diff options
| author | Chris McDonough <chrism@plope.com> | 2013-11-11 21:14:34 -0500 |
|---|---|---|
| committer | Chris McDonough <chrism@plope.com> | 2013-11-11 21:14:34 -0500 |
| commit | a5cfb685eed6a32a3ae5aa2af91f1590cd77bc89 (patch) | |
| tree | 31910085ff8be123931819787a8c25e5acf48d1e /CHANGES.txt | |
| parent | 133b9e069cdd5a48d47e2bb2587186a91b255700 (diff) | |
| parent | 0dcd56c2c30863c6683c0cf442aa73dfdcd11b13 (diff) | |
| download | pyramid-a5cfb685eed6a32a3ae5aa2af91f1590cd77bc89.tar.gz pyramid-a5cfb685eed6a32a3ae5aa2af91f1590cd77bc89.tar.bz2 pyramid-a5cfb685eed6a32a3ae5aa2af91f1590cd77bc89.zip | |
Merge branch 'feature.security-apis-on-request'
Diffstat (limited to 'CHANGES.txt')
| -rw-r--r-- | CHANGES.txt | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/CHANGES.txt b/CHANGES.txt index 895dc572f..9f780fe45 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -4,6 +4,25 @@ Unreleased Features -------- +- An authorization API has been added as a method of the + request: ``request.has_permission``. + + ``request.has_permission`` is a method-based alternative to the + ``pyramid.security.has_permission`` API and works exactly the same. The + older API is now deprecated. + +- Property API attributes have been added to the request for easier access to + authentication data: ``request.authenticated_userid``, + ``request.unauthenticated_userid``, and ``request.effective_principals``. + + These are analogues, respectively, of + ``pyramid.security.authenticated_userid``, + ``pyramid.security.unauthenticated_userid``, and + ``pyramid.security.effective_principals``. They operate exactly the same, + except they are attributes of the request instead of functions accepting a + request. They are properties, so they cannot be assigned to. The older + function-based APIs are now deprecated. + - Pyramid's console scripts (``pserve``, ``pviews``, etc) can now be run directly, allowing custom arguments to be sent to the python interpreter at runtime. For example:: @@ -97,6 +116,27 @@ Deprecations the SignedCookieSessionFactory are not. See https://github.com/Pylons/pyramid/pull/1142 +- The ``pyramid.security.has_permission`` API is now deprecated. Instead, use + the newly-added ``has_permission`` method of the request object. + +- The ``pyramid.security.forget`` API is now deprecated. Instead, use + the newly-added ``forget_userid`` method of the request object. + +- The ``pyramid.security.remember`` API is now deprecated. Instead, use + the newly-added ``remember_userid`` method of the request object. + +- The ``pyramid.security.effective_principals`` API is now deprecated. + Instead, use the newly-added ``effective_principals`` attribute of the + request object. + +- The ``pyramid.security.authenticated_userid`` API is now deprecated. + Instead, use the newly-added ``authenticated_userid`` attribute of the + request object. + +- The ``pyramid.security.unauthenticated_userid`` API is now deprecated. + Instead, use the newly-added ``unauthenticated_userid`` attribute of the + request object. + 1.5a2 (2013-09-22) ================== |