- Sync with Python version.  Notably, move check of user's roles *below*
   the test of ownership and proxy roles, which makes the error handling
   *much* cleaner.

 - In the case that we have a stack, but the top *doesn't* have proxy roles,
   fall back to the user roles.

 - In the case that we have a stack, and the top *does* have proxy roles,
   skip checking the user roles altogether (proxy rolse replace user roles).

Use the "wrapped" owner when testing context inside proxy roles.

Therfore, move check of user's roles to end, since  proxy roles make the user's
roles irrelevant.  This also simplifies the C version, as well, since we don't
need to worry about setting the result back to NULL if we haven't assigned it
when an error occurs.

Incorporate comments from the C version (so that correspondence is clearer).

of a re-index.

o The new tests are amphibious:  they exercise both the Python and the C
  implementations, ensuring that they remain in sync.

Fixed problem with security.setPermissionDefault when the permission
wasn't used anywhere else in the class to protect methods.

Collector #1891:  Backported changes to ZCatalog regression tests, removing use of 'whrandom' (and its 'seed' function).

Collector #1621:  Added BBB alias for 'whrandom' in AccessControl/DTML.py and RestrictedPython/Utilities.py.

The alias will be removed in Zope 2.10.

Collector #1894:  updated docstrings, removing references to whrandom.

- replaced url_quote by html_quote for hidden add value (pushing the add button escapes the value again)

Warn when an attempt is made to have a security declaration on a
nonexistent method. Removed one such method.

Fixed unclear security declarations. When bug 761 was fixed,
declareProtected(perm) was made illegal, at least one method name was
required. This checkin does the same for declarePrivate() and
declarePublic().

Also there was a bug in that a class having:
  security = ClassSecurityInfo()
  __ac_permissions__ = ((perm, ()),)
was not equivalent to a class having:
  __ac_permissions__ = ((perm, ()),)
This first form had as a buggy side effect have the behavior of
  __ac_permissions__ = ((perm, ('')),)
which is equivalent to
  __roles__ = PermissonRole(perm)
Not it will simply make the permission available from this object
(with default roles).

request.  I wonder when we can retire ZPublisher and use zope.publisher
instead.

- ZCTextIndex now accepts lexicons with the z3 interface

- removed all dependencies on that support

This should repair PySECURITY_ATTRIBUTES problems that
(mostly) Plone users report using recent Zopes on
Windows.

This change is in the 2.8.4 Windows installer I just
published on zope.org.  Alas, the 2.8.4 tarball there
(and the 2.8.4 tag) differs from the source used to build
the 2.8.4 Windows installer (by this one character,
bumping W32ALLVERSION in inst/WinBuilders/mk/python.mk).

- replaced url_quote by html_quote for add list values (pushing the add button escapes the value again)

there were pyc files around. Sigh.

Added tests for restrictions on augmented assignment and for handling
generator expressions.

object through an augmented assignment (aka inplace) operator.

object through an augmented assignment (aka inplace) operator.

Also added handling for generator expressions.

never need these again, but that's what I said the last time I had to
rediscover how this worked. :)

Collector #1926:  add tests for both not-yet-encrypted and pre-encrypted passwords handed to '_doAddUser'.