diff options
| -rw-r--r-- | CHANGES.rst | 10 | ||||
| -rw-r--r-- | docs/api/security.rst | 8 | ||||
| -rw-r--r-- | docs/designdefense.rst | 5 | ||||
| -rw-r--r-- | src/pyramid/security.py | 91 | ||||
| -rw-r--r-- | tests/test_security.py | 78 |
5 files changed, 14 insertions, 178 deletions
diff --git a/CHANGES.rst b/CHANGES.rst index 16e06d532..cd2d05054 100644 --- a/CHANGES.rst +++ b/CHANGES.rst @@ -15,7 +15,7 @@ Backward Incompatibilities - ``pcreate`` and the builtin scaffolds have been removed in favor of using the ``cookiecutter`` tool and the ``pyramid-cookiecutter-starter`` - cookiecutter. + cookiecutter. The script and scaffolds were deprecated in Pyramid 1.8. See https://github.com/Pylons/pyramid/pull/3406 - Removed ``pyramid.interfaces.ITemplateRenderer``. This interface was @@ -24,6 +24,14 @@ Backward Incompatibilities provided no functionality within Pyramid itself. See https://github.com/Pylons/pyramid/pull/3409 +- Removed ``pyramid.security.has_permission``, + ``pyramid.security.authenticated_userid``, + ``pyramid.security.unauthenticated_userid``, and + ``pyramid.security.effective_principals``. These methods were deprecated + in Pyramid 1.5 and all have equivalents available as properties on the + request. For example, ``request.authenticated_userid``. + See https://github.com/Pylons/pyramid/pull/3410 + Documentation Changes --------------------- diff --git a/docs/api/security.rst b/docs/api/security.rst index 116459226..edb66472e 100644 --- a/docs/api/security.rst +++ b/docs/api/security.rst @@ -8,12 +8,6 @@ Authentication API Functions ---------------------------- -.. autofunction:: authenticated_userid - -.. autofunction:: unauthenticated_userid - -.. autofunction:: effective_principals - .. autofunction:: forget .. autofunction:: remember(request, userid, **kwargs) @@ -21,8 +15,6 @@ Authentication API Functions Authorization API Functions --------------------------- -.. autofunction:: has_permission - .. autofunction:: principals_allowed_by_permission .. autofunction:: view_execution_permitted diff --git a/docs/designdefense.rst b/docs/designdefense.rst index 0f452ffde..566ad1f5e 100644 --- a/docs/designdefense.rst +++ b/docs/designdefense.rst @@ -181,15 +181,14 @@ developer needs to understand a ZCA concept or API during the creation of a Instead the framework hides the presence of the ZCA registry behind special-purpose API functions that *do* use ZCA APIs. Take for example the -``pyramid.security.authenticated_userid`` function, which returns the userid +``request.authenticated_userid`` function, which returns the userid present in the current request or ``None`` if no userid is present in the current request. The application developer calls it like so: .. code-block:: python :linenos: - from pyramid.security import authenticated_userid - userid = authenticated_userid(request) + userid = request.authenticated_userid They now have the current user id. diff --git a/src/pyramid/security.py b/src/pyramid/security.py index 2e3896976..08ae295d8 100644 --- a/src/pyramid/security.py +++ b/src/pyramid/security.py @@ -1,4 +1,3 @@ -from zope.deprecation import deprecated from zope.interface import providedBy from pyramid.interfaces import ( @@ -50,86 +49,6 @@ def _get_authentication_policy(request): return registry.queryUtility(IAuthenticationPolicy) -def has_permission(permission, context, request): - """ - A function that calls :meth:`pyramid.request.Request.has_permission` - and returns its result. - - .. deprecated:: 1.5 - Use :meth:`pyramid.request.Request.has_permission` instead. - - .. versionchanged:: 1.5a3 - If context is None, then attempt to use the context attribute of self; - if not set, then the AttributeError is propagated. - """ - return request.has_permission(permission, context) - - -deprecated( - 'has_permission', - 'As of Pyramid 1.5 the "pyramid.security.has_permission" API is now ' - 'deprecated. It will be removed in Pyramid 1.8. Use the ' - '"has_permission" method of the Pyramid request instead.', -) - - -def authenticated_userid(request): - """ - A function that returns the value of the property - :attr:`pyramid.request.Request.authenticated_userid`. - - .. deprecated:: 1.5 - Use :attr:`pyramid.request.Request.authenticated_userid` instead. - """ - return request.authenticated_userid - - -deprecated( - 'authenticated_userid', - 'As of Pyramid 1.5 the "pyramid.security.authenticated_userid" API is now ' - 'deprecated. It will be removed in Pyramid 1.8. Use the ' - '"authenticated_userid" attribute of the Pyramid request instead.', -) - - -def unauthenticated_userid(request): - """ - A function that returns the value of the property - :attr:`pyramid.request.Request.unauthenticated_userid`. - - .. deprecated:: 1.5 - Use :attr:`pyramid.request.Request.unauthenticated_userid` instead. - """ - return request.unauthenticated_userid - - -deprecated( - 'unauthenticated_userid', - 'As of Pyramid 1.5 the "pyramid.security.unauthenticated_userid" API is ' - 'now deprecated. It will be removed in Pyramid 1.8. Use the ' - '"unauthenticated_userid" attribute of the Pyramid request instead.', -) - - -def effective_principals(request): - """ - A function that returns the value of the property - :attr:`pyramid.request.Request.effective_principals`. - - .. deprecated:: 1.5 - Use :attr:`pyramid.request.Request.effective_principals` instead. - """ - return request.effective_principals - - -deprecated( - 'effective_principals', - 'As of Pyramid 1.5 the "pyramid.security.effective_principals" API is ' - 'now deprecated. It will be removed in Pyramid 1.8. Use the ' - '"effective_principals" attribute of the Pyramid request instead.', -) - - def remember(request, userid, **kw): """ Returns a sequence of header tuples (e.g. ``[('Set-Cookie', 'foo=abc')]``) @@ -363,10 +282,6 @@ class ACLAllowed(ACLPermitsResult, Allowed): class AuthenticationAPIMixin(object): - def _get_authentication_policy(self): - reg = _get_registry(self) - return reg.queryUtility(IAuthenticationPolicy) - @property def authenticated_userid(self): """ Return the userid of the currently authenticated user or @@ -375,7 +290,7 @@ class AuthenticationAPIMixin(object): .. versionadded:: 1.5 """ - policy = self._get_authentication_policy() + policy = _get_authentication_policy(self) if policy is None: return None return policy.authenticated_userid(self) @@ -392,7 +307,7 @@ class AuthenticationAPIMixin(object): .. versionadded:: 1.5 """ - policy = self._get_authentication_policy() + policy = _get_authentication_policy(self) if policy is None: return None return policy.unauthenticated_userid(self) @@ -406,7 +321,7 @@ class AuthenticationAPIMixin(object): .. versionadded:: 1.5 """ - policy = self._get_authentication_policy() + policy = _get_authentication_policy(self) if policy is None: return [Everyone] return policy.effective_principals(self) diff --git a/tests/test_security.py b/tests/test_security.py index a11035d85..8b8028f61 100644 --- a/tests/test_security.py +++ b/tests/test_security.py @@ -345,20 +345,6 @@ class TestAuthenticatedUserId(unittest.TestCase): def tearDown(self): testing.tearDown() - def test_backward_compat_delegates_to_mixin(self): - from zope.deprecation import __show__ - - try: - __show__.off() - request = _makeFakeRequest() - from pyramid.security import authenticated_userid - - self.assertEqual( - authenticated_userid(request), 'authenticated_userid' - ) - finally: - __show__.on() - def test_no_authentication_policy(self): request = _makeRequest() self.assertEqual(request.authenticated_userid, None) @@ -385,20 +371,6 @@ class TestUnAuthenticatedUserId(unittest.TestCase): def tearDown(self): testing.tearDown() - def test_backward_compat_delegates_to_mixin(self): - from zope.deprecation import __show__ - - try: - __show__.off() - request = _makeFakeRequest() - from pyramid.security import unauthenticated_userid - - self.assertEqual( - unauthenticated_userid(request), 'unauthenticated_userid' - ) - finally: - __show__.on() - def test_no_authentication_policy(self): request = _makeRequest() self.assertEqual(request.unauthenticated_userid, None) @@ -425,20 +397,6 @@ class TestEffectivePrincipals(unittest.TestCase): def tearDown(self): testing.tearDown() - def test_backward_compat_delegates_to_mixin(self): - request = _makeFakeRequest() - from zope.deprecation import __show__ - - try: - __show__.off() - from pyramid.security import effective_principals - - self.assertEqual( - effective_principals(request), 'effective_principals' - ) - finally: - __show__.on() - def test_no_authentication_policy(self): from pyramid.security import Everyone @@ -476,25 +434,6 @@ class TestHasPermission(unittest.TestCase): mixin.context = object() return mixin - def test_delegates_to_mixin(self): - from zope.deprecation import __show__ - - try: - __show__.off() - mixin = self._makeOne() - from pyramid.security import has_permission - - self.called_has_permission = False - - def mocked_has_permission(*args, **kw): - self.called_has_permission = True - - mixin.has_permission = mocked_has_permission - has_permission('view', object(), mixin) - self.assertTrue(self.called_has_permission) - finally: - __show__.on() - def test_no_authentication_policy(self): request = self._makeOne() result = request.has_permission('view') @@ -600,20 +539,3 @@ def _makeRequest(): request.registry = Registry() request.context = object() return request - - -def _makeFakeRequest(): - class FakeRequest(testing.DummyRequest): - @property - def authenticated_userid(req): - return 'authenticated_userid' - - @property - def unauthenticated_userid(req): - return 'unauthenticated_userid' - - @property - def effective_principals(req): - return 'effective_principals' - - return FakeRequest({}) |