Rename `ISecurityPolicy.authenticated_identity` to `identity`

author: Theron Luhn <theron@luhn.com> 2020-10-13 23:08:00 -0700
committer: Theron Luhn <theron@luhn.com> 2020-10-13 23:08:00 -0700
commit: ab80ac7996bf792ddf3fbcce639e4b6714b401e6 (patch)
tree: 1b54439857877acda31c0460c0dfb92648daf0b8 /docs
parent: ee7ca28cc51cf40d1190144834704e287c9fc72d (diff)
download: pyramid-ab80ac7996bf792ddf3fbcce639e4b6714b401e6.tar.gz
pyramid-ab80ac7996bf792ddf3fbcce639e4b6714b401e6.tar.bz2
pyramid-ab80ac7996bf792ddf3fbcce639e4b6714b401e6.zip
12 files changed, 35 insertions, 37 deletions
diff --git a/docs/api/request.rst b/docs/api/request.rst
index edd319864..8704a2fe7 100644
--- a/docs/api/request.rst
+++ b/docs/api/request.rst
@@ -175,8 +175,8 @@
       .. deprecated:: 2.0
 
           ``unauthenticated_userid`` has been deprecated in version 2.0.  Use
-          :attr:`authenticated_userid` or :attr:`authenticated_identity`
-          instead.  See :ref:`upgrading_auth` for more information.
+          :attr:`authenticated_userid` or :attr:`identity` instead.  See
+          :ref:`upgrading_auth` for more information.
 
       A property which returns a value which represents the *claimed* (not
       verified) :term:`userid` of the credentials present in the
diff --git a/docs/narr/security.rst b/docs/narr/security.rst
index 10e9df78d..74149e6b0 100644
--- a/docs/narr/security.rst
+++ b/docs/narr/security.rst
@@ -69,7 +69,7 @@ A simple security policy might look like the following:
     from pyramid.security import Allowed, Denied
 
     class SessionSecurityPolicy:
-        def authenticated_identity(self, request):
+        def identity(self, request):
             """ Return app-specific user object. """
             userid = request.session.get('userid')
             if userid is None:
@@ -78,14 +78,14 @@ A simple security policy might look like the following:
 
         def authenticated_userid(self, request):
             """ Return a string ID for the user. """
-            identity = self.authenticated_identity(request)
+            identity = self.identity(request)
             if identity is None:
                 return None
             return string(identity.id)
 
         def permits(self, request, context, permission):
             """ Allow access to everything if signed in. """
-            identity = self.authenticated_identity(request)
+            identity = self.identity(request)
             if identity is not None:
                 return Allowed('User is signed in.')
             else:
@@ -144,7 +144,7 @@ For example, our above security policy can leverage these helpers like so:
         def __init__(self):
             self.helper = SessionAuthenticationHelper()
 
-        def authenticated_identity(self, request):
+        def identity(self, request):
             """ Return app-specific user object. """
             userid = self.helper.authenticated_userid(request)
             if userid is None:
@@ -153,14 +153,14 @@ For example, our above security policy can leverage these helpers like so:
 
         def authenticated_userid(self, request):
             """ Return a string ID for the user. """
-            identity = self.authenticated_identity(request)
+            identity = self.identity(request)
             if identity is None:
                 return None
             return str(identity.id)
 
         def permits(self, request, context, permission):
             """ Allow access to everything if signed in. """
-            identity = self.authenticated_identity(request)
+            identity = self.identity(request)
             if identity is not None:
                 return Allowed('User is signed in.')
             else:
@@ -249,7 +249,7 @@ might look like so:
 
     class SecurityPolicy:
         def permits(self, request, context, permission):
-            identity = self.authenticated_identity(request)
+            identity = self.identity(request)
 
             if identity is None:
                 return Denied('User is not signed in.')
diff --git a/docs/quick_tutorial/authentication/tutorial/security.py b/docs/quick_tutorial/authentication/tutorial/security.py
index 8324000ed..020403c8b 100644
--- a/docs/quick_tutorial/authentication/tutorial/security.py
+++ b/docs/quick_tutorial/authentication/tutorial/security.py
@@ -19,13 +19,13 @@ class SecurityPolicy:
     def __init__(self, secret):
         self.authtkt = AuthTktCookieHelper(secret=secret)
 
-    def authenticated_identity(self, request):
+    def identity(self, request):
         identity = self.authtkt.identify(request)
         if identity is not None and identity['userid'] in USERS:
             return identity
 
     def authenticated_userid(self, request):
-        identity = self.authenticated_identity(request)
+        identity = self.identity(request)
         if identity is not None:
             return identity['userid']
 
diff --git a/docs/quick_tutorial/authorization/tutorial/security.py b/docs/quick_tutorial/authorization/tutorial/security.py
index 53e3536fc..79e8cb295 100644
--- a/docs/quick_tutorial/authorization/tutorial/security.py
+++ b/docs/quick_tutorial/authorization/tutorial/security.py
@@ -26,13 +26,13 @@ class SecurityPolicy:
         self.authtkt = AuthTktCookieHelper(secret=secret)
         self.acl = ACLHelper()
 
-    def authenticated_identity(self, request):
+    def identity(self, request):
         identity = self.authtkt.identify(request)
         if identity is not None and identity['userid'] in USERS:
             return identity
 
     def authenticated_userid(self, request):
-        identity = self.authenticated_identity(request)
+        identity = self.identity(request)
         if identity is not None:
             return identity['userid']
 
diff --git a/docs/tutorials/wiki/authorization.rst b/docs/tutorials/wiki/authorization.rst
index 3c9913d8c..9c685639d 100644
--- a/docs/tutorials/wiki/authorization.rst
+++ b/docs/tutorials/wiki/authorization.rst
@@ -88,7 +88,7 @@ The security policy controls several aspects of authentication and authorization
 Identifying logged-in users
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-The ``MySecurityPolicy.authenticated_identity`` method inspects the ``request`` and determines if it came from an authenticated user.
+The ``MySecurityPolicy.identity`` method inspects the ``request`` and determines if it came from an authenticated user.
 It does this by utilizing the :class:`pyramid.authentication.AuthTktCookieHelper` class which stores the :term:`identity` in a cryptographically-signed cookie.
 If a ``request`` does contain an identity, then we perform a final check to determine if the user is valid in our current ``USERS`` store.
 
diff --git a/docs/tutorials/wiki/src/authorization/tutorial/security.py b/docs/tutorials/wiki/src/authorization/tutorial/security.py
index f4445578e..6c091b4a6 100644
--- a/docs/tutorials/wiki/src/authorization/tutorial/security.py
+++ b/docs/tutorials/wiki/src/authorization/tutorial/security.py
@@ -28,13 +28,13 @@ class MySecurityPolicy:
         self.authtkt = AuthTktCookieHelper(secret)
         self.acl = ACLHelper()
 
-    def authenticated_identity(self, request):
+    def identity(self, request):
         identity = self.authtkt.identify(request)
         if identity is not None and identity['userid'] in USERS:
             return identity
 
     def authenticated_userid(self, request):
-        identity = self.authenticated_identity(request)
+        identity = self.identity(request)
         if identity is not None:
             return identity['userid']
 
@@ -50,7 +50,7 @@ class MySecurityPolicy:
 
     def effective_principals(self, request):
         principals = [Everyone]
-        identity = self.authenticated_identity(request)
+        identity = self.identity(request)
         if identity is not None:
             principals.append(Authenticated)
             principals.append('u:' + identity['userid'])
diff --git a/docs/tutorials/wiki/src/tests/tutorial/security.py b/docs/tutorials/wiki/src/tests/tutorial/security.py
index f4445578e..6c091b4a6 100644
--- a/docs/tutorials/wiki/src/tests/tutorial/security.py
+++ b/docs/tutorials/wiki/src/tests/tutorial/security.py
@@ -28,13 +28,13 @@ class MySecurityPolicy:
         self.authtkt = AuthTktCookieHelper(secret)
         self.acl = ACLHelper()
 
-    def authenticated_identity(self, request):
+    def identity(self, request):
         identity = self.authtkt.identify(request)
         if identity is not None and identity['userid'] in USERS:
             return identity
 
     def authenticated_userid(self, request):
-        identity = self.authenticated_identity(request)
+        identity = self.identity(request)
         if identity is not None:
             return identity['userid']
 
@@ -50,7 +50,7 @@ class MySecurityPolicy:
 
     def effective_principals(self, request):
         principals = [Everyone]
-        identity = self.authenticated_identity(request)
+        identity = self.identity(request)
         if identity is not None:
             principals.append(Authenticated)
             principals.append('u:' + identity['userid'])
diff --git a/docs/tutorials/wiki2/authentication.rst b/docs/tutorials/wiki2/authentication.rst
index 5519a967e..4d8723176 100644
--- a/docs/tutorials/wiki2/authentication.rst
+++ b/docs/tutorials/wiki2/authentication.rst
@@ -64,7 +64,7 @@ Identifying the current user is done in a few steps:
 
 #. The result is stored in the ``identity_cache`` which ensures that subsequent invocations return the same identity object for the request.
 
-Finally, :attr:`pyramid.request.Request.authenticated_identity` contains either ``None`` or a ``tutorial.models.User`` instance and that value is aliased to ``request.user`` for convenience in our application.
+Finally, :attr:`pyramid.request.Request.identity` contains either ``None`` or a ``tutorial.models.User`` instance and that value is aliased to ``request.user`` for convenience in our application.
 
 Note the usage of the ``identity_cache`` is optional, but it has several advantages in most scenarios:
 
diff --git a/docs/tutorials/wiki2/src/authentication/tutorial/security.py b/docs/tutorials/wiki2/src/authentication/tutorial/security.py
index 1027ddd0a..a4843f286 100644
--- a/docs/tutorials/wiki2/src/authentication/tutorial/security.py
+++ b/docs/tutorials/wiki2/src/authentication/tutorial/security.py
@@ -19,11 +19,11 @@ class MySecurityPolicy:
         user = request.dbsession.query(models.User).get(userid)
         return user
 
-    def authenticated_identity(self, request):
+    def identity(self, request):
         return self.identity_cache.get_or_create(request)
 
     def authenticated_userid(self, request):
-        user = self.authenticated_identity(request)
+        user = self.identity(request)
         if user is not None:
             return user.id
 
@@ -41,4 +41,4 @@ def includeme(config):
 
     config.set_security_policy(MySecurityPolicy(settings['auth.secret']))
     config.add_request_method(
-        lambda request: request.authenticated_identity, 'user', property=True)
+        lambda request: request.identity, 'user', property=True)
diff --git a/docs/tutorials/wiki2/src/authorization/tutorial/security.py b/docs/tutorials/wiki2/src/authorization/tutorial/security.py
index 5a9d4bbf2..4f79195ef 100644
--- a/docs/tutorials/wiki2/src/authorization/tutorial/security.py
+++ b/docs/tutorials/wiki2/src/authorization/tutorial/security.py
@@ -25,11 +25,11 @@ class MySecurityPolicy:
         user = request.dbsession.query(models.User).get(userid)
         return user
 
-    def authenticated_identity(self, request):
+    def identity(self, request):
         return self.identity_cache.get_or_create(request)
 
     def authenticated_userid(self, request):
-        user = self.authenticated_identity(request)
+        user = self.identity(request)
         if user is not None:
             return user.id
 
@@ -45,7 +45,7 @@ class MySecurityPolicy:
 
     def effective_principals(self, request):
         principals = [Everyone]
-        user = self.authenticated_identity(request)
+        user = self.identity(request)
         if user is not None:
             principals.append(Authenticated)
             principals.append('u:' + str(user.id))
@@ -60,4 +60,4 @@ def includeme(config):
 
     config.set_security_policy(MySecurityPolicy(settings['auth.secret']))
     config.add_request_method(
-        lambda request: request.authenticated_identity, 'user', property=True)
+        lambda request: request.identity, 'user', property=True)
diff --git a/docs/tutorials/wiki2/src/tests/tutorial/security.py b/docs/tutorials/wiki2/src/tests/tutorial/security.py
index 5a9d4bbf2..4f79195ef 100644
--- a/docs/tutorials/wiki2/src/tests/tutorial/security.py
+++ b/docs/tutorials/wiki2/src/tests/tutorial/security.py
@@ -25,11 +25,11 @@ class MySecurityPolicy:
         user = request.dbsession.query(models.User).get(userid)
         return user
 
-    def authenticated_identity(self, request):
+    def identity(self, request):
         return self.identity_cache.get_or_create(request)
 
     def authenticated_userid(self, request):
-        user = self.authenticated_identity(request)
+        user = self.identity(request)
         if user is not None:
             return user.id
 
@@ -45,7 +45,7 @@ class MySecurityPolicy:
 
     def effective_principals(self, request):
         principals = [Everyone]
-        user = self.authenticated_identity(request)
+        user = self.identity(request)
         if user is not None:
             principals.append(Authenticated)
             principals.append('u:' + str(user.id))
@@ -60,4 +60,4 @@ def includeme(config):
 
     config.set_security_policy(MySecurityPolicy(settings['auth.secret']))
     config.add_request_method(
-        lambda request: request.authenticated_identity, 'user', property=True)
+        lambda request: request.identity, 'user', property=True)
diff --git a/docs/whatsnew-2.0.rst b/docs/whatsnew-2.0.rst
index a58f317d7..906529d6b 100644
--- a/docs/whatsnew-2.0.rst
+++ b/docs/whatsnew-2.0.rst
@@ -47,7 +47,7 @@ signature.
 
 The new security policy adds the concept of an :term:`identity`, which is an
 object representing the user associated with the current request.  The identity
-can be accessed via :attr:`pyramid.request.Request.authenticated_identity`.
+can be accessed via :attr:`pyramid.request.Request.identity`.
 The object can be of any shape, such as a simple ID string or an ORM object.
 
 The concept of :term:`principals <principal>` has been removed; the
@@ -89,10 +89,8 @@ For further documentation on implementing security policies, see
 Behavior of the Legacy System
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-Legacy authentication and authorization policies will continue to function as
-normal, as well as all related :class:`pyramid.request.Request` properties.
-The new :attr:`pyramid.request.Request.authenticated_identity` property will
-output the same result as :attr:`pyramid.request.Request.authenticated_userid`.
+Legacy authentication and authorization policies will continue to function as normal, as well as all related :class:`pyramid.request.Request` properties.
+The new :attr:`pyramid.request.Request.identity` property will output the same result as :attr:`pyramid.request.Request.authenticated_userid`.
 
 If using a security policy, :attr:`pyramid.request.Request.unauthenticated_userid` will return the same value as :attr:`pyramid.request.Request.authenticated_userid`.
 :attr:`pyramid.request.Request.effective_principals` will always return a one-element list containing the :data:`pyramid.authorization.Everyone` principal, as there is no equivalent in the new security policy.
author	Theron Luhn <theron@luhn.com>	2020-10-13 23:08:00 -0700
committer	Theron Luhn <theron@luhn.com>	2020-10-13 23:08:00 -0700
commit	ab80ac7996bf792ddf3fbcce639e4b6714b401e6 (patch)
tree	1b54439857877acda31c0460c0dfb92648daf0b8 /docs
parent	ee7ca28cc51cf40d1190144834704e287c9fc72d (diff)
download	pyramid-ab80ac7996bf792ddf3fbcce639e4b6714b401e6.tar.gz pyramid-ab80ac7996bf792ddf3fbcce639e4b6714b401e6.tar.bz2 pyramid-ab80ac7996bf792ddf3fbcce639e4b6714b401e6.zip