architecture

Joomla has announced availability of new ACL: http://is.gd/iA5B and they seem pretty excited about it. Is that something for Drupal community to be jealous of?

If you come from a Java/J2EE background the clear answer is: NO (yes, in capital letters). You have to actually suffer from a structured, strict ACL to really appreciate the simplicity of a security system like that of Drupal.

Now, you may argue that Drupal security is slightly over-simplistic and too code-oriented (makes us, the developers happy) for "business" use.

OK, but it does not have to be a "hierarchical ACL" or strings-based security. A flexible, rules-based security system may be the answer?

Zed Shaw, of the RoR world, has some very interesting things to say on the subject:
http://vimeo.com/2723800

InfoQ has published a very insightful discussion between Jim Coplien and Bob Martin about some advanced aspects of test-driven-development, unit-testing and software architecture. It's been a while since I have listened to a wise discussion about software architecture like this one.

Check it out: http://www.infoq.com/interviews/coplien-martin-tdd

In case you are wondering, I definitely agree with Jim. Bob is taking TDD way too far, for the sake of "code-purity", rather than business need and I have no interest in that kind of nerdiness :)

To give one example, Bob claims that writing a production code without a unit-test, in 2007, is irresponsible and unprofessional. Too radical! Most of Linux is written without unit-tests, most of Drupal is written without unit-tests. Both of them are awesome examples of quality code that "just works". And the reference to "2007" is just lame. Whatever worked 10 years ago, still does.

Yes, we may have learned some new things and there is definitely some merit to unit-testing, but no production code without a unit-test? Whatever, dude!