diff options
| author | Chris McDonough <chrism@agendaless.com> | 2009-05-25 00:27:08 +0000 |
|---|---|---|
| committer | Chris McDonough <chrism@agendaless.com> | 2009-05-25 00:27:08 +0000 |
| commit | 267f2db66f514db43d0801237213799cd6797ee4 (patch) | |
| tree | ae13868d50a54f534bf594acf8b109d49ad60e09 /CHANGES.txt | |
| parent | 6db0d49fb607f4dc55e8612e4a658856c1afbf8b (diff) | |
| download | pyramid-267f2db66f514db43d0801237213799cd6797ee4.tar.gz pyramid-267f2db66f514db43d0801237213799cd6797ee4.tar.bz2 pyramid-267f2db66f514db43d0801237213799cd6797ee4.zip | |
Change the semantics of IForbiddenAppFactory.
Diffstat (limited to 'CHANGES.txt')
| -rw-r--r-- | CHANGES.txt | 32 |
1 files changed, 23 insertions, 9 deletions
diff --git a/CHANGES.txt b/CHANGES.txt index fa9f44fb6..090c0f412 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -4,17 +4,30 @@ Next release Features -------- +- It is now possible to register a custom + ``repoze.bfg.interfaces.IForbiddenAppFactory`` for a given + application. This feature replaces the + ``repoze.bfg.interfaces.IUnauthorizedAppFactory`` feature previously + described in the Hooks chapter. The IForbiddenAppFactory will be + called when the framework detects an authorization failure; it + should accept a context object and a request object; it should + return a WSGI application. Read the below point for more info and + see the Hooks narrative chapter of the BFG docs for more info. + - It is now possible to register a security policy that returns a customized ``Forbidden`` WSGI application when BFG cannot authorize an invocation of a view. To this end, ISecurityPolicy objects must - now have a ``forbidden`` method. This method should return a WSGI - application. The returned WSGI application should generate a - response which is appropriate when access to a view resource was - forbidden by the security policy (e.g. perhaps a login page). - ``repoze.bfg`` is willing to operate with a custom security policy - that does not have a ``forbidden`` method, but it will issue a - warning; eventually security policies without a ``forbidden`` method - will cease to work under ``repoze.bfg``. + now have a ``forbidden`` method that accepts two arguments: + ``context`` and ``request``. The ``context`` will be the context + found by the router, the ``request`` will be the current request. + This method should return a WSGI application. The returned WSGI + application should generate a response which is appropriate when + access to a view resource was forbidden by the security policy + (e.g. perhaps a login page). ``repoze.bfg`` is willing to operate + with a custom security policy that does not have a ``forbidden`` + method, but it will issue a warning; eventually security policies + without a ``forbidden`` method will cease to work under + ``repoze.bfg``. Note that the ``forbidden`` WSGI application returned by the security policy is not used if a developer has registered an @@ -43,7 +56,8 @@ Deprecations ------------ - The ``repoze.bfg.interfaces.IUnauthorizedAppFactory`` interface has - been renamed to ``repoze.bfg.interfaces.IForbiddenAppFactory``. + been deprecated in favor of using the new + ``repoze.bfg.interfaces.IForbiddenAppFactory`` mechanism. 0.8.1 (2009-05-21) |