- •Front Matter
- •Copyright, Trademarks, and Attributions
- •Attributions
- •Print Production
- •Contacting The Publisher
- •HTML Version and Source Code
- •Typographical Conventions
- •Author Introduction
- •Audience
- •Book Content
- •The Genesis of repoze.bfg
- •The Genesis of Pyramid
- •Thanks
- •Pyramid Introduction
- •What Makes Pyramid Unique
- •URL generation
- •Debug Toolbar
- •Debugging settings
- •Class-based and function-based views
- •Extensible templating
- •Rendered views can return dictionaries
- •Event system
- •Built-in internationalization
- •HTTP caching
- •Sessions
- •Speed
- •Exception views
- •No singletons
- •View predicates and many views per route
- •Transaction management
- •Flexible authentication and authorization
- •Traversal
- •Tweens
- •View response adapters
- •Testing
- •Support
- •Documentation
- •What Is The Pylons Project?
- •Pyramid and Other Web Frameworks
- •Installing Pyramid
- •Before You Install
- •Installing Pyramid on a UNIX System
- •Installing the virtualenv Package
- •Creating the Virtual Python Environment
- •Installing Pyramid Into the Virtual Python Environment
- •Installing Pyramid on a Windows System
- •What Gets Installed
- •Application Configuration
- •Summary
- •Creating Your First Pyramid Application
- •Hello World
- •Imports
- •View Callable Declarations
- •WSGI Application Creation
- •WSGI Application Serving
- •Conclusion
- •References
- •Creating a Pyramid Project
- •Scaffolds Included with Pyramid
- •Creating the Project
- •Installing your Newly Created Project for Development
- •Running The Tests For Your Application
- •Running The Project Application
- •Reloading Code
- •Viewing the Application
- •The Debug Toolbar
- •The Project Structure
- •The MyProject Project
- •development.ini
- •production.ini
- •MANIFEST.in
- •setup.py
- •setup.cfg
- •The myproject Package
- •__init__.py
- •views.py
- •static
- •templates/mytemplate.pt
- •tests.py
- •Modifying Package Structure
- •Using the Interactive Shell
- •What Is This pserve Thing
- •Using an Alternate WSGI Server
- •Startup
- •The Startup Process
- •Deployment Settings
- •Request Processing
- •URL Dispatch
- •High-Level Operational Overview
- •Route Pattern Syntax
- •Route Declaration Ordering
- •Route Matching
- •The Matchdict
- •The Matched Route
- •Routing Examples
- •Example 1
- •Example 2
- •Example 3
- •Matching the Root URL
- •Generating Route URLs
- •Static Routes
- •Debugging Route Matching
- •Using a Route Prefix to Compose Applications
- •Custom Route Predicates
- •Route Factories
- •Using Pyramid Security With URL Dispatch
- •Route View Callable Registration and Lookup Details
- •References
- •Views
- •View Callables
- •View Callable Responses
- •Using Special Exceptions In View Callables
- •HTTP Exceptions
- •How Pyramid Uses HTTP Exceptions
- •Custom Exception Views
- •Using a View Callable to Do an HTTP Redirect
- •Handling Form Submissions in View Callables (Unicode and Character Set Issues)
- •Alternate View Callable Argument/Calling Conventions
- •Renderers
- •Writing View Callables Which Use a Renderer
- •Built-In Renderers
- •string: String Renderer
- •json: JSON Renderer
- •JSONP Renderer
- •*.pt or *.txt: Chameleon Template Renderers
- •*.mak or *.mako: Mako Template Renderer
- •Varying Attributes of Rendered Responses
- •Deprecated Mechanism to Vary Attributes of Rendered Responses
- •Adding and Changing Renderers
- •Adding a New Renderer
- •Changing an Existing Renderer
- •Overriding A Renderer At Runtime
- •Templates
- •Using Templates Directly
- •System Values Used During Rendering
- •Chameleon ZPT Templates
- •A Sample ZPT Template
- •Using ZPT Macros in Pyramid
- •Templating with Chameleon Text Templates
- •Side Effects of Rendering a Chameleon Template
- •Debugging Templates
- •Chameleon Template Internationalization
- •Templating With Mako Templates
- •A Sample Mako Template
- •Automatically Reloading Templates
- •Available Add-On Template System Bindings
- •View Configuration
- •Mapping a Resource or URL Pattern to a View Callable
- •@view_defaults Class Decorator
- •NotFound Errors
- •Debugging View Configuration
- •Static Assets
- •Serving Static Assets
- •Generating Static Asset URLs
- •Advanced: Serving Static Assets Using a View Callable
- •Root-Relative Custom Static View (URL Dispatch Only)
- •Overriding Assets
- •The override_asset API
- •Request and Response Objects
- •Request
- •Special Attributes Added to the Request by Pyramid
- •URLs
- •Methods
- •Unicode
- •Multidict
- •Dealing With A JSON-Encoded Request Body
- •Cleaning Up After a Request
- •More Details
- •Response
- •Headers
- •Instantiating the Response
- •Exception Responses
- •More Details
- •Sessions
- •Using The Default Session Factory
- •Using a Session Object
- •Using Alternate Session Factories
- •Creating Your Own Session Factory
- •Flash Messages
- •Using the session.flash Method
- •Using the session.pop_flash Method
- •Using the session.peek_flash Method
- •Preventing Cross-Site Request Forgery Attacks
- •Using the session.get_csrf_token Method
- •Using the session.new_csrf_token Method
- •Using Events
- •An Example
- •Reloading Templates
- •Reloading Assets
- •Debugging Authorization
- •Debugging Not Found Errors
- •Debugging Route Matching
- •Preventing HTTP Caching
- •Debugging All
- •Reloading All
- •Default Locale Name
- •Including Packages
- •pyramid.includes vs. pyramid.config.Configurator.include()
- •Mako Template Render Settings
- •Mako Directories
- •Mako Module Directory
- •Mako Input Encoding
- •Mako Error Handler
- •Mako Default Filters
- •Mako Import
- •Mako Preprocessor
- •Examples
- •Understanding the Distinction Between reload_templates and reload_assets
- •Adding A Custom Setting
- •Logging
- •Sending Logging Messages
- •Filtering log messages
- •Logging Exceptions
- •PasteDeploy Configuration Files
- •PasteDeploy
- •Entry Points and PasteDeploy .ini Files
- •[DEFAULTS] Section of a PasteDeploy .ini File
- •Command-Line Pyramid
- •Displaying Matching Views for a Given URL
- •The Interactive Shell
- •Extending the Shell
- •IPython or bpython
- •Displaying All Application Routes
- •Invoking a Request
- •Writing a Script
- •Changing the Request
- •Cleanup
- •Setting Up Logging
- •Making Your Script into a Console Script
- •Internationalization and Localization
- •Creating a Translation String
- •Using The TranslationString Class
- •Using the TranslationStringFactory Class
- •Working With gettext Translation Files
- •Installing Babel and Lingua
- •Extracting Messages from Code and Templates
- •Initializing a Message Catalog File
- •Updating a Catalog File
- •Compiling a Message Catalog File
- •Using a Localizer
- •Performing a Translation
- •Performing a Pluralization
- •Obtaining the Locale Name for a Request
- •Performing Date Formatting and Currency Formatting
- •Chameleon Template Support for Translation Strings
- •Mako Pyramid I18N Support
- •Localization-Related Deployment Settings
- •Activating Translation
- •Adding a Translation Directory
- •Setting the Locale
- •Locale Negotiators
- •The Default Locale Negotiator
- •Using a Custom Locale Negotiator
- •Virtual Hosting
- •Virtual Root Support
- •Further Documentation and Examples
- •Test Set Up and Tear Down
- •What?
- •Using the Configurator and pyramid.testing APIs in Unit Tests
- •Creating Integration Tests
- •Creating Functional Tests
- •Resources
- •Location-Aware Resources
- •Generating The URL Of A Resource
- •Overriding Resource URL Generation
- •Generating the Path To a Resource
- •Finding a Resource by Path
- •Obtaining the Lineage of a Resource
- •Determining if a Resource is In The Lineage of Another Resource
- •Finding the Root Resource
- •Resources Which Implement Interfaces
- •Finding a Resource With a Class or Interface in Lineage
- •Pyramid API Functions That Act Against Resources
- •Much Ado About Traversal
- •URL Dispatch
- •Historical Refresher
- •Traversal (aka Resource Location)
- •View Lookup
- •Use Cases
- •Traversal
- •Traversal Details
- •The Resource Tree
- •The Traversal Algorithm
- •A Description of The Traversal Algorithm
- •Traversal Algorithm Examples
- •References
- •Security
- •Enabling an Authorization Policy
- •Enabling an Authorization Policy Imperatively
- •Protecting Views with Permissions
- •Setting a Default Permission
- •Assigning ACLs to your Resource Objects
- •Elements of an ACL
- •Special Principal Names
- •Special Permissions
- •Special ACEs
- •ACL Inheritance and Location-Awareness
- •Changing the Forbidden View
- •Debugging View Authorization Failures
- •Debugging Imperative Authorization Failures
- •Creating Your Own Authentication Policy
- •Creating Your Own Authorization Policy
- •Combining Traversal and URL Dispatch
- •A Review of Non-Hybrid Applications
- •URL Dispatch Only
- •Traversal Only
- •Hybrid Applications
- •The Root Object for a Route Match
- •Using *traverse In a Route Pattern
- •Using *subpath in a Route Pattern
- •Corner Cases
- •Registering a Default View for a Route That Has a view Attribute
- •Using Hooks
- •Changing the Not Found View
- •Changing the Forbidden View
- •Changing the Request Factory
- •Using The Before Render Event
- •Adding Renderer Globals (Deprecated)
- •Using Response Callbacks
- •Using Finished Callbacks
- •Changing the Traverser
- •Changing How pyramid.request.Request.resource_url() Generates a URL
- •Changing How Pyramid Treats View Responses
- •Using a View Mapper
- •Creating a Tween Factory
- •Registering an Implicit Tween Factory
- •Suggesting Implicit Tween Ordering
- •Explicit Tween Ordering
- •Displaying Tween Ordering
- •Pyramid Configuration Introspection
- •Using the Introspector
- •Introspectable Objects
- •Pyramid Introspection Categories
- •Introspection in the Toolbar
- •Disabling Introspection
- •Rules for Building An Extensible Application
- •Fundamental Plugpoints
- •Extending an Existing Application
- •Extending the Application
- •Overriding Views
- •Overriding Routes
- •Overriding Assets
- •Advanced Configuration
- •Two-Phase Configuration
- •Using config.action in a Directive
- •Adding Configuration Introspection
- •Introspectable Relationships
- •Thread Locals
- •Why and How Pyramid Uses Thread Local Variables
- •Using the Zope Component Architecture in Pyramid
- •Using the ZCA Global API in a Pyramid Application
- •Disusing the Global ZCA API
- •Enabling the ZCA Global API by Using hook_zca
- •Enabling the ZCA Global API by Using The ZCA Global Registry
- •Background
- •Design
- •Overall
- •Models
- •Views
- •Security
- •Summary
- •Installation
- •Preparation
- •Make a Project
- •Run the Tests
- •Expose Test Coverage Information
- •Start the Application
- •Visit the Application in a Browser
- •Decisions the zodb Scaffold Has Made For You
- •Basic Layout
- •Resources and Models with models.py
- •Views With views.py
- •Defining the Domain Model
- •Delete the Database
- •Edit models.py
- •Look at the Result of Our Edits to models.py
- •View the Application in a Browser
- •Defining Views
- •Declaring Dependencies in Our setup.py File
- •Adding View Functions
- •Viewing the Result of all Our Edits to views.py
- •Adding Templates
- •Viewing the Application in a Browser
- •Adding Authorization
- •Add Authentication and Authorization Policies
- •Add security.py
- •Give Our Root Resource an ACL
- •Add Login and Logout Views
- •Change Existing Views
- •Add permission Declarations to our view_config Decorators
- •Add the login.pt Template
- •Change view.pt and edit.pt
- •See Our Changes To views.py and our Templates
- •View the Application in a Browser
- •Adding Tests
- •Test the Models
- •Test the Views
- •Functional tests
- •View the results of all our edits to tests.py
- •Run the Tests
- •Distributing Your Application
- •SQLAlchemy + URL Dispatch Wiki Tutorial
- •Background
- •Design
- •Overall
- •Models
- •Views
- •Security
- •Summary
- •Installation
- •Preparation
- •Making a Project
- •Running the Tests
- •Exposing Test Coverage Information
- •Initializing the Database
- •Starting the Application
- •Decisions the alchemy Scaffold Has Made For You
- •Basic Layout
- •View Declarations via views.py
- •Content Models with models.py
- •Making Edits to models.py
- •Changing scripts/initializedb.py
- •Reinitializing the Database
- •Viewing the Application in a Browser
- •Defining Views
- •Declaring Dependencies in Our setup.py File
- •Running setup.py develop
- •Changing the views.py File
- •Adding Templates
- •Adding Routes to __init__.py
- •Viewing the Application in a Browser
- •Adding Authorization
- •Adding A Root Factory
- •Add an Authorization Policy and an Authentication Policy
- •Adding an authentication policy callback
- •Adding Login and Logout Views
- •Changing Existing Views
- •Adding the login.pt Template
- •Seeing Our Changes To views.py and our Templates
- •Viewing the Application in a Browser
- •Adding Tests
- •Testing the Models
- •Testing the Views
- •Functional tests
- •Viewing the results of all our edits to tests.py
- •Running the Tests
- •Distributing Your Application
- •Converting a repoze.bfg Application to Pyramid
- •Running a Pyramid Application under mod_wsgi
- •pyramid.authorization
- •pyramid.authentication
- •Authentication Policies
- •Helper Classes
- •pyramid.chameleon_text
- •pyramid.chameleon_zpt
- •pyramid.config
- •pyramid.events
- •Functions
- •Event Types
- •pyramid.exceptions
- •pyramid.httpexceptions
- •HTTP Exceptions
- •pyramid.i18n
- •pyramid.interfaces
- •Event-Related Interfaces
- •Other Interfaces
- •pyramid.location
- •pyramid.paster
- •pyramid.registry
- •pyramid.renderers
- •pyramid.request
- •pyramid.response
- •Functions
- •pyramid.scripting
- •pyramid.security
- •Authentication API Functions
- •Authorization API Functions
- •Constants
- •Return Values
- •pyramid.settings
- •pyramid.testing
- •pyramid.threadlocal
- •pyramid.traversal
- •pyramid.url
- •pyramid.view
- •pyramid.wsgi
- •Glossary
CHAPTER
SIXTYTWO
PYRAMID.URL
Utility functions for dealing with URLs in pyramid
resource_url(context, request, *elements, query=None, anchor=None)
This is a backwards compatibility function. Its result is the same as calling:
request.resource_url(resource, *elements, **kw)
See pyramid.request.Request.resource_url() for more information.
route_url(route_name, request, *elements, **kw)
This is a backwards compatibility function. Its result is the same as calling:
request.route_url(route_name, *elements, **kw)
See pyramid.request.Request.route_url() for more information.
current_route_url(request, *elements, **kw)
This is a backwards compatibility function. Its result is the same as calling:
request.current_route_url(*elements, **kw)
See pyramid.request.Request.current_route_url() for more information.
route_path(route_name, request, *elements, **kw)
This is a backwards compatibility function. Its result is the same as calling:
671
62. PYRAMID.URL
request.route_path(route_name, *elements, **kw)
See pyramid.request.Request.route_path() for more information.
current_route_path(request, *elements, **kw)
This is a backwards compatibility function. Its result is the same as calling:
request.current_route_path(*elements, **kw)
See pyramid.request.Request.current_route_path() for more information.
static_url(path, request, **kw)
This is a backwards compatibility function. Its result is the same as calling:
request.static_url(path, **kw)
See pyramid.request.Request.static_url() for more information.
static_path(path, request, **kw)
This is a backwards compatibility function. Its result is the same as calling:
request.static_path(path, **kw)
See pyramid.request.Request.static_path() for more information.
urlencode(query, doseq=True)
An alternate implementation of Python’s stdlib urllib.urlencode function which accepts unicode keys and values within the query dict/sequence; all Unicode keys and values are first converted to UTF-8 before being used to compose the query string.
The value of query must be a sequence of two-tuples representing key/value pairs or an object (often a dictionary) with an .items() method that returns a sequence of two-tuples representing key/value pairs.
For minimal calling convention backwards compatibility, this version of urlencode accepts but ignores a second argument conventionally named doseq. The Python stdlib version behaves differently when doseq is False and when a sequence is presented as one of the values. This version always behaves in the doseq=True mode, no matter what the value of the second argument.
See the Python stdlib documentation for urllib.urlencode for more information.
672
CHAPTER
SIXTYTHREE
PYRAMID.VIEW
render_view_to_response(context, request, name=’‘, secure=True)
Call the view callable configured with a view configuration that matches the view name name registered against the specified context and request and return a response object. This function will return None if a corresponding view callable cannot be found (when no view configuration matches the combination of name / context / and request).
If secure‘ is True, and the view callable found is protected by a permission, the permission will be checked before calling the view function. If the permission check disallows view execution (based on the current authorization policy), a pyramid.httpexceptions.HTTPForbidden exception will be raised. The exception’s args attribute explains why the view access was disallowed.
If secure is False, no permission checking is done.
render_view_to_iterable(context, request, name=’‘, secure=True)
Call the view callable configured with a view configuration that matches the view name name registered against the specified context and request and return an iterable object which represents the body of a response. This function will return None if a corresponding view callable cannot be found (when no view configuration matches the combination of name / context / and request). Additionally, this function will raise a ValueError if a view function is found and called but the view function’s result does not have an app_iter attribute.
You can usually get the string representation of the return value of this function by calling
”.join(iterable), or just use pyramid.view.render_view() instead.
If secure is True, and the view is protected by a permission, the permission will be checked before the view function is invoked. If the permission check disallows view execution (based on the current authentication policy), a pyramid.httpexceptions.HTTPForbidden exception will be raised; its args attribute explains why the view access was disallowed.
If secure is False, no permission checking is done.
673
63. PYRAMID.VIEW
render_view(context, request, name=’‘, secure=True)
Call the view callable configured with a view configuration that matches the view name name registered against the specified context and request and unwind the view response’s app_iter (see View Callable Responses) into a single string. This function will return None if a corresponding view callable cannot be found (when no view configuration matches the combination of name / context / and request). Additionally, this function will raise a ValueError if a view function is found and called but the view function’s result does not have an app_iter attribute. This function will return None if a corresponding view cannot be found.
If secure is True, and the view is protected by a permission, the permission will be checked before the view is invoked. If the permission check disallows view execution (based on the current authorization policy), a pyramid.httpexceptions.HTTPForbidden exception will be raised; its args attribute explains why the view access was disallowed.
If secure is False, no permission checking is done.
is_response(ob)
Return True if ob implements the interface implied by View Callable Responses. False if not.
latex-warning.png
This function is deprecated as of Pyramid 1.1. New code should not use it. Instead, new code should use the pyramid.request.Request.is_response() method.
class view_config(name=(default), request_type=(default), for_=(default), permission=(default), route_name=(default), request_method=(default), request_param=(default), containment=(default), attr=(default), renderer=(default), wrapper=(default), xhr=(default), accept=(default), header=(default), path_info=(default), custom_predicates=(default), context=(default), decorator=(default), mapper=(default),
http_cache=(default), match_param=(default))
A function, class or method decorator which allows a developer to create view registrations nearer to a view callable definition than use imperative configuration to do the same.
For example, this code in a module views.py:
674
from resources import MyResource
@view_config(name=’my_view’, context=MyResource, permission=’read’, route_name=’site1’)
def my_view(context, request): return ’OK’
Might replace the following call to the pyramid.config.Configurator.add_view() method:
import views
from resources import MyResource
config.add_view(views.my_view, context=MyResource, name=’my_view’, permission=’read’, ’route_name=’site1’)
The following arguments are supported to pyramid.view.view_config: context, permission, name, request_type, route_name, request_method, request_param, containment, xhr, accept, header, path_info, custom_predicates, decorator, mapper, http_cache, and match_param.
The meanings of these arguments are the same as the arguments passed to pyramid.config.Configurator.add_view(). If any argument is left out, its default will be the equivalent add_view default.
See Adding View Configuration Using the @view_config Decorator for details about using view_config.
class view_defaults(name=(default), request_type=(default), for_=(default), permission=(default), route_name=(default), request_method=(default), request_param=(default), containment=(default), attr=(default), renderer=(default), wrapper=(default), xhr=(default), accept=(default), header=(default), path_info=(default), custom_predicates=(default), context=(default), decorator=(default), mapper=(default),
http_cache=(default), match_param=(default))
A class decorator which, when applied to a class, will provide defaults for all view configurations that use the class. This decorator accepts all the arguments accepted by pyramid.config.view_config, and each has the same meaning.
See @view_defaults Class Decorator for more information.
675
63. PYRAMID.VIEW
class notfound_view_config(request_type=(default), |
request_method=(default), |
|||
route_name=(default), |
request_param=(default), |
|||
attr=(default), |
|
renderer=(default), |
contain- |
|
ment=(default), wrapper=(default), xhr=(default), ac- |
||||
cept=(default), |
header=(default), |
path_info=(default), |
||
custom_predicates=(default), |
decorator=(default), |
|||
mapper=(default), |
|
match_param=(default), |
ap- |
|
pend_slash=False)
An analogue of pyramid.view.view_config which registers a not found view.
The notfound_view_config constructor accepts most of the same arguments as the constructor of pyramid.view.view_config. It can be used in the same places, and behaves in largely the same way, except it always registers a not found exception view instead of a “normal” view.
Example:
from pyramid.view import notfound_view_config from pyramid.response import Response
notfound_view_config() def notfound(request):
return Response(’Not found, dude!’, status=’404 Not Found’)
All arguments except append_slash have the same meaning as pyramid.view.view_config() and each predicate argument restricts the set of circumstances under which this notfound view will be invoked.
If append_slash is True, when the notfound view is invoked, and the current path info does not end in a slash, the notfound logic will attempt to find a route that matches the request’s path info suffixed with a slash. If such a route exists, Pyramid will issue a redirect to the URL implied by the route; if it does not, Pyramid will return the result of the view callable provided as view, as normal.
See Changing the Not Found View for detailed usage information.
latex-note.png
This class is new as of Pyramid 1.3.
676
class forbidden_view_config(request_type=(default), |
request_method=(default), |
||
route_name=(default), |
request_param=(default), |
||
attr=(default), renderer=(default), containment=(default), |
|||
wrapper=(default), |
xhr=(default), |
accept=(default), |
|
header=(default), |
path_info=(default), |
cus- |
|
tom_predicates=(default), decorator=(default), map-
per=(default), match_param=(default))
An analogue of pyramid.view.view_config which registers a forbidden view.
The forbidden_view_config constructor accepts most of the same arguments as the constructor of pyramid.view.view_config. It can be used in the same places, and behaves in largely the same way, except it always registers a forbidden exception view instead of a “normal” view.
Example:
from pyramid.view import forbidden_view_config from pyramid.response import Response
forbidden_view_config() def notfound(request):
return Response(’You are not allowed’, status=’401 Unauthorized’)
All have the same meaning as pyramid.view.view_config() and each predicate argument restricts the set of circumstances under which this notfound view will be invoked.
See Changing the Forbidden View for detailed usage information.
latex-note.png
This class is new as of Pyramid 1.3.
class static(root_dir, cache_max_age=3600, package_name=None)
Backwards compatibility alias for pyramid.static.static_view; it overrides that class’ constructor to pass use_subpath=True by default. This class is deprecated as of Pyramid 1.1. Use pyramid.static.static_view instead (probably with a use_subpath=True argument).
677
63. PYRAMID.VIEW
678