|
1 What's new in CubicWeb 3.19? |
|
2 ============================ |
|
3 |
|
4 New functionalities |
|
5 -------------------- |
|
6 |
|
7 * implement Cross Origin Resource Sharing (CORS) |
|
8 (see `#2491768 <http://www.cubicweb.org/2491768>`_) |
|
9 |
|
10 * system_source.create_eid can get a range of IDs, to reduce overhead of batch |
|
11 entity creation |
|
12 |
|
13 Behaviour Changes |
|
14 ----------------- |
|
15 |
|
16 * The anonymous property of Session and Connection are now computed from the |
|
17 related user login. If it matches the ``anonymous-user`` in the config the |
|
18 connection is anonymous. Beware that the ``anonymous-user`` config is web |
|
19 specific. Therefore, no session may be anonymous in a repository only setup. |
|
20 |
|
21 |
|
22 New Repository Access API |
|
23 ------------------------- |
|
24 |
|
25 Connection replaces Session |
|
26 ~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
27 |
|
28 A new explicit Connection object replaces Session as the main repository entry |
|
29 point. Connection holds all the necessary methods to be used server-side |
|
30 (``execute``, ``commit``, ``rollback``, ``call_service``, ``entity_from_eid``, |
|
31 etc...). One obtains a new Connection object using ``session.new_cnx()``. |
|
32 Connection objects need to have an explicit begin and end. Use them as a context |
|
33 manager to never miss an end:: |
|
34 |
|
35 with session.new_cnx() as cnx: |
|
36 cnx.execute('INSERT Elephant E, E name "Babar"') |
|
37 cnx.commit() |
|
38 cnx.execute('INSERT Elephant E, E name "Celeste"') |
|
39 cnx.commit() |
|
40 # Once you get out of the "with" clause, the connection is closed. |
|
41 |
|
42 Using the same Connection object in multiple threads will give you access to the |
|
43 same Transaction. However, Connection objects are not thread safe (hence at your |
|
44 own risks). |
|
45 |
|
46 ``repository.internal_session`` is deprecated in favor of |
|
47 ``repository.internal_cnx``. Note that internal connections are now `safe` by default, |
|
48 i.e. the integrity hooks are enabled. |
|
49 |
|
50 Backward compatibility is preserved on Session. |
|
51 |
|
52 |
|
53 dbapi vs repoapi |
|
54 ~~~~~~~~~~~~~~~~ |
|
55 |
|
56 A new API has been introduced to replace the dbapi. It is called `repoapi`. |
|
57 |
|
58 There are three relevant functions for now: |
|
59 |
|
60 * ``repoapi.get_repository`` returns a Repository object either from an |
|
61 URI when used as ``repoapi.get_repository(uri)`` or from a config |
|
62 when used as ``repoapi.get_repository(config=config)``. |
|
63 |
|
64 * ``repoapi.connect(repo, login, **credentials)`` returns a ClientConnection |
|
65 associated with the user identified by the credentials. The |
|
66 ClientConnection is associated with its own Session that is closed |
|
67 when the ClientConnection is closed. A ClientConnection is a |
|
68 Connection-like object to be used client side. |
|
69 |
|
70 * ``repoapi.anonymous_cnx(repo)`` returns a ClientConnection associated |
|
71 with the anonymous user if described in the config. |
|
72 |
|
73 |
|
74 repoapi.ClientConnection replace dbapi.Connection and company |
|
75 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
|
76 |
|
77 On the client/web side, the Request is now using a ``repoapi.ClientConnection`` |
|
78 instead of a ``dbapi.connection``. The ``ClientConnection`` has multiple backward |
|
79 compatible methods to make it look like a ``dbapi.Cursor`` and ``dbapi.Connection``. |
|
80 |
|
81 Session used on the Web side are now the same than the one used Server side. |
|
82 Some backward compatibility methods have been installed on the server side Session |
|
83 to ease the transition. |
|
84 |
|
85 The authentication stack has been altered to use the ``repoapi`` instead of |
|
86 the ``dbapi``. Cubes adding new element to this stack are likely to break. |
|
87 |
|
88 Session data can be accessed using the cnx.data dictionary, while |
|
89 transaction data is available through cnx.transaction_data. These |
|
90 replace the [gs]et_shared_data methods with optional txid kwarg. |
|
91 |
|
92 New API in tests |
|
93 ~~~~~~~~~~~~~~~~ |
|
94 |
|
95 All current methods and attributes used to access the repo on ``CubicWebTC`` are |
|
96 deprecated. You may now use a ``RepoAccess`` object. A ``RepoAccess`` object is |
|
97 linked to a new ``Session`` for a specified user. It is able to create |
|
98 ``Connection``, ``ClientConnection`` and web side requests linked to this |
|
99 session:: |
|
100 |
|
101 access = self.new_access('babar') # create a new RepoAccess for user babar |
|
102 with access.repo_cnx() as cnx: |
|
103 # some work with server side cnx |
|
104 cnx.execute(...) |
|
105 cnx.commit() |
|
106 cnx.execute(...) |
|
107 cnx.commit() |
|
108 |
|
109 with access.client_cnx() as cnx: |
|
110 # some work with client side cnx |
|
111 cnx.execute(...) |
|
112 cnx.commit() |
|
113 |
|
114 with access.web_request(elephant='babar') as req: |
|
115 # some work with client side cnx |
|
116 elephant_name = req.form['elephant'] |
|
117 req.execute(...) |
|
118 req.cnx.commit() |
|
119 |
|
120 By default ``testcase.admin_access`` contains a ``RepoAccess`` object for the |
|
121 default admin session. |
|
122 |
|
123 |
|
124 API changes |
|
125 ----------- |
|
126 |
|
127 * ``RepositorySessionManager.postlogin`` is now called with two arguments, |
|
128 request and session. And this now happens before the session is linked to the |
|
129 request. |
|
130 |
|
131 * ``SessionManager`` and ``AuthenticationManager`` now take a repo object at |
|
132 initialization time instead of a vreg. |
|
133 |
|
134 * The ``async`` argument of ``_cw.call_service`` has been dropped. All calls are |
|
135 now synchronous. The zmq notification bus looks like a good replacement for |
|
136 most async use cases. |
|
137 |
|
138 * ``repo.stats()`` is now deprecated. The same information is available through |
|
139 a service (``_cw.call_service('repo_stats')``). |
|
140 |
|
141 * ``repo.gc_stats()`` is now deprecated. The same information is available through |
|
142 a service (``_cw.call_service('repo_gc_stats')``). |
|
143 |
|
144 * ``repo.register_user()`` is now deprecated. The functionality is now |
|
145 available through a service (``_cw.call_service('register_user')``). |
|
146 |
|
147 * ``request.set_session`` no longer takes an optional ``user`` argument. |
|
148 |
|
149 * CubicwebTC does not have repo and cnx as class attributes anymore. They are |
|
150 standard instance attributes. ``set_cnx`` and ``_init_repo`` class methods |
|
151 become instance methods. |
|
152 |
|
153 * ``set_cnxset`` and ``free_cnxset`` are deprecated. cnxset are now |
|
154 automatically managed. |
|
155 |
|
156 * The implementation of cascading deletion when deleting `composite` |
|
157 entities has changed. There comes a semantic change: merely deleting |
|
158 a composite relation does not entail any more the deletion of the |
|
159 component side of the relation. |
|
160 |
|
161 * ``_cw.user_callback`` and ``_cw.user_rql_callback`` are deprecated. Users |
|
162 are encouraged to write an actual controller (e.g. using ``ajaxfunc``) |
|
163 instead of storing a closure in the session data. |
|
164 |
|
165 * A new ``entity.cw_linkable_rql`` method provides the rql to fetch all entities |
|
166 that are already or may be related to the current entity using the given |
|
167 relation. |
|
168 |
|
169 |
|
170 Deprecated Code Drops |
|
171 ---------------------- |
|
172 |
|
173 * session.hijack_user mechanism has been dropped. |
|
174 |
|
175 * EtypeRestrictionComponent has been removed, its functionality has been |
|
176 replaced by facets a while ago. |
|
177 |
|
178 * the old multi-source support has been removed. Only copy-based sources |
|
179 remain, such as datafeed or ldapfeed. |
|
180 |