Zope-app-security

------------------

- All interfaces, as well as some authentication-related helper classes and
functions (checkPrincipal, PrincipalSource, PrincipalTerms, etc.) were moved
into the new ``zope.authentication`` package. Backward-compatibility imports
are provided.

- The "global principal registry" along with its zcml directives was moved into
new "zope.principalregistry" package. Backward-compatibility imports are
provided.

- The IPrincipal -> zope.publisher.interfaces.logginginfo.ILoggingInfo
adapter was moved to ``zope.publisher``. Backward-compatibility import
is provided.

- The PermissionsVocabulary and PermissionIdsVocabulary has been moved
to the ``zope.security`` package. Backward-compatibility imports are
provided.

- The registration of the "zope.Public" permission as well as some other
common permissions, like "zope.View" have been moved to ``zope.security``.
Its configure.zcml is now included by this package.

- The "protect" function is now a no-op and is not needed anymore, because
zope.security now knows about i18n messages and __name__ and __parent__
attributes and won't protect them by default.

- The addCheckerPublic was moved from zope.app.security.tests to
zope.security.testing. Backward-compatibility import is provided.

- The ``LocalPermission`` class is now moved to new ``zope.app.localpermission``
package. This package now only has backward-compatibility imports and
zcml includes.

- Cleanup dependencies after refactorings. Also, don't depend on
zope.app.testing for tests anymore.

- Update package's description to point about refactorings done.

------------------

- The `Allow`, `Deny` and `Unset` permission settings was preferred to
be imported from ``zope.securitypolicy.interfaces`` for a long time
and now they are completely moved there from ``zope.app.security.settings``
as well as the ``PermissionSetting`` class. The only thing left for
backward compatibility is the import of Allow/Unset/Deny constants if
``zope.securitypolicy`` is installed to allow unpickling of security
settings.

------------------

- Depend on new ``zope.password`` package instead of ``zope.app.authentication``
to get password managers for the authentication utility, thus remove
dependency on ``zope.app.authentication``.

- Use template for AuthUtilitySearchView instead of ugly HTML
constructing in the python code.

- Bug: The `sha` and `md5` modules has been deprecated in Python 2.6.
Whenever the ZCML of this package was included when using Python 2.6,
a deprecation warning had been raised stating that `md5` and `sha` have
been deprecated. Provided a simple condition to check whether Python 2.6
or later is installed by checking for the presense of `json` module
thas was added only in Python 2.6 and thus optionally load the security
declaration for `md5` and `sha`.

- Remove deprecated code, thus removing explicit dependency on
zope.deprecation and zope.deferredimport.

- Cleanup code a bit, replace old __used_for__ statements by ``adapts``
calls.

------------------

- Changed mailing list address to zope-dev at zope.org, because
zope3-dev is retired now. Changed "cheeseshop" to "pypi" in
the package homepage.

- Moved the `protectclass` module to `zope.security` leaving only a
compatibility module here that imports from the new location.

- Moved the <module> directive implementation to `zope.security`.

- Use `zope.container` instead of `zope.app.container`;.

------------------

- use zope.browser.interfaces.ITerms instead of
`zope.app.form.browser.interfaces`.

------------------

- Bug: It turned out that checking for regex was not much better of an
idea, since it causes deprecation warnings in Python 2.4. Thus let's
look for a library that was added in Python 2.5.