Changes between Version 15 and Version 16 of AuthFramework

Timestamp:

Sep 25, 2009, 7:37:47 AM (15 years ago)

Author:

cmlenz

Comment:

Moved open issues to bottom

AuthFramework

@@ -6 +6 @@
 
 The subsystem does not provide built-in processes and UI for user registration, activation, password resetting, and other high-level features.
-
-=== Open Issues ===
-
- * '''Naming''': `assert_authorized` is ugly. `ensure_authorized` would be better, but still ugly. That the function takes `(action, resource)` parameters makes it harder to choose a name that “sounds” nice.[[BR]]
-   See also: `Principal.can(action, resource)`. Not sure about that one, but at least it's short.
- * '''Authorization Decorator''': Should there be a request handler decorator form for checking authorization? What should it be called?
- * The password encryption utilities are a bit on the silly side. They should either be really useful or get nixed.
 
 == Basic Architecture ==
@@ -60 +53 @@
 The `diva.auth` module also provides a couple of convenience functions for managing encrypted passwords. These can be useful for applications implementing form-based login, but their use is of course entirely optional.
 
+== Open Issues ==
+
+ * '''Naming''': `assert_authorized` is ugly. `ensure_authorized` would be better, but still ugly. That the function takes `(action, resource)` parameters makes it harder to choose a name that “sounds” nice.[[BR]]
+   See also: `Principal.can(action, resource)`. Not sure about that one, but at least it's short.
+ * '''Authorization Decorator''': Should there be a request handler decorator form for checking authorization? What should it be called?
+ * The password encryption utilities are a bit on the silly side. They should either be really useful or get nixed.
+
 == API Documentation ==