From 495da107e3da765649957a0c03561648ea75e26b Mon Sep 17 00:00:00 2001
From: Theron Luhn <theron@luhn.com>
Date: Sat, 14 Dec 2019 18:57:03 -0600
Subject: Correct implementation of Request.unauthenticated_userid.

New implementation was not backwards compatible.   This brings back the
old implementation, except changing to pull from
ISecurityPolicy.authenticated_userid when applicable.

Also undeprecated the method again.
---
 src/pyramid/security.py | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

(limited to 'src')

diff --git a/src/pyramid/security.py b/src/pyramid/security.py
index 053ff5818..838bcebbd 100644
--- a/src/pyramid/security.py
+++ b/src/pyramid/security.py
@@ -376,18 +376,14 @@ class AuthenticationAPIMixin(object):
         associated with the userid exists in persistent storage.
 
         """
-        policy = _get_security_policy(self)
-        if policy is None:
+        authn = _get_authentication_policy(self)
+        security = _get_security_policy(self)
+        if authn is not None:
+            return authn.unauthenticated_userid(self)
+        elif security is not None:
+            return security.authenticated_userid(self)
+        else:
             return None
-        return policy.authenticated_userid(self)
-
-    unauthenticated_userid = deprecated(
-        unauthenticated_userid,
-        'The new security policy has removed the concept of unauthenticated '
-        'userid.  See https://docs.pylonsproject.org/projects/pyramid/en/latest'
-        '/whatsnew-2.0.html#upgrading-authentication-authorization '
-        'for more information.',
-    )
 
     @property
     def effective_principals(self):
-- 
cgit v1.2.3