Pyramid TODOs
=============

Should-Have
-----------

- https://github.com/Pylons/pyramid/issues#issue/67 (fixing would make it
  possible to render a static site from a static dir).

- Consider per-form_id CSRF instead of per-session global CSRF token.

- I18N support for pyramid_jinja2.  See also -
  http://groups.google.com/group/pylons-devel/msg/ab58353594b135c9 and
  https://github.com/Pylons/pyramid_jinja2/pull/14 

- Speed up startup time (defer _bootstrap and registerCommonDirectives()
  until needed by ZCML, as well as unfound speedups).

- Reversing (context, request) in function view callable arglist produces
  incomprehensible traceback::

   def aview(request, context):
       return {}

   if __name__ == '__main__':
       from pyramid.config import Configurator
       from paste.httpserver import serve
       c = Configurator()
       c.add_view(aview, renderer='__main__:foo.pt')
       serve(c.make_wsgi_app())

   File "/home/chrism/projects/pyramid/pyramid/config.py", line 2981, in map_nonclass
   ronly = requestonly(view, self.attr)
   File "/home/chrism/projects/pyramid/pyramid/config.py", line 3071, in requestonly
   if len(args) - len(defaults) == 1:
   zope.configuration.config.ConfigurationExecutionError: <type 'exceptions.TypeError'>: object of type 'NoneType' has no len()                                    in:
    ('reversed.py', 14, '<module>', "c.add_view(aview, renderer='__main__:foo.pt')")

- Fix misleading conflict error reports for static views ala
  http://cluebin.appspot.com/pasted/7242843

- Nicer Mako exceptions in WebError.

- Consider adding a default exception view for HTTPException and attendant
  ``redirect`` and ``abort`` functions ala Pylons.

- Add notes about renderer response attrs to request docs.

- Add an example of using a cascade to serve static assets from the root.

- Explore static file return from handler action using wsgiapp2 + fileapp.

- Static (URL-generation only) routes.

- Add narrative docs for wsgiapp and wsgiapp2.

- translationdir ZCML directive use of ``path_spec`` should maybe die.

- Provide a response_set_cookie method on the request for rendered responses
  that can be used as input to response.set_cookie?

- Make it possible to get at ACLDenied data from Forbidden response in
  exceptionview.

Nice-to-Have
------------

- Better "Extending" chapter.

- Try to make test suite pass on IronPython.

- Non-bwcompat use of threadlocals that need to be documented or ameliorated:

  security.principals_allowed_by_permission

  resource.OverrideProvider._get_overrides: can't credibly be removed,
  because it stores an overrideprovider as a module-scope global.

  traversal.traverse: this API is a stepchild, and needs to be changed.

  Configurator.add_translation_dirs: not passed any context but a message,
  can't credibly be removed.

- Supply ``X-Vhm-Host`` support.

- Basic WSGI documentation (pipeline / app / server).

- Fix message catalog extraction / compilation documentation.

- Change docs about creating a venusian decorator to not use ZCA.

- Try to better explain the relationship between a renderer and a
  template in the templates chapter and elsewhere.  Scan the
  documentation for reference to a renderer as *only* view
  configuration (it's a larger concept now).

- Create a ``render_view`` that works by using config.derive_view
  against an existing view instead of querying the registry.

- Create a function which performs a recursive request.

- Debug option to print view matching decision.

- Script or paster command that prints, for a given URL, the views
  that might match.  Underneath each potentially matching route, list
  the predicates required.  Underneath each route+predicate set, print
  each view that might match and its predicates.  E.g. with the input
  URL ``/foo``::

    '/foo' (foo_xhr)
       xhr = True
         (no view predicates)
           mypackage.views.MyXHRFooView.__call__

    '/{action}' (action_route)
       request_method = 'POST'
         action = '^foo$'
           mypackage.views.MyView.foo_POST
       request_method = 'GET'
         action = '^foo$'
           mypackage.views.MyView.foo_GET

- Raise an exception when a value in response_headerlist is not a
  string or decide to encode.

- Update App engine chapter with less creaky directions.

- Add functionality that mocks the behavior of ``repoze.browserid``.

- Consider implementing the API outlined in
  http://plope.com/pyramid_auth_design_api_postmortem, phasing out the
  current auth-n-auth abstractions in a backwards compatible way.

- Add doc string for BeforeRender event with more details.

