url.resource_url |
| | | |
| | | pyramid.traversal.find_model -> |
| | | pyramid.url.find_resource |
| | | |
| | | pyramid.traversal.model_path -> |
| | | pyramid.traversal.resource_path |
| | | |
| | | pyramid.traversal.model_path_tuple -> |
| | | pyramid.traversal.resource_path_tuple |
| | | |
| | | pyramid.traversal.ModelGraphTraverser -> |
| | | pyramid.traversal.ResourceTreeTraverser |
| | | |
| | | pyramid.config.Configurator.testing_models -> |
| | | pyramid.config.Configurator.testing_resources |
| | | |
| | | pyramid.testing.registerModels -> |
| | | pyramid.testing.registerResources |
| | | |
| | | pyramid.testing.DummyModel -> |
| | | pyramid.testing.DummyResource |
| | | |
| | | - All documentation which previously referred to "model" now refers to |
| | | "resource". |
| | | |
| | | - The ``starter`` and ``starter_zcml`` paster templates now have a |
| | | ``resources.py`` module instead of a ``models.py`` module. |
| | | |
| | | - Positional argument names of various APIs have been changed from |
| | | ``model`` to ``resource``. |
| | | |
| | | Backwards compatibility shims have been left in place in all cases. They |
| | | will continue to work "forever". |
| | | |
| | | - The Pyramid concept previously known as "resource" is now known as "asset". |
| | | As a result: |
| | | |
| | | - The (non-API) module previously known as ``pyramid.resource`` is now |
| | | known as ``pyramid.asset``. |
| | | |
| | | - All docs that previously referred to "resource specification" now refer |
| | | to "asset specification". |
| | | |
| | | - The following API changes were made:: |
| | | |
| | | pyramid.config.Configurator.absolute_resource_spec -> |
| | | pyramid.config.Configurator.absolute_asset_spec |
| | | |
| | | pyramid.config.Configurator.override_resource -> |
| | | pyramid.config.Configurator.override_asset |
| | | |
| | | - The ZCML directive previously known as ``resource`` is now known as |
| | | ``asset``. |
| | | |
| | | - The setting previously known as ``BFG_RELOAD_RESOURCES`` (envvar) or |
| | | ``reload_resources`` (config file) is now known, respectively, as |
| | | ``PYRAMID_RELOAD_ASSETS`` and ``reload_assets``. |
| | | |
| | | Backwards compatibility shims have been left in place in all cases. They |
| | | will continue to work "forever". |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Make it possible to succesfully run all tests via ``nosetests`` command |
| | | directly (rather than indirectly via ``python setup.py nosetests``). |
| | | |
| | | - When a configuration conflict is encountered during scanning, the conflict |
| | | exception now shows the decorator information that caused the conflict. |
| | | |
| | | Features |
| | | -------- |
| | | |
| | | - Added ``debug_routematch`` configuration setting that logs matched routes |
| | | (including the matchdict and predicates). |
| | | |
| | | - The name ``registry`` is now available in a ``pshell`` environment by |
| | | default. It is the application registry object. |
| | | |
| | | Environment |
| | | ----------- |
| | | |
| | | - All environment variables which used to be prefixed with ``BFG_`` are now |
| | | prefixed with ``PYRAMID_`` (e.g. ``BFG_DEBUG_NOTFOUND`` is now |
| | | ``PYRAMID_DEBUG_NOTFOUND``) |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Added "Debugging Route Matching" section to the urldispatch narrative |
| | | documentation chapter. |
| | | |
| | | - Added reference to ``PYRAMID_DEBUG_ROUTEMATCH`` envvar and ``debug_routematch`` |
| | | config file setting to the Environment narrative docs chapter. |
| | | |
| | | - Changed "Project" chapter slightly to expand on use of ``paster pshell``. |
| | | |
| | | - Direct Jython users to Mako rather than Jinja2 in "Install" narrative |
| | | chapter. |
| | | |
| | | - Many changes to support terminological renaming of "model" to "resource" |
| | | and "resource" to "asset". |
| | | |
| | | - Added an example of ``WebTest`` functional testing to the testing narrative |
| | | chapter. |
| | | |
| | | - Rearranged chapter ordering by popular demand (URL dispatch first, then |
| | | traversal). Put hybrid chapter after views chapter. |
| | | |
| | | - Split off "Renderers" as its own chapter from "Views" chapter in narrative |
| | | documentation. |
| | | |
| | | Paster Templates |
| | | ---------------- |
| | | |
| | | - Added ``debug_routematch = false`` to all paster templates. |
| | | |
| | | Dependencies |
| | | ------------ |
| | | |
| | | - Depend on Venusian >= 0.5 (for scanning conflict exception decoration). |
| | | |
| | | 1.0a6 (2010-12-15) |
| | | ================== |
| | | |
| | | - Remove ``sampleapp`` sample application from bfg package itself. |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Remove dependency on FormEncode (only needed by sampleapp). |
| | | - 1.0a5 introduced a bug when ``pyramid.config.Configurator.scan`` was used |
| | | without a ``package`` argument (e.g. ``config.scan()`` as opposed to |
| | | ``config.scan('packagename')``. The symptoms were: lots of deprecation |
| | | warnings printed to the console about imports of deprecated Pyramid |
| | | functions and classes and non-detection of view callables decorated with |
| | | ``view_config`` decorators. This has been fixed. |
| | | |
| | | - Fix paster template generation so that case-sensitivity is preserved for |
| | | project vs. package name. |
| | | - Tests now pass on Windows (no bugs found, but a few tests in the test suite |
| | | assumed UNIX path segments in filenames). |
| | | |
| | | - Depend on ``z3c.pt`` version 1.0a1 (which requires the ``[lxml]`` extra |
| | | currently). |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Read and write a pickled ZCML actions list, stored as |
| | | ``configure.zcml.cache`` next to the applications's "normal" |
| | | configuration file. A given bfg app will usually start faster if it's |
| | | able to read the pickle data. It fails gracefully to reading the real |
| | | ZCML file if it cannot read the pickle. |
| | | - If you followed it to-the-letter, the ZODB+Traversal Wiki tutorial would |
| | | instruct you to run a test which would fail because the view callable |
| | | generated by the ``pyramid_zodb`` tutorial used a one-arg view callable, |
| | | but the test in the sample code used a two-arg call. |
| | | |
| | | 0.3.1 (2008-08-20) |
| | | - Updated ZODB+Traversal tutorial setup.py of all steps to match what's |
| | | generated by ``pyramid_zodb``. |
| | | |
| | | - Fix reference to ``repoze.bfg.traversalwrapper`` in "Models" chapter (point |
| | | at ``pyramid_traversalwrapper`` instead). |
| | | |
| | | 1.0a5 (2010-12-14) |
| | | ================== |
| | | |
| | | - Generated application differences: ``make_app`` entry point renamed to |
| | | ``app`` in order to have a different name than the bfg function of the |
| | | same name, to prevent confusion. |
| | | Features |
| | | -------- |
| | | |
| | | - Add "options" processing to bfg's ``make_app`` to support runtime |
| | | options. A new API function named ``get_options`` was added to the |
| | | registry module. This function is typically used in an application's |
| | | ``app`` entry point. The Paste config file section for the app can now |
| | | supply the ``reload_templates`` option, which, if true, will prevent the |
| | | need to restart the appserver in order for ``z3c.pt`` or XSLT template |
| | | changes to be detected. |
| | | - Add a ``handler`` ZCML directive. This directive does the same thing as |
| | | ``pyramid.configuration.add_handler``. |
| | | |
| | | - Use only the module name in generated project's "test_suite" (run all |
| | | tests found in the package). |
| | | - A new module named ``pyramid.config`` was added. It subsumes the duties of |
| | | the older ``pyramid.configuration`` module. |
| | | |
| | | - Default port for generated apps changed from 5432 to 6543 (Postgres |
| | | default port is 6543). |
| | | - The new ``pyramid.config.Configurator` class has API methods that the older |
| | | ``pyramid.configuration.Configurator`` class did not: ``with_context`` (a |
| | | classmethod), ``include``, ``action``, and ``commit``. These methods exist |
| | | for imperative application extensibility purposes. |
| | | |
| | | 0.3.0 (2008-08-16) |
| | | - The ``pyramid.testing.setUp`` function now accepts an ``autocommit`` |
| | | keyword argument, which defaults to ``True``. If it is passed ``False``, |
| | | the Config object returned by ``setUp`` will be a non-autocommiting Config |
| | | object. |
| | | |
| | | - Add logging configuration to all paster templates. |
| | | |
| | | - ``pyramid_alchemy``, ``pyramid_routesalchemy``, and ``pylons_sqla`` paster |
| | | templates now use idiomatic SQLAlchemy configuration in their respective |
| | | ``.ini`` files and Python code. |
| | | |
| | | - ``pyramid.testing.DummyRequest`` now has a class variable, |
| | | ``query_string``, which defaults to the empty string. |
| | | |
| | | - Add support for json on GAE by catching NotImplementedError and importing |
| | | simplejson from django.utils. |
| | | |
| | | - The Mako renderer now accepts a resource specification for |
| | | ``mako.module_directory``. |
| | | |
| | | - New boolean Mako settings variable ``mako.strict_undefined``. See `Mako |
| | | Context Variables |
| | | <http://www.makotemplates.org/docs/runtime.html#context-variables>`_ for |
| | | its meaning. |
| | | |
| | | Dependencies |
| | | ------------ |
| | | |
| | | - Depend on Mako 0.3.6+ (we now require the ``strict_undefined`` feature). |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - When creating a Configurator from within a ``paster pshell`` session, you |
| | | were required to pass a ``package`` argument although ``package`` is not |
| | | actually required. If you didn't pass ``package``, you would receive an |
| | | error something like ``KeyError: '__name__'`` emanating from the |
| | | ``pyramid.path.caller_module`` function. This has now been fixed. |
| | | |
| | | - The ``pyramid_routesalchemy`` paster template's unit tests failed |
| | | (``AssertionError: 'SomeProject' != 'someproject'``). This is fixed. |
| | | |
| | | - Make default renderer work (renderer factory registered with no name, which |
| | | is active for every view unless the view names a specific renderer). |
| | | |
| | | - The Mako renderer did not properly turn the ``mako.imports``, |
| | | ``mako.default_filters``, and ``mako.imports`` settings into lists. |
| | | |
| | | - The Mako renderer did not properly convert the ``mako.error_handler`` |
| | | setting from a dotted name to a callable. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Merged many wording, readability, and correctness changes to narrative |
| | | documentation chapters from https://github.com/caseman/pyramid (up to and |
| | | including "Models" narrative chapter). |
| | | |
| | | - "Sample Applications" section of docs changed to note existence of Cluegun, |
| | | Shootout and Virginia sample applications, ported from their repoze.bfg |
| | | origin packages. |
| | | |
| | | - SQLAlchemy+URLDispatch tutorial updated to integrate changes to |
| | | ``pyramid_routesalchemy`` template. |
| | | |
| | | - Add ``pyramid.interfaces.ITemplateRenderer`` interface to Interfaces API |
| | | chapter (has ``implementation()`` method, required to be used when getting |
| | | at Chameleon macros). |
| | | |
| | | - Add a "Modifying Package Structure" section to the project narrative |
| | | documentation chapter (explain turning a module into a package). |
| | | |
| | | - Documentation was added for the new ``handler`` ZCML directive in the ZCML |
| | | section. |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - ``pyramid.configuration.Configurator`` is now deprecated. Use |
| | | ``pyramid.config.Configurator``, passing its constructor |
| | | ``autocommit=True`` instead. The ``pyramid.configuration.Configurator`` |
| | | alias will live for a long time, as every application uses it, but its |
| | | import now issues a deprecation warning. The |
| | | ``pyramid.config.Configurator`` class has the same API as |
| | | ``pyramid.configuration.Configurator`` class, which it means to replace, |
| | | except by default it is a *non-autocommitting* configurator. The |
| | | now-deprecated ``pyramid.configuration.Configurator`` will autocommit every |
| | | time a configuration method is called. |
| | | |
| | | The ``pyramid.configuration`` module remains, but it is deprecated. Use |
| | | ``pyramid.config`` instead. |
| | | |
| | | 1.0a4 (2010-11-21) |
| | | ================== |
| | | |
| | | - Add ``get_template`` API to template module. |
| | | Features |
| | | -------- |
| | | |
| | | 0.2.9 (2008-08-11) |
| | | - URL Dispatch now allows for replacement markers to be located anywhere |
| | | in the pattern, instead of immediately following a ``/``. |
| | | |
| | | - URL Dispatch now uses the form ``{marker}`` to denote a replace marker in |
| | | the route pattern instead of ``:marker``. The old colon-style marker syntax |
| | | is still accepted for backwards compatibility. The new format allows a |
| | | regular expression for that marker location to be used instead of the |
| | | default ``[^/]+``, for example ``{marker:\d+}`` is now valid to require the |
| | | marker to be digits. |
| | | |
| | | - Add a ``pyramid.url.route_path`` API, allowing folks to generate relative |
| | | URLs. Calling ``route_path`` is the same as calling |
| | | ``pyramid.url.route_url`` with the argument ``_app_url`` equal to the empty |
| | | string. |
| | | |
| | | - Add a ``pyramid.request.Request.route_path`` API. This is a convenience |
| | | method of the request which calls ``pyramid.url.route_url``. |
| | | |
| | | - Make test suite pass on Jython (requires PasteScript trunk, presumably to |
| | | be 1.7.4). |
| | | |
| | | - Make test suite pass on PyPy (Chameleon doesn't work). |
| | | |
| | | - Surrounding application configuration with ``config.begin()`` and |
| | | ``config.end()`` is no longer necessary. All paster templates have been |
| | | changed to no longer call these functions. |
| | | |
| | | - Fix configurator to not convert ``ImportError`` to ``ConfigurationError`` |
| | | if the import that failed was unrelated to the import requested via a |
| | | dotted name when resolving dotted names (such as view dotted names). |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - SQLAlchemy+URLDispatch and ZODB+Traversal tutorials have been updated to |
| | | not call ``config.begin()`` or ``config.end()``. |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - Add deprecation warnings to import of ``pyramid.chameleon_text`` and |
| | | ``pyramid.chameleon_zpt`` of ``get_renderer``, ``get_template``, |
| | | ``render_template``, and ``render_template_to_response``. |
| | | |
| | | - Add deprecation warning for import of ``pyramid.zcml.zcml_configure`` and |
| | | ``pyramid.zcml.file_configure``. |
| | | |
| | | - The ``pyramid_alchemy`` paster template had a typo, preventing an import |
| | | from working. |
| | | |
| | | - Fix apparent failures when calling ``pyramid.traversal.find_model(root, |
| | | path)`` or ``pyramid.traversal.traverse(path)`` when ``path`` is |
| | | (erroneously) a Unicode object. The user is meant to pass these APIs a |
| | | string object, never a Unicode object. In practice, however, users indeed |
| | | pass Unicode. Because the string that is passed must be ASCII encodeable, |
| | | now, if they pass a Unicode object, its data is eagerly converted to an |
| | | ASCII string rather than being passed along to downstream code as a |
| | | convenience to the user and to prevent puzzling second-order failures from |
| | | cropping up (all failures will occur within ``pyramid.traversal.traverse`` |
| | | rather than later down the line as the result of calling e.g. |
| | | ``traversal_path``). |
| | | |
| | | Backwards Incompatibilities |
| | | --------------------------- |
| | | |
| | | - The ``pyramid.testing.zcml_configure`` API has been removed. It had been |
| | | advertised as removed since repoze.bfg 1.2a1, but hadn't actually been. |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - The ``pyramid.settings.get_settings`` API is now deprecated. Use |
| | | ``pyramid.threadlocals.get_current_registry().settings`` instead or use the |
| | | ``settings`` attribute of the registry available from the request |
| | | (``request.registry.settings``). |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - Removed ``zodbsessions`` tutorial chapter. It's still useful, but we now |
| | | have a SessionFactory abstraction which competes with it, and maintaining |
| | | documentation on both ways to do it is a distraction. |
| | | |
| | | Internal |
| | | -------- |
| | | |
| | | - Replace Twill with WebTest in internal integration tests (avoid deprecation |
| | | warnings generated by Twill). |
| | | |
| | | 1.0a3 (2010-11-16) |
| | | ================== |
| | | |
| | | - 0.2.8 was "brown bag" release. It didn't work at all. Symptom: |
| | | ComponentLookupError when trying to render a page. |
| | | Features |
| | | -------- |
| | | |
| | | 0.2.8 (2008-08-11) |
| | | - Added Mako TemplateLookup settings for ``mako.error_handler``, |
| | | ``mako.default_filters``, and ``mako.imports``. |
| | | |
| | | - Normalized all paster templates: each now uses the name ``main`` to |
| | | represent the function that returns a WSGI application, each now uses |
| | | WebError, each now has roughly the same shape of development.ini style. |
| | | |
| | | - Added class vars ``matchdict`` and ``matched_route`` to |
| | | ``pyramid.request.Request``. Each is set to ``None``. |
| | | |
| | | - New API method: ``pyramid.settings.asbool``. |
| | | |
| | | - New API methods for ``pyramid.request.Request``: ``model_url``, |
| | | ``route_url``, and ``static_url``. These are simple passthroughs for their |
| | | respective functions in ``pyramid.url``. |
| | | |
| | | - The ``settings`` object which used to be available only when |
| | | ``request.settings.get_settings`` was called is now available as |
| | | ``registry.settings`` (e.g. ``request.registry.settings`` in view code). |
| | | |
| | | Bug Fixes |
| | | --------- |
| | | |
| | | - The pylons_* paster templates erroneously used the ``{squiggly}`` routing |
| | | syntax as the pattern supplied to ``add_route``. This style of routing is |
| | | not supported. They were replaced with ``:colon`` style route patterns. |
| | | |
| | | - The pylons_* paster template used the same string |
| | | (``your_app_secret_string``) for the ``session.secret`` setting in the |
| | | generated ``development.ini``. This was a security risk if left unchanged |
| | | in a project that used one of the templates to produce production |
| | | applications. It now uses a randomly generated string. |
| | | |
| | | Documentation |
| | | ------------- |
| | | |
| | | - ZODB+traversal wiki (``wiki``) tutorial updated due to changes to |
| | | ``pyramid_zodb`` paster template. |
| | | |
| | | - SQLAlchemy+urldispach wiki (``wiki2``) tutorial updated due to changes to |
| | | ``pyramid_routesalchemy`` paster template. |
| | | |
| | | - Documented the ``matchdict`` and ``matched_route`` attributes of the |
| | | request object in the Request API documentation. |
| | | |
| | | Deprecations |
| | | ------------ |
| | | |
| | | - Obtaining the ``settings`` object via |
| | | ``registry.{get|query}Utility(ISettings)`` is now deprecated. Instead, |
| | | obtain the ``settings`` object via the ``registry.settings`` attribute. A |
| | | backwards compatibility shim was added to the registry object to register |
| | | the settings object as an ISettings utility when ``setattr(registry, |
| | | 'settings', foo)`` is called, but it will be removed in a later release. |
| | | |
| | | - Obtaining the ``settings`` object via ``pyramid.settings.get_settings`` is |
| | | now deprecated. Obtain it as the ``settings`` attribute of the registry |
| | | now (obtain the registry via ``pyramid.threadlocal.get_registry`` or as |
| | | ``request.registry``). |
| | | |
| | | Behavior Differences |
| | | -------------------- |
| | | |
| | | - Internal: ZCML directives no longer call get_current_registry() if there's |
| | | a ``registry`` attribute on the ZCML context (kill off use of |
| | | threadlocals). |
| | | |
| | | - Internal: Chameleon template renderers now accept two arguments: ``path`` |
| | | and ``lookup``. ``Lookup`` will be an instance of a lookup class which |
| | | supplies (late-bound) arguments for debug, reload, and translate. Any |
| | | third-party renderers which use (the non-API) function |
| | | ``pyramid.renderers.template_renderer_factory`` will need to adjust their |
| | | implementations to obey the new callback argument list. This change was to |
| | | kill off inappropriate use of threadlocals. |
| | | |
| | | 1.0a2 (2010-11-09) |
| | | ================== |
| | | |
| | | - Add ``find_model`` and ``find_root`` traversal APIs. In the process, |
| | | make ITraverser a uni-adapter (on context) rather than a multiadapter (on |
| | | context and request). |
| | | Documentation |
| | | ------------- |
| | | |
| | | 0.2.7 (2008-08-05) |
| | | - All references to events by interface |
| | | (e.g. ``pyramid.interfaces.INewRequest``) have been changed to reference |
| | | their concrete classes (e.g. ``pyramid.events.NewRequest``) in |
| | | documentation about making subscriptions. |
| | | |
| | | - All references to Pyramid-the-application were changed from mod-`pyramid` |
| | | to app-`Pyramid`. A custom role setting was added to ``docs/conf.py`` to |
| | | allow for this. (internal) |
| | | |
| | | 1.0a1 (2010-11-05) |
| | | ================== |
| | | |
| | | - Add a ``request_type`` attribute to the available attributes of a |
| | | ``bfg:view`` configure.zcml element. This attribute will have a value |
| | | which is a dotted Python path, pointing at an interface. If the request |
| | | object implements this interface when the view lookup is performed, the |
| | | appropriate view will be called. This is meant to allow for simple |
| | | "skinning" of sites based on request type. An event subscriber should |
| | | attach the interface to the request on ingress to support skins. |
| | | Features (delta from BFG 1.3) |
| | | ------------------------------- |
| | | |
| | | - Remove "template only" views. These were just confusing and were never |
| | | documented. |
| | | - Mako templating renderer supports resource specification format for |
| | | template lookups and within Mako templates. Absolute filenames must |
| | | be used in Pyramid to avoid this lookup process. |
| | | |
| | | - Small url dispatch overhaul: the ``connect`` method of the |
| | | ``urldispatch.RoutesMapper`` object now accepts a keyword parameter named |
| | | ``context_factory``. If this parameter is supplied, it must be a |
| | | callable which returns an instance. This instance is used as the context |
| | | for the request when a route is matched. |
| | | - Add ``pyramid.httpexceptions`` module, which is a facade for the |
| | | ``webob.exc`` module. |
| | | |
| | | - The registration of a RoutesModelTraverser no longer needs to be |
| | | performed by the application; it's in the bfg ZCML now. |
| | | - Direct built-in support for the Mako templating language. |
| | | |
| | | 0.2.6 (2008-07-31) |
| | | ================== |
| | | - A new configurator method exists: ``add_handler``. This method adds |
| | | a Pylons-style "view handler" (such a thing used to be called a |
| | | "controller" in Pylons 1.0). |
| | | |
| | | - Add event sends for INewRequest and INewResponse. See the events.rst |
| | | chapter in the documentation's ``api`` directory. |
| | | - New argument to configurator: ``session_factory``. |
| | | |
| | | 0.2.5 (2008-07-28) |
| | | ================== |
| | | - New method on configurator: ``set_session_factory`` |
| | | |
| | | - Add ``model_url`` API. |
| | | - Using ``request.session`` now returns a (dictionary-like) session |
| | | object if a session factory has been configured. |
| | | |
| | | 0.2.4 (2008-07-27) |
| | | ================== |
| | | - The request now has a new attribute: ``tmpl_context`` for benefit of |
| | | Pylons users. |
| | | |
| | | - Added url-based dispatch. |
| | | - The decorator previously known as ``pyramid.view.bfg_view`` is now |
| | | known most formally as ``pyramid.view.view_config`` in docs and |
| | | paster templates. An import of ``pyramid.view.bfg_view``, however, |
| | | will continue to work "forever". |
| | | |
| | | 0.2.3 (2008-07-20) |
| | | ================== |
| | | - New API methods in ``pyramid.session``: ``signed_serialize`` and |
| | | ``signed_deserialize``. |
| | | |
| | | - Add API functions for authenticated_userid and effective_principals. |
| | | - New interface: ``pyramid.interfaces.IRendererInfo``. An object of this type |
| | | is passed to renderer factory constructors (see "Backwards |
| | | Incompatibilities"). |
| | | |
| | | 0.2.2 (2008-07-20) |
| | | ================== |
| | | - New event type: ``pyramid.interfaces.IBeforeRender``. An object of this type |
| | | is sent as an event before a renderer is invoked (but after the |
| | | application-level renderer globals factory added via |
| | | ``pyramid.configurator.configuration.set_renderer_globals_factory``, if any, |
| | | has injected its own keys). Applications may now subscribe to the |
| | | ``IBeforeRender`` event type in order to introspect the and modify the set of |
| | | renderer globals before they are passed to a renderer. The event object |
| | | iself has a dictionary-like interface that can be used for this purpose. For |
| | | example:: |
| | | |
| | | - Add authenticated_userid and effective_principals API to security |
| | | policy. |
| | | from repoze.events import subscriber |
| | | from pyramid.interfaces import IRendererGlobalsEvent |
| | | |
| | | 0.2.1 (2008-07-20) |
| | | ================== |
| | | @subscriber(IRendererGlobalsEvent) |
| | | def add_global(event): |
| | | event['mykey'] = 'foo' |
| | | |
| | | - Add find_interface API. |
| | | If a subscriber attempts to add a key that already exist in the renderer |
| | | globals dictionary, a ``KeyError`` is raised. This limitation is due to the |
| | | fact that subscribers cannot be ordered relative to each other. The set of |
| | | keys added to the renderer globals dictionary by all subscribers and |
| | | app-level globals factories must be unique. |
| | | |
| | | 0.2 (2008-07-19) |
| | | ================ |
| | | - New class: ``pyramid.response.Response``. This is a pure facade for |
| | | ``webob.Response`` (old code need not change to use this facade, it's |
| | | existence is mostly for vanity and documentation-generation purposes). |
| | | |
| | | - Add wsgiapp decorator. |
| | | - All preexisting paster templates (except ``zodb``) now use "imperative" |
| | | configuration (``starter``, ``routesalchemy``, ``alchemy``). |
| | | |
| | | - The concept of "view factories" was removed in favor of always calling a |
| | | view, which is a callable that returns a response directly (as opposed to |
| | | returning a view). As a result, the ``factory`` attribute in the |
| | | bfg:view ZCML statement has been renamed to ``view``. Various interface |
| | | names were changed also. |
| | | - A new paster template named ``pyramid_starter_zcml`` exists, which uses |
| | | declarative configuration. |
| | | |
| | | - ``render_template`` and ``render_transform`` no longer return a Response |
| | | object. Instead, these return strings. The old behavior can be obtained |
| | | by using ``render_template_to_response`` and |
| | | ``render_transform_to_response``. |
| | | Documentation (delta from BFG 1.3) |
| | | ----------------------------------- |
| | | |
| | | - Added 'repoze.bfg.push:pushpage' decorator, which creates BFG views from |
| | | callables which take (context, request) and return a mapping of top-level |
| | | names. |
| | | - Added a ``pyramid.httpexceptions`` API documentation chapter. |
| | | |
| | | - Added ACL-based security. |
| | | - Added a ``pyramid.session`` API documentation chapter. |
| | | |
| | | - Support for XSLT templates via a render_transform method |
| | | - Added a ``Session Objects`` narrative documentation chapter. |
| | | |
| | | 0.1 (2008-07-08) |
| | | ================ |
| | | - Added an API chapter for the ``pyramid.personality`` module. |
| | | |
| | | - Initial release. |
| | | - Added an API chapter for the ``pyramid.response`` module. |
| | | |
| | | - All documentation which previously referred to ``webob.Response`` now uses |
| | | ``pyramid.response.Response`` instead. |
| | | |
| | | - The documentation has been overhauled to use imperative configuration, |
| | | moving declarative configuration (ZCML) explanations to a separate |
| | | narrative chapter ``declarative.rst``. |
| | | |
| | | - The ZODB Wiki tutorial was updated to take into account changes to the |
| | | ``pyramid_zodb`` paster template. |
| | | |
| | | - The SQL Wiki tutorial was updated to take into account changes to the |
| | | ``pyramid_routesalchemy`` paster template. |
| | | |
| | | Backwards Incompatibilities (with BFG 1.3) |
| | | ------------------------------------------ |
| | | |
| | | - There is no longer an ``IDebugLogger`` registered as a named utility |
| | | with the name ``repoze.bfg.debug``. |
| | | |
| | | - The logger which used to have the name of ``repoze.bfg.debug`` now |
| | | has the name ``pyramid.debug``. |
| | | |
| | | - The deprecated API ``pyramid.testing.registerViewPermission`` |
| | | has been removed. |
| | | |
| | | - The deprecated API named ``pyramid.testing.registerRoutesMapper`` |
| | | has been removed. |
| | | |
| | | - The deprecated API named ``pyramid.request.get_request`` was removed. |
| | | |
| | | - The deprecated API named ``pyramid.security.Unauthorized`` was |
| | | removed. |
| | | |
| | | - The deprecated API named ``pyramid.view.view_execution_permitted`` |
| | | was removed. |
| | | |
| | | - The deprecated API named ``pyramid.view.NotFound`` was removed. |
| | | |
| | | - The ``bfgshell`` paster command is now named ``pshell``. |
| | | |
| | | - The Venusian "category" for all built-in Venusian decorators |
| | | (e.g. ``subscriber`` and ``view_config``/``bfg_view``) is now |
| | | ``pyramid`` instead of ``bfg``. |
| | | |
| | | - ``pyramid.renderers.rendered_response`` function removed; use |
| | | ``render_pyramid.renderers.render_to_response`` instead. |
| | | |
| | | - Renderer factories now accept a *renderer info object* rather than an |
| | | absolute resource specification or an absolute path. The object has the |
| | | following attributes: ``name`` (the ``renderer=`` value), ``package`` (the |
| | | 'current package' when the renderer configuration statement was found), |
| | | ``type``: the renderer type, ``registry``: the current registry, and |
| | | ``settings``: the deployment settings dictionary. |
| | | |
| | | Third-party ``repoze.bfg`` renderer implementations that must be ported to |
| | | Pyramid will need to account for this. |
| | | |
| | | This change was made primarily to support more flexible Mako template |
| | | rendering. |
| | | |
| | | - The presence of the key ``repoze.bfg.message`` in the WSGI environment when |
| | | an exception occurs is now deprecated. Instead, code which relies on this |
| | | environ value should use the ``exception`` attribute of the request |
| | | (e.g. ``request.exception[0]``) to retrieve the message. |
| | | |
| | | - The values ``bfg_localizer`` and ``bfg_locale_name`` kept on the request |
| | | during internationalization for caching purposes were never APIs. These |
| | | however have changed to ``localizer`` and ``locale_name``, respectively. |
| | | |
| | | - The default ``cookie_name`` value of the ``authtktauthenticationpolicy`` ZCML |
| | | now defaults to ``auth_tkt`` (it used to default to ``repoze.bfg.auth_tkt``). |
| | | |
| | | - The default ``cookie_name`` value of the |
| | | ``pyramid.authentication.AuthTktAuthenticationPolicy`` constructor now |
| | | defaults to ``auth_tkt`` (it used to default to ``repoze.bfg.auth_tkt``). |
| | | |
| | | - The ``request_type`` argument to the ``view`` ZCML directive, the |
| | | ``pyramid.configuration.Configurator.add_view`` method, or the |
| | | ``pyramid.view.view_config`` decorator (nee ``bfg_view``) is no longer |
| | | permitted to be one of the strings ``GET``, ``HEAD``, ``PUT``, ``POST`` or |
| | | ``DELETE``, and now must always be an interface. Accepting the |
| | | method-strings as ``request_type`` was a backwards compatibility strategy |
| | | servicing repoze.bfg 1.0 applications. Use the ``request_method`` |
| | | parameter instead to specify that a view a string request-method predicate. |
| | | |