I'm evaluating DBIx::Class and Catalyst for an application accessing an existing PostgreSQL database that contains its own buisness logic and which implements its own per-user access control. All potential users of the application will also be users in the PostgreSQL database. I believe that I will need to arrange for all interaction with the database during any one request to take place as if it was using a database connection created using the id of the user as established by Catalyst.
The suggested approach is to use SET SESSION AUTHORIZATION before starting to process each request so that all database interaction is processed in the name of the appropriate user. The question is, is this safe with DBIx::Class? In a DBIx::Class/Catalyst, is there any danger that something cached during one request may end up being used in a subsequent one? Can anyone suggest a better approach? Apologies if this is covered in documentation that I haven't yet found. [I admit that I don't yet entirely understand when a DBIx::Class/Catalyst actually creates new database connections, but I'm assuming that this isn't on every request and that some sort of connection caching takes place. Please correct me if I'm wrong...] Jon. -- Jon Warbrick Web/News Development, Computing Service, University of Cambridge _______________________________________________ List: http://lists.rawmode.org/cgi-bin/mailman/listinfo/dbix-class Wiki: http://dbix-class.shadowcatsystems.co.uk/ IRC: irc.perl.org#dbix-class SVN: http://dev.catalyst.perl.org/repos/bast/trunk/DBIx-Class/ Searchable Archive: http://www.mail-archive.com/[email protected]/
