diff options
| author | Chris McDonough <chrism@plope.com> | 2012-11-02 21:05:46 -0400 |
|---|---|---|
| committer | Chris McDonough <chrism@plope.com> | 2012-11-02 21:05:46 -0400 |
| commit | 07c9ee0ec96eb664974fe314a46389ed59390520 (patch) | |
| tree | 985cca39f256a14ac07f17309f2856b5c336ddb4 /CHANGES.txt | |
| parent | 76430b07f199cdbdbd19f463367c72eda1b537c3 (diff) | |
| download | pyramid-07c9ee0ec96eb664974fe314a46389ed59390520.tar.gz pyramid-07c9ee0ec96eb664974fe314a46389ed59390520.tar.bz2 pyramid-07c9ee0ec96eb664974fe314a46389ed59390520.zip | |
- Do not allow the userid returned from the ``authenticated_userid`` or the
userid that is one of the list of principals returned by
``effective_principals`` to be either of the strings ``system.Everyone`` or
``system.Authenticated`` when any of the built-in authorization policies that
live in ``pyramid.authentication`` are in use. These two strings are
reserved for internal usage by Pyramid and they will not be accepted as valid
userids.
Diffstat (limited to 'CHANGES.txt')
| -rw-r--r-- | CHANGES.txt | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/CHANGES.txt b/CHANGES.txt index 740de0f17..291795da3 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -6,6 +6,14 @@ Features - Added an ``effective_principals`` route and view predicate. +- Do not allow the userid returned from the ``authenticated_userid`` or the + userid that is one of the list of principals returned by + ``effective_principals`` to be either of the strings ``system.Everyone`` or + ``system.Authenticated`` when any of the built-in authorization policies that + live in ``pyramid.authentication`` are in use. These two strings are + reserved for internal usage by Pyramid and they will not be accepted as valid + userids. + 1.4a3 (2012-10-26) ================== |