| | |
|---|
| | | - :func:`pyramid.path.package_name` no longer thows an exception when resolving |
|---|
| | | the package name for namespace packages that have no ``__file__`` attribute. |
|---|
| | | |
|---|
| | | - An authorization API has been added as a method of the request: |
|---|
| | | :meth:`pyramid.request.Request.has_permission`. It is a method-based |
|---|
| | | alternative to the :func:`pyramid.security.has_permission` API and works |
|---|
| | | exactly the same. The older API is now deprecated. |
|---|
| | | |
|---|
| | | - Property API attributes have been added to the request for easier access to |
|---|
| | | authentication data: :attr:`pyramid.request.Request.authenticated_userid`, |
|---|
| | | :attr:`pyramid.request.Request.unauthenticated_userid`, and |
|---|
| | | :attr:`pyramid.request.Request.effective_principals`. These are analogues, |
|---|
| | | respectively, of :func:`pyramid.security.authenticated_userid`, |
|---|
| | | :func:`pyramid.security.unauthenticated_userid`, and |
|---|
| | | :func:`pyramid.security.effective_principals`. They operate exactly the |
|---|
| | | same, except they are attributes of the request instead of functions |
|---|
| | | accepting a request. They are properties, so they cannot be assigned to. |
|---|
| | | The older function-based APIs are now deprecated. |
|---|
| | | |
|---|
| | | - Pyramid's console scripts (``pserve``, ``pviews``, etc) can now be run |
|---|
| | | directly, allowing custom arguments to be sent to the python interpreter |
|---|
| | | at runtime. For example:: |
|---|
| | | |
|---|
| | | python -3 -m pyramid.scripts.pserve development.ini |
|---|
| | | |
|---|
| | | - Added a specific subclass of :class:`pyramid.httpexceptions.HTTPBadRequest` |
|---|
| | | named :class:`pyramid.exceptions.BadCSRFToken` which will now be raised in |
|---|
| | | response to failures in the ``check_csrf_token`` view predicate. See |
|---|
| | | https://github.com/Pylons/pyramid/pull/1149 |
|---|
| | | |
|---|
| | | - Added a new ``SignedCookieSessionFactory`` which is very similar to the |
|---|
| | | ``UnencryptedCookieSessionFactoryConfig`` but with a clearer focus on |
|---|
| | | signing content. The custom serializer arguments to this function should |
|---|
| | | only focus on serializing, unlike its predecessor which required the |
|---|
| | | serializer to also perform signing. |
|---|
| | | See https://github.com/Pylons/pyramid/pull/1142 |
|---|
| | | |
|---|
| | | - Added a new ``BaseCookieSessionFactory`` which acts as a generic cookie |
|---|
| | | factory that can be used by framework implementors to create their own |
|---|
| | | session implementations. It provides a reusable API which focuses strictly |
|---|
| | | on providing a dictionary-like object that properly handles renewals, |
|---|
| | | timeouts, and conformance with the ``ISession`` API. |
|---|
| | | See https://github.com/Pylons/pyramid/pull/1142 |
|---|
| | | |
|---|
| | | |
|---|
| | | Other Backwards Incompatibilities |
|---|
| | | --------------------------------- |
|---|
| | | |
|---|
| | |
|---|
| | | Pyramid narrative documentation instead of providing renderer globals values |
|---|
| | | to the configurator. |
|---|
| | | |
|---|
| | | - The key/values in the ``_query`` parameter of |
|---|
| | | :meth:`pyramid.request.Request.route_url` and the ``query`` parameter of |
|---|
| | | :meth:`pyramid.request.Request.resource_url` (and their variants), used to |
|---|
| | | encode a value of ``None`` as the string ``'None'``, leaving the resulting |
|---|
| | | query string to be ``a=b&key=None``. The value is now dropped in this |
|---|
| | | situation, leaving a query string of ``a=b&key=``. See |
|---|
| | | https://github.com/Pylons/pyramid/issues/1119 |
|---|
| | | |
|---|
| | | Deprecations |
|---|
| | | ------------ |
|---|
| | |
|---|
| | | a deprecation warning when used. It had been docs-deprecated in 1.4 |
|---|
| | | but did not issue a deprecation warning when used. |
|---|
| | | |
|---|
| | | - :func:`pyramid.security.has_permission` is now deprecated in favor of using |
|---|
| | | :meth:`pyramid.request.Request.has_permission`. |
|---|
| | | |
|---|
| | | - The :func:`pyramid.security.authenticated_userid`, |
|---|
| | | :func:`pyramid.security.unauthenticated_userid`, and |
|---|
| | | :func:`pyramid.security.effective_principals` functions have been |
|---|
| | | deprecated. Use :attr:`pyramid.request.Request.authenticated_userid`, |
|---|
| | | :attr:`pyramid.request.Request.unauthenticated_userid` and |
|---|
| | | :attr:`pyramid.request.Request.effective_principals` instead. |
|---|
| | | |
|---|
| | | - Deprecate the ``pyramid.interfaces.ITemplateRenderer`` interface. It was |
|---|
| | | ill-defined and became unused when Mako and Chameleon template bindings were |
|---|
| | | split into their own packages. |
|---|
| | | |
|---|
| | | - The ``pyramid.session.UnencryptedCookieSessionFactoryConfig`` API has been |
|---|
| | | deprecated and is superseded by the |
|---|
| | | ``pyramid.session.SignedCookieSessionFactory``. Note that while the cookies |
|---|
| | | generated by the ``UnencryptedCookieSessionFactoryConfig`` |
|---|
| | | are compatible with cookies generated by old releases, cookies generated by |
|---|
| | | the SignedCookieSessionFactory are not. See |
|---|
| | | https://github.com/Pylons/pyramid/pull/1142 |
|---|
| | | |
|---|
| | | Documentation Enhancements |
|---|
| | | -------------------------- |
|---|
| | | |
|---|
| | | - A new documentation chapter named :ref:`quick_tour` was added. It describes |
|---|
| | | starting out with Pyramid from a high level. |
|---|
| | | |
|---|
| | | - Added a :ref:`quick_tutorial` to go with the Quick Tour |
|---|
| | | |
|---|
| | | - Many other enhancements. |
|---|
| | | |
|---|
| | | |
|---|
