| Thread Previous • Date Previous • Date Next • Thread Next |
On 28/07/10 02:32, Jonathan Lange wrote:
On Tue, Jul 27, 2010 at 2:05 PM, Jeroen Vermeulen<jtv@xxxxxxxxxxxxx> wrote: ...I'm inclined to agree with Abel: it's still better for us to run into test complications and be regularly worried about security proxies than to lose the mental reinforcement of the security model. Lose the reinforcement and we'll gradually lose our inhibitions w.r.t. creating unproxied objects.Do you have an example of a problem we've caught because we were using security proxies in our model tests? Even a contrived example of the kind of problem we catch would help.
One would be a typo in the interface definition. For example: class IThing: branchs = Choice(...)The unit tests for Things, if not using proxies, could happily assign to and read from 'branches', but the 'real' code (e.g. accessing it via a secured utility in the browser) accessing branches would blow up.
Is that the sort of thing you meant?To me it all just seems to be an extension of the 'go in through the front door' test principle: you should use the SUT in the test in a way close to how it's actually going to be used in anger.
Cheers, mwh
| Thread Previous • Date Previous • Date Next • Thread Next |
