| Age | Commit message (Collapse) | Author |
|---|
|
now defaults to ``auth_tkt`` (it used to default to ``repoze.bfg.auth_tkt``).
- The default ``cookie_name`` value of the
``pyramid.authentication.AuthTktAuthenticationPolicy`` constructor now
defaults to ``auth_tkt`` (it used to default to ``repoze.bfg.auth_tkt``).
|
|
that it is imported from pyramid. API docs can mention its inheritance from
webob (aka "Provide a webob.Response class facade for forward compat").
|
|
during internationalization were never APIs. These however have changed to
``localizer`` and ``locale_name``, respectively.
|
|
an exception occurs is now deprecated. Instead, code which relies on this
environ value should use the ``exception`` attribute of the request
(e.g. ``request.exception[0]``) to retrieve the message.
|
|
is sent as an event before a renderer is invoked (but after the
application-level renderer globals factory added via
``pyramid.configurator.configuration.set_renderer_globals_factory``, if any,
has injected its own keys). Applications may now subscribe to the
``IBeforeRender`` event type in order to introspect the and modify the set of
renderer globals before they are passed to a renderer. The event object
iself has a dictionary-like interface that can be used for this purpose. For
example::
from repoze.events import subscriber
from pyramid.interfaces import IRendererGlobalsEvent
@subscriber(IRendererGlobalsEvent)
def add_global(event):
event['mykey'] = 'foo'
If a subscriber attempts to add a key that already exist in the renderer
globals dictionary, a ``KeyError`` is raised. This limitation is due to the
fact that subscribers cannot be ordered relative to each other. The set of
keys added to the renderer globals dictionary by all subscribers and
app-level globals factories must be unique.
|
|
(IRendererInfo) that can act as a contract between a renderer factory and the framework
|
|
|
|
|
|
webob reference and add todo for httpexceptions.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
--------
- In support of making it easier to configure applications which are
"secure by default", a default permission feature was added. If
supplied, the default permission is used as the permission string to
all view registrations which don't otherwise name a permission.
These APIs are in support of that:
- A new constructor argument was added to the Configurator:
``default_permission``.
- A new method was added to the Configurator:
``set_default_permission``.
- A new ZCML directive was added: ``default_permission``.
Documentation
-------------
- Added documentation for the ``default_permission`` ZCML directive.
- Added documentation for the ``default_permission`` constructor value
and the ``set_default_permission`` method in the Configurator API
documentation.
- Added a new section to the "security" chapter named "Setting a
Default Permission".
- Document ``renderer_globals_factory`` and ``request_factory``
arguments to Configurator constructor.
|
|
|
|
|
|
|
|
``request`` attribute; as a result, a handler for INewResponse now
has access to the request which caused the response.
- The INewResponse event is now not sent to listeners if the response
returned by view code (or a renderer) is not a "real" response
(e.g. if it does not have ``.status``, ``.headerlist`` and
``.app_iter`` attribtues).
|
|
(either via the ``static`` ZCML directive or via the
``add_static_view`` method of the configurator) was incorrect. It
was regsistered for e.g. ``static*traverse``, while it should have
been registered for ``static/*traverse``. Symptom: two static views
could not reliably be added to a system when they both shared the
same path prefix (e.g. ``/static`` and ``/static2``).
|
|
|
|
below-named arguments to be passed as "dotted name strings"
(e.g. "foo.bar.baz") rather than as actual implementation objects
that must be imported:
setup_registry
root_factory, authentication_policy, authorization_policy,
debug_logger, locale_negotiator, request_factory,
renderer_globals_factory
add_subscriber
subscriber, iface
derive_view
view
add_view
view, for_, context, request_type, containment
add_route()
view, view_for, factory, for_, view_context
scan
package
add_renderer
factory
set_forbidden_view
view
set_notfound_view
view
set_request_factory
factory
set_renderer_globals_factory()
factory
set_locale_negotiator
negotiator
testing_add_subscriber
event_iface
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
decorator decorates module-scope functions, which are then treated
as event listeners after a scan() is performed. See the Events
narrative documentation chapter and the ``repoze.bfg.events`` module
documentation for more information.
|
|
|
|
|
