summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/api/request.rst42
-rw-r--r--docs/narr/resources.rst12
-rw-r--r--docs/narr/security.rst4
-rw-r--r--docs/narr/testing.rst34
-rw-r--r--docs/narr/threadlocals.rst19
-rw-r--r--docs/narr/viewconfig.rst2
-rw-r--r--docs/quick_tutorial/authentication/tutorial/views.py4
-rw-r--r--docs/quick_tutorial/authorization/tutorial/views.py4
-rw-r--r--docs/tutorials/wiki/authorization.rst27
-rw-r--r--docs/tutorials/wiki/src/authorization/tutorial/views.py8
-rw-r--r--docs/tutorials/wiki/src/tests/tutorial/views.py8
-rw-r--r--docs/tutorials/wiki2/authorization.rst21
-rw-r--r--docs/tutorials/wiki2/src/authorization/tutorial/views.py12
-rw-r--r--docs/tutorials/wiki2/src/tests/tutorial/tests.py21
-rw-r--r--docs/tutorials/wiki2/src/tests/tutorial/views.py13
15 files changed, 112 insertions, 119 deletions
diff --git a/docs/api/request.rst b/docs/api/request.rst
index 72abddb68..b7604020e 100644
--- a/docs/api/request.rst
+++ b/docs/api/request.rst
@@ -11,7 +11,9 @@
:exclude-members: add_response_callback, add_finished_callback,
route_url, route_path, current_route_url,
current_route_path, static_url, static_path,
- model_url, resource_url, set_property
+ model_url, resource_url, set_property,
+ effective_principals, authenticated_userid,
+ unauthenticated_userid, has_permission
.. attribute:: context
@@ -161,6 +163,42 @@
request, the value of this attribute will be ``None``. See
:ref:`matched_route`.
+ .. attribute:: authenticated_userid
+
+ .. versionadded:: 1.5
+
+ A property which returns the userid of the currently authenticated user
+ or ``None`` if there is no :term:`authentication policy` in effect or
+ there is no currently authenticated user. This differs from
+ :attr:`~pyramid.request.Request.unauthenticated_userid`, because the
+ effective authentication policy will have ensured that a record
+ associated with the userid exists in persistent storage; if it has
+ not, this value will be ``None``.
+
+ .. attribute:: unauthenticated_userid
+
+ .. versionadded:: 1.5
+
+ A property which returns a value which represents the *claimed* (not
+ verified) user id of the credentials present in the request. ``None`` if
+ there is no :term:`authentication policy` in effect or there is no user
+ data associated with the current request. This differs from
+ :attr:`~pyramid.request.Request.authenticated_userid`, because the
+ effective authentication policy will not ensure that a record associated
+ with the userid exists in persistent storage. Even if the userid
+ does not exist in persistent storage, this value will be the value
+ of the userid *claimed* by the request data.
+
+ .. attribute:: effective_principals
+
+ .. versionadded:: 1.5
+
+ A property which returns the list of 'effective' :term:`principal`
+ identifiers for this request. This will include the userid of the
+ currently authenticated user if a user is currently authenticated. If no
+ :term:`authentication policy` is in effect, this will return a sequence
+ containing only the :attr:`pyramid.security.Everyone` principal.
+
.. method:: invoke_subrequest(request, use_tweens=False)
.. versionadded:: 1.4a1
@@ -215,6 +253,8 @@
request provided by e.g. the ``pshell`` environment. For more
information, see :ref:`subrequest_chapter`.
+ .. automethod:: has_permission
+
.. automethod:: add_response_callback
.. automethod:: add_finished_callback
diff --git a/docs/narr/resources.rst b/docs/narr/resources.rst
index b1bb611e5..34d75f2cc 100644
--- a/docs/narr/resources.rst
+++ b/docs/narr/resources.rst
@@ -201,7 +201,7 @@ location-aware resources. These APIs include (but are not limited to)
:func:`~pyramid.traversal.resource_path`,
:func:`~pyramid.traversal.resource_path_tuple`, or
:func:`~pyramid.traversal.traverse`, :func:`~pyramid.traversal.virtual_root`,
-and (usually) :func:`~pyramid.security.has_permission` and
+and (usually) :meth:`~pyramid.request.Request.has_permission` and
:func:`~pyramid.security.principals_allowed_by_permission`.
In general, since so much :app:`Pyramid` infrastructure depends on
@@ -695,10 +695,10 @@ The APIs provided by :ref:`location_module` are used against resources.
These can be used to walk down a resource tree, or conveniently locate one
resource "inside" another.
-Some APIs in :ref:`security_module` accept a resource object as a parameter.
-For example, the :func:`~pyramid.security.has_permission` API accepts a
+Some APIs on the :class:`pyramid.request.Request` accept a resource object as a parameter.
+For example, the :meth:`~pyramid.request.Request.has_permission` API accepts a
resource object as one of its arguments; the ACL is obtained from this
-resource or one of its ancestors. Other APIs in the :mod:`pyramid.security`
-module also accept :term:`context` as an argument, and a context is always a
-resource.
+resource or one of its ancestors. Other security related APIs on the
+:class:`pyramid.request.Request` class also accept :term:`context` as an argument,
+and a context is always a resource.
diff --git a/docs/narr/security.rst b/docs/narr/security.rst
index e85ed823a..9e6fb6c82 100644
--- a/docs/narr/security.rst
+++ b/docs/narr/security.rst
@@ -550,7 +550,7 @@ also contain security debugging information in its body.
Debugging Imperative Authorization Failures
-------------------------------------------
-The :func:`pyramid.security.has_permission` API is used to check
+The :meth:`pyramid.request.Request.has_permission` API is used to check
security within view functions imperatively. It returns instances of
objects that are effectively booleans. But these objects are not raw
``True`` or ``False`` objects, and have information attached to them
@@ -563,7 +563,7 @@ one of :data:`pyramid.security.ACLAllowed`,
``msg`` attribute, which is a string indicating why the permission was
denied or allowed. Introspecting this information in the debugger or
via print statements when a call to
-:func:`~pyramid.security.has_permission` fails is often useful.
+:meth:`~pyramid.request.Request.has_permission` fails is often useful.
.. index::
single: authentication policy (creating)
diff --git a/docs/narr/testing.rst b/docs/narr/testing.rst
index 88d6904c7..5a5bf8fad 100644
--- a/docs/narr/testing.rst
+++ b/docs/narr/testing.rst
@@ -214,11 +214,10 @@ function.
.. code-block:: python
:linenos:
- from pyramid.security import has_permission
from pyramid.httpexceptions import HTTPForbidden
def view_fn(request):
- if not has_permission('edit', request.context, request):
+ if request.has_permission('edit'):
raise HTTPForbidden
return {'greeting':'hello'}
@@ -229,15 +228,16 @@ function.
otherwise it would fail when run normally.
Without doing anything special during a unit test, the call to
-:func:`~pyramid.security.has_permission` in this view function will always
-return a ``True`` value. When a :app:`Pyramid` application starts normally,
-it will populate a :term:`application registry` using :term:`configuration
-declaration` calls made against a :term:`Configurator`. But if this
-application registry is not created and populated (e.g. by initializing the
-configurator with an authorization policy), like when you invoke application
-code via a unit test, :app:`Pyramid` API functions will tend to either fail
-or return default results. So how do you test the branch of the code in this
-view function that raises :exc:`~pyramid.httpexceptions.HTTPForbidden`?
+:meth:`~pyramid.request.Request.has_permission` in this view function will
+always return a ``True`` value. When a :app:`Pyramid` application starts
+normally, it will populate a :term:`application registry` using
+:term:`configuration declaration` calls made against a :term:`Configurator`.
+But if this application registry is not created and populated (e.g. by
+initializing the configurator with an authorization policy), like when you
+invoke application code via a unit test, :app:`Pyramid` API functions will tend
+to either fail or return default results. So how do you test the branch of the
+code in this view function that raises
+:exc:`~pyramid.httpexceptions.HTTPForbidden`?
The testing API provided by :app:`Pyramid` allows you to simulate various
application registry registrations for use under a unit testing framework
@@ -287,12 +287,12 @@ Its third line registers a "dummy" "non-permissive" authorization policy
using the :meth:`~pyramid.config.Configurator.testing_securitypolicy` method,
which is a special helper method for unit testing.
-We then create a :class:`pyramid.testing.DummyRequest` object which simulates
-a WebOb request object API. A :class:`pyramid.testing.DummyRequest` is a
-request object that requires less setup than a "real" :app:`Pyramid` request.
-We call the function being tested with the manufactured request. When the
-function is called, :func:`pyramid.security.has_permission` will call the
-"dummy" authentication policy we've registered through
+We then create a :class:`pyramid.testing.DummyRequest` object which simulates a
+WebOb request object API. A :class:`pyramid.testing.DummyRequest` is a request
+object that requires less setup than a "real" :app:`Pyramid` request. We call
+the function being tested with the manufactured request. When the function is
+called, :meth:`pyramid.request.Request.has_permission` will call the "dummy"
+authentication policy we've registered through
:meth:`~pyramid.config.Configurator.testing_securitypolicy`, which denies
access. We check that the view function raises a
:exc:`~pyramid.httpexceptions.HTTPForbidden` error.
diff --git a/docs/narr/threadlocals.rst b/docs/narr/threadlocals.rst
index a90ee4905..afe56de3e 100644
--- a/docs/narr/threadlocals.rst
+++ b/docs/narr/threadlocals.rst
@@ -29,17 +29,16 @@ of a thread local or a global is usually just a way to avoid passing
some value around between functions, which is itself usually a very
bad idea, at least if code readability counts as an important concern.
-For historical reasons, however, thread local variables are indeed
-consulted by various :app:`Pyramid` API functions. For example,
-the implementation of the :mod:`pyramid.security` function named
-:func:`~pyramid.security.authenticated_userid` retrieves the thread
-local :term:`application registry` as a matter of course to find an
+For historical reasons, however, thread local variables are indeed consulted by
+various :app:`Pyramid` API functions. For example, the implementation of the
+:mod:`pyramid.security` function named
+:func:`~pyramid.security.authenticated_userid` (deprecated as of 1.5) retrieves
+the thread local :term:`application registry` as a matter of course to find an
:term:`authentication policy`. It uses the
-:func:`pyramid.threadlocal.get_current_registry` function to
-retrieve the application registry, from which it looks up the
-authentication policy; it then uses the authentication policy to
-retrieve the authenticated user id. This is how :app:`Pyramid`
-allows arbitrary authentication policies to be "plugged in".
+:func:`pyramid.threadlocal.get_current_registry` function to retrieve the
+application registry, from which it looks up the authentication policy; it then
+uses the authentication policy to retrieve the authenticated user id. This is
+how :app:`Pyramid` allows arbitrary authentication policies to be "plugged in".
When they need to do so, :app:`Pyramid` internals use two API
functions to retrieve the :term:`request` and :term:`application
diff --git a/docs/narr/viewconfig.rst b/docs/narr/viewconfig.rst
index 7c76116f7..e5a2c1ade 100644
--- a/docs/narr/viewconfig.rst
+++ b/docs/narr/viewconfig.rst
@@ -435,7 +435,7 @@ configured view.
If specified, this value should be a :term:`principal` identifier or a
sequence of principal identifiers. If the
- :func:`pyramid.security.effective_principals` method indicates that every
+ :meth:`pyramid.request.Request.effective_principals` method indicates that every
principal named in the argument list is present in the current request, this
predicate will return True; otherwise it will return False. For example:
``effective_principals=pyramid.security.Authenticated`` or
diff --git a/docs/quick_tutorial/authentication/tutorial/views.py b/docs/quick_tutorial/authentication/tutorial/views.py
index 3038b6d9b..ab46eb2dd 100644
--- a/docs/quick_tutorial/authentication/tutorial/views.py
+++ b/docs/quick_tutorial/authentication/tutorial/views.py
@@ -2,8 +2,8 @@ from pyramid.httpexceptions import HTTPFound
from pyramid.security import (
remember,
forget,
- authenticated_userid
)
+
from pyramid.view import (
view_config,
view_defaults
@@ -16,7 +16,7 @@ from .security import USERS
class TutorialViews:
def __init__(self, request):
self.request = request
- self.logged_in = authenticated_userid(request)
+ self.logged_in = request.authenticated_userid
@view_config(route_name='home')
def home(self):
diff --git a/docs/quick_tutorial/authorization/tutorial/views.py b/docs/quick_tutorial/authorization/tutorial/views.py
index 92c1946ba..43d14455a 100644
--- a/docs/quick_tutorial/authorization/tutorial/views.py
+++ b/docs/quick_tutorial/authorization/tutorial/views.py
@@ -2,8 +2,8 @@ from pyramid.httpexceptions import HTTPFound
from pyramid.security import (
remember,
forget,
- authenticated_userid
)
+
from pyramid.view import (
view_config,
view_defaults,
@@ -17,7 +17,7 @@ from .security import USERS
class TutorialViews:
def __init__(self, request):
self.request = request
- self.logged_in = authenticated_userid(request)
+ self.logged_in = request.authenticated_userid
@view_config(route_name='home')
def home(self):
diff --git a/docs/tutorials/wiki/authorization.rst b/docs/tutorials/wiki/authorization.rst
index 460a852e0..62b1164e3 100644
--- a/docs/tutorials/wiki/authorization.rst
+++ b/docs/tutorials/wiki/authorization.rst
@@ -56,10 +56,10 @@ returns one of these values:
return ``None``.
For example, ``groupfinder('editor', request )`` returns ``['group:editor']``,
-``groupfinder('viewer', request)`` returns ``[]``, and ``groupfinder('admin', request)``
-returns ``None``. We will use ``groupfinder()`` as an :term:`authentication policy`
-"callback" that will provide the :term:`principal` or principals
-for a user.
+``groupfinder('viewer', request)`` returns ``[]``, and ``groupfinder('admin',
+request)`` returns ``None``. We will use ``groupfinder()`` as an
+:term:`authentication policy` "callback" that will provide the
+:term:`principal` or principals for a user.
In a production system, user and group
data will most often come from a database, but here we use "dummy"
@@ -251,18 +251,6 @@ in ``views.py``.
Return a logged_in flag to the renderer
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-Add the following line to the import at the head of
-``tutorial/tutorial/views.py``:
-
-.. literalinclude:: src/authorization/tutorial/views.py
- :lines: 11-15
- :linenos:
- :emphasize-lines: 4
- :language: python
-
-(Only the highlighted line and a trailing comma on the preceding
-line need to be added.)
-
Add a ``logged_in`` parameter to the return value of
``view_page()``, ``edit_page()`` and ``add_page()``,
like this:
@@ -274,14 +262,13 @@ like this:
return dict(page = page,
content = content,
edit_url = edit_url,
- logged_in = authenticated_userid(request))
+ logged_in = request.authenticated_userid)
(Only the highlighted line and a trailing comma on the preceding
line need to be added.)
-:meth:`~pyramid.security.authenticated_userid()` will return ``None``
-if the user is not authenticated, or a user id if the user is
-authenticated.
+The :meth:`pyramid.request.Request.authenticated_userid` will be ``None`` if
+the user is not authenticated, or a user id if the user is authenticated.
Add a "Logout" link when logged in
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
diff --git a/docs/tutorials/wiki/src/authorization/tutorial/views.py b/docs/tutorials/wiki/src/authorization/tutorial/views.py
index 77956b1e3..62e96e0e7 100644
--- a/docs/tutorials/wiki/src/authorization/tutorial/views.py
+++ b/docs/tutorials/wiki/src/authorization/tutorial/views.py
@@ -11,9 +11,9 @@ from pyramid.view import (
from pyramid.security import (
remember,
forget,
- authenticated_userid,
)
+
from .security import USERS
from .models import Page
@@ -45,7 +45,7 @@ def view_page(context, request):
edit_url = request.resource_url(context, 'edit_page')
return dict(page = context, content = content, edit_url = edit_url,
- logged_in = authenticated_userid(request))
+ logged_in = request.authenticated_userid)
@view_config(name='add_page', context='.models.Wiki',
renderer='templates/edit.pt',
@@ -65,7 +65,7 @@ def add_page(context, request):
page.__parent__ = context
return dict(page=page, save_url=save_url,
- logged_in=authenticated_userid(request))
+ logged_in=request.authenticated_userid)
@view_config(name='edit_page', context='.models.Page',
renderer='templates/edit.pt',
@@ -77,7 +77,7 @@ def edit_page(context, request):
return dict(page=context,
save_url=request.resource_url(context, 'edit_page'),
- logged_in=authenticated_userid(request))
+ logged_in=request.authenticated_userid)
@view_config(context='.models.Wiki', name='login',
renderer='templates/login.pt')
diff --git a/docs/tutorials/wiki/src/tests/tutorial/views.py b/docs/tutorials/wiki/src/tests/tutorial/views.py
index 77956b1e3..62e96e0e7 100644
--- a/docs/tutorials/wiki/src/tests/tutorial/views.py
+++ b/docs/tutorials/wiki/src/tests/tutorial/views.py
@@ -11,9 +11,9 @@ from pyramid.view import (
from pyramid.security import (
remember,
forget,
- authenticated_userid,
)
+
from .security import USERS
from .models import Page
@@ -45,7 +45,7 @@ def view_page(context, request):
edit_url = request.resource_url(context, 'edit_page')
return dict(page = context, content = content, edit_url = edit_url,
- logged_in = authenticated_userid(request))
+ logged_in = request.authenticated_userid)
@view_config(name='add_page', context='.models.Wiki',
renderer='templates/edit.pt',
@@ -65,7 +65,7 @@ def add_page(context, request):
page.__parent__ = context
return dict(page=page, save_url=save_url,
- logged_in=authenticated_userid(request))
+ logged_in=request.authenticated_userid)
@view_config(name='edit_page', context='.models.Page',
renderer='templates/edit.pt',
@@ -77,7 +77,7 @@ def edit_page(context, request):
return dict(page=context,
save_url=request.resource_url(context, 'edit_page'),
- logged_in=authenticated_userid(request))
+ logged_in=request.authenticated_userid)
@view_config(context='.models.Wiki', name='login',
renderer='templates/login.pt')
diff --git a/docs/tutorials/wiki2/authorization.rst b/docs/tutorials/wiki2/authorization.rst
index cf20db6d7..1e5d0dcbf 100644
--- a/docs/tutorials/wiki2/authorization.rst
+++ b/docs/tutorials/wiki2/authorization.rst
@@ -221,7 +221,7 @@ Add the following import statements to the
head of ``tutorial/tutorial/views.py``:
.. literalinclude:: src/authorization/tutorial/views.py
- :lines: 9-16,18,24-25
+ :lines: 9-19
:linenos:
:emphasize-lines: 3,6-9,11
:language: python
@@ -274,17 +274,6 @@ added to ``views.py``.
Return a logged_in flag to the renderer
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-Add the following line to the import at the head of
-``tutorial/tutorial/views.py``:
-
-.. literalinclude:: src/authorization/tutorial/views.py
- :lines: 14-18
- :linenos:
- :emphasize-lines: 4
- :language: python
-
-(Only the highlighted line needs to be added.)
-
Add a ``logged_in`` parameter to the return value of
``view_page()``, ``edit_page()`` and ``add_page()``,
like this:
@@ -296,12 +285,12 @@ like this:
return dict(page = page,
content = content,
edit_url = edit_url,
- logged_in = authenticated_userid(request))
+ logged_in = request.authenticated_userid)
(Only the highlighted line needs to be added.)
-The :meth:`~pyramid.security.authenticated_userid` method will return None
-if the user is not authenticated.
+The :meth:`~pyramid.request.Request.authenticated_userid` property will be
+``None`` if the user is not authenticated.
Add a "Logout" link when logged in
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
@@ -349,7 +338,7 @@ when we're done:
.. literalinclude:: src/authorization/tutorial/views.py
:linenos:
- :emphasize-lines: 11,14-18,25,31,37,58,61,73,76,88,91-117,119-123
+ :emphasize-lines: 11,14-19,25,31,37,58,61,73,76,88,91-117,119-123
:language: python
(Only the highlighted lines need to be added.)
diff --git a/docs/tutorials/wiki2/src/authorization/tutorial/views.py b/docs/tutorials/wiki2/src/authorization/tutorial/views.py
index b6dbbf5f6..e954d5a31 100644
--- a/docs/tutorials/wiki2/src/authorization/tutorial/views.py
+++ b/docs/tutorials/wiki2/src/authorization/tutorial/views.py
@@ -14,15 +14,15 @@ from pyramid.view import (
from pyramid.security import (
remember,
forget,
- authenticated_userid,
)
+from .security import USERS
+
from .models import (
DBSession,
Page,
)
-from .security import USERS
# regular expression used to find WikiWords
wikiwords = re.compile(r"\b([A-Z]\w+[A-Z]+\w+)")
@@ -55,7 +55,7 @@ def view_page(request):
content = wikiwords.sub(check, content)
edit_url = request.route_url('edit_page', pagename=pagename)
return dict(page=page, content=content, edit_url=edit_url,
- logged_in=authenticated_userid(request))
+ logged_in=request.authenticated_userid)
@view_config(route_name='add_page', renderer='templates/edit.pt',
permission='edit')
@@ -70,7 +70,7 @@ def add_page(request):
save_url = request.route_url('add_page', pagename=pagename)
page = Page(name='', data='')
return dict(page=page, save_url=save_url,
- logged_in=authenticated_userid(request))
+ logged_in=request.authenticated_userid)
@view_config(route_name='edit_page', renderer='templates/edit.pt',
permission='edit')
@@ -84,8 +84,8 @@ def edit_page(request):
pagename=pagename))
return dict(
page=page,
- save_url = request.route_url('edit_page', pagename=pagename),
- logged_in=authenticated_userid(request),
+ save_url=request.route_url('edit_page', pagename=pagename),
+ logged_in=request.authenticated_userid
)
@view_config(route_name='login', renderer='templates/login.pt')
diff --git a/docs/tutorials/wiki2/src/tests/tutorial/tests.py b/docs/tutorials/wiki2/src/tests/tutorial/tests.py
index 4ee30685e..c50e05b6d 100644
--- a/docs/tutorials/wiki2/src/tests/tutorial/tests.py
+++ b/docs/tutorials/wiki2/src/tests/tutorial/tests.py
@@ -26,27 +26,6 @@ def _registerRoutes(config):
config.add_route('add_page', 'add_page/{pagename}')
-class PageModelTests(unittest.TestCase):
-
- def setUp(self):
- self.session = _initTestingDB()
-
- def tearDown(self):
- self.session.remove()
-
- def _getTargetClass(self):
- from tutorial.models import Page
- return Page
-
- def _makeOne(self, name='SomeName', data='some data'):
- return self._getTargetClass()(name, data)
-
- def test_constructor(self):
- instance = self._makeOne()
- self.assertEqual(instance.name, 'SomeName')
- self.assertEqual(instance.data, 'some data')
-
-
class ViewWikiTests(unittest.TestCase):
def setUp(self):
self.config = testing.setUp()
diff --git a/docs/tutorials/wiki2/src/tests/tutorial/views.py b/docs/tutorials/wiki2/src/tests/tutorial/views.py
index b6dbbf5f6..41bea4785 100644
--- a/docs/tutorials/wiki2/src/tests/tutorial/views.py
+++ b/docs/tutorials/wiki2/src/tests/tutorial/views.py
@@ -14,15 +14,15 @@ from pyramid.view import (
from pyramid.security import (
remember,
forget,
- authenticated_userid,
)
+from .security import USERS
+
from .models import (
DBSession,
Page,
)
-from .security import USERS
# regular expression used to find WikiWords
wikiwords = re.compile(r"\b([A-Z]\w+[A-Z]+\w+)")
@@ -55,7 +55,7 @@ def view_page(request):
content = wikiwords.sub(check, content)
edit_url = request.route_url('edit_page', pagename=pagename)
return dict(page=page, content=content, edit_url=edit_url,
- logged_in=authenticated_userid(request))
+ logged_in=request.authenticated_userid)
@view_config(route_name='add_page', renderer='templates/edit.pt',
permission='edit')
@@ -70,7 +70,7 @@ def add_page(request):
save_url = request.route_url('add_page', pagename=pagename)
page = Page(name='', data='')
return dict(page=page, save_url=save_url,
- logged_in=authenticated_userid(request))
+ logged_in=request.authenticated_userid)
@view_config(route_name='edit_page', renderer='templates/edit.pt',
permission='edit')
@@ -84,8 +84,8 @@ def edit_page(request):
pagename=pagename))
return dict(
page=page,
- save_url = request.route_url('edit_page', pagename=pagename),
- logged_in=authenticated_userid(request),
+ save_url=request.route_url('edit_page', pagename=pagename),
+ logged_in=request.authenticated_userid
)
@view_config(route_name='login', renderer='templates/login.pt')
@@ -121,4 +121,3 @@ def logout(request):
headers = forget(request)
return HTTPFound(location = request.route_url('view_wiki'),
headers = headers)
-
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-11 23:39:46 +0000