(cc-ing mailinglist) Sounds good.
I think we could go for both Devise (http://railscasts.com/episodes/209-introducing-devise) and OmniAuth (http://railscasts.com/episodes/235-omniauth-part-1). The first to replace the self-made login logic and the second to integrate other authentication services. Since our admin role is very simple (he can only add/manage other users) a simple boolean column admin should suffice like it is explained on the wiki of Device. I do not think something like CanCan is necessary The problem is that we need to be on rails3 for these gems AFAICS... And we need a good migration strategy for current Tracks users / sessions table to the new situation. Reinier > -----Oorspronkelijk bericht----- > Van: Stefan Richter [mailto:[email protected]] > Verzonden: maandag 20 juni 2011 16:14 > Aan: Reinier Balt > Onderwerp: RE: [Tracks-discuss] migration and what is next > > I would generally like to allow more external services for authentication, like > OpenID and OAuth. In order to achieve that I would probably use OmniAuth. > As we probably still want to have simple username-password authentication, > but probably need a major refactoring for the first thing already, I would also > "outsource" this to a separate gem like authlogic or devise. Also I would > recommend on not treating the admin-user any different and therefore also > look into some general role/rights management (to be honest, I am not sure, > what is already there in this field...) > > How does this sound? > > -stefan > > -----Original Message----- > From: Reinier Balt [mailto:[email protected]] > Sent: Thursday, June 16, 2011 3:22 PM > To: Stefan Richter > Subject: RE: [Tracks-discuss] migration and what is next > > Sure. But before you start coding, let us discuss direction. Can you tell me > what you are thinking about? > > Reinier > > > -----Oorspronkelijk bericht----- > > Van: Stefan Richter [mailto:[email protected]] > > Verzonden: donderdag 16 juni 2011 14:41 > > Aan: Reinier Balt > > Onderwerp: Re: [Tracks-discuss] migration and what is next > > > > Hi Reinier, > > > > concerning the login system, I would really like to improve on that > > and > have > > been thinking about the best solution... would you be ok with me doing > > some spike into that direction? > > > > -stefan > > > > Am 14.06.2011 um 16:18 schrieb Reinier Balt: > > > > > Hi All, > > > > > > First a heads up: I have merged the work of 02strich and myself to > > > update the act_as_state_machine plugin (AASM). In order to run the > > > latest master you need to migrate your database > > > > > > I have started to "plan" 2.1 and 2.2 in Assembla. My general plan > > > would be > > > * I'd like to work on visible functionality in 2.1, like better done > > > view, better tag selection, etc. > > > * I'd like to postpone rails3 upgrade until 2.2. Well, actually I'd > > > like to skip rails 3 and go straight for 3.1 because of the nice > > > asset pipelining in > > > 3.1 that will help us clean up the css/js mess > > > > > > And of course merge any complete working code that is contributed > > > > > > 2.1 > > > --- > > > I have made a selection of possible tickets for 2.1 of which I > > > certainly want to do the high priority stuff, i.e. the priority on > > > the tickets is my personal priority :-) If you like visible stuff to > > > be considered, let's discuss it here. I'd like to keep the database > > > changes to a minimum to ease maintenance of 1.7/2.0/2.1, but for 2.2 > > > it may be inevitable to make database changes. > > > > > > 2.2 > > > --- > > > We need to migrate to rails3.x because a lot of gems/plugins are not > > > (fully) maintained for rails2.x. Unfortunately some gems/plugins > > > will not work for rails 3 either. > > > > > > So for 2.2 I want to drop > > > * webservices, rely on REST only > > > * selenium-on-rails (go for cucumber+selenium, possibly replace > > > webrat) > > > * resource_feeder (perhaps in 2.1) > > > * openid and ldap if the plugins do not work on rails3. Perhaps we > > > may need to migrate the self-made login system to omniauth / devise > > > to bring the authentications back. This enables us to remove the CAS > > > code too, since it is supported by omniauth > > > > > > The codebase is not in a very good state. The functionality is > > > working fine, but we have a lot of old code from old rails versions > > > that can be > > improved. > > > Especially the login system and the todos_controller are hard to > > > maintain, but also the tweaking in the test setup. I am considering > > > taking these up for 2.2. I did a first pass with the jquery upgrade, > > > but > more > > is needed. > > > > > > What do you think about all of this? Do you see different priorities? > > > Is there a ticket missing in 2.1 or 2.2? > > > > > > Reinier > > > > > > > > > > > > _______________________________________________ > > > Tracks-discuss mailing list > > > [email protected] > > > http://lists.rousette.org.uk/mailman/listinfo/tracks-discuss > _______________________________________________ Tracks-discuss mailing list [email protected] http://lists.rousette.org.uk/mailman/listinfo/tracks-discuss
