Release History

Changes in LoginManager Version 0.8.7a1

• This is an ALPHA patch release for compatability with ZPatterns 0.4.0a4. Don't use this unless you're know the consequences of using alpha software and are willing to do the stuff mentioned in the ZPatterns 0.4.0a4 CHANGES.txt file.
• Also in this release is an initial preview of new UserSource called simply UserSource. For now, you should probably ignore it. It is not ready for prime time yet, and won't work correctly without some fixes to ZPatterns that are not yet released.

Changes in LoginManager Version 0.8.6

• Generic User Source, like the GenericUserFolder product it was inspired by, gave all users the Anonymous role. This seems to be incorrect according to what other user folders do, including the standard Zope version, so GUS now no longer does this. If you're switching from GUF, beware that this is now a new incompatability.
• A stab at Zope 2.2 compatability (unsure about getUserById -- documentation on the interface is incomplete, and there is no good example to base it on, since the BasicUserFolder implementation is broken). Note that GenericUserSource is not yet updated for the new 2.2 Security API, and may not work correctly. Python-based UserSources are probably okay.
• Horrible, horrible hack to make LoginManager able to co-operate with the normal Zope authentication back-search, be able to display loginForm and forbiddenPage, AND not have a circular reference memory leak in the process!
• Simplified handling of already an acl_users condition -- _setObject() already did that for us. The previous code was redundant, and also caught other errors and misleadingly reported them as a already an acl_users when there wasn't one.

Changes in LoginManager Version 0.8.5

• Codewise, only minor updates for compatability with ZPatterns 0.3.0 (mainly changing base classes on things). Functionally, however, this is a leap forward. Thanks to the changes in ZPatterns, by adding SheetProviders and AttributeProviders on LoginManager you can now have PropertySheets on users! Currently, only ZODB storage is supported.
• There is now essentially a PersistentUserSource implemented in this release, however the functionality is not exposed currently. We hope to add a management interface in a later release to make it useable.
• NOTE: This release requires ZPatterns 0.3.0. If you are upgrading from an earlier release of LoginManager, you must follow the upgrade procedures listed in the ZPatterns 0.3.0 CHANGES.txt file. Also, remember to follow the installation instructions for ZPatterns 0.3.0 -- if you forget to build DynPersist, for example, nothing will work.

Changes in LoginManager Version 0.8.1

• This release fixes the PARENT_URL error message when trying to add a LoginManager to a folder that already had an acl_users. Now the correct error message is displayed for this case. This is the only change in this release. Hardly seems worth it, except I was getting lots of email about this bug :-) (which is a good sign... I guess lots of people are trying LoginManager!)

Changes in LoginManager Version 0.8.0

• INCOMPATIBILITY: LoginManager now uses the new ZPatterns frameworks. This greatly shortened and simplified LoginManager. See the ZPatterns documentation and code for more information. Unfortunately, existing UserSources and LoginMethods now need to be updated to work, by following the new registration protocols. See LoginManager/__init__.py for examples of the new registration procedure. Also, because of the new base classes, retrieveItem() is now the method to override in a UserSource to return a user object, and getUser is now only defined/used on the LoginManager itself.
• INCOMPATIBILITY: the information passed to forbiddenPage has changed. Now gets called with AUTHENTICATED_USER as the user who was authenticated. "user" and "roles" are no longer passed (use REQUEST.AUTHENTICATED_USER, and REQUEST.AUTHENTICATED_USER.getRoles()) but needroles still is. The default forbiddenPage has been updated to reflect this. (Note that existing forbiddenPages may now contain incorrect docs, however.) This change was implemented due to a suggestion by the folks at CodeIt.com that forbiddenPages be able to execute as the logged-in but underpriveleged user.
• INCOMPATIBILITY: We removed the space from name of the UserSource created by default, to make it easier to reference from DTML, etc. This probably only affects the PTK itself, if anything.
• At long last, hooks for SheetProviders exist, via ZPatterns frameworks
• Added compatability with Zope 2.1.6 user watermarks change.
• The persmission to add a LoginManager is now different than the permission for adding a User Folder, since the security considerations are quite different.
• Changed to only provide the Anonymous user if it is a top-level LoginManager (to work around certain Zope manage_workspace peculiarities).
• Workaround for bizarre circumstances surrounding recursive rolesForUser GUS calls that caused Zope to dump core when hitting manage_workspace, but only if that was the first thing hit.
• Minor fixes and cleanup: Remove ZeroDivisionError that was just for debugging. Still need to log or report errors in those areas somehow. Remove a pointless sort of a list that would just be randomized by a dictionary insert/extract soon after. Reorganize LoginManager validate method a bit and make some unnecessarily complicated code cleaner.
• Permissions cleanups. Much of this came for free with the ZPatterns PlugIns framework. Most things now have permissions on them, and now LoginManager's add form and method will only list/use user sources and login methods that the creator has permission to add.
• More and better documentation. (Yay!)