From 14d569ea34409ed796296f860f03b8403859412f Mon Sep 17 00:00:00 2001
From: Theron Luhn <theron@luhn.com>
Date: Sun, 23 Jun 2019 12:19:06 -0700
Subject: Deprecation notices.

---
 src/pyramid/config/__init__.py |  5 ++---
 src/pyramid/config/security.py | 17 ++++++++++++++--
 src/pyramid/interfaces.py      |  6 ++++--
 src/pyramid/predicates.py      |  3 ++-
 src/pyramid/security.py        | 44 ++++++++++++++++++++++++++++--------------
 5 files changed, 53 insertions(+), 22 deletions(-)

(limited to 'src')

diff --git a/src/pyramid/config/__init__.py b/src/pyramid/config/__init__.py
index d8961268a..cf1bfad44 100644
--- a/src/pyramid/config/__init__.py
+++ b/src/pyramid/config/__init__.py
@@ -144,12 +144,11 @@ class Configurator(
 
     If ``authentication_policy`` is passed, it should be an instance
     of an :term:`authentication policy` or a :term:`dotted Python
-    name` to the same.  (Deprecated as of Pyramid 2.0 in favor of
-    ``security_policy``.)
+    name` to the same.
 
     If ``authorization_policy`` is passed, it should be an instance of
     an :term:`authorization policy` or a :term:`dotted Python name` to
-    the same.  (Deprecated as of Pyramid 2.0 in favor of ``security_policy``.)
+    the same.
 
     .. note:: A ``ConfigurationError`` will be raised when an
        authorization policy is supplied without also supplying an
diff --git a/src/pyramid/config/security.py b/src/pyramid/config/security.py
index e8ea0878d..a68581ff1 100644
--- a/src/pyramid/config/security.py
+++ b/src/pyramid/config/security.py
@@ -58,7 +58,13 @@ class SecurityConfiguratorMixin(object):
 
     @action_method
     def set_authentication_policy(self, policy):
-        """ Override the :app:`Pyramid` :term:`authentication policy` in the
+        """
+        .. deprecated:: 2.0
+
+            Authentication policies have been replaced by
+            security policies.  See :ref:`upgrading_auth` for more information.
+
+        Override the :app:`Pyramid` :term:`authentication policy` in the
         current configuration.  The ``policy`` argument must be an instance
         of an authentication policy or a :term:`dotted Python name`
         that points at an instance of an authentication policy.
@@ -105,7 +111,13 @@ class SecurityConfiguratorMixin(object):
 
     @action_method
     def set_authorization_policy(self, policy):
-        """ Override the :app:`Pyramid` :term:`authorization policy` in the
+        """
+        .. deprecated:: 2.0
+
+            Authentication policies have been replaced by
+            security policies.  See :ref:`upgrading_auth` for more information.
+
+        Override the :app:`Pyramid` :term:`authorization policy` in the
         current configuration.  The ``policy`` argument must be an instance
         of an authorization policy or a :term:`dotted Python name` that points
         at an instance of an authorization policy.
@@ -115,6 +127,7 @@ class SecurityConfiguratorMixin(object):
            Using the ``authorization_policy`` argument to the
            :class:`pyramid.config.Configurator` constructor can be used to
            achieve the same purpose.
+
         """
 
         def register():
diff --git a/src/pyramid/interfaces.py b/src/pyramid/interfaces.py
index bc52e324e..06ab1c32e 100644
--- a/src/pyramid/interfaces.py
+++ b/src/pyramid/interfaces.py
@@ -518,7 +518,8 @@ class IAuthenticationPolicy(Interface):
 
     .. deprecated:: 2.0
 
-        Use :class:`ISecurityPolicy`.
+        Authentication policies have been removed in favor of security
+        policies.  See :ref:`upgrading_auth` for more information.
 
     """
 
@@ -577,7 +578,8 @@ class IAuthorizationPolicy(Interface):
 
     .. deprecated:: 2.0
 
-        Use :class:`ISecurityPolicy`.
+        Authentication policies have been removed in favor of security
+        policies.  See :ref:`upgrading_auth` for more information.
 
     """
 
diff --git a/src/pyramid/predicates.py b/src/pyramid/predicates.py
index 974f41cc5..eafd4b890 100644
--- a/src/pyramid/predicates.py
+++ b/src/pyramid/predicates.py
@@ -294,7 +294,8 @@ class EffectivePrincipalsPredicate(object):
     """
     .. deprecated:: 2.0
 
-        No longer applicable with the new :term:`security policy`.
+        The new security system has removed the concept of principals.  See
+        :ref:`upgrading_auth` for more information.
 
     """
 
diff --git a/src/pyramid/security.py b/src/pyramid/security.py
index eb5ba3e19..44ae75196 100644
--- a/src/pyramid/security.py
+++ b/src/pyramid/security.py
@@ -107,7 +107,13 @@ def forget(request):
 
 
 def principals_allowed_by_permission(context, permission):
-    """ Provided a ``context`` (a resource object), and a ``permission``
+    """
+    .. deprecated:: 2.0
+
+        The new security policy has removed the concept of principals.  See
+        :ref:`upgrading_auth` for more information.
+
+    Provided a ``context`` (a resource object), and a ``permission``
     string, if an :term:`authorization policy` is
     in effect, return a sequence of :term:`principal` ids that possess
     the permission in the ``context``.  If no authorization policy is
@@ -322,13 +328,16 @@ class SecurityAPIMixin(object):
 class AuthenticationAPIMixin(object):
     @property
     def authenticated_userid(self):
-        """ Return the userid of the currently authenticated user or
-        ``None`` if there is no :term:`authentication policy` in effect or
-        there is no currently authenticated user.
-
+        """
         .. deprecated:: 2.0
 
-            Use ``request.identity`` instead.
+            ``authenticated_userid`` has been replaced by
+            :attr:`authenticated_identity` in the new security system.  See
+            :ref:`upgrading_auth` for more information.
+
+        Return the userid of the currently authenticated user or
+        ``None`` if there is no :term:`authentication policy` in effect or
+        there is no currently authenticated user.
 
         """
         authn = _get_authentication_policy(self)
@@ -342,7 +351,14 @@ class AuthenticationAPIMixin(object):
 
     @property
     def unauthenticated_userid(self):
-        """ Return an object which represents the *claimed* (not verified) user
+        """
+        .. deprecated:: 2.0
+
+            ``unauthenticated_userid`` has been replaced by
+            :attr:`authenticated_identity` in the new security system.  See
+            :ref:`upgrading_auth` for more information.
+
+        Return an object which represents the *claimed* (not verified) user
         id of the credentials present in the request. ``None`` if there is no
         :term:`authentication policy` in effect or there is no user data
         associated with the current request.  This differs from
@@ -350,10 +366,6 @@ class AuthenticationAPIMixin(object):
         effective authentication policy will not ensure that a record
         associated with the userid exists in persistent storage.
 
-        .. deprecated:: 2.0
-
-            Use ``request.identity`` instead.
-
         """
         authn = _get_authentication_policy(self)
         security = _get_security_policy(self)
@@ -366,13 +378,17 @@ class AuthenticationAPIMixin(object):
 
     @property
     def effective_principals(self):
-        """ Return the list of 'effective' :term:`principal` identifiers
+        """
+        .. deprecated:: 2.0
+
+            The new security policy has removed the concept of principals.  See
+            :ref:`upgrading_auth` for more information.
+
+        Return the list of 'effective' :term:`principal` identifiers
         for the ``request``. If no :term:`authentication policy` is in effect,
         this will return a one-element list containing the
         :data:`pyramid.security.Everyone` principal.
 
-        .. deprecated:: 2.0
-
         """
         policy = _get_authentication_policy(self)
         if policy is None:
-- 
cgit v1.2.3