March 25th, 2003

  • ruakh

authas vs. user

Sorry if this is the wrong place to ask this, but what's the purpose of distinguishing between the form arguments authas and user, as far as page behavior goes? Granted, authas implies that the remote user has the privs necessary to make the requested change without supplying an additional password, whereas user implies that the remote user (if any) is supplying the password for the account they're changing; but it seems as though it would be easier simply to treat them the same way: if there's a password, then confirm it, and if there isn't, then check for the necessary privs. If a bad password is given, then send an invalid-password error; if no password is given and the remote user lacks the necessary privs, then send an insufficient-privs error. (Currently, user with no password results in either a cryptic error message or a partially-prefilled login form, and authas without privs results in an error message and no login form.)

Since it isn't done this way, I assume there's a reason it isn't; but I can't figure out why. Does anyone have any thoughts?
  • wspnut

If someone could give me a hand...

Hey, I am trying to set up my own journal site based on lj's code. Unfortunately, the lj manual boggled me, and sent me over the top and forced me to run and get some headache-medicine ;)

I was wondering if anyone would be able to explain the process to me on how to load the journal code to my site, thanks in advance.

Plan to gently kill off cluster 0 support

Here's what I want to happen soon (tomorrow):

-- get userinfo.bml fixed (waiting on avva)

-- tag CVS as "release-20030326-cluster0" (livejournal, bml, and wcmtools)

-- create a tarball from that tag

-- create a branch from that tag, called "cluster0-branch"

-- back on HEAD, modify bin/upgrading/ to check for users on cluster 0 before alters/updates are done, and tell them to stop upgrading and go read doc/cluster0.txt. (currently we detect users on cluster 0 afterwards and tell them to stop updating from CVS because support will soon go away....)

-- add a new file: doc/cluster0.txt which tells them they can't use this code with users on cluster0 and says how to go fetch the old cluster0 tarball or how to check out that branch from CVS.

-- start removing all the unused cluster 0 tables and code. (which convolutes and bloats the code)