MrDys
commented
12 years ago Original reporter: jrochkind
Closed MrDys closed 12 years ago
MrDys
commented
12 years ago Original reporter: jrochkind
MrDys
commented
12 years ago jrochkind: mention alternate User class name and how to do it in README.
CODEBASE-312: Right now while BL doesn't include auth, it does insist auth be available or it won't work.
It also includes in the README some documentation on the specifications of what the auth in your local app should look like to be usable by BL.
Suggest it should fall back when no auth is available to still work, without auth features. Possibly whether auth is available can be determined by the presence of "new_user_session_path" method. If it's not available:
1) user_util partial should not display 'login' link. 2) Actions protected to require auth should not raise unexpectedly on missing #current_user, but if current_user method doesn't even exist should still raise Blacklight::Exceptions::AccessDenied -- the thing that catches the AccessDenied, seeing there being no new_user_session_path to redirect to, should instead display a message "Action requires authentication, which is not implemented in this app" or something like that.
Ideally we would have automated tests for this complete "no auth" situation, not sure the best way to do that. (rspec only seems more likely. I think rspec in rails3 should have fewer problems with testing views and such?).
Additionally, there is documentation in README on how to implement your own auth. Nice job dfunk. I think this might be missing a few things (How to use a model name other than User?). Also, ideally, we would have automated tests that prove that our intended specification for a local auth is true, prove that implementing what we spec works.
FIXED the readme with greater detail on how to make things work when using a different type of user authentication. TESTED the use of Blacklight with a Person model rather than a User model - (Also note that Virgo, UVA's blacklight instance does not use Devise, and is working correctly with an alternate user model). ADDED additional cucumber tests to build blacklight in multiple configurations, and extended one of the tests to actually run all of the blacklight and rspec and cucumber tests on a test application.