MrDys
commented
12 years ago Original reporter: jrochkind
Open MrDys opened 12 years ago
MrDys
commented
12 years ago Original reporter: jrochkind
MrDys
commented
12 years ago cbeer: Batch move to 3.0.1
CODEBASE-326: The instructions for BL 3 explain how to roll your own auth instead of using Devise, the specify (in the README, in human-readable form only) exactly what you need to do in an auth system in order to have BL work correctly with it.
It seems to me this should be CI tested. If ever there was a case for automated testing, this seems like it to me -- instead of just human-readable instructions on how to roll your own auth, we really ought to have automated spec's for this, that serve to verify those instructions are accurate, and if you roll your own auth according to the specs, it really will work. Such automated specs can also serve as pretty good documentation themselves, probably.
(Note this is a DIFFERENT issue than making BL work with no auth at all).
However, even though it seems clear to me that this ought to be done, it is not entirely clear HOW to do it, and I admittedly don't have time to do it myself, and probably nobody else does either.
So maybe this is not a blocker for 3.0? I think it is worth discussing on the conf call though, just so everyone understands the issue. It does seem to be regrettable that we commit to supporting roll-your-own-auth in the README, but do not actually ensure with automated testing that that contract is fulfilled, that roll-your-own-auth according to those instructions will work.