Closed MrDys closed 12 years ago
Original reporter: danfunk
cbeer: Hi all,
I took a stab are removing the hard requirement on user authentication in the blacklight app. There's probably elements that can be improved, but at least it will run. I'll try to add documentation (although it should 'just work') and fix up any generator warnings next week
Chris
On Oct 21, 2011, at 3:55 PM, Chris Beer (JIRA) wrote:
[ http://jira.projectblacklight.org/jira/browse/CODEBASE-325?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Resolution: Fixed
Fix Version/s: (was: 3.3) 3.2
Maybe?
https://github.com/projectblacklight/blacklight/commit/d3ee1335d2f05d6ee6b82b0e539a920aa3efa259
Key: CODEBASE-325
URL: http://jira.projectblacklight.org/jira/browse/CODEBASE-325
Project: Blacklight Plugin
Issue Type: New Feature
Affects Versions: 3.0 Reporter: Dan Funk Assignee: Chris Beer Fix For: 3.2
On Blacklight installation (rails g blacklight) it should be possible to provide an argument that will install Blacklight without requiring a user model or authentication system or installing a default one. This new feature should include 1) user_util partial should not display 'login' link. 2) Actions protected to require auth should not raise unexpectedly on missing #current_user, but if current_user method doesn't even exist should still raise Blacklight::Exceptions::AccessDenied -- the thing that catches the AccessDenied, seeing there being no new_user_session_path to redirect to, should instead display a message "Action requires authentication, which is not implemented in this app" or something like that. 3) Automated tests for this complete "no auth" situation
For more information on JIRA, see: http://www.atlassian.com/software/jira
cbeer: Batch move to 3.0.1
CODEBASE-325: On Blacklight installation (rails g blacklight) it should be possible to provide an argument that will install Blacklight without requiring a user model or authentication system or installing a default one. This new feature should include
1) user_util partial should not display 'login' link. 2) Actions protected to require auth should not raise unexpectedly on missing #current_user, but if current_user method doesn't even exist should still raise Blacklight::Exceptions::AccessDenied -- the thing that catches the AccessDenied, seeing there being no new_user_session_path to redirect to, should instead display a message "Action requires authentication, which is not implemented in this app" or something like that. 3) Automated tests for this complete "no auth" situation