Merge branch '1.3-branch'

12 files changed, 72 insertions, 62 deletions

diff --git a/docs/api/config.rst b/docs/api/config.rst
index dbfbb1761..d16930cc0 100644
--- a/docs/api/config.rst
+++ b/docs/api/config.rst
@@ -72,6 +72,8 @@
 
      .. automethod:: set_request_factory
 
+     .. automethod:: set_request_property
+
      .. automethod:: set_root_factory
 
      .. automethod:: set_view_mapper
diff --git a/docs/conf.py b/docs/conf.py
index 2ab56cadf..3496bd38c 100644
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -80,7 +80,7 @@ copyright = '%s, Agendaless Consulting' % datetime.datetime.now().year
 # other places throughout the built documents.
 #
 # The short X.Y version.
-version = '1.3a5'
+version = '1.3a6'
 
 # The full version, including alpha/beta/rc tags.
 release = version
diff --git a/docs/narr/project.rst b/docs/narr/project.rst
index 5696b0b73..ea0045ca7 100644
--- a/docs/narr/project.rst
+++ b/docs/narr/project.rst
@@ -118,11 +118,11 @@ your application, or install your application for deployment or development.
 
 A ``.ini`` file named ``development.ini`` will be created in the project
 directory.  You will use this ``.ini`` file to configure a server, to run
-your application, and to debug your application.  It sports configuration
+your application, and to debug your application.  It contains configuration
 that enables an interactive debugger and settings optimized for development.
 
 Another ``.ini`` file named ``production.ini`` will also be created in the
-project directory.  It sports configuration that disables any interactive
+project directory.  It contains configuration that disables any interactive
 debugger (to prevent inappropriate access and disclosure), and turns off a
 number of debugging settings.  You can use this file to put your application
 into production.
@@ -709,7 +709,7 @@ also informs Python that the directory which contains it is a *package*.
 #. Line 1 imports the :term:`Configurator` class from :mod:`pyramid.config`
    that we use later.
 
-#. Lines 3-16 define a function named ``main`` that returns a :app:`Pyramid`
+#. Lines 3-10 define a function named ``main`` that returns a :app:`Pyramid`
    WSGI application.  This function is meant to be called by the
    :term:`PasteDeploy` framework as a result of running ``pserve``.
 
diff --git a/docs/narr/security.rst b/docs/narr/security.rst
index 1ad35b961..07ec0f21e 100644
--- a/docs/narr/security.rst
+++ b/docs/narr/security.rst
@@ -73,16 +73,15 @@ to enable an authorization policy.
 Enabling an Authorization Policy Imperatively
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
-Passing an ``authorization_policy`` argument to the constructor of the
-:class:`~pyramid.config.Configurator` class enables an
-authorization policy.
+Use the :meth:`~pyramid.config.Configurator.set_authorization_policy` method
+of the :class:`~pyramid.config.Configurator` to enable an authorization
+policy.
 
-You must also enable an :term:`authentication policy` in order to
-enable the authorization policy.  This is because authorization, in
-general, depends upon authentication.  Use the
-``authentication_policy`` argument to the
-:class:`~pyramid.config.Configurator` class during
-application setup to specify an authentication policy.
+You must also enable an :term:`authentication policy` in order to enable the
+authorization policy.  This is because authorization, in general, depends
+upon authentication.  Use the
+:meth:`~pyramid.config.Configurator.set_authentication_policy` and method
+during application setup to specify the authentication policy.
 
 For example:
 
@@ -95,13 +94,14 @@ For example:
    from pyramid.authorization import ACLAuthorizationPolicy
    authentication_policy = AuthTktAuthenticationPolicy('seekrit')
    authorization_policy = ACLAuthorizationPolicy()
-   config = Configurator(authentication_policy=authentication_policy,
-                         authorization_policy=authorization_policy)
+   config = Configurator()
+   config.set_authentication_policy(authentication_policy)
+   config.set_authorization_policy(authorization_policy)
 
 .. note:: the ``authentication_policy`` and ``authorization_policy``
-   arguments may also be passed to the Configurator as :term:`dotted
-   Python name` values, each representing the dotted name path to a
-   suitable implementation global defined at Python module scope.
+   arguments may also be passed to their respective methods mentioned above
+   as :term:`dotted Python name` values, each representing the dotted name
+   path to a suitable implementation global defined at Python module scope.
 
 The above configuration enables a policy which compares the value of an "auth
 ticket" cookie passed in the request's environment which contains a reference
@@ -110,9 +110,9 @@ to a single :term:`principal` against the principals present in any
 :term:`view`.
 
 While it is possible to mix and match different authentication and
-authorization policies, it is an error to pass an authentication
-policy without the authorization policy or vice versa to a
-:term:`Configurator` constructor.
+authorization policies, it is an error to configure a Pyramid application
+with an authentication policy but without the authorization policy or vice
+versa.  If you do this, you'll receive an error at application startup time.
 
 See also the :mod:`pyramid.authorization` and
 :mod:`pyramid.authentication` modules for alternate implementations
@@ -188,13 +188,8 @@ In support of making it easier to configure applications which are
 the permission string to all view registrations which don't otherwise
 name a ``permission`` argument.
 
-These APIs are in support of configuring a default permission for an
-application:
-
-- The ``default_permission`` constructor argument to the
-  :mod:`~pyramid.config.Configurator` constructor.
-
-- The :meth:`pyramid.config.Configurator.set_default_permission` method.
+The :meth:`pyramid.config.Configurator.set_default_permission` method
+supports configuring a default permission for an application.
 
 When a default permission is registered:
 
@@ -605,8 +600,8 @@ that implements the following interface:
            current user on subsequent requests. """
 
 After you do so, you can pass an instance of such a class into the
-:class:`~pyramid.config.Configurator` class at configuration
-time as ``authentication_policy`` to use it.
+:class:`~pyramid.config.Configurator.set_authentication_policy` method
+configuration time to use it.
 
 .. index::
    single: authorization policy (creating)
@@ -616,18 +611,16 @@ time as ``authentication_policy`` to use it.
 Creating Your Own Authorization Policy
 --------------------------------------
 
-An authorization policy is a policy that allows or denies access after
-a user has been authenticated.  By default, :app:`Pyramid` will use
-the :class:`pyramid.authorization.ACLAuthorizationPolicy` if an
-authentication policy is activated and an authorization policy isn't
-otherwise specified.
+An authorization policy is a policy that allows or denies access after a user
+has been authenticated.  Most :app:`Pyramid` applications will use the
+default :class:`pyramid.authorization.ACLAuthorizationPolicy`.
 
-In some cases, it's useful to be able to use a different
+However, in some cases, it's useful to be able to use a different
 authorization policy than the default
-:class:`~pyramid.authorization.ACLAuthorizationPolicy`.  For
-example, it might be desirable to construct an alternate authorization
-policy which allows the application to use an authorization mechanism
-that does not involve :term:`ACL` objects.
+:class:`~pyramid.authorization.ACLAuthorizationPolicy`.  For example, it
+might be desirable to construct an alternate authorization policy which
+allows the application to use an authorization mechanism that does not
+involve :term:`ACL` objects.
 
 :app:`Pyramid` ships with only a single default authorization
 policy, so you'll need to create your own if you'd like to use a
@@ -655,5 +648,5 @@ following interface:
             used."""
 
 After you do so, you can pass an instance of such a class into the
-:class:`~pyramid.config.Configurator` class at configuration
-time as ``authorization_policy`` to use it.
+:class:`~pyramid.config.Configurator.set_authorization_policy` method at
+configuration time to use it.
diff --git a/docs/tutorials/wiki/authorization.rst b/docs/tutorials/wiki/authorization.rst
index fa18d4a41..8f583ece7 100644
--- a/docs/tutorials/wiki/authorization.rst
+++ b/docs/tutorials/wiki/authorization.rst
@@ -132,14 +132,14 @@ We'll add these views to the existing ``views.py`` file we have in our
 project.  Here's what the ``login`` view callable will look like:
 
 .. literalinclude:: src/authorization/tutorial/views.py
-   :pyobject: login
+   :lines: 83-111
    :linenos:
    :language: python
 
 Here's what the ``logout`` view callable will look like:
 
 .. literalinclude:: src/authorization/tutorial/views.py
-   :pyobject: logout
+   :lines: 113-117
    :linenos:
    :language: python
 
diff --git a/docs/tutorials/wiki/src/authorization/tutorial/__init__.py b/docs/tutorials/wiki/src/authorization/tutorial/__init__.py
index 20ee685ee..6989145d8 100644
--- a/docs/tutorials/wiki/src/authorization/tutorial/__init__.py
+++ b/docs/tutorials/wiki/src/authorization/tutorial/__init__.py
@@ -17,9 +17,9 @@ def main(global_config, **settings):
     authn_policy = AuthTktAuthenticationPolicy(secret='sosecret',
                                                callback=groupfinder)
     authz_policy = ACLAuthorizationPolicy()
-    config = Configurator(root_factory=root_factory, settings=settings,
-                          authentication_policy=authn_policy,
-                          authorization_policy=authz_policy)
+    config = Configurator(root_factory=root_factory, settings=settings)
+    config.set_authentication_policy(authn_policy)
+    config.set_authorization_policy(authz_policy)
     config.add_static_view('static', 'static', cache_max_age=3600)
     config.scan()
     return config.make_wsgi_app()
diff --git a/docs/tutorials/wiki/src/tests/tutorial/__init__.py b/docs/tutorials/wiki/src/tests/tutorial/__init__.py
index 20ee685ee..6989145d8 100644
--- a/docs/tutorials/wiki/src/tests/tutorial/__init__.py
+++ b/docs/tutorials/wiki/src/tests/tutorial/__init__.py
@@ -17,9 +17,9 @@ def main(global_config, **settings):
     authn_policy = AuthTktAuthenticationPolicy(secret='sosecret',
                                                callback=groupfinder)
     authz_policy = ACLAuthorizationPolicy()
-    config = Configurator(root_factory=root_factory, settings=settings,
-                          authentication_policy=authn_policy,
-                          authorization_policy=authz_policy)
+    config = Configurator(root_factory=root_factory, settings=settings)
+    config.set_authentication_policy(authn_policy)
+    config.set_authorization_policy(authz_policy)
     config.add_static_view('static', 'static', cache_max_age=3600)
     config.scan()
     return config.make_wsgi_app()
diff --git a/docs/tutorials/wiki2/authorization.rst b/docs/tutorials/wiki2/authorization.rst
index ab04ea405..56237a1b9 100644
--- a/docs/tutorials/wiki2/authorization.rst
+++ b/docs/tutorials/wiki2/authorization.rst
@@ -159,14 +159,14 @@ logged in user and redirect back to the front page.
 The ``login`` view callable will look something like this:
 
 .. literalinclude:: src/authorization/tutorial/views.py
-   :pyobject: login
+   :lines: 90-116
    :linenos:
    :language: python
 
 The ``logout`` view callable will look something like this:
 
 .. literalinclude:: src/authorization/tutorial/views.py
-   :pyobject: logout
+   :lines: 118-122
    :linenos:
    :language: python
 
diff --git a/docs/tutorials/wiki2/definingviews.rst b/docs/tutorials/wiki2/definingviews.rst
index 7f533b635..bda0a2eb7 100644
--- a/docs/tutorials/wiki2/definingviews.rst
+++ b/docs/tutorials/wiki2/definingviews.rst
@@ -104,7 +104,7 @@ when a request is made to the root URL of our wiki.  It always redirects to
 a URL which represents the path to our "FrontPage".
 
 .. literalinclude:: src/views/tutorial/views.py
-   :pyobject: view_wiki
+   :lines: 18-21
    :linenos:
    :language: python
 
@@ -126,7 +126,7 @@ HTML anchor for each *WikiWord* reference in the rendered HTML using a
 compiled regular expression.
 
 .. literalinclude:: src/views/tutorial/views.py
-   :pyobject: view_page
+   :lines: 23-44
    :linenos:
    :language: python
 
@@ -161,7 +161,7 @@ The ``matchdict`` attribute of the request passed to the ``add_page`` view
 will have the values we need to construct URLs and find model objects.
 
 .. literalinclude:: src/views/tutorial/views.py
-   :pyobject: add_page
+   :lines: 46-58
    :linenos:
    :language: python
 
@@ -197,7 +197,7 @@ request passed to the ``edit_page`` view will have a ``'pagename'`` key
 matching the name of the page the user wants to edit.
 
 .. literalinclude:: src/views/tutorial/views.py
-   :pyobject: edit_page
+   :lines: 60-73
    :linenos:
    :language: python
 
diff --git a/docs/tutorials/wiki2/src/authorization/tutorial/__init__.py b/docs/tutorials/wiki2/src/authorization/tutorial/__init__.py
index 04dd5fe82..7e290a1e1 100644
--- a/docs/tutorials/wiki2/src/authorization/tutorial/__init__.py
+++ b/docs/tutorials/wiki2/src/authorization/tutorial/__init__.py
@@ -17,9 +17,9 @@ def main(global_config, **settings):
         'sosecret', callback=groupfinder)
     authz_policy = ACLAuthorizationPolicy()
     config = Configurator(settings=settings,
-                          root_factory='tutorial.models.RootFactory',
-                          authentication_policy=authn_policy,
-                          authorization_policy=authz_policy)
+                          root_factory='tutorial.models.RootFactory')
+    config.set_authentication_policy(authn_policy)
+    config.set_authorization_policy(authz_policy)
     config.add_static_view('static', 'static', cache_max_age=3600)
     config.add_route('view_wiki', '/')
     config.add_route('login', '/login')
diff --git a/docs/tutorials/wiki2/src/tests/tutorial/__init__.py b/docs/tutorials/wiki2/src/tests/tutorial/__init__.py
index 04dd5fe82..7e290a1e1 100644
--- a/docs/tutorials/wiki2/src/tests/tutorial/__init__.py
+++ b/docs/tutorials/wiki2/src/tests/tutorial/__init__.py
@@ -17,9 +17,9 @@ def main(global_config, **settings):
         'sosecret', callback=groupfinder)
     authz_policy = ACLAuthorizationPolicy()
     config = Configurator(settings=settings,
-                          root_factory='tutorial.models.RootFactory',
-                          authentication_policy=authn_policy,
-                          authorization_policy=authz_policy)
+                          root_factory='tutorial.models.RootFactory')
+    config.set_authentication_policy(authn_policy)
+    config.set_authorization_policy(authz_policy)
     config.add_static_view('static', 'static', cache_max_age=3600)
     config.add_route('view_wiki', '/')
     config.add_route('login', '/login')
diff --git a/docs/whatsnew-1.3.rst b/docs/whatsnew-1.3.rst
index ee4e2ccb5..ed7024f62 100644
--- a/docs/whatsnew-1.3.rst
+++ b/docs/whatsnew-1.3.rst
@@ -240,6 +240,16 @@ Minor Feature Additions
 - We allow extra keyword arguments to be passed to the
   :meth:`pyramid.config.Configurator.action` method.
 
+- New API: :meth:`pyramid.config.Configurator.set_request_property`. Add lazy
+  property descriptors to a request without changing the request factory.
+  This method provides conflict detection and is the suggested way to add
+  properties to a request.
+
+- Responses generated by Pyramid's :class:`pyramid.views.static_view` now use
+  a ``wsgi.file_wrapper`` (see
+  http://www.python.org/dev/peps/pep-0333/#optional-platform-specific-file-handling)
+  when one is provided by the web server.
+
 Backwards Incompatibilities
 ---------------------------
 
@@ -300,6 +310,11 @@ Backwards Incompatibilities
   ``add_route`` as a pattern, it will now fail at startup time.  Use Unicode
   instead.
 
+- The ``path_info`` route and view predicates now match against
+  ``request.upath_info`` (Unicode) rather than ``request.path_info``
+  (indeterminate value based on Python 3 vs. Python 2).  This has to be done
+  to normalize matching on Python 2 and Python 3.
+
 Documentation Enhancements
 --------------------------