Change Log
==========

1.7.0b1 (2009-11-16)
--------------------

- This release requires for Zope2 >= 2.12.

- Simplified buildout to just what is needed to run tests.

- Don't fail on users defined in multiple user sources on the
  ZODBGroupManager listing page.

- Fixed deprecation warnings for use of ``Globals under Zope 2.12.

- Fixed deprecation warnings for the ``md5`` and ``sha`` modules under
  Python >= 2.6.


1.6.2 (2009-11-16)
------------------

- Launchpad #420319:  Fix misconfigured ``startswith`` match type filter
  in ``Products.PluggableAuthService.plugins.DomainAuthHelper``.

- Fixed test setup for tests using page templates relying on the
  ``DefaultTraversable`` adapter.

- Fixed broken markup in templates.


1.6.1 (2008-11-20)
------------------

- Launchpad #273680:  Avoid expensive / incorrect dive into ``enumerateUsers``
  when trying to validate w/o either a real ID or login.

- Launchpad #300321: 
  ``Products.PluggableAuthService.pluginsZODBGroupManager.enumerateGroups``
  failed to find groups with unicode IDs.


1.6 (2008-08-05)
----------------

- Fixed another deprecation for ``manage_afterAdd`` occurring when used
  together with Five (this time for the ``ZODBRoleManager`` class).

- Ensure the ``_findUser`` cache is invalidated if the roles or groups for
  a principal change.

- Launchpad #15569586:  docstring fix.

- Factored out ``filter`` logic into separate classes;  added filters
  for ``startswith`` test and (if the IPy module is present) IP-range
  tests.  See https://bugs.launchpad.net/zope-pas/+bug/173580 .

- Zope 2.12 compatibility - removed ``Interface.Implements`` import if
  ``zope.interface`` available.

- Ensure ``ZODBRoleManagerExportImport`` doesn't fail if it tries to add a
  role that already exists (idempotence is desirable in GS importers)

- Fixed tests so they run with Zope 2.11.

- Split up large permission tests into individual tests.

- Fixed deprecation warning occurring when used together with
  Five. (``manage_afterAdd`` got undeprecated.)

- Added buildout.


1.5.3 (2008-02-06)
------------------

- ZODBUserManager plugin: allow unicode arguments to
  ``enumerateUsers``. (https://bugs.launchpad.net/zope-pas/+bug/189627)

- plugins/ZODBRoleManager: added logging in case searchPrincipial()
  returning more than one result (which might happen in case of having
  duplicate id within difference user sources)


1.5.2 (2007-11-28)
------------------

- DomainAuthHelper plugin:  fix glitch for plugins which have never
  configured any "default" policy:  ``authenticateCredentials`` and
  ``getRolesForPrincipal`` would raise ValueError.
  (http://www.zope.org/Collectors/PAS/59)


1.5.1 (2007-09-11)
------------------

- PluggableAuthService._verifyUser: changed to use exact_match to the 
  enumerator, otherwise a user with login ``foobar`` might get returned 
  by _verifyUser for a query for ``login='foo'`` because the enumerator 
  happened to return 'foobar' first in the results.

- Add a test for manage_zmi_logout and replace a call to isImplementedBy
  with providedBy.
  (http://www.zope.org/Collectors/PAS/58)


1.5 (2006-06-17)
----------------

- Add support for property plugins returning an IPropertySheet
  to PropertiedUser. Added addPropertysheet to the IPropertiedUser.

- Added a method to the IRoleAssignerPlugin to remove roles from a
  principal, and an implementation for it on the ZODBRoleManager.
  (http://www.zope.org/Collectors/PAS/57)

- Added events infrastructure. Enabled new IPrincipalCreatedEvent and
  ICredentialsUpdatedEvent events.

- Added support for registering plugin types via ZCML.

- Implemented authentication caching in _extractUserIds.

- Ported standard user folder tests from the AccessControl test suite.

- Passwords with ":" characters would break authentication
  (http://www.zope.org/Collectors/PAS/51)

- Corrected documented software dependencies

- Converted to publishable security sensitive methods to only accept
  POST requests to prevent XSS attacks.  See
  http://www.zope.org/Products/Zope/Hotfix-2007-03-20/announcement and
  http://dev.plone.org/plone/ticket/6310

- Fixed issue in the user search filter where unrecognized keyword
  arguments were ignored resulting in duplicate search entries.
  (http://dev.plone.org/plone/ticket/6300)

- Made sure the Extensions.upgrade script does not commit full
  transactions but only sets (optimistic) savepoints. Removed bogus
  Zope 2.7 compatibility in the process.
  (http://www.zope.org/Collectors/PAS/55)

- Made the CookieAuthHelper only use the ``__ac_name`` field if
  ``__ac_password`` is also present. This fixes a login problem for
  CMF sites where the login name was remembered between sessions with
  an ``__ac_name`` cookie.

- Made the DomainAuthHelper return the remote address, even it the
  remote host is not available (http://www.zope.org/Collectors/PAS/49).

- Fixed bug in DelegatingMultiPlugin which attempted to validate the
  supplied password directly against the user password - updated to use
  AuthEncoding.pw_validate to handle encoding issues

- Fixed serious security hole in DelegatingMultiPlugin which allowed
  Authentication if the EmergencyUser login was passed in.  Added
  password validation utilizing AuthEncoding.pw_validate

- Fixed a set of tests that tested values computed from dictionaries 
  and could break since dictionaries are not guaranteed to have any 
  sort order.

- Fixed test breakage induced by use of Z3 pagetemplates in Zope
  2.10+.

- BasePlugin: The listInterfaces method only considered the old-style
  __implements__ machinery when determining interfaces provided by
  a plugin instance.

- ZODBUserManager: Already encrypted passwords were encrypted again in
  addUser and updateUserPassword.
  (http://www.zope.org/Collectors/Zope/1926)

- Made sure the emergency user via HTTP basic auth always wins, no matter
  how borken the plugin landscape.

- Cleaned up code in CookieAuthHelper which allowed the form to override
  login/password if a cookie had already been set.

- Removed some BBB code for Zope versions < 2.8, which is not needed 
  since we require Zope > 2.8.5 nowadays.

