Fix domain matching (regexps were not being imported - bug introduced in 1-2-0)
Users are no longer automatically granted the Anonymous role. If you are relying on this, you will need to modify your userRoles hook to also return the Anonymous role (Thanks pje and ty)
Fix memory leak during login (Thanks pje) introduced in the 1-2-0 release. Code stolen from LoginManager to fix this.
Implemented user_names and domainSpecValidate methods now. For the 1.2.0 release, I stopped inheriting from BasicUserFolder to avoid multiple inheritance wierdness but missed adding these methods back in.
Also the manage_afterAdd and manage_beforeDelete methods. The lack of the manage_* methods broke GUF instances created with version 1-2-0.
Stop cookie cache bloat when accessing Zope via FTP or other non-cookie protocols.
Ensuring user object acquisition context is always set correctly.
Can Login and Logout) check before
finally authenticating user (permission wasn't doing much without
this check). Users will be unable to login unless a role they belong
to has been granted this permission over the GUF.
Don't assume that the hooks are Persistent Zope objects - they may be standard class methods if the GenericUserFolder product has been sub classed.
Woohoo - if I replace response.unauthorized with a function, I can let Zope check higher acl_users folders for me but still have the login screen displayed in cookie mode. Tore out large amounts of now obsolete code (and good riddance)
Ensure superuser always returned if username == superuser's username (rather than just if we are the top level acl_users folder). This is to ensure that you don't lock out your Zope tree by creating a GUF user with the same username as superuser with low permissions.
Learned how lambda functions work and tidied some code :-)