doc/3.19.rst
author Julien Cristau <julien.cristau@logilab.fr>
Mon, 17 Feb 2014 14:10:53 +0100
changeset 9552 1358f8ef1b5b
parent 9548 be001628edad
child 9568 e8b9a3d23ad9
permissions -rw-r--r--
[web/basecomponents] remove EtypeRestrictionComponent Closes #3119951

What's new in CubicWeb 3.19?
============================

Behaviour Changes
-----------------

* The anonymous property of Session and Connection are now computed from the
  related user login. If it matches the ``anonymous-user`` in the config the
  connection is anonymous. Beware that the ``anonymous-user`` config is web
  specific. Therefore, no session may be anonymous in a repository only setup.


New Repository Access API
-------------------------

Connection replaces Session
~~~~~~~~~~~~~~~~~~~~~~~~~~~

A new explicit Connection object replaces Session as the main repository entry
point. Connection holds all the necessary methods to be used server-side
(``execute``, ``commit``, ``rollback``, ``call_service``, ``entity_from_eid``,
etc...). One obtains a new Connection object using ``session.new_cnx()``.
Connection objects need to have an explicit begin and end. Use them as a context
manager to never miss an end::

    with session.new_cnx() as cnx:
        self.execute('INSERT Elephant E, E name "Cabar"')
        self.commit()
        self.execute('INSERT Elephant E, E name "Celeste"')
        self.commit()
    # Once you get out of the "with" clause, the connection is closed.

Using the same Connection object in multiple threads will give you access to the
same Transaction. However, Connection objects are not thread safe (hence at your
own risks).

``repository.internal_session`` is deprecated in favor of
``repository.internal_cnx``. Note that internal connections are now `safe` by default,
i.e. the integrity hooks are enabled.

Backward compatibility is preserved on Session.


dbapi vs repoapi
~~~~~~~~~~~~~~~~

A new API has been introduced to replace the dbapi. It is called `repoapi`.

There are three relevant functions for now:

* ``repoapi.get_repository`` returns a Repository object either from an
  URI when used as ``repoapi.get_repository(uri)`` or from a config
  when used as ``repoapi.get_repository(config=config)``.

* ``repoapi.connect(repo, login, **credentials)`` returns a ClientConnection
  associated with the user identified by the credentials. The
  ClientConnection is associated with its own Session that is closed
  when the ClientConnection is closed. A ClientConnection is a
  Connection-like object to be used client side.

* ``repoapi.anonymous_cnx(repo)`` returns a ClientConnection associated
  with the anonymous user if described in the config.


repoapi.ClientConnection replace dbapi.Connection and company
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

On the client/web side, the Request is now using a ``repoapi.ClientConnection``
instead of a ``dbapi.connection``. The ``ClientConnection`` has multiple backward
compatible methods to make it look like a ``dbapi.Cursor`` and ``dbapi.Connection``.

Session used on the Web side are now the same than the one used Server side.
Some backward compatibility methods have been installed on the server side Session
to ease the transition.

The authentication stack has been altered to use the ``repoapi`` instead of
the ``dbapi``. Cubes adding new element to this stack are likely to break.


New API in tests
~~~~~~~~~~~~~~~~

All current methods and attributes used to access the repo on ``CubicWebTC`` are
deprecated. You may now use a ``RepoAccess`` object. A ``RepoAccess`` object is
linked to a new ``Session`` for a specified user. It is able to create
``Connection``, ``ClientConnection`` and web side requests linked to this
session::

    access = self.new_access('babar') # create a new RepoAccess for user babar
    with access.repo_cnx() as cnx:
        # some work with server side cnx
        cnx.execute(...)
        cnx.commit()
        cnx.execute(...)
        cnx.commit()

    with access.client_cnx() as cnx:
        # some work with client side cnx
        cnx.execute(...)
        cnx.commit()

    with access.web_request(elephant='babar') as req:
        # some work with client side cnx
        elephant_name = req.form['elephant']
        req.execute(...)
        req.cnx.commit()

By default ``testcase.admin_access`` contains a ``RepoAccess`` object for the
default admin session.


API changes
-----------

* ``RepositorySessionManager.postlogin`` is now called with two arguments,
  request and session. And this now happens before the session is linked to the
  request.

* ``SessionManager`` and ``AuthenticationManager`` now take a repo object at
  initialization time instead of a vreg.

* The ``async`` argument of ``_cw.call_service`` has been dropped. All calls are
  now  synchronous. The zmq notification bus looks like a good replacement for
  most async use cases.

* ``repo.stats()`` is now deprecated. The same information is available through
  a service (``_cw.call_service('repo_stats')``).

* ``repo.gc_stats()`` is now deprecated. The same information is available through
  a service (``_cw.call_service('repo_gc_stats')``).

* ``request.set_session`` no longer takes an optional ``user`` argument.

* CubicwebTC does not have repo and cnx as class attributes anymore. They are
  standard instance attributes. ``set_cnx`` and ``_init_repo`` class methods
  become instance methods.

* ``set_cnxset`` and ``free_cnxset`` are deprecated. cnxset are now
  automatically managed.

* The implementation of cascading deletion when deleting `composite`
  entities has changed. There comes a semantic change: merely deleting
  a composite relation does not entail any more the deletion of the
  component side of the relation.


Deprecated Code Drops
----------------------

* session.hijack_user mechanism has been dropped.

* EtypeRestrictionComponent has been removed, its functionality has been
  replaced by facets a while ago.