Hi!
Charlie Clark wrote: > Please add a separate folder for these views. We need to separate them > from the content ones. Why? 'browser' is a generic name, that folder is usually used for *all* browser views. Which folder names would you propose? > BTW. (For pedagogic reason I'm not too keen on > EditForms being used when objects aren't being edited.) Why? Is this about names or implementation? EditFormBase is for all kinds of editable forms, ContentEditFormBase for content objects. > So +1 from me but as per my other e-mails - what will the CookieCrumbler > do afterwards? > > Using a view means that there is a hardcoded relation between the login > form and the login cookies. That doesn't have to be hardcoded. We could look up the cookie settings in the CookieCrumbler. > This is the current interface for ICookieCrumbler with proposed > deprecation decorators > > > class ICookieCrumbler(Interface): > > """Reads cookies during traversal and simulates the HTTP auth headers. > """ > > @deprecate auth_cookie = Attribute("""The key of the authorisation > cookie""") > @deprecate name_cookie = Attribute("""They key of the authorised user > cookie""") > @deprecate pw_cookie = Attribute("""The key of the password cookie""") Why deprecated? We can keep these 3 configurable and look them up. > persist_cookie = Attribute("""The key of the persistent cookie""") > local_cookie_path = Attribute("""If True, the cookie tied to the local > path?""") > cache_header_value = Attribute("""If present, the login page will not > be cached""") > log_username = Attribute("""If True, the username will in appear in > Zope's log""") > > def delRequestVar(req, name): > """No errors of any sort may propagate, and we don't care *what* > they are, even to log them.""" > > def getCookiePath(): > """Get the path for the cookie > the parent URL if local_cookie_path is True otherwise /""" > return path > > @deprecate > def getCookieMethod(name, default=None): > """ Allow overridable cookie set/expiration methods.""" > return getattr(name, default) Why deprecated? > def defaultSetAuthCookie(resp, cookie_name, cookie_value): > """Set the authorisation cookie""" > > def defaultExpireAuthCookie(resp, cookie_name): > """Expire the cookie""" > > def _setAuthHeader(ac, request, response): > """Set the auth headers for both the Zope and Medusa http request > objects. > """ > > @deprecate > def modifyRequest(req, resp): > """Copies cookie-supplied credentials to the basic auth fields. > > Returns a flag indicating what the user is trying to do with > cookies: ATTEMPT_NONE, ATTEMPT_LOGIN, or ATTEMPT_RESUME. If > cookie login is disabled for this request, raises > CookieCrumblerDisabled. > """ Why deprecated? > def __call__(container, req): > """The __before_publishing_traverse__ hook.""" > > @deprecate > def credentialsChanged(user, name, pw): > """# XXX: this method violates the rules for tools/utilities: > # it depends on self.REQUEST """ Why deprecated? > @deprecate > def _cleanupResponse(): > """# XXX: this method violates the rules for tools/utilities: > # it depends on self.REQUEST""" +1 for deprecating (or maybe just removing) it > @deprecate > def unauthorized(): > """Remove authentication cookies and redirect to standard > unauthorized""" +1 for deprecating (or maybe just removing) it > @deprecate > def _unauthorized(): > """Remove authentication cookies and redirect to standard > _unauthorized""" +1 for deprecating (or maybe just removing) it > @deprecate > def getUnauthorizedURL(): > """ > Redirects to the login page. > """ +1 for deprecating (or maybe just removing) it > @deprecate > def logout(): > """ > Logs out the user and redirects to the logout page. > """ Why deprecated? > def propertyLabel(id): > """Return a label for the given property id > """ > > I'm more than happy to help with this if there is anything I can do that > doesn't mean you spend more time answering my questions than it would take > to do the work! :-) I'm only working on the login process. Could you perhaps start working on the logout process before we bring everything together? Cheers, Yuppie _______________________________________________ Zope-CMF maillist - Zope-CMF@zope.org https://mail.zope.org/mailman/listinfo/zope-cmf See https://bugs.launchpad.net/zope-cmf/ for bug reports and feature requests