Since this is a bare class without a module, it needs to be in the `lib`
directory rather than in `lib/tracks` since newer versions of Rails are
more strict about file paths and autoloading.
Parallel assignment is slower than sequential assignment.
Only got the low hanging fruit. There are some functions that
have multiple return values. Fixing this needs more refactoring.
* Remove all methods implementing and checking for the old algorithm
* Document a pre-upgrade step to check for remaining obsolete passwords
* Remove config.salt
Move the get_done_today, get_done_this_week, and get_done_this month
methods into their own class in lib/tracks and use the new class in the
context, project, and todo controllers.
This removes the complexity from the application controller, silos it
off, and slightly reduces the complexity of the other controllers so
that they don't have to duplicate as much code.
The tradeoff here is that the code that was moved out into its own class
was also duplicated in the todos controller due to a different use case
that I didn't see before. This is still an improvement however and so
I'm ok with going back and tackling the extra complexity added to
TodoController at a later date.
This is at least one issue with this
to logout of CAS you need session information but the logout method blows this away so I do the cas log out before the session is killed so the session persistest in rails. Because I needed to move the CAS before filters into login_cas and out of the application to make it work side by side. The user will still be logined into tracks even though their CAS session is closed as the session will still be there.
def logout
@user.forget_me if logged_in?
cookies.delete :auth_token
session['user_id'] = nil
if ( SITE_CONFIG['authentication_schemes'].include? 'cas') && session[:cas_user]
CASClient::Frameworks::Rails::Filter.logout(self)
else
reset_session
notify :notice, "You have been logged out of Tracks."
redirect_to_login
end
end
The other issue I have with this is that:
I could not find a use case for having mixed auth when using CAS. The reason to move to CAS is that all your users use CAS all the time. Even for admin accounts. Moodle is a good example of this in that when you activate CAS the default is that you can now only access moodle via CAS. By allowing mixed auth and self signup you end up with a anyone (the public) being able to sign up for accounts.
Changes you will need to make:
* In your environment.rb, you will need to update references to a few files per environment.rb.tmpl
* In your environment.rb, you will need to specify the local time zone of the computer that is running your Tracks install.
Other notes on my changes:
* Modified our code to take advantage of Rails 2.1's slick time zone support.
* Upgraded will_paginate for compatibility
* Hacked the Selenium on Rails plugin, which has not been updated in some time and does not support Rails 2.1
* Verified that all tests pass on my machine, including Selenium tests -- I'd like confirmation from others, too.
