===============================
Porting Five to Zope 3.1+ notes
===============================

Introduction
------------

Five needs to work in Zope 2.9. Zope 2.9 will ship with Zope 3.2. This
means Five will need to work with Zope 3.2. Since Zope 3.2 doesn't
truly exist yet we'll target Zope 3.1 for now.

A Five Roadmap
--------------

Here is a tentative Five roadmap:

Five 1.1 is to be released shortly, and its main feature is a
refactored directory structure and Zope 3 i18n for Zope 2. It's still
targeting the Zope X3.0 that's in Zope 2.8.

Five 1.2 is still targetting Zope 2.8, and its main expected feature
is support for local utilities.

Five 1.3 is targetting Zope 2.9 and thus Zope 3.2. We're talking about
this release of Five in this document.

Main problem
------------

Zope 3.1 has internal changes that Five needs to support. Five works
by reimplementing ZCML statements it supplies in the context of Zope
2. This reimplementation is hard to maintain, as for each Zope 3
upgrade we need to review all these ZCML statements and port them into
Five again.

The straightforward way to start supporting Zope 3.1+ with Five would
be to review all the ZCML statements in Five and update them to work
with Zope 3.1+.

A more ambitious but nicer solution would be if we could reuse the
Zope 3 ZCML statements directly. If we could accomplish this,
maintainability of Five would be improved by a lot. Far less review of
Five would be necessary for each Zope 3 upgrade. In the rest of this
document we'll be discussing this scenario.

Reasons for Five's modified ZCML statements
-------------------------------------------

Five ships with modified implementations of Zope 3 ZCML statements for
a number of reasons:

* could not use new-style classes that are in Zope 3 due to
  ExtensionClass.

* Five views need to work with the Zope 2 publisher, and this expects 
  different things than the Zope 3 publisher.

* cannot use the Zope 3 security system, while the Zope 3 ZCML calls
  into this to configure it.

* Five views need to work with the Zope 2 security system. This means
  Five needs to issue Zope 2 style security declarations for views.

We'll go into more detail about each of these points below.

New-style ExtensionClass
========================

Five needed to be compatible with Zope 2.7, which uses old-style
ExtensionClass. This made life difficult for Five, as Zope 3 uses
new-style Python classes in many places. It's not easy to mix the two.

Zope 2.8 changed to allow new-style ExtensionClasses, which are
compatible with new-style Python classes. This means Five can
hopefully be simplified as we can forget about old-style
ExtensionClasses.

Five views need to work with the Zope 2 publisher
=================================================

The Zope 2 publisher expects something quite different than the Zope 3
publisher. 

* does what is returned to the publisher need to inherit from
  Acquisition.Explicit? (security reasons?)

* we may need something that calls the right methods on the Zope 3
  view (such as browserDefault, __call__ and publishTraverse)

Cannot use the Zope 3 security system
=====================================

Do the Zope 3 security calls get in the way? Five currently removes
these calls, but perhaps doing the calls does not harm.

If they do interface, we could perhaps still trick things into
working harmlessly.

Five must issue Zope 2 security declarations for views
======================================================

This cannot be done by the ZCML implementation of Zope 3. We could
hopefully do this by following the following pattern::

  def our_directive_implementation(...):
      original_directive_implementation(...)
      do_the_zope2_work(...)
