Pyramid 1.5a3 has been released.  Here's what happened since the last
release in the 1.5 series (1.5a2):

  Features
  --------

  - An authorization API has been added as a method of the request:
    ``request.has_permission``.

    ``request.has_permission`` is a method-based alternative to the
    ``pyramid.security.has_permission`` API and works exactly the
    same.  The older API is now deprecated.

  - Property API attributes have been added to the request for easier
    access to authentication data: ``request.authenticated_userid``,
    ``request.unauthenticated_userid``, and
    ``request.effective_principals``.

    These are analogues, respectively, of
    ``pyramid.security.authenticated_userid``,
    ``pyramid.security.unauthenticated_userid``, and
    ``pyramid.security.effective_principals``.  They operate exactly
    the same, except they are attributes of the request instead of
    functions accepting a request.  They are properties, so they
    cannot be assigned to.  The older function-based APIs are now
    deprecated.

  - Pyramid's console scripts (``pserve``, ``pviews``, etc) can now be
    run directly, allowing custom arguments to be sent to the python
    interpreter at runtime. For example::

        python -3 -m pyramid.scripts.pserve development.ini

  - Added a specific subclass of ``HTTPBadRequest`` named
    ``pyramid.exceptions.BadCSRFToken`` which will now be raised in
    response to failures in ``check_csrf_token``.  See
    https://github.com/Pylons/pyramid/pull/1149

  - Added a new ``SignedCookieSessionFactory`` which is very similar
    to the ``UnencryptedCookieSessionFactoryConfig`` but with a
    clearer focus on signing content. The custom serializer arguments
    to this function should only focus on serializing, unlike its
    predecessor which required the serializer to also perform signing.
    See https://github.com/Pylons/pyramid/pull/1142 .  Note that
    cookies generated using ``SignedCookieSessionFactory`` are not
    compatible with cookies generated using
    ``UnencryptedCookieSessionFactory``, so existing user session data
    will be destroyed if you switch to it.

  - Added a new ``BaseCookieSessionFactory`` which acts as a generic
    cookie factory that can be used by framework implementors to
    create their own session implementations. It provides a reusable
    API which focuses strictly on providing a dictionary-like object
    that properly handles renewals, timeouts, and conformance with the
    ``ISession`` API.  See https://github.com/Pylons/pyramid/pull/1142

  - The anchor argument to ``pyramid.request.Request.route_url`` and
    ``pyramid.request.Request.resource_url`` and their derivatives
    will now be escaped via URL quoting to ensure minimal conformance.
    See https://github.com/Pylons/pyramid/pull/1183

  - Allow sending of ``_query`` and ``_anchor`` options to
    ``pyramid.request.Request.static_url`` when an external URL is
    being generated.  See https://github.com/Pylons/pyramid/pull/1183

  - You can now send a string as the ``_query`` argument to
    ``pyramid.request.Request.route_url`` and
    ``pyramid.request.Request.resource_url`` and their derivatives.
    When a string is sent instead of a list or dictionary. it is
    URL-quoted however it does not need to be in ``k=v`` form.  This
    is useful if you want to be able to use a different query string
    format than ``x-www-form-urlencoded``.  See
    https://github.com/Pylons/pyramid/pull/1183

  - ``pyramid.testing.DummyRequest`` now has a ``domain`` attribute to
    match the new WebOb 1.3 API.  Its value is ``example.com``.

  Bug Fixes
  ---------

  - Fix the ``pcreate`` script so that when the target directory name
    ends with a slash it does not produce a non-working project
    directory structure.  Previously saying ``pcreate -s starter
    /foo/bar/`` produced different output than saying ``pcreate -s
    starter /foo/bar``.  The former did not work properly.

  - Fix the ``principals_allowed_by_permission`` method of
    ``ACLAuthorizationPolicy`` so it anticipates a callable
    ``__acl__`` on resources.  Previously it did not try to call the
    ``__acl__`` if it was callable.

  - The ``pviews`` script did not work when a url required custom
    request methods in order to perform traversal. Custom methods and
    descriptors added via
    ``pyramid.config.Configurator.add_request_method`` will now be
    present, allowing traversal to continue.  See
    https://github.com/Pylons/pyramid/issues/1104

  - Remove unused ``renderer`` argument from
    ``Configurator.add_route``.

  - Allow the ``BasicAuthenticationPolicy`` to work with non-ascii
    usernames and passwords. The charset is not passed as part of the
    header and different browsers alternate between UTF-8 and Latin-1,
    so the policy now attempts to decode with UTF-8 first, and will
    fallback to Latin-1.  See
    https://github.com/Pylons/pyramid/pull/1170

  - The ``@view_defaults`` now apply to notfound and forbidden views
    that are defined as methods of a decorated class.  See
    https://github.com/Pylons/pyramid/issues/1173

  Documentation
  -------------

  - Added a "Quick Tutorial" to go with the Quick Tour

  - Removed mention of ``pyramid_beaker`` from docs.  Beaker is no
    longer maintained.  Point people at ``pyramid_redis_sessions``
    instead.

  - Add documentation for ``pyramid.interfaces.IRendererFactory`` and
    ``pyramid.interfaces.IRenderer``.

  Backwards Incompatibilities
  ---------------------------

  - The key/values in the ``_query`` parameter of
    ``request.route_url`` and the ``query`` parameter of
    ``request.resource_url`` (and their variants), used to encode a
    value of ``None`` as the string ``'None'``, leaving the resulting
    query string to be ``a=b&key=None``. The value is now dropped in
    this situation, leaving a query string of ``a=b&key=``.  See
    https://github.com/Pylons/pyramid/issues/1119

  Deprecations
  ------------

  - Deprecate the ``pyramid.interfaces.ITemplateRenderer``
    interface. It was ill-defined and became unused when Mako and
    Chameleon template bindings were split into their own packages.

  - The ``pyramid.session.UnencryptedCookieSessionFactoryConfig`` API
    has been deprecated and is superseded by the
    ``pyramid.session.SignedCookieSessionFactory``.  Note that while
    the cookies generated by the
    ``UnencryptedCookieSessionFactoryConfig`` are compatible with
    cookies generated by old releases, cookies generated by the
    SignedCookieSessionFactory are not. See
    https://github.com/Pylons/pyramid/pull/1142

  - The ``pyramid.security.has_permission`` API is now deprecated.
    Instead, use the newly-added ``has_permission`` method of the
    request object.

  - The ``pyramid.security.effective_principals`` API is now
    deprecated.  Instead, use the newly-added ``effective_principals``
    attribute of the request object.

  - The ``pyramid.security.authenticated_userid`` API is now
    deprecated.  Instead, use the newly-added ``authenticated_userid``
    attribute of the request object.

  - The ``pyramid.security.unauthenticated_userid`` API is now
    deprecated.  Instead, use the newly-added
    ``unauthenticated_userid`` attribute of the request object.

  Dependencies
  ------------

  - Pyramid now depends on WebOb>=1.3 (it uses
    ``webob.cookies.CookieProfile`` from 1.3+).

A detailed "What's New in Pyramid 1.5" document is available at


http://docs.pylonsproject.org/projects/pyramid/en/master/whatsnew-1.5.html

The documentation for the release is available at
http://docs.pylonsproject.org/projects/pyramid/en/1.5-branch/ .

You can install it via PyPI:

  easy_install Pyramid==1.5a3

Enjoy, and please report any issues you find to the issue tracker at
https://github.com/Pylons/pyramid/issues

Thanks!

- C

--
You received this message because you are subscribed to the Google Groups 
"pylons-discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/pylons-discuss.
For more options, visit https://groups.google.com/groups/opt_out.

Reply via email to