Hello, everybody. I am pleased to announce the first beta release of repoze.what, the authorization framework for WSGI applications. For more information, you may visit the repoze.what website: http://static.repoze.org/whatdocs/
Changes: ======== * Removed dependencies on TurboGears and Pylons. * Introduced a framework-independent function (repoze.what.authorize.check_authorization) to check authorization based on a predicate and the WSGI environment, along with the repoze.what.authorize.NotAuthorizedError exception. * Now repoze.what is 100% documented. * Moved the predicates from repoze.what.authorize to repoze.what.predicates. Nevertheless, they are imported in the former to avoid breaking TurboGears 2 applications created when tg.ext.repoze.who or tgext.authorization existed. * Added the Not predicate. * Now you can override the error message of the built-in predicates or set your own message at instantiation time by passing the ``msg`` keywork argument to the predicate. Example:: from repoze.what.predicates import is_user my_predicate = is_user('carla', msg="Only Carla may come here") As a result, if your custom predicate defines the constructor method (``__init__``), then you're highly encouraged to call its parent with the ``msg`` keyword argument. Example:: from repoze.what.predicates import Predicate class MyCoolPredicate(Predicate): def __init__(self, **kwargs): super(MyCoolPredicate, self).__init__(**kwargs) * Moved the SQL plugin (repoze.what.plugins.sql) into a separate package. Also moved repoze.what.plugins.quickstart into that package because it's specific to the SQL plugin. * Log messages are no longer sent to standard output if the ``WHO_LOG`` environment variable is defined, but with ``AUTH_LOG``. * Now repoze.what uses logging internally to ease debugging. Backwards-incompatible changes ------------------------------ * If you have custom predicates, you should update the ``eval_with_object`` method, which has been renamed to ``_eval_with_environ`` and only receives one argument (the WSGI environment). This is, if your method's signature looks like this:: eval_with_object(obj, errors) Now it should look like this:: _eval_with_environ(environ) Note that ``errors`` are no longer passed. On the other hand, the ``error_message`` attribute of predicates has been renamed to ``message`` because they are not only used to display errors (see repoze.what.predicates). * The repoze.what.authorize.require decorator has been removed because it's specific to TurboGears. TurboGears 2 applications will find it at tg.require. Because this is the first beta release, there should not be more backwards incompatible changes in the coming 1.X releases. Cheers. -- Gustavo Narea <http://gustavonarea.net/>. Get rid of unethical constraints! Get freedomware: http://www.getgnulinux.org/
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev