Refactoring and thoughts

Just refactored the app without a net -- yeesh, feels so hackish, looking forward to getting tests working so I can do the agile thing like everyone else.

Refactored the authentication and implemented authorization at the controller action level, based on a Rails Recipe. Looks good and seems to be working again (I hate not having tests!!!)

One thing I noticed was that I did all kinds of bad practices to refactor the code and it wasn't difficult to gets the app working again. That's totally badass that I can hack at the code with a blunt machete and still end up with something that works. (I hate not having tests!!!!)

My thoughts: I love resouces_controller, what a kick-ass plugin! It handles enclosing resources (the opposite side of scope for associations) and all kinds of restful routing. I'm still learning how to use it but it looks truly phenomenal. Like it keeps the requests safe and channeled into proper actions. Way cool!

Found a plugin/gem/generator called SecurityModel. Looks like another plugin, like acts_as_state_machine, that I can hack and hopefully give back to the community with enhancements and tests. It overrides Rails accessors to implement permissions at the model attribute level. Way cool and apparently it works but it's trying to do too much, implementing authentication and multi-level access. It would be better if the code for the model security were extracted and refactored into something that was focused and stable with good testing.

I think these two plugins (acts_as_state_machine and ModelSecurity) will be part of the core of the new app so I may create two development projects so I can study them and build specs and refactor them. That will help me understand what they do and get on the BDD band wagon and hopefully whip them into a new shape that I can offer back to the community.

Sent an email to the Heroku folks introducing the app. Heroku looks like a potentially good home for the app since it offers scaling, easier deployment, the ability to modify the code remotely from practically any machine, seemingly stable/no fuss hosting and access to hella bad ass coders and funding. Looking forward to hopefully launching the app there.