summaryrefslogtreecommitdiff
path: root/docs/api
AgeCommit message (Collapse)Author
2020-11-28namespace upgrading_auth since it's in the whatsnew docMichael Merickel
2020-10-13Rename `ISecurityPolicy.authenticated_identity` to `identity`Theron Luhn
2020-04-24Exclude duplicate members `response` and `session` from `request` module to ↵Steve Piercy
avoid Sphinx warnings: src/pyramid/request.py:docstring of pyramid.request.Request.response:1: WARNING: duplicate object description of pyramid.request.Request.response, other instance in api/request, use :noindex: for one of them src/pyramid/request.py:docstring of pyramid.request.Request.session:1: WARNING: duplicate object description of pyramid.request.Request.session, other instance in api/request, use :noindex: for one of them
2020-01-16update docs with pyramid.authorizatio imports after syncing masterMichael Merickel
2020-01-14Apply suggestions from code reviewMichael Merickel
Co-Authored-By: Éric Araujo <merwok@netwok.org>
2020-01-14Apply suggestions from code reviewMichael Merickel
Co-Authored-By: Éric Araujo <merwok@netwok.org>
2020-01-14update changelog and docsMichael Merickel
2020-01-12move doc references from pyramid.security to pyramid.authorizationMichael Merickel
2020-01-09clarify the docsMichael Merickel
2020-01-09fix paradigm to avoid incorrect usagesMichael Merickel
It's almost impossible to create a decorator that works on both methods and functions, but more importantly the original approach was sharing a cache across instances of the policy. It needed to be local to the policy instance, but shared across requests. The new example demonstrates that. The cache is also much more flexible in its usage patterns now.
2020-01-08link to prMichael Merickel
2019-12-15Four spaces of indentation.Theron Luhn
2019-12-14Update docs.Theron Luhn
2019-12-14start reworking security policyÉric Araujo
2019-10-17add ISecurityPolicy to the public interface apiMichael Merickel
2019-10-02define an IPredicateInfo instead of passing the full configurator to predicatesMichael Merickel
2019-09-30Merge pull request #3465 from luhn/security-policyMichael Merickel
Security policy implementation
2019-07-13Improve authn/authz API docs.Theron Luhn
2019-06-23Deprecation notices.Theron Luhn
2019-06-23Make sure Configator.set_security_policy is in docs.Theron Luhn
2019-05-26API docs.Theron Luhn
2019-04-01Fix docs build.Theron Luhn
2019-01-05stop overriding request.json_body from webobMichael Merickel
2018-11-26Merge pull request #3421 from mmerickel/drop-py2Michael Merickel
remove py2 from the codebase
2018-11-21Keep the localizer property from showing up twice in the docsKarl O. Pinc
2018-11-18Remove `docs/api/compat.rst`. The remaining items were moved into ↵Steve Piercy
`pyramid.util`, but we don't want to document anything in that module.
2018-11-17Remove long type (should have been removed with other type aliases)Steve Piercy
2018-11-17Remove native_, rename ascii_native_ to ascii_Steve Piercy
2018-11-17Remove urllib.parse shimsSteve Piercy
2018-11-17Remove is_nonstr_iterSteve Piercy
2018-11-17Remove reraiseSteve Piercy
2018-11-17Remove SimpleCookie and escape shimsSteve Piercy
2018-11-17Remove iter*, configparser, input_, map_Steve Piercy
2018-11-17Remove pickle and exec aliasesSteve Piercy
2018-11-17Remove *_types per b1a257bacc1c4ac2c1401ed02c51d9c6c03685d2Steve Piercy
- Remove Python 2 items, and remove explicit mention of Python 3.
2018-11-03change to use JSONSerializer for SignedCookieSessionFactoryMichael Merickel
2018-11-01remove deprecated security functionsMichael Merickel
2018-10-31remove docs/api/scaffolds.rstMichael Merickel
2018-10-15add route_prefix_context to api docsMichael Merickel
2018-10-15fix whatsnew syntaxMichael Merickel
2018-10-03remove deprecated set_request_propertyMichael Merickel
2018-09-16deprecate signed_serialize and signed_deserializeMichael Merickel
2018-09-16deprecate pickleable sessions, recommend jsonMichael Merickel
2018-08-18Clean up code-blocks in requestSteve Piercy
2018-06-11Add httpexception for status code 308Jason Williams
2017-06-18Merge branch 'master' into pr/3034Michael Merickel
2017-06-18configure resource_url to use the same logicMichael Merickel
2017-06-14fix p.security.ACLPermitsResult to subclass p.security.PermitsResultMichael Merickel
The ``IAuthorizationPolicy`` is expected to return an instance of ``PermitsResult`` and the ``ACLPermitsResult`` now subclasses this to form a consistent class hierarchy. Similarly the ``ACLDenied`` subclasses ``Denied`` and ``ACLAllowed`` subclasses ``Allowed`` for consistency.
2017-04-30Merge pull request #2985 from mmerickel/plasterMichael Merickel
migrate pyramid to use plaster
2017-04-29final cleanup of csrf decoupling in #2854Michael Merickel
- Renamed `SessionCSRFStoragePolicy` to `LegacySessionCSRFStoragePolicy` for the version that uses the legacy `ISession.get_csrf_token` and `ISession.new_csrf_token` apis and set that as the default. - Added new `SessionCSRFStoragePolicy` that stores data in the session similar to how the `SessionAuthenticationPolicy` works. - `CookieCSRFStoragePolicy` did not properly return the newly generated token from `get_csrf_token` after calling `new_csrf_token`. It needed to cache the new value since the response callback does not affect the current request. - `CookieCSRFStoragePolicy` was not forwarding the `domain` value to the `CookieProfile` causing that setting to be ignored. - Removed `check_csrf_token` from the `ICSRFStoragePolicy` interface to simplify implementations of storage policies. - Added an introspectable item for the configured storage policy so that it appears on the debugtoolbar. - Added a change note on `ISession` that it no longer required the csrf methods. - Leave deprecated shims in ``pyramid.session`` for ``check_csrf_origin`` and ``check_csrf_token``.
generated by cgit v1.2.3 (git 2.25.1) at 2026-01-10 21:26:19 +0000