Pyramid TODOs
=============

Nice-to-Have
------------

- config.set_registry_attr with conflict detection... make sure the attr is
  added before a commit, but register an action so a conflict can be detected.

- Provide the presumed renderer name to the called view as an attribute of
  the request.

- Have action methods return their discriminators.

- Modify view mapper narrative docs to not use pyramid_handlers.

- Modify the urldispatch chapter examples to assume a scan rather than
  ``add_view``.

- Introspection:

  * ``default root factory`` category (prevent folks from needing to searh
    "root factories" category)?

  * ``default view mapper`` category (prevent folks from needing to search
    "view mappers" category)?

  * get rid of "tweens" category (can't sort properly?)

- Fix deployment recipes in cookbook (discourage proxying without changing
  server).

- Try "with transaction.manager" in an exception view with SQLA (preempt
  homina homina response about how to write "to the database" from within in
  an exception view).  Note: tried this and couldn't formulate the right
  situation where the database could not be written to within an exception
  view (but didn't try exhaustively).

- Add narrative docs for wsgiapp and wsgiapp2.

- Basic WSGI documentation (pipeline / app / server).

- Change docs about creating a venusian decorator to not use ZCA (use
  configurator methods instead).

- Try to better explain the relationship between a renderer and a template in
  the templates chapter and elsewhere.  Scan the documentation for reference
  to a renderer as *only* view configuration (it's a larger concept now).

- Add better docs about what-to-do-when-behind-a-proxy: rutter ("/foo =
  app1" and "domain app1.localhost = app1"), ProxyPreserveHost and the nginx
  proxy_params, preserving HTTPS URLs.

- Debug option to print view matching decision (e.g. debug_viewlookup or so).

- Non-bwcompat use of threadlocals that need to be documented or ameliorated:

  security.principals_allowed_by_permission

  resource.OverrideProvider._get_overrides: can't credibly be removed,
  because it stores an overrideprovider as a module-scope global.

  traversal.traverse: this API is a stepchild, and needs to be changed.

  Configurator.add_translation_dirs: not passed any context but a message,
  can't credibly be removed.

- Deprecate pyramid.security.view_execution_permitted (it only works for
  traversal).

- Provide a ``has_view`` function.

- Update App engine chapter with less creaky directions.

- Idea from Zart:

  diff --git a/pyramid/paster.py b/pyramid/paster.py
  index b0e4d79..b3bd82a 100644
  --- a/pyramid/paster.py
  +++ b/pyramid/paster.py
  @@ -8,6 +8,7 @@ from paste.deploy import (
   from pyramid.compat import configparser
   from logging.config import fileConfig
   from pyramid.scripting import prepare
  +from pyramid.config import Configurator
   
   def get_app(config_uri, name=None, loadapp=loadapp):
       """ Return the WSGI application named ``name`` in the PasteDeploy
  @@ -111,3 +112,10 @@ def bootstrap(config_uri, request=None):
       env['app'] = app
       return env
   
  +def make_pyramid_app(global_conf, app=None, **settings):
  +    """Return pyramid application configured with provided settings"""
  +    config = Configurator(package='pyramid', settings=settings)
  +    if app:
  +        config.include(app)
  +    app = config.make_wsgi_app()
  +    return app
  diff --git a/setup.py b/setup.py
  index 03ebb42..91e0e21 100644
  --- a/setup.py
  +++ b/setup.py
  @@ -118,6 +118,8 @@ setup(name='pyramid',
           [paste.server_runner]
           wsgiref = pyramid.scripts.pserve:wsgiref_server_runner
           cherrypy = pyramid.scripts.pserve:cherrypy_server_runner
  +        [paster.app_factory]
  +        main = pyramid.paster:make_pyramid_app
         """
         )
 

Probably Bad Ideas
------------------

- Add functionality that mocks the behavior of ``repoze.browserid``.

- Consider implementing the API outlined in
  http://plope.com/pyramid_auth_design_api_postmortem, phasing out the
  current auth-n-auth abstractions in a backwards compatible way.

- Maybe add ``add_renderer_globals`` method to Configurator.

- Supply ``X-Vhm-Host`` support (probably better to do what paste#prefix
  middleware does).

- Have ``remember`` and ``forget`` actually set headers on the response using
  a response callback (and return the empty list)?

- http://pythonguy.wordpress.com/2011/06/22/dynamic-variables-revisited/
  instead of thread locals

- Context manager for creating a new configurator (replacing
  ``with_package``).  E.g.::

    with config.partial(package='bar') as c:
        c.add_view(...)

  or::

    with config.partial(introspection=False) as c:
        c.add_view(..)

- _fix_registry should dictify the registry being fixed.

- Apply a prefix to the userid principal to avoid poisoning the principal
  namespace. See https://github.com/Pylons/pyramid/issues/2060