Hello, David. On Saturday November 29, 2008 19:49:09 David Pratt wrote: > Awesome docs, Gustavo.
Thanks! :) > I really like the @require decorator for tg. > Wonder how easy it would be to create a security policy in bfg that > would perform the same way. I have no idea, to be honest -- I have not used repoze.bfg yet. Perhaps somebody else on this list will point you in the right direction. Cheers! - Gustavo. > Regards, > David > > On Nov 26, 2008, at 2:54 PM, Gustavo Narea wrote: > > Hello, everybody. > > > > I am pleased to announce the first beta release of repoze.what, the > > authorization framework for WSGI applications. For more > > information, you may > > visit the repoze.what website: > > http://static.repoze.org/whatdocs/ > > > > Changes: > > ======== > > > > * Removed dependencies on TurboGears and Pylons. > > * Introduced a framework-independent function > > (repoze.what.authorize.check_authorization) to check authorization > > based on a predicate and the WSGI environment, along with the > > repoze.what.authorize.NotAuthorizedError exception. > > * Now repoze.what is 100% documented. > > * Moved the predicates from repoze.what.authorize to > > repoze.what.predicates. Nevertheless, they are imported in the > > former > > to avoid breaking TurboGears 2 applications created when > > tg.ext.repoze.who or tgext.authorization existed. > > * Added the Not predicate. > > * Now you can override the error message of the built-in predicates > > or set > > your own message at instantiation time by passing the ``msg`` keywork > > argument to the predicate. Example:: > > > > from repoze.what.predicates import is_user > > > > my_predicate = is_user('carla', msg="Only Carla may come here") > > > > As a result, if your custom predicate defines the constructor method > > (``__init__``), then you're highly encouraged to call its parent > > with the > > ``msg`` keyword argument. Example:: > > > > from repoze.what.predicates import Predicate > > > > class MyCoolPredicate(Predicate): > > def __init__(self, **kwargs): > > super(MyCoolPredicate, self).__init__(**kwargs) > > > > * Moved the SQL plugin (repoze.what.plugins.sql) into a separate > > package. Also moved repoze.what.plugins.quickstart into that package > > because it's specific to the SQL plugin. > > * Log messages are no longer sent to standard output if the > > ``WHO_LOG`` > > environment variable is defined, but with ``AUTH_LOG``. > > * Now repoze.what uses logging internally to ease debugging. > > > > > > Backwards-incompatible changes > > ------------------------------ > > > > * If you have custom predicates, you should update the > > ``eval_with_object`` > > method, which has been renamed to ``_eval_with_environ`` and only > > receives > > one argument (the WSGI environment). This is, if your method's > > signature > > looks like this:: > > > > eval_with_object(obj, errors) > > > > Now it should look like this:: > > > > _eval_with_environ(environ) > > > > Note that ``errors`` are no longer passed. > > > > On the other hand, the ``error_message`` attribute of predicates > > has been > > renamed to ``message`` because they are not only used to display > > errors > > (see repoze.what.predicates). > > * The repoze.what.authorize.require decorator has been removed because > > it's specific to TurboGears. TurboGears 2 applications will find > > it at > > tg.require. > > > > Because this is the first beta release, there should not be more > > backwards > > incompatible changes in the coming 1.X releases. > > > > Cheers. > > -- > > Gustavo Narea <http://gustavonarea.net/>. > > > > Get rid of unethical constraints! Get freedomware: > > http://www.getgnulinux.org/ > > > > _______________________________________________ > > Repoze-dev mailing list > > Repoze-dev@lists.repoze.org > > http://lists.repoze.org/listinfo/repoze-dev -- Gustavo Narea <http://gustavonarea.net/>. Get rid of unethical constraints! Get freedomware: http://www.getgnulinux.org/ _______________________________________________ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev
