| Age | Commit message (Collapse) | Author |
|---|
|
|
|
webob reference and add todo for httpexceptions.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
--------
- In support of making it easier to configure applications which are
"secure by default", a default permission feature was added. If
supplied, the default permission is used as the permission string to
all view registrations which don't otherwise name a permission.
These APIs are in support of that:
- A new constructor argument was added to the Configurator:
``default_permission``.
- A new method was added to the Configurator:
``set_default_permission``.
- A new ZCML directive was added: ``default_permission``.
Documentation
-------------
- Added documentation for the ``default_permission`` ZCML directive.
- Added documentation for the ``default_permission`` constructor value
and the ``set_default_permission`` method in the Configurator API
documentation.
- Added a new section to the "security" chapter named "Setting a
Default Permission".
- Document ``renderer_globals_factory`` and ``request_factory``
arguments to Configurator constructor.
|
|
|
|
|
|
|
|
``request`` attribute; as a result, a handler for INewResponse now
has access to the request which caused the response.
- The INewResponse event is now not sent to listeners if the response
returned by view code (or a renderer) is not a "real" response
(e.g. if it does not have ``.status``, ``.headerlist`` and
``.app_iter`` attribtues).
|
|
(either via the ``static`` ZCML directive or via the
``add_static_view`` method of the configurator) was incorrect. It
was regsistered for e.g. ``static*traverse``, while it should have
been registered for ``static/*traverse``. Symptom: two static views
could not reliably be added to a system when they both shared the
same path prefix (e.g. ``/static`` and ``/static2``).
|
|
|
|
below-named arguments to be passed as "dotted name strings"
(e.g. "foo.bar.baz") rather than as actual implementation objects
that must be imported:
setup_registry
root_factory, authentication_policy, authorization_policy,
debug_logger, locale_negotiator, request_factory,
renderer_globals_factory
add_subscriber
subscriber, iface
derive_view
view
add_view
view, for_, context, request_type, containment
add_route()
view, view_for, factory, for_, view_context
scan
package
add_renderer
factory
set_forbidden_view
view
set_notfound_view
view
set_request_factory
factory
set_renderer_globals_factory()
factory
set_locale_negotiator
negotiator
testing_add_subscriber
event_iface
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
decorator decorates module-scope functions, which are then treated
as event listeners after a scan() is performed. See the Events
narrative documentation chapter and the ``repoze.bfg.events`` module
documentation for more information.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
be used to generate a BFG view callable from a user-supplied
function, instance, or class. This useful for external framework and
plugin authors wishing to wrap callables supplied by their users
which follow the same calling conventions and response conventions
as objects that can be supplied directly to BFG as a view callable.
See the ``derive_view`` method in the
``repoze.bfg.configuration.Configurator`` docs.
|
|
a context.
Cause append_slash_notfound_view to work in case it is registered via
set_notfound_view.
|
