diff options
| author | Chris McDonough <chrism@agendaless.com> | 2009-09-30 03:27:28 +0000 |
|---|---|---|
| committer | Chris McDonough <chrism@agendaless.com> | 2009-09-30 03:27:28 +0000 |
| commit | d75fe70228c89e3606e51a4d5775faf549252a90 (patch) | |
| tree | 043a7334d49a7455b80789f1aab56e4238dbd6b0 /repoze/bfg/view.py | |
| parent | 4be6ce73f41e09bf0f3e5df01d7f5aaf4f3137a6 (diff) | |
| download | pyramid-d75fe70228c89e3606e51a4d5775faf549252a90.tar.gz pyramid-d75fe70228c89e3606e51a4d5775faf549252a90.tar.bz2 pyramid-d75fe70228c89e3606e51a4d5775faf549252a90.zip | |
- The import of ``repoze.bfg.view.NotFound`` is deprecated in favor of
``repoze.bfg.exceptions.NotFound``. The old location still
functions, but emits a deprecation warning.
- The import of ``repoze.bfg.security.Unauthorized`` is deprecated in
favor of ``repoze.bfg.exceptions.Forbidden``. The old location
still functions but emits a deprecation warning. The rename from
``Unauthorized`` to ``Forbidden`` brings parity to the the name of
the exception and the system view it invokes when raised.
- New ``repoze.bfg.exceptions`` module was created to house exceptions
that were previously sprinkled through various modules.
- An ``exceptions`` API chapter was added, documenting the new
``repoze.bfg.exceptions`` module.
Diffstat (limited to 'repoze/bfg/view.py')
| -rw-r--r-- | repoze/bfg/view.py | 26 |
1 files changed, 16 insertions, 10 deletions
diff --git a/repoze/bfg/view.py b/repoze/bfg/view.py index 8d8d6baa0..91ccad57d 100644 --- a/repoze/bfg/view.py +++ b/repoze/bfg/view.py @@ -31,13 +31,17 @@ from repoze.bfg.interfaces import IRendererFactory from repoze.bfg.interfaces import IResponseFactory from repoze.bfg.interfaces import IView +from repoze.bfg.exceptions import NotFound +from repoze.bfg.exceptions import Forbidden from repoze.bfg.path import caller_package from repoze.bfg.renderers import renderer_from_name from repoze.bfg.resource import resource_spec -from repoze.bfg.security import Unauthorized from repoze.bfg.settings import get_settings from repoze.bfg.static import PackageURLParser +# b/c imports +from repoze.bfg.security import view_execution_permitted + try: all = all except NameError: # pragma: no cover @@ -53,6 +57,12 @@ deprecated('view_execution_permitted', "repoze.bfg.security import view_execution_permitted')", ) +deprecated('NotFound', + "('from repoze.bfg.view import NotFound' was " + "deprecated as of repoze.bfg 1.1; instead use 'from " + "repoze.bfg.exceptions import NotFound')", + ) + _marker = object() def render_view_to_response(context, request, name='', secure=True): @@ -64,7 +74,7 @@ def render_view_to_response(context, request, name='', secure=True): protected by a permission, the permission will be checked before calling the view function. If the permission check disallows view execution (based on the current security policy), a - ``repoze.bfg.security.Unauthorized`` exception will be raised; its + ``repoze.bfg.exceptions.Forbidden`` exception will be raised; its ``args`` attribute explains why the view access was disallowed. If ``secure`` is ``False``, no permission checking is done.""" provides = map(providedBy, (context, request)) @@ -78,7 +88,7 @@ def render_view_to_response(context, request, name='', secure=True): # secured; otherwise it won't. view = getattr(view, '__call_permissive__', view) - # if this view is secured, it will raise an Unauthorized + # if this view is secured, it will raise a Forbidden # appropriately if the executing user does not have the proper # permission return view(context, request) @@ -98,7 +108,7 @@ def render_view_to_iterable(context, request, name='', secure=True): a permission, the permission will be checked before calling the view function. If the permission check disallows view execution (based on the current security policy), a - ``repoze.bfg.security.Unauthorized`` exception will be raised; its + ``repoze.bfg.exceptions.Forbidden`` exception will be raised; its ``args`` attribute explains why the view access was disallowed. If ``secure`` is ``False``, no permission checking is done.""" response = render_view_to_response(context, request, name, secure) @@ -119,7 +129,7 @@ def render_view(context, request, name='', secure=True): permission, the permission will be checked before calling the view function. If the permission check disallows view execution (based on the current security policy), a - ``repoze.bfg.security.Unauthorized`` exception will be raised; its + ``repoze.bfg.exceptions.Forbidden`` exception will be raised; its ``args`` attribute explains why the view access was disallowed. If ``secure`` is ``False``, no permission checking is done.""" iterable = render_view_to_iterable(context, request, name, secure) @@ -386,9 +396,6 @@ def default_forbidden_view(context, request): def default_notfound_view(context, request): return default_view(context, request, '404 Not Found') -class NotFound(Exception): - pass - class MultiView(object): implements(IMultiView) @@ -664,7 +671,7 @@ def secure_view(view, permission): return view(context, request) msg = getattr(request, 'authdebug_message', 'Unauthorized: %s failed permission check' % view) - raise Unauthorized(msg) + raise Forbidden(msg) _secured_view.__call_permissive__ = view def _permitted(context, request): principals = authn_policy.effective_principals(request) @@ -711,4 +718,3 @@ def authdebug_view(view, permission): decorate_view(wrapped_view, view) return wrapped_view - |