Merged trunk to branch. I still ahve 4 ftests failing, but I suspect, it

will be fixed once I merge the changes of the last three days (hopefully).

browser/auth.py

@@ -15,11 +15,12 @@
 
 $Id$
 """
+import urllib
 from zope.interface import implements
 from zope.i18n import translate
 from zope.app.publisher.interfaces.http import ILogin, ILogout
 from zope.app.security.interfaces import IAuthentication
-from zope.app.security.principalregistry import UnauthenticatedPrincipal
+from zope.app.security.interfaces import IUnauthenticatedPrincipal
 from zope.app.pagetemplate import ViewPageTemplateFile
 from zope.proxy import removeAllProxies
 from zope.app.i18n import ZopeMessageIDFactory as _
@@ -35,7 +36,12 @@ def __init__(self, context, request):
         self.request = request
 
     def render(self, name):
+        sourcename = 'principals.zcml'
         html = []
+
+        # add sub title for source search field
+        html.append('<h4 i18n:translate="">%s</h4>' % sourcename)
+        # start row for search fields
         html.append('<div class="row">')
         html.append('<div class="label">')
         html.append('Search String')
@@ -45,9 +51,16 @@ def render(self, name):
         html.append('</div>')
         html.append('</div>')
 
-        html.append('<br /><input type="submit" name="%s" value="%s" />'
+        # add search button for search fields
+        html.append('<div class="row">')
+        html.append('<div class="field">')
+        html.append('<input type="submit" name="%s" value="%s" />'
                     % (name+'.search',
                        translate(search_label, context=self.request)))
+        html.append('</div>')
+
+        # end row
+        html.append('</div>')
 
         return '\n'.join(html)
 
@@ -64,8 +77,7 @@ class HTTPAuthenticationLogin(object):
 
     def login(self, nextURL=None):
         """See zope.app.security.interfaces.ILogin"""
-        if isinstance(removeAllProxies(self.request.principal), \
-                      UnauthenticatedPrincipal):
+        if IUnauthenticatedPrincipal.providedBy(self.request.principal):
             self.request.unauthorized("basic realm='Zope'")
             return self.failed()
         else:
@@ -91,7 +103,7 @@ def __init__(self, context, request):
 
     def logout(self, nextURL=None):
         """See zope.app.security.interfaces.ILogout"""
-        if not isinstance(self.request.principal, UnauthenticatedPrincipal):
+        if not IUnauthenticatedPrincipal.providedBy(self.request.principal):
             self.request.unauthorized("basic realm='Zope'")
             if nextURL:
                 return self.redirect()
@@ -106,3 +118,18 @@ def logout(self, nextURL=None):
     redirect = ViewPageTemplateFile('redirect.pt')
 
 
+class LoginLogout:
+
+    def __init__(self, context, request):
+        self.context = context
+        self.request = request
+
+    def __call__(self):
+        if IUnauthenticatedPrincipal.providedBy(self.request.principal):
+            page = '@@login.html'
+            label = _('[Login]')
+        else:
+            page = '@@logout.html'
+            label = _('[Logout]')
+        return '<a href="%s?nextURL=%s">%s</a>' % (
+            page, urllib.quote(self.request.getURL()), label)

browser/authutilitysearchview.txt

@@ -28,6 +28,7 @@ Now that we have our queriable, we create the view for it:
 This allows us to render a search form.
 
   >>> print view.render('test') # doctest: +NORMALIZE_WHITESPACE
+  <h4 i18n:translate="">principals.zcml</h4>
   <div class="row">
   <div class="label">
   Search String
@@ -36,7 +37,11 @@ This allows us to render a search form.
   <input type="text" name="test.searchstring" />
   </div>
   </div>
-  <br /><input type="submit" name="test.search" value="Search" />
+  <div class="row">
+  <div class="field">
+  <input type="submit" name="test.search" value="Search" />
+  </div>
+  </div>
 
 If we ask for results:
 

browser/configure.zcml

@@ -7,14 +7,14 @@
       for="zope.app.security.interfaces.IAuthentication
            zope.publisher.interfaces.browser.IBrowserRequest"
       provides="zope.app.form.browser.interfaces.ISourceQueryView"
-      factory="zope.app.security.browser.auth.AuthUtilitySearchView" 
+      factory="zope.app.security.browser.auth.AuthUtilitySearchView"
       />
 
   <adapter
       for="zope.app.security.interfaces.IPrincipalSource
            zope.publisher.interfaces.browser.IBrowserRequest"
       provides="zope.app.form.browser.interfaces.ITerms"
-      factory="zope.app.security.browser.principalterms.PrincipalTerms" 
+      factory="zope.app.security.browser.principalterms.PrincipalTerms"
       />
 
   <browser:tool
@@ -42,6 +42,13 @@
       allowed_interface="zope.app.publisher.interfaces.http.ILogout"
       />
 
+  <browser:page
+      name="login_logout"
+      for="*"
+      class=".auth.LoginLogout"
+      permission="zope.Public"
+      />
+
   <browser:tool
       interface="..interfaces.IPermission"
       title="Permission"

browser/loginlogout.txt

@@ -0,0 +1,46 @@
+====================
+Login/Logout Snippet
+====================
+
+The class LoginLogout:
+
+  >>> from zope.app.security.browser.auth import LoginLogout
+
+is used as a view to generate an HTML snippet suitable for logging in or
+logging out based on whether or not the current principal is authenticated.
+
+When the current principal is unauthenticated, it provides
+IUnauthenticatedPrincipal:
+
+  >>> from zope.app.security.interfaces import IUnauthenticatedPrincipal
+  >>> from zope.app.security.principalregistry import UnauthenticatedPrincipal
+  >>> anonymous = UnauthenticatedPrincipal('anon', '', '')
+  >>> IUnauthenticatedPrincipal.providedBy(anonymous)
+  True
+
+When LoginLogout is used for a request that has an unauthenticated principal,
+it provides the user with a link to 'Login':
+
+  >>> from zope.publisher.browser import TestRequest
+  >>> request = TestRequest()
+  >>> request.setPrincipal(anonymous)
+  >>> LoginLogout(None, request)()
+  u'<a href="@@login.html?nextURL=http%3A//127.0.0.1">[Login]</a>'
+
+When LoginLogout is used for a request that has an authenticated principal:
+
+  >>> from zope.security.interfaces import IPrincipal
+  >>> from zope.interface import implements
+  >>> class Bob:
+  ...     implements(IPrincipal)
+  ...     id = 'bob'
+  ...     title = description = ''
+  >>> bob = Bob()
+  >>> IUnauthenticatedPrincipal.providedBy(bob)
+  False
+  >>> request.setPrincipal(bob)
+
+it provides the user with a link to 'Logout':
+
+  >>> LoginLogout(None, request)()
+  u'<a href="@@logout.html?nextURL=http%3A//127.0.0.1">[Logout]</a>'

browser/tests.py

@@ -28,6 +28,9 @@ def test_suite():
         doctest.DocFileSuite('principalterms.txt',
                              setUp=placelesssetup.setUp,
                              tearDown=placelesssetup.tearDown),
+        doctest.DocFileSuite('loginlogout.txt',
+                             setUp=placelesssetup.setUp,
+                             tearDown=placelesssetup.tearDown),
         ))
 
 if __name__ == '__main__':

configure.zcml

@@ -10,7 +10,7 @@
                    Public resources are always accessible."
       />
 
-  <vocabulary 
+  <vocabulary
       name="Permissions"
       factory="zope.app.component.vocabulary.UtilityVocabulary"
       interface="zope.security.interfaces.IPermission" />
@@ -23,15 +23,15 @@
   <include file="_protections.zcml" />
 
   <utility
-      provides=".interfaces.IAuthentication" 
+      provides=".interfaces.IAuthentication"
       component=".principalregistry.principalRegistry" />
 
   <localUtility class=".permission.LocalPermission">
     <factory
         id="zope.app.security.Permission"
         />
-    <allow 
-        interface=".interfaces.IPermission" 
+    <allow
+        interface=".interfaces.IPermission"
         />
     <require
         permission="zope.Security"
@@ -40,13 +40,15 @@
   </localUtility>
 
   <subscriber
-     for="..component.interfaces.registration.IRegistrationActivatedEvent"
-     factory=".permission.setIdOnActivation"
+     for="zope.security.interfaces.IPermission
+          ..component.interfaces.registration.IRegistrationActivatedEvent"
+     handler=".permission.setIdOnActivation"
      />
 
   <subscriber
-     for="..component.interfaces.registration.IRegistrationDeactivatedEvent"
-     factory=".permission.unsetIdOnDeactivation"
+     for="zope.security.interfaces.IPermission
+          ..component.interfaces.registration.IRegistrationDeactivatedEvent"
+     handler=".permission.unsetIdOnDeactivation"
      />
 
   <content class=".permission.Permission">
@@ -80,9 +82,9 @@
       title="[manage-content-permission] Manage Content"
       />
 
-  <permission 
-      id="zope.ManageBindings" 
-      title="[manage-service-bindings-permission] Manage Service Bindings" 
+  <permission
+      id="zope.ManageBindings"
+      title="[manage-service-bindings-permission] Manage Service Bindings"
       />
 
   <permission
@@ -91,9 +93,9 @@
       description="Manage executable code, including Python, SQL, ZPT, etc."
       />
 
-  <permission 
-      id="zope.ManageServices" 
-      title="[manage-services-permission] Manage Services" 
+  <permission
+      id="zope.ManageServices"
+      title="[manage-services-permission] Manage Services"
       />
 
   <permission 
@@ -116,7 +118,7 @@
   <adapter
       factory=".basicauthadapter.BasicAuthAdapter"
       provides=".interfaces.ILoginPassword"
-      for="zope.publisher.interfaces.http.IHTTPCredentials" 
+      for="zope.publisher.interfaces.http.IHTTPCredentials"
       />
 
   <adapter