On 12/09/2005, at 1:45 PM, Peter Speltz wrote:
I appreciate you all (Dave especially) being patient with my
fundamental ignorance of how the browser has to hit the server again
for css, images , etc. It makes perfect sense no that i think about
it.
I wonder if a regex would do at the appropriate place in authenticate:
return DECLINED if $r->template =~ /.+
(.css|.html|.htm|.gif|.png|.jpg)$/;
Interesting question Pete. On a similar note, I have the following
in my authenticate sub
return OK if $r->template =~ /login|logout/;
Which doesn't work as I expect. What piece of $r should I be using
instead? Or is there a problem with my regex?
It would probabl still be better to have the httpd.conf handle images,
css, and otherthings that did not need to be authorized or
authenticated . However for static pages that may need to be
authorized and authenticated, maybe something like this could work.
I tend to agree. I have a path/to/maypole/app/files directory (they
could be database blobs but I'm using the file system as nature
intended instead) which needs a rather convoluted authorization
framework. I let the file xtension take care of the mime type, but I
need to get the application to serve the file, or otherwise, so
there's no file template, but we need to work out whether the file
can be served in the first place. So, yeah, I use this for that.
Another case, say you wanted images to display only if a user was over
18 . How, from the authenticate sub, would you skip Maypole
processing yet tell Apache to not return the image? . Return ERROR?
No, you just don't return that lump of html in your template.
Something like [lifted straight from one of my prototype templates]:
[% MACRO maybe_make_file_url(item, userInfo) BLOCK;
doit = 0;
IF userInfo.priv == "admin";
doit = 1;
ELSIF userInfo.priv == "researcher" ;
doit = 1;
ELSIF userInfo.priv == "guest" AND userInfo.view ==
'public';
doit = 1;
ELSIF userInfo.priv == "student" AND
(userInfo.view ==
'public' OR userInfo.view == 'private');
doit = 1;
ELSIF userInfo.priv == "visitor" AND (userInfo.view
== 'public'
OR
userInfo.view == 'private');
doit = 1;
END;
IF doit == 1;
'<a href="/coke/private/files/'; item.file; '">
Download </a>';
END;
END %]
-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
Maypole-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/maypole-users
