Merge branch 'master' of https://github.com/Pylons/pyramid

5 files changed, 31 insertions, 26 deletions

diff --git a/docs/tutorials/wiki2/src/authentication/tests/conftest.py b/docs/tutorials/wiki2/src/authentication/tests/conftest.py
index 2db65f887..4ac4c60a8 100644
--- a/docs/tutorials/wiki2/src/authentication/tests/conftest.py
+++ b/docs/tutorials/wiki2/src/authentication/tests/conftest.py
@@ -4,10 +4,9 @@ import alembic.command
 import os
 from pyramid.paster import get_appsettings
 from pyramid.scripting import prepare
-from pyramid.testing import DummyRequest
+from pyramid.testing import DummyRequest, testConfig
 import pytest
 import transaction
-from webob.cookies import Cookie
 import webtest
 
 from tutorial import main
@@ -89,37 +88,45 @@ def app_request(app, tm, dbsession):
     drawbacks in tests as it's harder to mock data and is heavier.
 
     """
-    env = prepare(registry=app.registry)
-    request = env['request']
-    request.host = 'example.com'
+    with prepare(registry=app.registry) as env:
+        request = env['request']
+        request.host = 'example.com'
 
-    # without this, request.dbsession will be joined to the same transaction
-    # manager but it will be using a different sqlalchemy.orm.Session using
-    # a separate database transaction
-    request.dbsession = dbsession
-    request.tm = tm
+        # without this, request.dbsession will be joined to the same transaction
+        # manager but it will be using a different sqlalchemy.orm.Session using
+        # a separate database transaction
+        request.dbsession = dbsession
+        request.tm = tm
 
-    yield request
-    env['closer']()
+        yield request
 
 @pytest.fixture
-def dummy_request(app, tm, dbsession):
+def dummy_request(tm, dbsession):
     """
     A lightweight dummy request.
 
-    This request is ultra-lightweight and should be used only when the
-    request itself is not a large focus in the call-stack.
-
-    It is way easier to mock and control side-effects using this object.
+    This request is ultra-lightweight and should be used only when the request
+    itself is not a large focus in the call-stack.  It is much easier to mock
+    and control side-effects using this object, however:
 
     - It does not have request extensions applied.
     - Threadlocals are not properly pushed.
 
     """
     request = DummyRequest()
-    request.registry = app.registry
     request.host = 'example.com'
     request.dbsession = dbsession
     request.tm = tm
 
     return request
+
+@pytest.fixture
+def dummy_config(dummy_request):
+    """
+    A dummy :class:`pyramid.config.Configurator` object.  This allows for
+    mock configuration, including configuration for ``dummy_request``, as well
+    as pushing the appropriate threadlocals.
+
+    """
+    with testConfig(request=dummy_request) as config:
+        yield config
diff --git a/docs/tutorials/wiki2/src/authentication/tutorial/security.py b/docs/tutorials/wiki2/src/authentication/tutorial/security.py
index a4843f286..e0d8ed965 100644
--- a/docs/tutorials/wiki2/src/authentication/tutorial/security.py
+++ b/docs/tutorials/wiki2/src/authentication/tutorial/security.py
@@ -40,5 +40,3 @@ def includeme(config):
     config.set_default_csrf_options(require_csrf=True)
 
     config.set_security_policy(MySecurityPolicy(settings['auth.secret']))
-    config.add_request_method(
-        lambda request: request.identity, 'user', property=True)
diff --git a/docs/tutorials/wiki2/src/authentication/tutorial/templates/layout.jinja2 b/docs/tutorials/wiki2/src/authentication/tutorial/templates/layout.jinja2
index 64a1db0c5..55f4a85dc 100644
--- a/docs/tutorials/wiki2/src/authentication/tutorial/templates/layout.jinja2
+++ b/docs/tutorials/wiki2/src/authentication/tutorial/templates/layout.jinja2
@@ -33,13 +33,13 @@
           </div>
           <div class="col-md-10">
             <div class="content">
-            {% if request.user is none %}
+            {% if not request.is_authenticated %}
             <p class="pull-right">
               <a href="{{ request.route_url('login') }}">Login</a>
             </p>
             {% else %}
             <form class="pull-right" action="{{ request.route_url('logout') }}" method="post">
-              {{request.user.name}}
+              {{request.identity.name}}
               <input type="hidden" name="csrf_token" value="{{ get_csrf_token() }}">
               <button class="btn btn-link" type="submit">Logout</button>
             </form>
diff --git a/docs/tutorials/wiki2/src/authentication/tutorial/views/auth.py b/docs/tutorials/wiki2/src/authentication/tutorial/views/auth.py
index e1a564415..807ff3464 100644
--- a/docs/tutorials/wiki2/src/authentication/tutorial/views/auth.py
+++ b/docs/tutorials/wiki2/src/authentication/tutorial/views/auth.py
@@ -53,7 +53,7 @@ def logout(request):
 
 @forbidden_view_config(renderer='tutorial:templates/403.jinja2')
 def forbidden_view(exc, request):
-    if request.user is None:
+    if not request.is_authenticated:
         next_url = request.route_url('login', _query={'next': request.url})
         return HTTPSeeOther(location=next_url)
 
diff --git a/docs/tutorials/wiki2/src/authentication/tutorial/views/default.py b/docs/tutorials/wiki2/src/authentication/tutorial/views/default.py
index 378ce0ae9..4fb715737 100644
--- a/docs/tutorials/wiki2/src/authentication/tutorial/views/default.py
+++ b/docs/tutorials/wiki2/src/authentication/tutorial/views/default.py
@@ -45,7 +45,7 @@ def view_page(request):
 def edit_page(request):
     pagename = request.matchdict['pagename']
     page = request.dbsession.query(models.Page).filter_by(name=pagename).one()
-    user = request.user
+    user = request.identity
     if user is None or (user.role != 'editor' and page.creator != user):
         raise HTTPForbidden
     if request.method == 'POST':
@@ -60,7 +60,7 @@ def edit_page(request):
 
 @view_config(route_name='add_page', renderer='tutorial:templates/edit.jinja2')
 def add_page(request):
-    user = request.user
+    user = request.identity
     if user is None or user.role not in ('editor', 'basic'):
         raise HTTPForbidden
     pagename = request.matchdict['pagename']
@@ -70,7 +70,7 @@ def add_page(request):
     if request.method == 'POST':
         body = request.params['body']
         page = models.Page(name=pagename, data=body)
-        page.creator = request.user
+        page.creator = request.identity
         request.dbsession.add(page)
         next_url = request.route_url('view_page', pagename=pagename)
         return HTTPSeeOther(location=next_url)