________________________________ From: Charlie Garrison <garri...@zeta.org.au>
> The fix is given in the warning message, eg: > > __PACKAGE__->config(default_view => 'TT'); # or whatever the name of your > view is. > > Then you have a 'default' view for your app and Catalyst doesn't need to > choose one at > random. AutoCRUD is adding another view and Catalyst doesn't know which one > to use by default. Many thanks to you and Denny for clearing this up for me. > > I'm using Catalyst::Controller::ActionRole and a custom role to ensure > > that certain urls can only be accessed by those with admin privileges. I > > can't tell how to hook this into AutoCRUD. I suppose I could write a > > custom subclass of the plugin, so this is the least of my issues. > > How about using C::P::Authorization::ACL, eg: > > __PACKAGE__->deny_access_unless( > "/autocrud", > [qw/admin/], # user must have role 'admin' > ); Actually, after some discussion with the AutoCRUD author, it was generally agreed it would be safer to not integrate AutoCRUD directly into my app. A different app running on a different domain/subdomain and setting security at the server level seems more appropriate. This is because the author made it clear that authz was not a design concern and the internal URLs vary widely. Rather than risk opening up a hole to the database, separating this is much safer. Cheers, Ovid -- Buy the book - http://www.oreilly.com/catalog/perlhks/ Tech blog - http://blogs.perl.org/users/ovid/ Twitter - http://twitter.com/OvidPerl Official Perl 6 Wiki - http://www.perlfoundation.org/perl6 _______________________________________________ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
