fix wiki2 tutorial wrt request-method security APIs

3 files changed, 22 insertions, 49 deletions

diff --git a/docs/tutorials/wiki2/authorization.rst b/docs/tutorials/wiki2/authorization.rst
index 2b4263610..830cb0277 100644
--- a/docs/tutorials/wiki2/authorization.rst
+++ b/docs/tutorials/wiki2/authorization.rst
@@ -221,14 +221,14 @@ Add the following import statements to the
 head of ``tutorial/tutorial/views.py``:
 
 .. literalinclude:: src/authorization/tutorial/views.py
-   :lines: 9-16,18,24-25
+   :lines: 9-12,19
    :linenos:
-   :emphasize-lines: 3,6-9,11
+   :emphasize-lines: 3,5
    :language: python
 
 (Only the highlighted lines need to be added.)
 
-:meth:`~pyramid.view.forbidden_view_config` will be used
+:func:`~pyramid.view.forbidden_view_config` will be used
 to customize the default 403 Forbidden page.
 :meth:`~pyramid.request.Request.remember_userid` and
 :meth:`~pyramid.request.Request.forget_userid` help to create and
@@ -237,7 +237,7 @@ expire an auth ticket cookie.
 Now add the ``login`` and ``logout`` views:
 
 .. literalinclude:: src/authorization/tutorial/views.py
-   :lines: 91-123
+   :lines: 85-115
    :linenos:
    :language: python
 
@@ -274,17 +274,6 @@ added to ``views.py``.
 Return a logged_in flag to the renderer
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-Add the following line to the import at the head of
-``tutorial/tutorial/views.py``:
-
-.. literalinclude:: src/authorization/tutorial/views.py
-   :lines: 14-18
-   :linenos:
-   :emphasize-lines: 4
-   :language: python
-
-(Only the highlighted line needs to be added.)
-
 Add a  ``logged_in`` parameter to the return value of
 ``view_page()``, ``edit_page()`` and  ``add_page()``,
 like this:
@@ -296,12 +285,12 @@ like this:
    return dict(page = page,
                content = content,
                edit_url = edit_url,
-               logged_in = authenticated_userid(request))
+               logged_in = request.authenticated_userid)
 
 (Only the highlighted line needs to be added.)
 
-The :meth:`~pyramid.security.authenticated_userid` method will return None
-if the user is not authenticated.
+The :attr:`~pyramid.request.Request.authenticated_userid` property will return
+``None`` if the user is not authenticated.
 
 Add a "Logout" link when logged in
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -349,7 +338,7 @@ when we're done:
 
 .. literalinclude:: src/authorization/tutorial/views.py
    :linenos:
-   :emphasize-lines: 11,14-18,25,31,37,58,61,73,76,88,91-117,119-123
+   :emphasize-lines: 11,19,25,31,52,55,67,70,82,85-115
    :language: python
 
 (Only the highlighted lines need to be added.)
diff --git a/docs/tutorials/wiki2/src/authorization/tutorial/views.py b/docs/tutorials/wiki2/src/authorization/tutorial/views.py
index b6dbbf5f6..110d738c2 100644
--- a/docs/tutorials/wiki2/src/authorization/tutorial/views.py
+++ b/docs/tutorials/wiki2/src/authorization/tutorial/views.py
@@ -11,12 +11,6 @@ from pyramid.view import (
     forbidden_view_config,
     )
 
-from pyramid.security import (
-    remember,
-    forget,
-    authenticated_userid,
-    )
-
 from .models import (
     DBSession,
     Page,
@@ -55,7 +49,7 @@ def view_page(request):
     content = wikiwords.sub(check, content)
     edit_url = request.route_url('edit_page', pagename=pagename)
     return dict(page=page, content=content, edit_url=edit_url,
-                logged_in=authenticated_userid(request))
+                logged_in=request.authenticated_userid)
 
 @view_config(route_name='add_page', renderer='templates/edit.pt',
              permission='edit')
@@ -70,7 +64,7 @@ def add_page(request):
     save_url = request.route_url('add_page', pagename=pagename)
     page = Page(name='', data='')
     return dict(page=page, save_url=save_url,
-                logged_in=authenticated_userid(request))
+                logged_in=request.authenticated_userid)
 
 @view_config(route_name='edit_page', renderer='templates/edit.pt',
              permission='edit')
@@ -85,7 +79,7 @@ def edit_page(request):
     return dict(
         page=page,
         save_url = request.route_url('edit_page', pagename=pagename),
-        logged_in=authenticated_userid(request),
+        logged_in=request.authenticated_userid,
         )
 
 @view_config(route_name='login', renderer='templates/login.pt')
@@ -103,9 +97,8 @@ def login(request):
         login = request.params['login']
         password = request.params['password']
         if USERS.get(login) == password:
-            headers = remember(request, login)
-            return HTTPFound(location = came_from,
-                             headers = headers)
+            request.remember_userid(login)
+            return HTTPFound(location = came_from)
         message = 'Failed login'
 
     return dict(
@@ -118,7 +111,6 @@ def login(request):
 
 @view_config(route_name='logout')
 def logout(request):
-    headers = forget(request)
-    return HTTPFound(location = request.route_url('view_wiki'),
-                     headers = headers)
+    request.forget_userid()
+    return HTTPFound(location = request.route_url('view_wiki'))
     
diff --git a/docs/tutorials/wiki2/src/tests/tutorial/views.py b/docs/tutorials/wiki2/src/tests/tutorial/views.py
index b6dbbf5f6..110d738c2 100644
--- a/docs/tutorials/wiki2/src/tests/tutorial/views.py
+++ b/docs/tutorials/wiki2/src/tests/tutorial/views.py
@@ -11,12 +11,6 @@ from pyramid.view import (
     forbidden_view_config,
     )
 
-from pyramid.security import (
-    remember,
-    forget,
-    authenticated_userid,
-    )
-
 from .models import (
     DBSession,
     Page,
@@ -55,7 +49,7 @@ def view_page(request):
     content = wikiwords.sub(check, content)
     edit_url = request.route_url('edit_page', pagename=pagename)
     return dict(page=page, content=content, edit_url=edit_url,
-                logged_in=authenticated_userid(request))
+                logged_in=request.authenticated_userid)
 
 @view_config(route_name='add_page', renderer='templates/edit.pt',
              permission='edit')
@@ -70,7 +64,7 @@ def add_page(request):
     save_url = request.route_url('add_page', pagename=pagename)
     page = Page(name='', data='')
     return dict(page=page, save_url=save_url,
-                logged_in=authenticated_userid(request))
+                logged_in=request.authenticated_userid)
 
 @view_config(route_name='edit_page', renderer='templates/edit.pt',
              permission='edit')
@@ -85,7 +79,7 @@ def edit_page(request):
     return dict(
         page=page,
         save_url = request.route_url('edit_page', pagename=pagename),
-        logged_in=authenticated_userid(request),
+        logged_in=request.authenticated_userid,
         )
 
 @view_config(route_name='login', renderer='templates/login.pt')
@@ -103,9 +97,8 @@ def login(request):
         login = request.params['login']
         password = request.params['password']
         if USERS.get(login) == password:
-            headers = remember(request, login)
-            return HTTPFound(location = came_from,
-                             headers = headers)
+            request.remember_userid(login)
+            return HTTPFound(location = came_from)
         message = 'Failed login'
 
     return dict(
@@ -118,7 +111,6 @@ def login(request):
 
 @view_config(route_name='logout')
 def logout(request):
-    headers = forget(request)
-    return HTTPFound(location = request.route_url('view_wiki'),
-                     headers = headers)
+    request.forget_userid()
+    return HTTPFound(location = request.route_url('view_wiki'))