close Warning: Can't synchronize with repository "(default)" (Unsupported version control system "svn": No module named svn). Look in the Trac log for more information.

Changes between Version 15 and Version 16 of AuthFramework


Ignore:
Timestamp:
Sep 25, 2009, 7:37:47 AM (8 years ago)
Author:
cmlenz
Comment:

Moved open issues to bottom

Legend:

Unmodified
Added
Removed
Modified
  • AuthFramework

    v15 v16  
    66
    77The subsystem does not provide built-in processes and UI for user registration, activation, password resetting, and other high-level features.
    8 
    9 === Open Issues ===
    10 
    11  * '''Naming''': `assert_authorized` is ugly. `ensure_authorized` would be better, but still ugly. That the function takes `(action, resource)` parameters makes it harder to choose a name that “sounds” nice.[[BR]]
    12    See also: `Principal.can(action, resource)`. Not sure about that one, but at least it's short.
    13  * '''Authorization Decorator''': Should there be a request handler decorator form for checking authorization? What should it be called?
    14  * The password encryption utilities are a bit on the silly side. They should either be really useful or get nixed.
    158
    169== Basic Architecture ==
     
    6053The `diva.auth` module also provides a couple of convenience functions for managing encrypted passwords. These can be useful for applications implementing form-based login, but their use is of course entirely optional.
    6154
     55== Open Issues ==
     56
     57 * '''Naming''': `assert_authorized` is ugly. `ensure_authorized` would be better, but still ugly. That the function takes `(action, resource)` parameters makes it harder to choose a name that “sounds” nice.[[BR]]
     58   See also: `Principal.can(action, resource)`. Not sure about that one, but at least it's short.
     59 * '''Authorization Decorator''': Should there be a request handler decorator form for checking authorization? What should it be called?
     60 * The password encryption utilities are a bit on the silly side. They should either be really useful or get nixed.
     61
    6262== API Documentation ==
    6363