changes

buildout.cfg

@@ -2,10 +2,25 @@
 extends = http://svn.zope.org/repos/main/groktoolkit/trunk/grok.cfg
 parts =
     test
+    omelette
 develop =
     .
 versions = versions
-extensions = buildout.dumppickedversions
+extensions = 
+    buildout.dumppickedversions
+    mr.developer
+
+sources = sources
+auto-checkout =
+    grokcore.traverser
+
+[sources]
+grokcore.traverser = svn http://svn.zope.org/repos/main/grokcore.traverser/trunk
+
+
+[omelette]
+recipe = collective.recipe.omelette
+eggs = ${test:eggs}
 
 [versions]
 grokcore.rest =
@@ -15,4 +30,4 @@ recipe = zc.recipe.testrunner
 eggs =
     grokcore.rest
     grokcore.rest[test]
-defaults = ['--tests-pattern', '^f?tests$', '-v']
+defaults = ['--tests-pattern', '^f?tests$', '-v', '-c']

setup.py

@@ -48,6 +48,7 @@ def read(*rnames):
         'grokcore.component',
         'grokcore.security',
         'grokcore.view',
+        'grokcore.traverser',
         'martian',
         'zope.component',
         'zope.interface',

src/grokcore/rest/configure.zcml

@@ -12,17 +12,18 @@
       provides="zope.traversing.interfaces.ITraversable"
       name="rest"
       />
-
   <!-- this overrides Zope 3's publication factories because they have
        the same name; we also need to change the priority because of
        the ZCML discriminator -->
+<!--
   <publisher
-      name="HTTP"
-      factory=".publication.GrokHTTPFactory"
-      methods="*"
+      name="BROWSER"
+      factory=".publication.GrokBrowserFactory"
+      methods="GET POST HEAD"
       mimetypes="*"
-      priority="1"
+      priority="11"
       />
+-->
   <!-- need to grok this for some basic REST support -->
   <grok:grok package=".rest" />
 

src/grokcore/rest/ftesting.zcml

@@ -5,10 +5,22 @@
    i18n_domain="grokcore.rest"
    package="grokcore.rest">
 
+
    <include package="zope.securitypolicy" />
    <include package="zope.annotation" />
    <include package="grokcore.view" file="ftesting.zcml" />
-   <include package="grokcore.rest" />
    <include package="grokcore.view" file="publication_security.zcml" />
+   <include package="grokcore.rest" />
+
+
+  <browser:defaultView name="index.html" />
+
+<!--
+   <browser:defaultView
+       for="grokcore.content.IContext"
+       name="index"
+       />
+-->
+
    <grok:grok package=".ftests" />
 </configure>

src/grokcore/rest/ftests/rest/localgrants.py

@@ -9,9 +9,7 @@
 For this model we have registered a REST GET view that's protected
 with a permission.  Therefore we can't access it as anonymous:
 
-  >>> print http(r'''
-  ... GET /++rest++mammoth/manfred HTTP/1.1
-  ... ''')
+  >>> print http_call('GET', '/++rest++mammoth/manfred') 
   HTTP/1.0 401 Unauthorized
   Content-Length: 0
   Content-Type: text/plain
@@ -53,7 +51,7 @@
 import grokcore.component as grok
 from grokcore import view, content, rest, security
 
-class Mammoth(content.Container):
+class Mammoth(content.Model):
 
     def __init__(self, name):
         self.name = name

src/grokcore/rest/ftests/test_grok_functional.py

@@ -30,7 +30,7 @@ def http_call(method, path, data=None, **kw):
     if data is not None:
         request_string += '\r\n'
         request_string += data
-    return http(request_string, handle_errors=False)
+    return http(request_string, handle_errors=True)
 
 def suiteFromPackage(name):
     files = resource_listdir(__name__, name)

src/grokcore/rest/meta.zcml

@@ -6,7 +6,9 @@
   <!-- Load the grokkers -->
   <include package="grokcore.component" file="meta.zcml" />
   <include package="grokcore.view" file="meta.zcml" />
+  <include package="grokcore.view" file="publication_security.zcml" />
   <include package="grokcore.security" file="meta.zcml" />
+  <include package="grokcore.traverser" file="configure.zcml"/>
   <grok:grok package=".meta" />
 
 </configure>

src/grokcore/rest/publication.py

@@ -25,55 +25,47 @@
 """
 from grokcore.rest.rest import GrokMethodNotAllowed
 from grokcore.view.publication import ZopePublicationSansProxy
+from zope.security.proxy import removeSecurityProxy
+
 
 from zope import component
 from zope.security.checker import selectChecker
 from zope.publisher.publish import mapply
 from zope.publisher.interfaces.http import IHTTPException
 
+from zope.app.publication.browser import BrowserPublication
+
 from zope.app.publication.http import BaseHTTPPublication, HTTPPublication
 from zope.app.publication.requestpublicationfactories import (
-    XMLRPCFactory, HTTPFactory)
+    BrowserFactory, HTTPFactory)
+
 
 
-class GrokHTTPPublication(ZopePublicationSansProxy, HTTPPublication):
-    """Combines `HTTPPublication` with the Grok sans-proxy mixin.
+class GrokBrowserPublication(ZopePublicationSansProxy, BrowserPublication):
+    """Combines `BrowserPublication` with the Grok sans-proxy mixin.
 
-    Because `HTTPPublication` provides its own, special `callObject()`
-    implementation, this subclass does the same, providing what is
-    basically the same call (you can verify, in fact, that most of its
-    lines were copied directly from the superclass's version) but with a
-    few extra lines added so that - as with the simpler `callObject()`
-    method in `ZopePublicationSansProxy` - it quickly places a security
-    proxy around the object, makes sure that this HTTP method is
-    permitted, and finally passes the bare object to the view that will
-    render it.
+    In addition to the three methods that are overridden by the
+    `ZopePublicationSansProxy`, this class overrides a fourth: the
+    `getDefaultTraversal()` method, which strips the security proxy from
+    the object being returned by the normal method.
 
     """
-    def callObject(self, request, ob):
-        orig = ob
-        if not IHTTPException.providedBy(ob):
-            ob = component.queryMultiAdapter((ob, request),
-                                            name=request.method)
-            checker = selectChecker(ob)
-            if checker is not None:
-                checker.check(ob, '__call__')
-            ob = getattr(ob, request.method, None)
-            if ob is None:
-                raise GrokMethodNotAllowed(orig, request)
-        return mapply(ob, request.getPositionalArguments(), request)
-
-
-class GrokHTTPFactory(HTTPFactory):
-    """Returns the classes Grok uses for HTTP requests and publication.
+    def getDefaultTraversal(self, request, ob):
+        obj, path = super(GrokBrowserPublication, self).getDefaultTraversal(
+            request, ob)
+        return removeSecurityProxy(obj), path
+
+
+class GrokBrowserFactory(BrowserFactory):
+    """Returns the classes Grok uses for browser requests and publication.
 
     When an instance of this class is called, it returns a 2-element
     tuple containing:
 
-    - The request class that Grok uses for HTTP requests.
-    - The publication class that Grok uses to publish to HTTP.
+    - The request class that Grok uses for browser requests.
+    - The publication class that Grok uses to publish to a browser.
 
     """
     def __call__(self):
-        request, publication = super(GrokHTTPFactory, self).__call__()
-        return request, GrokHTTPPublication
+        request, publication = super(GrokBrowserFactory, self).__call__()
+        return request, GrokBrowserPublication