Use declarative-style also for the Principal class.

kotti/__init__.py

@@ -2,6 +2,7 @@
 
 from sqlalchemy import engine_from_config
 from sqlalchemy import MetaData
+from sqlalchemy.ext.declarative import declarative_base
 from sqlalchemy.sql.expression import desc
 from sqlalchemy.orm import scoped_session
 from sqlalchemy.orm import sessionmaker
@@ -19,6 +20,8 @@
 
 metadata = MetaData()
 DBSession = scoped_session(sessionmaker(extension=ZopeTransactionExtension()))
+Base = declarative_base()
+Base.metadata = metadata
 
 def authtkt_factory(**settings):
     from kotti.security import list_groups_callback

kotti/resources.py

@@ -9,7 +9,6 @@
 from sqlalchemy.orm import object_mapper
 from sqlalchemy.orm import relation
 from sqlalchemy.util import classproperty
-from sqlalchemy.ext.declarative import declarative_base
 from sqlalchemy.ext.hybrid import hybrid_property
 from sqlalchemy.ext.orderinglist import ordering_list
 from sqlalchemy import Column
@@ -27,8 +26,9 @@
 from zope.interface import Interface
 
 from kotti import get_settings
-from kotti import DBSession
 from kotti import metadata
+from kotti import DBSession
+from kotti import Base
 from kotti.util import _
 from kotti.util import ViewLink
 from kotti.util import JsonType
@@ -38,10 +38,6 @@
 from kotti.security import view_permitted
 
 
-Base = declarative_base()
-Base.metadata = metadata
-
-
 class ContainerMixin(object, DictMixin):
     """Containers form the API of a Node that's used for subitem
     access and in traversal.

kotti/security.py

@@ -8,11 +8,9 @@
 from sqlalchemy import Boolean
 from sqlalchemy import Integer
 from sqlalchemy import DateTime
-from sqlalchemy import Table
 from sqlalchemy import Unicode
 from sqlalchemy import func
 from sqlalchemy.sql.expression import or_
-from sqlalchemy.orm import mapper
 from sqlalchemy.orm.exc import NoResultFound
 from pyramid.location import lineage
 from pyramid.security import Allow
@@ -23,7 +21,7 @@
 
 from kotti import get_settings
 from kotti import DBSession
-from kotti import metadata
+from kotti import Base
 from kotti.util import _
 from kotti.util import JsonType
 from kotti.util import request_cache
@@ -40,7 +38,7 @@ def has_permission(permission, context, request):
     with authz_context(context, request):
         return base_has_permission(permission, context, request)
 
-class Principal(object):
+class Principal(Base):
     """A minimal 'Principal' implementation.
 
     The attributes on this object correspond to what one ought to
@@ -59,6 +57,22 @@ class Principal(object):
         receiver of the email.  This attribute should be set to
         'None' once confirmation has succeeded.
     """
+    __tablename__ = 'principals'
+    __mapper_args__ = dict(
+        order_by='principals.name',
+        )
+
+    id = Column(Integer, primary_key=True)
+    name = Column(Unicode(100), unique=True)
+    password = Column(Unicode(100))
+    active = Column(Boolean)
+    confirm_token = Column(Unicode(100))
+    title = Column(Unicode(100), nullable=False)
+    email = Column(Unicode(100), unique=True)
+    groups = Column(JsonType(), nullable=False)
+    creation_date = Column(DateTime(), nullable=False)
+    last_login_date = Column(DateTime())
+
     def __init__(self, name, password=None, active=True, confirm_token=None,
                  title=u"", email=None, groups=()):
         self.name = name
@@ -464,18 +478,3 @@ def validate_password(self, clear, hashed):
 
 def principals_factory():
     return Principals()
-
-principals_table = Table('principals', metadata,
-    Column('id', Integer, primary_key=True),
-    Column('name', Unicode(100), unique=True),
-    Column('password', Unicode(100)),
-    Column('active', Boolean),
-    Column('confirm_token', Unicode(100)),
-    Column('title', Unicode(100), nullable=False),
-    Column('email', Unicode(100), unique=True),
-    Column('groups', JsonType(), nullable=False),
-    Column('creation_date', DateTime(), nullable=False),
-    Column('last_login_date', DateTime()),
-)
-
-mapper(Principal, principals_table, order_by=principals_table.c.name)