Hola, Jorge. On Tuesday February 24, 2009 06:54:38 Jorge Vargas wrote: > ok you win :) > > It seems you have put a lot more work into this than I did and I do > think your solution is a lot better, sadly I have to object for some > little parts. > > I have trim this down to only those parts, everything else I agree 100%
Cool :) > > Then, you can use a test case like the one below to test authentication > > itself, as it will behave in the real-world: > > > > <===== > > class TestAuthentication(unittest.TestCase): > > just wondering why make it a TestCase instead of a TestClass for nose > to sniff? a while back we decided to standardize on nose and even > though some TG code still uses TestCase ideally all new stuff should > use nose. I had no special reason. I'm open to use another base class. > > Finally, this is how I'll implement this: > > 1.- I have a repoze.who plugin which acts as identifier and challenger > > to make the tests above possible. > > > > > > 2.- I'll make repoze.what-quickstart use it, replacing the default form > > plugin, when we're asked to skip authentication. > > > > > > Now, I can integrate this functionality nicely in TG2 if you accept it. > > The implementation would be simple and backwards compatible: > > 1.- We'd have to add one line to test.ini (under [DEFAULT]), in the > > quickstart template: > > skip_authentication = True > > I believe mark said there is an environment variable for this > paste.testing I think, why can't we use that? No, because we need to know if we're going to skip authentication while adding the middleware. So environment variables won't work. > > 2.- Next, pass the value of this variable, if defined, to repoze.what- > > quickstart. Specifically, I'd have to pass its value as an argument to > > tg.configuration:AppConfig.add_auth_middleware(), which will pass it to > > repoze.what.plugins.quickstart:setup_sql_auth(). > > yea so instead of passing pick it up from the env. The environ won't be defined at that point, yet. > > I hope I've made the problem clear. I'm absolutely convinced that this is > > the way to go and I want to correct it in TG2 apps. > > I also agree with Florent both classes (one for authentication, and > one for /secure) should be added to the quickstart. I say /secure > because it will be great for the tests to mimic the examples in words > that the templates have. Bonus points if we get one for /admin :) +1, once we solve this: http://groups.google.com/group/turbogears- trunk/browse_thread/thread/f366286ebde22528 > Also keep in mind a fix (mainly unnoticed) I did to the unitesting of > tg.devtools now should warn you if you broke something as it has a > nice test that will quickstart a project with auth and then run it's > unitests, therefore in theory you can modify this a lot and it will > make sure you don't break things. So we can finally be more confident > about changing quickstart without breaking stuff. > > The only drawback it has now is that you still need to manually > quickstart with auth=no or geo=yes as I couldn't find a way to test > different flags. OK, thanks for the warning! :) Saludos, -- Gustavo Narea <http://gustavonarea.net/>. Get rid of unethical constraints! Get freedomware: http://www.getgnulinux.org/ --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears Trunk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/turbogears-trunk?hl=en -~----------~----~----~----~------~----~------~--~---
