- The SQL Wiki tutorial was updated to take into account changes to the

  ``pyramid_routesalchemy`` paster template.

1 files changed, 71 insertions, 60 deletions

diff --git a/docs/tutorials/wiki2/authorization.rst b/docs/tutorials/wiki2/authorization.rst
index 6d8347f79..1746689e4 100644
--- a/docs/tutorials/wiki2/authorization.rst
+++ b/docs/tutorials/wiki2/authorization.rst
@@ -17,11 +17,17 @@ The source code for this tutorial stage can be browsed at
 `http://github.com/Pylons/pyramid/tree/master/docs/tutorials/wiki2/src/authorization/
 <http://github.com/Pylons/pyramid/tree/master/docs/tutorials/wiki2/src/authorization/>`_.
 
+Changing ``__init__.py`` For Authorization
+-------------------------------------------
+
+We're going to be making several changes to our ``__init__.py`` file which
+will help us configure an authorization policy.
+
 Adding A Root Factory
----------------------
+~~~~~~~~~~~~~~~~~~~~~
 
 We're going to start to use a custom :term:`root factory` within our
-``run.py`` file.  The objects generated by the root factory will be
+``__init__.py`` file.  The objects generated by the root factory will be
 used as the :term:`context` of each request to our application.  In
 order for :mod:`pyramid` declarative security to work properly, the
 context object generated during a request must be decorated with
@@ -29,10 +35,10 @@ security declarations; when we begin to use a custom root factory to
 generate our contexts, we can begin to make use of the declarative
 security features of :mod:`pyramid`.
 
-Let's modify our ``run.py``, passing in a :term:`root factory` to our
-:term:`Configurator` constructor.  We'll point it at a new class we
-create inside our ``models.py`` file.  Add the following statements to
-your ``models.py`` file:
+We'll modify our ``__init__.py``, passing in a :term:`root factory` to our
+:term:`Configurator` constructor.  We'll point it at a new class we create
+inside our ``models.py`` file.  Add the following statements to your
+``models.py`` file:
 
 .. code-block:: python
 
@@ -59,70 +65,75 @@ an access control list during view callable execution.  See
 :ref:`assigning_acls` for more information about what an :term:`ACL`
 represents.
 
-.. note: Although we don't use the functionality here, the ``factory``
-   used to create route contexts may differ per-route as opposed to
-   globally.  See the ``factory`` attribute in
-   :ref:`route_zcml_directive` for more info.
+.. note: Although we don't use the functionality here, the ``factory`` used
+   to create route contexts may differ per-route as opposed to globally.  See
+   the ``factory`` argument to
+   :meth:`pyramid.configuration.Configurator.add_route` for more info.
 
 We'll pass the ``RootFactory`` we created in the step above in as the
-``root_factory`` argument to a :term:`Configurator`.  When we're done,
-your application's ``run.py`` will look like this.
-
-.. literalinclude:: src/authorization/tutorial/run.py
+``root_factory`` argument to a :term:`Configurator`.  
+
+Configuring an Authorization Policy
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+For any :mod:`pyramid` application to perform authorization, we need to add a
+``security.py`` module (we'll do that shortly) and we'll need to change our
+``__init__.py`` file to add an :term:`authentication policy` and an
+:term:`authorization policy` which uses the ``security.py`` file for a
+*callback*.
+
+We'll change our ``__init__.py`` file to enable an
+``AuthTktAuthenticationPolicy`` and an ``ACLAuthorizationPolicy`` to enable
+declarative security checking.  We'll also change ``__init__.py`` to add a
+:meth:`pyramid.configuration.Configurator.add_view` call to points at our
+``login`` :term:`view callable`, also known as a :term:`forbidden view`.
+This configures our newly created login view to show up when :mod:`pyramid`
+detects that a view invocation can not be authorized.  Also, we'll add
+``view_permission`` arguments with the value ``edit`` to the ``edit_page``
+and ``add_page`` routes.  This indicates that the view callables which these
+routes reference cannot be invoked without the authenticated user possessing
+the ``edit`` permission with respect to the current context.
+
+This makes the assertion that only users who possess the effective ``edit``
+permission at the time of the request may invoke those two views.  We've
+granted the ``group:editors`` principal the ``edit`` permission at the root
+model via its ACL, so only the a user whom is a member of the group named
+``group:editors`` will able to invoke the views associated with the
+``add_page`` or ``edit_page`` routes.
+
+Viewing Your Changes
+~~~~~~~~~~~~~~~~~~~~
+
+When you're done, your ``__init__.py`` will look like so:
+
+.. literalinclude:: src/authorization/tutorial/__init__.py
    :linenos:
    :language: python
 
-Configuring a ``pyramid`` Authorization Policy
--------------------------------------------------
-
-For any :mod:`pyramid` application to perform authorization, we
-need to add a ``security.py`` module and we'll need to change our
-``configure.zcml`` file to add an :term:`authentication policy` and an
-:term:`authorization policy`.
-
-Changing ``configure.zcml``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-We'll change our ``configure.zcml`` file to enable an
-``AuthTktAuthenticationPolicy`` and an ``ACLAuthorizationPolicy`` to
-enable declarative security checking.  We'll also change
-``configure.zcml`` to add a view stanza which points at our ``login``
-:term:`view callable`, also known as a :term:`forbidden view`.  This
-configures our newly created login view to show up when
-:mod:`pyramid` detects that a view invocation can not be
-authorized.  Also, we'll add ``view_permission`` attributes with the
-value ``edit`` to the ``edit_page`` and ``add_page`` route
-declarations.  This indicates that the view callables which these
-routes reference cannot be invoked without the authenticated user
-possessing the ``edit`` permission with respect to the current
-context.
-
-This makes the assertion that only users who possess the effective
-``edit`` permission at the time of the request may invoke those two
-views.  We've granted the ``group:editors`` principal the ``edit``
-permission at the root model via its ACL, so only the a user whom is a
-member of the group named ``group:editors`` will able to invoke the
-views associated with the ``add_page`` or ``edit_page`` routes.  
-
-When you're done, your ``configure.zcml`` will look like so
-
-.. literalinclude:: src/authorization/tutorial/configure.zcml
-   :linenos:
-   :language: xml
+Note that that the
+:class:`pyramid.authentication.AuthTktAuthenticationPolicy` constructor
+accepts two arguments: ``secret`` and ``callback``.  ``secret`` is a string
+representing an encryption key used by the "authentication ticket" machinery
+represented by this policy: it is required.  The ``callback`` is a string,
+representing a :term:`dotted Python name`, which points at the
+``groupfinder`` function in the current directory's ``security.py`` file.  We
+haven't added that module yet, but we're about to.
 
-Note that the ``authtktauthenticationpolicy`` tag has two attributes:
-``secret`` and ``callback``.  ``secret`` is a string representing an
-encryption key used by the "authentication ticket" machinery
-represented by this policy: it is required.  The ``callback`` is a
-string, representing a :term:`dotted Python name`, which points at the
-``groupfinder`` function in the current directory's ``security.py``
-file.  We haven't added that module yet, but we're about to.
+Viewing Our Edits to ``__init__.py``
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+When we're done configuring a root factory, adding an authorization policy,
+and adding views, your application's ``__init__.py`` will look like this:
+
+.. literalinclude:: src/authorization/tutorial/__init__.py
+   :linenos:
+   :language: python
 
 Adding ``security.py``
 ~~~~~~~~~~~~~~~~~~~~~~
 
-Add a ``security.py`` module within your package (in the same
-directory as "run.py", "views.py", etc) with the following content:
+Add a ``security.py`` module within your package (in the same directory as
+"__init__.py", "views.py", etc) with the following content:
 
 .. literalinclude:: src/authorization/tutorial/security.py
    :linenos: