Refactor to use zope.globalrequest and the decorator package.

[lrowe]

Following suggestion from @davisagli, this makes the protect decorator easier to use with z3c.form.

[lrowe]

I'm a little worried about the potential for misuse with z3c.form button handlers, for instance:

class A(Form):
    @buttonAndHandler(u'Submit')
    @protect(CheckAuthenticator, PostOnly)
    def handle_submit(self, action):
        # Protected

class B(Form):
    @protect(CheckAuthenticator, PostOnly)
    @buttonAndHandler(u'Submit')
    def handle_submit(self, action):
        # Unprotected

This second button handler is in unprotected because the @buttonAndHandler() decorator has already registered the raw function before the @protect decorator is executed. This will currently raise an error (buttonAndHandler returns the function wrapped as a Handler object which the decorator module barfs at) but we'd want to try and work out if there are other similar potential uses that might not raise an exception.

[lrowe]

For the record, the decorator package this branch depends on is BSD licensed: http://pypi.python.org/pypi/decorator