==================
HISTORICAL CHANGES
==================

1.5-beta (2007-03-03)
---------------------

  Bugs fixed

    - LDAPMultiPlugin.enumerateUsers: If no useful search criteria are
      given (meaning no user ID or login is specified), fabricate a
      criteria set that will return all users, this is the expected
      behavior when calling enumerateUsers.

    - LDAPMultiPlugin.enumerateUsers: When iterating over search results
      from the user folder we now look for the special "fake result"
      emitted by the user folder if there is an error. Not elegant, but
      needed until error handling is changed in the LDAPUserFolder.

    - Instead of throwing exceptions, the ActiveDirectoryMultiPlugin
      will now log error conditions and continue, with a patch from
      Mark Hammond.
      (http://www.dataflake.org/tracker/issue_00554)

    - Adjusted an import that has been removed from the
      PluggableAuthService utils module.
      (http://www.dataflake.org/tracker/issue_00542)

    - Remove the ICredentialsUpdatePlugin implementation - it was
      implemented wrongly and should not have been part of the contract
      at all due to an interface misunderstanding.
      (http://www.dataflake.org/tracker/issue_00539)

  Other

    - Moved the PluggableAuthService dependency up to version 1.4


1.4 (2006-10-16)
----------------

  Bugs fixed

    - The ActiveDirectoryMultiPlugin did not ensure to correctly
      escape search filters it constructed internally.
      (http://www.dataflake.org/tracker/issue_00507)

    - The add form selection whether or not to use SSL for the LDAP
      server connection was not handed through correctly, identified
      by Olivier Nicole (http://www.dataflake.org/tracker/issue_00526)

  Other

    - Revamped the way recursive group memberships are found and applied,
      not sure if the previous implementation was a bug or not. Many thanks
      to John Hannon for a patch. This change includes the ability to 
      specify a nesting depth to which the recursive search will go.
      (http://www.dataflake.org/tracker/issue_00513)

    - Added some notes on how to enable caching using the ZCacheable
      mechanism


1.3 (2006-07-29)
----------------

  Bugs fixed

    * Update the enumerateGroups method to use the new LDAPUserFolder
      method "searchGroups". This changes the LDAPUserFolder dependency
      to version 2.7. Patch provided by Leonardo Rochael Almeida.

    * The ActiveDirectoryMultiPlugin enumerateUsers method would only
      search correctly if login or id were explicitly specified 
      (thanks to Sidnei da Silva for the patch).

    * Make sure to apply the same checks for user existence in
      getRolesForPrincipal that are used by getPropertiesForUser
      (http://www.dataflake.org/tracker/issue_00503 by Riccardo Lemmi)

    * Fixed the enumerateUsers implementation to be more efficient and
      use the new searchUsers method on the LDAPUserFolder (thanks to
      Wichert Akkerman for the problem description and solution)

  Other

    * Added simple caching of groups information, provided by 
      Leonardo Rochael Almeida.

    * Software dependencies are now documented in a separate 
      DEPENDENCIES.txt file. Please note that the packages mentioned
      in DEPENDENCIES.txt may have their own dependencies that must be
      satisfied as well.

    * Replaced all zLOG usage with equivalent calls into the Python
      logging module, and reducing the chattiness coded into the
      ActiveDirectoryMultiPlugin (INFO -> DEBUG)

    * Started on a test suite


1.2 (2006-03-02)
----------------

  Bugs fixed

    * In order to avoid duplicate search results, the enumerateUsers
      method used a simple dictionary to store DNs for records that
      were already processed. However, the keys put into this dictionary
      were munged and really could not be compared to raw search
      result DNs anymore. Thanks go to Wichert Akkerman for spotting this
      obvious error (http://www.dataflake.org/tracker/issue_00485).

    * Speed up enumerateGroups by letting the LDAP server do more of
      the filtering (thanks to Wichert Akkerman,
      http://www.dataflake.org/tracker/issue_00483)

    * Applied a performance fix to the ActiveDirectoryPlugin's
      _recurseGroups method (thanks got to Mark Hammond for the patch,
      http://www.dataflake.org/tracker/issue_00476)


1.1 (2005-10-29)
----------------

  Bugs fixed

    * The LDAPMultiPlugins ignored default roles configured on the
      LDAPUserFolder and would not add it to the set of roles
      computed (seen by Sidnei da Silva).

    * enumerateUsers now allows you to do exact-match searches on 
      attributes other than just the user ID and login (patch
      by Sidnei da Silva). **Note**: This code now requires
      LDAPUserFolder versions 2.6 or higher, which support exact 
      match searches using LDAPUserFolder.findUsers.


1.0 (2005-08-18)
----------------

  Other

    * The interface machinery expected by the PluggableAuthService has
      been changed to use Zope 3-style interfaces. Thanks go to Leonardo 
      Rochael Almeida who provided a patch to fix the resulting breakage.

    * Changed the initialization code for the plugins to conform to the
      changed initialization code in the LDAPUserFolder product versions
      2.6beta3 and up.


1.0beta3
--------

  Other

    * Changes to the way the user IDs are mangled/unmangled to be in line
      with the changes in the latest PluggableAuthService code
      (Patch provided by Mark Hammond)


1.0beta2
--------

  Bugs fixed

    * When retrieving properties for a user, None values have to be
      converted to an empty string to prevent the user propertysheet
      machinery from blowing up trying to guess what kind of 
      property a None value could represent.


1.0beta1
--------

  Bugs fixed

    * Role retrieval was broken, small fix involves changing a call to the
      LDAPUserFolder


LDAPMultiPlugins 0.9
--------------------

  First public release

