Mine too.<br><br><div><span class="gmail_quote">On 6/7/06, <b class="gmail_sendername">Deb Lewis</b> <<a href="mailto:djlewis@acm.org">djlewis@acm.org</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>
<div>
<div dir="ltr" align="left"><font color="#0000ff" face="Arial" size="2"><span>response interspersed below.</span></font></div>
<div dir="ltr" align="left"><font color="#0000ff" face="Arial" size="2"><span></span></font> </div>
<div dir="ltr" align="left"><font color="#0000ff" face="Arial" size="2"><span>~ Deb</span></font></div><br>
<div dir="ltr" align="left" lang="en-us">
<hr>
<font face="Tahoma" size="2"><b>From:</b> <a href="mailto:masterview-devel-bounces@rubyforge.org" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">masterview-devel-bounces@rubyforge.org</a>
[mailto:<a href="mailto:masterview-devel-bounces@rubyforge.org" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">masterview-devel-bounces@rubyforge.org</a>] <b>On Behalf Of </b>Jeff
Barczewski<br><b>Sent:</b> Wednesday, June 07, 2006 12:28 PM<br><b>To:</b>
<a href="mailto:masterview-devel@rubyforge.org" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">masterview-devel@rubyforge.org</a><br><b>Subject:</b> Re: [Masterview-devel] A few
observations from MV usage<br></font><br></div></div><div><span class="q">
<div></div>
<div>1) agreed, generated comment is only for erb files as it currently is. (Are
we ok not putting anything in other files??, should we think about doing that?
For now let's keep it simple, but someday we may want to have different comment
types for different types of files, so users know this is
generated. <br><span><font color="#0000ff" face="Arial" size="2"> </font></span></div></span></div><div>
<div><span><font color="#0000ff" face="Arial" size="2">I
thought about allowing diff comments for diff types but files, but then decided
that's ridiculous overkill. We can invent that in the future if
needed.</font></span></div></div></div></blockquote><div><br><br>Absolutely. Let's keep it simple, it will get complicated enough on its own. We can add when needed.<br> </div><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div><div><div><span><font color="#0000ff" face="Arial" size="2"> ...</font></span></div></div><div><span class="q"><font color="#0000ff" face="Arial" size="2"></font>
<div><br>4) I thought about doing a variety of schemes for user authentication,
even something as simple as having a set user password and only doing it in
development, etc. However I went with the simplest approach at first figuring
there are many ways to skin this. <br><br>I had used the engines version of RBAC
for a project and that worked out pretty nice because it was pretty unintrusive.
Bolt on authentication is nice. However I didn't want to put any big
dependencies on things since the current plugin mechanism doesn't have a nice
way to do dependencies (that I am aware of) so users have to manually install
prerequisites or one has to bundle them in (which is generally not the best
way). I think eventually plugins will move toward something more like gems, but
the gems system needs to be made easier to use without root access (for shared
servers). <br><span><font color="#0000ff" face="Arial" size="2"> </font></span></div></span></div><div>
<div><span><font color="#0000ff" face="Arial" size="2">I
don't have an answer for this yet, just want us to be thinking about it.
And no, we certainly shouldn't have any big dependencies in the core MV
plugin. </font></span></div>
<div><span><font color="#0000ff" face="Arial" size="2"></font></span> </div>
<div><span><font color="#0000ff" face="Arial" size="2">Maybe
someday there's MV add-ons if it made sense to standardize hookup with
something widely used, but it doesn't seem that area of the rails world has
settled into anything standard yet. </font></span><span><font color="#0000ff" face="Arial" size="2">There are several
diff auth schemes out there, including really simple roll-your-own, and no
precedent in place for standardized protocol that we could leverage to
auto-detect whether/how to filter access.</font></span></div>
<div><span><font color="#0000ff" face="Arial" size="2"></font></span> </div>
<div><span><font color="#0000ff" face="Arial" size="2">FWIW
I'll likely to end up doing something with Bruce Perens' ModelSecurity for my
own app infrastructure, after incomplete initial research into available
options. Or possibly ActiveRBAC - not sure. I want to be able to
start with something relatively simple, but with notions of roles and
permissions in the foundation so I can scale in the future to more sophisticated
schemes as needed.</font></span></div>
<div><span><font color="#0000ff" face="Arial" size="2"></font></span> </div>
<div><span><font color="#0000ff" face="Arial" size="2"><a href="http://perens.com/FreeSoftware/ModelSecurity/Tutorial.html" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">http://perens.com/FreeSoftware/ModelSecurity/Tutorial.html
</a></font></span></div>
<div><span><font color="#0000ff" face="Arial" size="2"></font></span> </div></div></div></blockquote><div><br><br>Thanks, I'll check Bruce's stuff out.<br> </div></div><br>