File contents
Zope changes
This file contains change information for the current Zope release.
Change information for previous versions of Zope can be found in the
file HISTORY.txt.
Zope 2.3.0 alpha 2
Features Added
- The install machinery for source release has been modified
to allow Zope to build out of the box for Python 2.0. Note
however, that Python 2.0 is still not officially supported.
You may see quite a few warnings from the extension builder
when compiling for Python 2.
- A new module, AccessControl.Permissions has been added to
make it easier to use the new security assertion spelling.
The new module provides consistent symbolic constants for
the standard Zope permissions.
- Cache manager support added. This allows site administrators
to ease the burden on their site in a very configurable
way. It also provides an API for developers to follow when
experimenting with caching strategies.
- The ZPublisher 'method' form variable type has been
deprecated in favor of 'action'. The behavior is the
same, only the official (and documented in the Zope
book) name has changed. The 'method' name is still
supported for backward compatibility.
- The 'objectIds' and 'objectValues' methods of ObjectManager
derived objects are no longer directly Web-accessible. This
is a topic that has come up over and over on the lists. Some
(xml-rpc, mostly) users may depend on this behavior - applications
that need access to this information remotely should be modified
so that a Python Script or DTML Method can explicitly pass
the data.
- The Image.tag() and ZopeAttributionButton methods now return an
image tag that is XHTML compatible; a space and a slash have been
added.
- SQLMethods can now be edited via FTP and WebDAV tools. Thanks to
Anthony Baxter for his FTP support patches.
- The Catalog has been slightly overhauled to manage object
paths instead of URLs in its tables. This should not cause
any backward compatability concern, but everyone upgrading
should read the web pages on the zope.org site at:
http://dev.zope.org/Wikis/DevSite/Projects/ZCatalogVirtualHostFix/UpgradeFAQ
this will provide information about how to upgrade and new
features on the result sets, like getObject and
getPath. These are very important.
- SiteAccess 2.0 has been added, to enable virtual hosting.
- The StandardCacheManagers product has been added as a primary
product, making it easier to get started with caching.
- The class DTMLFile has been added alongside of HTMLFile.
It supports name bindings, ignores positional parameters,
and puts the container on top of the namespace by default.
Most HTMLFiles should work the same (or more securely) if
converted to a DTMLFile. Most management interface methods
should be converted by the final release of 2.3.
- Added a variable called PUBLISHED to REQUEST. From now on,
this variable should be used instead of PARENTS for user
validation.
- The inituser file is now read even when one user has been
created. This provides a way to reset the password after
a new user installs Zope but ignores the generated password.
- ZCatalogs have a reduced number of management interface tabs.
- ZCatalog keyword and field indexes have been modified to use
a merge strategy when existing indexes are updated. When an
existing object is indexed, the contents of field and
keyword indexes are merged with the changes detected between
the existing contents of the index and the new content.
- CatalogPathAware class added. This will eventually replace
CatalogAware.
- The ManagementInterfaceQuickFix project was merged in. The
Zope management interface has been tweaked in various ways
to improve productivity and consistency and is now at least
slightly less ugly :)
Bugs Fixed
- A misspelled function name which prevented the addition of
properties was corrected.
- Caused PropertySheets to restrict IDs the same way
ObjectManager does.
- (Collector #1586) Fixed situation where the Catalog would
attempt to loop over a bucket as if it were a list, which
won't work. This was reported by Steve Alexander with a
patch.
- Corrected local role computation (Hotfix 2000-12-15)
- The basic user folder implementation in User.py was changed
to use the Zope security policy machinery. see
http://dev.zope.org/Wikis/DevSite/Proposals/
ChangeUserFoldersToUseSecurityPolicyAPI for details.
- Trying to cut or copy with no items selected now returns a
nicer error message.
- A roles keyword argument was added to ZopeSecurityPolicy.validate
to enable callers to pass in roles as opposed to allowing the
machinery to figure it out for itself.
- Some product context initialization related to setting roles
was updated.
Zope 2.3.0 alpha 1
Features Added
- Python Scripts are now part of the Zope core. Big whopping
kudos to Evan Simpson for all of the work he has put into
this! Having Python Scripts in the core will allow people
to much more easily separate logic and presentation (and
get that logic out of DTML!) More information and prototype
documentation for Python Scripts can be found in the
dev.zope.org project:
http://dev.zope.org/Wikis/DevSite/Projects/PythonMethods
- Added the __replaceable__ property support to ObjectManager.
This is currently documented only in the Wiki.
- Added unit tests for the DateTime module.
- Added new BASEPATHn and URLPATHn variables in the REQUEST
object, and changed Zope core DTML files to use BASEPATH1
instead of SCRIPT_NAME.
- Added new getId() method to SimpleItem.Item. This should
now be used instead of referencing 'object.id' directly,
as it is guaranteed to always be a method and to always
return the right thing regardless of how the id of the
object is stored internally.
- Improved Ownership controls. Now you simply choose whether
or not to take ownership of sub-objects when taking
ownership. There is no need to control implicit/explicit
ownership.
- Changed the Zope installation procedure so it is only
necessary to create one user account and that user is
stored in the ZODB. The user created at startup now is
simply a normal intial "Manager", not the "superuser".
It is no longer necessary to login, create an initial
manager, logout and log back in! Woohoo!
- Implemented the "emergency user" concept, which is the new
name for what was called the superuser. The emergency user
doesnt even exist now until you explicitly create it.
- Added new "WebDAV source view" HTTP handler, enabled by new
'-W' (note uppercase) switch to z2.py. This handler is *not*
enabled by default.
- Implemented "hookable PUT creation" (allows containers to
override webdav.NullResource's guess at the type of object
to create when PUT is done to an unknown ID).
- Added testrunner.py to the utilities directory. The testrunner
is a basic utility for running PyUnit based unit tests. It can
be used to run all tests found in the Zope tree, all test suites
in a given directory or in specific files. The testrunner will
be used to ensure that all checked in tests pass before releases
are made. For more information, see the docstring of the actual
testrunner.py module.
- The Interface scarecrow package has been checked in - more work
will likely be done on it before it goes into wide use. See
Michel's "Zope Interfaces" project on dev.zope.org for details:
http://www.zope.org/Wikis/Interfaces/FrontPage
- PyUnit has been checked into the core. Along with the testrunner,
this provides enough infrastructure for us to incrementally begin
accumulating (and running!) test suites for various parts of the
Zope core.
- The new security assertion support has been checked in. For
more information and an updated version of the "Zope security
for developers" guide see the project on dev.zope.org:
http://dev.zope.org/Wikis/DevSite/Projects/DeclarativeSecurity
Bugs Fixed
- Removed some cruft in OFS/content_types.py (an old data
structure was being constructed but was going unused in
favor of a newer structure used in conjunction with the
mimetypes module).
- (Collector #1650)Where the underlying object does not define
its own '__cmp__()', comparisons of acquisition-wrapped
objects fall back to comparing the identities *of the
wrappers* . Fixed to unwrap the object (both, if needed)
before comparing identities.
- (Collector #1687 Products which register base classes
for ZClasses typically defer creating them until product
registration; the derived ZClass needs them to be available
immediately after import. Deprecated
'ProductContext.registerZClass' and
'ProductContext.registerBaseClass' in favor of a new function,
'ZClasses.createZClassForBase' (because none of the machinery
needed a ProductContext instance anyway).
- (Collector #1355) Fixed overlapping HTTP POST requests in
ZServer which could have been corrupted. Thanks to Jeff
Ragsdale.
- Undid a bug fix that caused the DateTime unit tests to fail.
- Removed the requirement that an "access" file exist.
"access" is now only needed to create an emergency user
account.
- Disabled the monitor port by default because, initially,
there is no emergency user, and thus no password that
can be used to protect the port.
- Secured the hole that was patched by Hotfix_2000-12-08.
- Disallowed object IDs that end with two underscores.
- Caused PropertyManager to restrict id's the same way
ObjectManager does.
Log in
Forgot your password?
