morenoh149
commented
9 years ago @JedWatson I'm starting to feel like cloudinary should be something user's opt-in. The demo site can have the dummy key but generated sites shouldn't.
Open Zerim opened 9 years ago
morenoh149
commented
9 years ago @JedWatson I'm starting to feel like cloudinary should be something user's opt-in. The demo site can have the dummy key but generated sites shouldn't.
JedWatson
commented
9 years ago I'm on the fence about this one. We actually note it very clearly in the generator - it says that if you don't specify a key we'll give you a demo one... a better option would, of course, be to actually integrate with Cloudinary and sign up a new account. I'll ping them about that.
@Zerim If you can suggest a place where a warning would help make it clearer, let me know and I'll add it, since you missed the one that is there (means its not doing its job well enough)
@morenoh149 Unfortunately without it, we'd be losing a lot of functionality in the generator around correct image sizing for blog posts and the gallery. Until there's something we can replace that with, I'm not keen on taking it out.
Zerim
commented
9 years ago @JedWatson
Thanks for the response. Didn't realize the generator noted the default behavior w/ the public Cloudinary account... My user behavior was to quickly accept the defaults, since I had no prior experience with Keystone and didn't think I had any context that I thought would lead me to do otherwise. I see now that that was a poor assumption.
After running the generator, the primary documents I referenced while kicking the tries were: http://keystonejs.com/docs/getting-started/ http://keystonejs.com/getting-started/ (which advocates running the generator)...
A warning in either of these documents probably would probably have gotten my attention.
Thanks!
By default, the generator sets CLOUDINARY_URL in the .env file to a public demo Cloudinary account.
So immediately after running the generator and kicking the tires, accidentally loaded a bunch of my client's images to the public Cloudinary (removed them manually via the API since I didn't have access to the web app login, which was a bit of a pain).
Wouldn't have been a big deal in this case, but being new to Keystone was certainly not expected behavior for me running essentially a "hello world" on my local dev box, that my files would be sent to some public third party service.
This default behavior currently not documented anywhere (eventually found it mentioned in one Github issue).
At the very least seems like a documentation issue, if not a functional issue.