Martin Aspeli wrote:
Shane Hathaway wrote:
Martin Aspeli wrote:
clean_transaction -- is this not the same as repoze.tm2? No. To mimic the current Zope publisher, we need to commit the transaction shortly after the "call" application is finished, but then a lot of things can still happen before the response leaves the server, so we need to make sure any open transaction is aborted before letting the open_root application close the database.
Why is it desirable to do things in this way? I do find it kind of confusing/error prone that we have two pieces of middleware: one that opens the transaction and another that closes it, with ordering dependencies between the two.
I'm trying to express something different, actually. The first app, "clean_transaction", only exists to cancel accidental writes. The Zope publisher does this today. The actual transaction management is in the second application, which I now realize is misnamed as "end_transaction" because it both begins and ends transactions.
repoze.who seems to be turning into something of a widely used standard. I think it'd be worth looking into whether it can be used 'upstream' and something else could do the IAuthentication stuff based on what repoze.who does.
Ok, that changes my perspective a bit. Shane