[test] Rename BaseQuerierTC._access to BaseQuerierTC.admin_access so it's consistent with CubicWebTC and avoid access to a protected attribute which has been exposed by the removal of the 'session' property a few csets earlier.

[repo] Fix flake8 error

[pyramid] Add a "pyramid" instance configuration type In a new module 'cubicweb.pyramid.config' we define a "pyramid" instance configuration type. The noticeable feature of this configuration is that it manages a 'development.ini' file that gets installed in application home (along with `.conf` file). This file is templated and includes generated values for secrets of session and authtk tokens. This means that we can just call: pserve etc/cubicweb.d/<appname>/development.ini or gunicorn --paste etc/cubicweb.d/<appname>/development.ini -b :8080 just after instance creation to get a pyramid instance running without having to hack around a 'pyramid.ini' file. This patch drops 'development.ini' from skeleton and moves it in cubicweb/pyramid so that it gets installed at instance creation which is more appropriate than in cube creation. The new configuration class sets "cubicweb.bwcompat" setting to false so it is not intended to replace the "all-in-one" configuration type (which would require a bit more work). This configuration is close to the the 'repository' configuration type with just a couple of options from WebConfiguration that are needed for Pyramid (anonymous user/password plus some miscellaneous options that I'm not so sure are really needed). Note, in particular, that we do not pull CORS settings to be injected as a WSGI middleware like in wsgi_application_from_cwconfig() since I believe this should be left as an end-user responsibility and since this can be defined in a standard way in paste configuration. This configuration inherits from ServerConfiguration but registers the same appobjects as WebConfiguration. In cubicweb.web.request._CubicWebRequestBase, we guard against access to "uiprops" and "datadir_url" of the config because this new "pyramid" config does not have these (this does not make sense without bwcompat mode). At some point, we should either avoid using `cw_request`'s pyramid request attribute or make cubicweb's web request really independant of existing implementation and drop these assumptions.

[pyramid] Call repository's shutdown method atexit This way when run through a WSGI server (pserve, gunicorn, etc.) we make sure that the repository is properly shut down. In particular, this would wait for threads to terminate (otherwise, they'll be killed).

[querier] Turn repo.querier_cache_key into a private function of the querier module, only place where it's used.

[cleanup] Fix flake8 errors in web/application.py and associated test

[test] Simplify CWTC's init_authentication and assertAuthSuccess which shouldn't rely on removed .session attribute while it's not necessary and could be written in a simpler way.

[cleanup] Drop non sense sentence in docstring

[repo] Drop Session at last This is not used at all anymore.

Fix flake8 some errors

[test] Use existing reference to repo_source

[repo] Drop repo.new_session method we should not go through Session to create Connection anymore. This is unofficial API, no backward compat for now.

Stop using Session on the repository side Only expect session on web request, and let the web session/authentication managers provide them. Access to cnx.data, which used to return session data, is deprecated: there is no more access to session data from the repository side, and they should be access from req.session.data from the web side.

[test] Drop unnecessary call to new_session This is not unittest, the above call is enough.

[user] Drop ugly hack on CWUser entity class which should be not necessary anymore, beside two remaining usage in our own test suite.

[test] Use user_session_cache_key function to generate cache key.

[session+test] Stop storing / accessing session when it's not necessary

[devtools] Stop relying on Session to create connection in RepoAccess

[devtools] Stop using repo.new_session

[session] Kill support for a 'session_open' hook event To be consistent with dropping of the 'session_close' event, and also because this is already not called when using pyramid.

[devtools] Rename FakeSession into FakeConnection because it is what it is.

[cleanup] Drop references to the old internal_session method dropped a while ago, no need to talk about it in a docstring nor to fake it.

[session] Drop unused class

[cleanup] Drop no more used parse_repo_uri function

[server] Fix flake8 error of test/data/hooks.py

[repo] Drop repo.connect backward compat use new_session instead (introduced in 3.19 iirc)

[session] Drop no more necessary Session.sessionid and Connection.connectionid

[repo] Kill repo._sessions and with it the need to have a looping task to clean it up, and with that all the session's timestamping machinery.

[repo] Stop closing session The only point in "closing" session is to call the `session_close` event. Since I'm not aware of any application relying on it, I think this is too costly (in term of code) to maintain and propose to drop it.

[views] Stop giving stats / debug information relying on _sessions This is already broken when using pyramid anyway.

[session] Stop relying on _sessions to synchronize living session by doing what we currently do in pyramid. Also, attempt to synchronize CWUser's class sounds like a dark corner case handling that should be removed in favor of short lived user objects (beside it shouldn't occur except during migration).

[test] Drop useless access to repo._sessions test still succeed afterwards.