Glossary

ACE

An access control entry. An access control entry is one element in an ACL. An access control entry is a three-tuple that describes three things: an action (one of either Allow or Deny), a principal (a string describing a user or group), and a permission. For example the ACE, (Allow, 'bob', 'read') is a member of an ACL that indicates that the principal bob is allowed the permission read against the context the ACL is attached to.

ACL

An access control list. An ACL is a sequence of ACE tuples. An ACL is attached to a model instance. An example of an ACL is [ (Allow, 'bob', 'read'), (Deny, 'fred', 'write')]. If an ACL is attached to a model instance, and that model instance is findable via the context, it will be consulted any active security policy to determine wither a particular request can be fulfilled given the authentication information in the request.

Agendaless Consulting

A consulting organization formed by Paul Everitt, Tres Seaver, and Chris McDonough. See also http://agendaless.com .

application registry

A registry of configuration information consulted by repoze.bfg while servicing an application. An application registry maps model types to views, as well as housing other application-specific component registrations. Every repoze.bfg application has one (and only one) application registry.

authentication

The act of determining that the credentials a user presents during a particular request are “good”. Authentication in repoze.bfg is performed via an authentication policy.

authentication policy

An authentication policy in repoze.bfg terms is a bit of code which has an API which determines the current principal (or principals) associated with a request.

authorization

The act of determining whether a user can perform a specific action. In bfg terms, this means determining whether, for a given context, any principal (or principals) associated with the request have the requisite permission to allow the request to continue. Authorization in repoze.bfg is performed via its authorization policy.

authorization policy

An authorization policy in repoze.bfg terms is a bit of code which has an API which determines whether or not the principals associated with the request can perform an action associated with a permission, based on the information found on the context.

Babel

A collection of tools for internationalizing Python applications. repoze.bfg does not depend on Babel to operate, but if Babel is installed, additional locale functionality becomes available to your application.

Chameleon

chameleon is an attribute language template compiler which supports both the ZPT and Genshi templating specifications. It is written and maintained by Malthe Borch. It has several extensions, such as the ability to use bracketed (Genshi-style) ${name} syntax, even within ZPT. It is also much faster than the reference implementations of both ZPT and Genshi. repoze.bfg offers Chameleon templating out of the box in ZPT and text flavors.

configuration declaration

An individual method call made to an instance of a repoze.bfg Configurator object which performs an arbitrary action, such as registering a view configuration (via the view method of the configurator) or route configuration (via the route method of the configurator). A set of configuration declarations is also usually implied via the use of a ZCML declaration within an application, or a set of configuration declarations might be performed by a scan of code in a package.

configuration decoration

Metadata implying one or more configuration declaration invocations. Often set by configuration Python decorator attributes, such as repoze.bfg.view.bfg_view, aka @bfg_view.

configurator

An object used to do configuration declaration within an application. The most common configurator is an instance of the repoze.bfg.configuration.Configurator class.

context

An object in the system that is found during traversal or URL dispatch based on URL data; if it’s found via traversal, it’s usually a model object that is part of an object graph; if it’s found via URL dispatch, it’s a object manufactured on behalf of the route’s “factory”. A context becomes the subject of a view, and typically has security information attached to it. See the Traversal chapter and the URL Dispatch chapter for more information about how a URL is resolved to a context.

Context Finding

The act of locating a context and a view name given a request. Traversal and URL dispatch are the context finding subsystems used by repoze.bfg.

CPython

The C implementation of the Python language. This is the reference implementation that most people refer to as simply “Python”; Jython, Google’s App Engine, and PyPy are examples of non-C based Python implementations.

declarative configuration

The configuration mode in which you use ZCML to make a set of configuration declaration statements.

decorator

A wrapper around a Python function or class which accepts the function or class as its first argument and which returns an arbitrary object. repoze.bfg provides several decorators, used for configuration and return value modification purposes. See also PEP 318.

Default view

The default view of a model is the view invoked when the view name is the empty string (''). This is the case when traversal exhausts the path elements in the PATH_INFO of a request before it returns a context.

distribution

(Setuptools/distutils terminology). A file representing an installable library or application. Distributions are usually files that have the suffix of .egg, .tar.gz, or .zip. Distributions are the target of Setuptools commands such as easy_install.

Django

A full-featured Python web framework.

dotted Python name

A reference to a Python object by name using a string, in the form path.to.modulename:attributename. Often used in Paste and setuptools configurations. A variant is used in dotted names within ZCML attributes that name objects (such as the ZCML “view” directive’s “view” attribute): the colon (:) is not used; in its place is a dot.

entry point

A setuptools indirection, defined within a setuptools distribution setup.py. It is usually a name which refers to a function somewhere in a package which is held by the distribution.

event

An object broadcast to zero or more subscriber callables during normal repoze.bfg system operations during the lifetime of an application. Application code can subscribe to these events by using the subscriber functionality described in Using Events.

Forbidden view

The view callable invoked by repoze.bfg when the developer explicitly raises a repoze.bfg.exceptions.Forbidden exception from within view code or root factory code, or when the view configuration and authorization policy found for a request disallows a particular view invocation. repoze.bfg provides a default implementation of a forbidden view; it can be overridden. See Changing the Forbidden View.

Genshi

An XML templating language by Christopher Lenz.

Gettext

The GNU gettext library, used by the repoze.bfg translation machinery.

Google App Engine

Google App Engine (aka “GAE”) is a Python application hosting service offered by Google. repoze.bfg runs on GAE.

Grok

A web framework based on Zope 3.

imperative configuration

The configuration mode in which you use Python to call methods on a Configurator in order to add each configuration declaration required by your application.

interface

A Zope interface object. In repoze.bfg, an interface may be attached to a model object or a request object in order to identify that the object is “of a type”. Interfaces are used internally by repoze.bfg to perform view lookups and other policy lookups. The ability to make use of an interface is exposed to an application programmers during view configuration via the context argument, the request_type argument and the containment argument. Interfaces are also exposed to application developers when they make use of the event system. Fundamentally, repoze.bfg programmers can think of an interface as something that they can attach to an object that stamps it with a “type” unrelated to its underlying Python type. Interfaces can also be used to describe the behavior of an object (its methods and attributes), but unless they choose to, repoze.bfg programmers do not need to understand or use this feature of interfaces.

Internationalization

The act of creating software with a user interface that can potentially be displayed in more than one language or cultural context. Often shortened to “i18n” (because the word “internationalization” is I, 18 letters, then N). See also: Localization.

Jinja2

A text templating language by Armin Ronacher.

JSON

JavaScript Object Notation is a data serialization format.

Jython

A Python implementation <http://www.jython.org/> written for the Java Virtual Machine.

lineage

An ordered sequence of objects based on a “location -aware” context. The lineage of any given context is composed of itself, its parent, its parent’s parent, and so on. The order of the sequence is context-first, then the parent of the context, then its parent’s parent, and so on. The parent of an object in a lineage is available as its __parent__ attribute.

Locale Name

A string like en, en_US, de, or de_AT which uniquely identifies a particular locale.

Locale Negotiator

An object supplying a policy determining which locale name best represents a given request. It is used by the repoze.bfg.i18n.get_locale_name(), and repoze.bfg.i18n.negotiate_locale_name() functions, and indirectly by repoze.bfg.i18n.get_localizer(). The repoze.bfg.i18n.default_locale_negotiator() function is an example of a locale negotiator.

Localization

The process of displaying the user interface of an internationalized application in a particular language or cultural context. Often shortened to “l10” (because the word “localization” is L, 10 letters, then N). See also: Internationalization.

Localizer

An instance of the class repoze.bfg.i18n.Localizer which provides translation and pluralization services to an application. It is retrieved via the repoze.bfg.i18n.get_localizer() function.

location

The path to an object in an object graph. See Location-Aware Model Instances for more information about how to make a model object location-aware.

Message Catalog

A gettext .mo file containing translations.

Message Identifier

A string used as a translation lookup key during localization. The msgid argument to a translation string is a message identifier. Message identifiers are also present in a message catalog.

METAL

Macro Expansion for TAL, a part of ZPT which makes it possible to share common look and feel between templates.

middleware

Middleware is a WSGI concept. It is a WSGI component that acts both as a server and an application. Interesting uses for middleware exist, such as caching, content-transport encoding, and other functions. See WSGI.org or PyPI to find middleware for your application.

mod_wsgi

mod_wsgi is an Apache module developed by Graham Dumpleton. It allows WSGI applications (such as applications developed using repoze.bfg) to be served using the Apache web server.

model

An object representing data in the system. If traversal is used, a model is a node in the object graph traversed by the system. When traversal is used, a model instance becomes the context of a view. If url dispatch is used, a single context is generated for each request and is used as the context of a view: this object is also technically a “model” in repoze.bfg terms, although this terminology can be a bit confusing: see BFG Uses “Model” To Represent A Node In The Graph of Objects Traversed.

multidict

An ordered dictionary that can have multiple values for each key. Adds the methods getall, getone, mixed, and add to the normal dictionary interface. See http://pythonpaste.org/webob/class-webob.multidict.MultiDict.html

Not Found view

The view callable invoked by repoze.bfg when the developer explicitly raises a repoze.bfg.exceptions.NotFound exception from within view code or root factory code, or when the current request doesn’t match any view configuration. repoze.bfg provides a default implementation of a not found view; it can be overridden. See Changing the Not Found View.

package

A directory on disk which contains an __init__.py file, making it recognizable to Python as a location which can be import -ed.

Paste

Paste is a WSGI development and deployment system developed by Ian Bicking.

PasteDeploy

PasteDeploy is a library used by repoze.bfg which makes it possible to configure WSGI components together declaratively within an .ini file. It was developed by Ian Bicking as part of Paste.

permission

A string or unicode object that represents an action being taken against a context. A permission is associated with a view name and a model type by the developer. Models are decorated with security declarations (e.g. an ACL), which reference these tokens also. Permissions are used by the active to security policy to match the view permission against the model’s statements about which permissions are granted to which principal in a context in order to to answer the question “is this user allowed to do this”. Examples of permissions: read, or view_blog_entries.

pipeline

The Paste term for a single configuration of a WSGI server, a WSGI application, with a set of middleware in-between.

pkg_resources

A module which ships with setuptools that provides an API for addressing “resource files” within Python packages. Resource files are static files, template files, etc; basically anything non-Python-source that lives in a Python package can be considered a resource file. See also PkgResources

predicate

A test which returns True or False. Two different types of predicates exist in repoze.bfg: a view predicate and a route predicate. View predicates are attached to view configuration and route predicates are attached to route configuration.

principal

A principal is a string or unicode object representing a userid or a group id. It is provided by an authentication policy. For example, if a user had the user id “bob”, and Bob was part of two groups named “group foo” and “group bar”, the request might have information attached to it that would indicate that Bob was represented by three principals: “bob”, “group foo” and “group bar”.

project

(Setuptools/distutils terminology). A directory on disk which contains a setup.py file and one or more Python packages. The setup.py file contains code that allows the package(s) to be installed, distributed, and tested.

Pylons

A lightweight Python web framework.

PyPI

The Python Package Index, a collection of software available for Python.

Python

The programming language <http://python.org> in which repoze.bfg is written.

renderer

A serializer that can be referred to via view configuration which converts a non-Response return values from a view into a string (and ultimately a response). Using a renderer can make writing views that require templating or other serialization less tedious. See Writing View Callables Which Use a Renderer for more information.

renderer factory

A factory which creates a renderer. See Adding and Overriding Renderers for more information.

Repoze

“Repoze” is essentially a “brand” of software developed by Agendaless Consulting and a set of contributors. The term has no special intrinsic meaning. The project’s website has more information. The software developed “under the brand” is available in a Subversion repository.

repoze.catalog

An indexing and search facility (fielded and full-text) based on zope.index. See the documentation for more information. A tutorial for its usage in repoze.bfg exists in Using repoze.catalog Within repoze.bfg.

repoze.lemonade

Zope2 CMF-like data structures and helper facilities for CA-and-ZODB-based applications useful within repoze.bfg applications.

repoze.who

Authentication middleware for WSGI applications. It can be used by repoze.bfg to provide authentication information.

repoze.workflow

Barebones workflow for Python apps . It can be used by repoze.bfg to form a workflow system.

request

A WebOb request object. See Request and Response Objects for information about request objects.

request type

An attribute of a request that allows for specialization of view invocation based on arbitrary categorization. The every request object that repoze.bfg generates and manipulates has one or more interface objects attached to it. The default interface attached to a request object is repoze.bfg.interfaces.IRequest.

resource

Any file contained within a Python package which is not a Python source code file.

resource specification

A colon-delimited identifier for a resource. The colon separates a Python package name from a package subpath. For example, the resource specification my.package:static/baz.css identifies the file named baz.css in the static subdirectory of the my.package Python package.

response

An object that has three attributes: app_iter (representing an iterable body), headerlist (representing the http headers sent to the user agent), and status (representing the http status string sent to the user agent). This is the interface defined for WebOb response objects. See Request and Response Objects for information about response objects.

reStructuredText

A plain text format that is the defacto standard for descriptive text shipped in distribution files, and Python docstrings. This documentation is authored in ReStructuredText format.

root

The object at which traversal begins when repoze.bfg searches for a context (for URL Dispatch, the root is always the context).

root factory

The “root factory” of an repoze.bfg application is called on every request sent to the application. The root factory returns the traversal root of an application. It is conventionally named get_root. An application may supply a root factory to repoze.bfg during the construction of a Configurator. If a root factory is not supplied, the application uses a default root object. Use of the default root object is useful in application which use URL dispatch for all URL-to-view code mappings.

route

A single pattern matched by the url dispatch subsystem, which generally resolves to a root factory (and then ultimately a view). See also url dispatch.

route configuration

Route configuration is the act of using imperative configuration or a ZCML <route> statement to associate request parameters with a particular route using pattern matching and route predicate statements. See URL Dispatch for more information about route configuration.

route predicate

An argument to a route configuration which implies a value that evaluates to True or False for a given request. All predicates attached to a route configuration must evaluate to True for the associated route to “match” the current request. If a route does not match the current request, the next route (in definition order) is attempted.

router

The WSGI application created when you start a repoze.bfg application. The router intercepts requests, invokes traversal and/or URL dispatch, calls view functions, and returns responses to the WSGI server on behalf of your repoze.bfg application.

Routes

A system by Ben Bangert which parses URLs and compares them against a number of user defined mappings. The URL pattern matching syntax in repoze.bfg is inspired by the Routes syntax (which was inspired by Ruby On Rails pattern syntax).

scan

The term used by repoze.bfg to define the process of importing and examining all code in a Python package or module for configuration decoration.

setuptools

Setuptools builds on Python’s distutils to provide easier building, distribution, and installation of libraries and applications.

SQLAlchemy

SQLAlchemy’ is an object relational mapper used in tutorials within this documentation.

subpath

A list of element “left over” after the router has performed a successful traversal to a view. The subpath is a sequence of strings, e.g. ['left', 'over', 'names']. Within BFG applications that use URL dispatch rather than traversal, you can use *subpath in the route pattern to influence the subpath. See Using *subpath in a Route Path for more information.

subscriber

A callable which receives an event. A callable becomes a subscriber via imperative configuration or the <subscriber> ZCML directive. See Using Events for more information.

template

A file with replaceable parts that is capable of representing some text, XML, or HTML when rendered.

thread local

A thread-local variable is one which is essentially a global variable in terms of how it is accessed and treated, however, each thread <http://en.wikipedia.org/wiki/Thread_(computer_science)> used by the application may have a different value for this same “global” variable. repoze.bfg uses a small number of thread local variables, as described in Thread Locals. See also the threading.local documentation <http://docs.python.org/library/threading.html#threading.local> for more information.

Translation Directory

A translation directory is a gettext translation directory. It contains language folders, which themselves contain LC_MESSAGES folders, which contain .mo files. Each .mo file represents a set of translations for a language in a translation domain. The name of the .mo file (minus the .mo extension) is the translation domain name.

Translation Domain

A string representing the “context” in which a translation was made. For example the word “java” might be translated differently if the translation domain is “programming-languages” than would be if the translation domain was “coffee”. A translation domain is represnted by a collection of .mo files within one or more translation directory directories.

Translation String

An instance of repoze.bfg.i18n.TranslationString, which is a class that behaves like a Unicode string, but has several extra attributes such as domain, msgid, and mapping for use during translation. Translation strings are usually created by hand within software, but are sometimes created on the behalf of the system for automatic template translation. For more information, see Internationalization and Localization.

Translator

A callable which receives a translation string and returns a translated Unicode object for the purposes of internationalization. A localizer supplies a translator to a repoze.bfg application accessible via its translate method.

traversal

The act of descending “down” a graph of model objects from a root model in order to find a context. The repoze.bfg router performs traversal of model objects when a root factory is specified. See the Traversal chapter for more information. Traversal can be performed instead of URL dispatch or can be combined with URL dispatch. See Combining Traversal and URL Dispatch for more information about combining traversal and URL dispatch (advanced).

Triad

The three bits of information used by view lookup to find “the best” view callable for a given circumstance: a context type, a view name and a request.

URL dispatch

An alternative to graph traversal as a mechanism for locating a context for a view. When you use a route in your repoze.bfg application via a route configuration, you are using URL dispatch. See the URL Dispatch for more information.

Venusian

Venusian is a library which allows framework authors to defer decorator actions. Instead of taking actions when a function (or class) decorator is executed at import time, the action usually taken by the decorator is deferred until a separate “scan” phase. repoze.bfg relies on Venusian to provide a basis for its scan feature.

view

Common vernacular for a view callable.

view callable

A “view callable” is a callable Python object which is associated with a view configuration; it returns a response object . A view callable accepts a single argument: request, which will be an instance of a request object. An alternate calling convention allows a view to be defined as a callable which accepts a pair of arguments: context and request: this calling convention is useful for traversal-based applications in which a context is always very important. A view callable is the primary mechanism by which a developer writes user interface code within repoze.bfg. See Views for more information about repoze.bfg view callables.

view configuration

View configuration is the act of associating a view callable with configuration information. This configuration information helps map a given request to a particular view callable and it can influence the response of a view callable. repoze.bfg views can be configured via imperative configuration, ZCML or by a special @bfg_view decorator coupled with a scan. See Views for more information about view configuration.

View Lookup

The act of finding and invoking the “best” view callable given a request, a context, and a view name.

view name

The “URL name” of a view, e.g index.html. If a view is configured without a name, its name is considered to be the empty string (which implies the default view).

view predicate

An argument to a view configuration which evaluates to True or False for a given request. All predicates attached to a view configuration must evaluate to true for the associated view to be considered as a possible callable for a given request.

virtual root

A model object representing the “virtual” root of a request; this is typically the physical root object (the object returned by the application root factory) unless Virtual Hosting is in use.

virtualenv

An isolated Python environment. Allows you to control which packages are used on a particular project by cloning your main Python. virtualenv was created by Ian Bicking.

WebOb

WebOb is a WSGI request/response library created by Ian Bicking.

WSGI

Web Server Gateway Interface. This is a Python standard for connecting web applications to web servers, similar to the concept of Java Servlets. repoze.bfg requires that your application be served as a WSGI application.

ZCML

Zope Configuration Markup Language, an XML dialect used by Zope and repoze.bfg for configuration tasks. ZCML is capable of performing different types of configuration declaration, but its primary purpose in repoze.bfg is to perform view configuration and route configuration within the configure.zcml file in a repoze.bfg application. You can use ZCML as an alternative to imperative configuration.

ZCML declaration

The concrete use of a ZCML directive within a ZCML file.

ZCML directive

A ZCML “tag” such as <view> or <route>.

ZEO

Zope Enterprise Objects allows multiple simultaneous processes to access a single ZODB database.

ZODB

Zope Object Database, a persistent Python object store.

Zope

The Z Object Publishing Framework, a full-featured Python web framework.

Zope Component Architecture

The Zope Component Architecture (aka ZCA) is a system which allows for application pluggability and complex dispatching based on objects which implement an interface. repoze.bfg uses the ZCA “under the hood” to perform view dispatching and other application configuration tasks.

ZPT

The Zope Page Template templating language.