couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sam Bisbee <sbis...@computervip.com>
Subject Re: authentication cleanup
Date Sun, 03 Jan 2010 19:50:05 GMT
On Sun, Jan 03, 2010 at 08:31:19AM -0800, Chris Anderson wrote:
> On Sun, Jan 3, 2010 at 5:28 AM, Benoit Chesneau <bchesneau@gmail.com> wrote:
> > Just tested it, admin creation seem to work during the test I've done
> > at least admin user is created, for the rest I don't know, am not sure
> > yet what could be done with the changes, I need to have a closer look
> > in the code for it. There is a bug you mentioned in another mail with
> > tests, if we are loggged out, test fails and logically tests requiring
> > auth failed, to follow one of your proposal, I think we should add a
> > warning on top of tests saying that an admin user exists and tests
> > will fail; something like it.
> 
> I was thinking we could even add some code which loads the admin
> config into a cookie, and then clears admins. When the tests are done
> it can re-configure the admins.

This scares me: if the browser/client crashes while the tests are running, then
you've likely lost your admin config. Also, you're leaving yourself unprotected
for the length of the tests if it's a live system (doesn't even have to be
production, just on the 'net).

-- 
Sam Bisbee

Mime
View raw message