Re: [Catalyst] Catalyst Advent Calendar - Day 10 - Config General & Arrays
Hi all! You should also be able to get around this Config::General limitation this way: want_an_array myentry want_an_array myentry That is, repeating twice the same entry. This avoids the creation of spurious entries. I'm quite sure I used to go this route before definitely switching to JSON, which doesn't suffer of this and, if formatted properly, can be easy to read and manipulate as well. Hope this helps, Michele. -- Michele Beltrame http://www.cattlegrid.info/ ICQ 76660101 - MSN [EMAIL PROTECTED] ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Re: Catalyst Advent Calendar - Day 10 - Config General & Arrays
Kieren Diment said the following on 12/10/2008 8:00 PM:
> On Thu, Dec 11, 2008 at 10:54 AM, Chisel Wright <[EMAIL PROTECTED]> wrote:
>> I was just reading http://www.catalystframework.org/calendar/2008/10
>> thinking to myself, "awesome! this really bugs me!"
>>
>> I hope you'll forgive me for being old and slow, but where should one
>> place The Solution? [setup' => sub { }]
>>
>> It's not obvious [to me] from the advent entry.
>>
>
> Cheers for the feedback. I've edited the entry to answer your question.
Perhaps I'm dense, but the advent entry still does not say where to use
this
--[Lance]
--
GPG Fingerprint: 409B A409 A38D 92BF 15D9 6EEE 9A82 F2AC 69AC 07B9
CACert.org Assurer
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Translations in Catalyst
On Wed, Dec 10, 2008 at 10:44 AM, Keith Hasely <[EMAIL PROTECTED]> wrote: > > Hey All, > > We are evaluating different frameworks to use, and one big aspect of the > project is how translations are handled, we deal with at least five languages > on a regular basis. I am hoping to get some input on different template > systems, and ways you all have dealt with the multilingual issues in > Catalyst. We've been using XML XSLT translations, but people in the office > find it challenging working with instead of an HTML template system. > > I've seen some modules in CPAN that help with the issue such as > "Catalyst::Plugin::I18N" which seems to work with Template Toolkit, and > Pedal. There seems to be some concern over here with the overhead HTML > template systems will take up compared to working with XML XSLT translations. > I've also noticed the "Catalyst::View::XSLT" class which means we wouldn't > need to come up with a new system to get our content translated before we > publish. > > Thanks, > Keith > Hi Keith, I'd just like to point out that Catalyst::Plugin::I18N (and related, Catalyst::Plugin::Unicode) are not actually tied to your view. They create a method on the context ($c, by default as most people know it; and actually on the application -- not necessarily $c, which is currently a blessed "MyApp", so also available via a simple MyApp->localize(...)) called "localize" (or a short-cut, "loc") that references the .po files. The .po files are just standard internationalization files, loaded at run-time and editable/parsable by any standard file. There are also handy modules available on the CPAN that allow you to extract and generate your .po files (gettext.pl). This is by far the best method for internationalization because it uses the most common standard for it, and it isn't tied towards any view. I haven't used Catalyst::View::XSLT (mostly because I find xslt to be challenging ;)) so I can't say for sure, but a glance at the pod seems that it would work something like: Failing that, you can presumably register the method while creating the XSLT instance. Hope this helps, -Jay ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Catalyst Advent Calendar - Day 10 - Config General & Arrays
On Thu, Dec 11, 2008 at 10:54 AM, Chisel Wright <[EMAIL PROTECTED]> wrote:
> I was just reading http://www.catalystframework.org/calendar/2008/10
> thinking to myself, "awesome! this really bugs me!"
>
> I hope you'll forgive me for being old and slow, but where should one
> place The Solution? [setup' => sub { }]
>
> It's not obvious [to me] from the advent entry.
>
Cheers for the feedback. I've edited the entry to answer your question.
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Fwd: [Catalyst] disable session in authentication
Whoops, that should have gone to the list as well.. Begin forwarded message: From: Tomas Doran <[EMAIL PROTECTED]> Date: 10 December 2008 23:58:19 GMT To: Bernhard Graf <[EMAIL PROTECTED]> Subject: Re: [Catalyst] disable session in authentication On 10 Dec 2008, at 23:16, Bernhard Graf wrote: The best fix seems to delete the set_authenticated() calls in authenticate_basic() and authenticate_digest(), and simply return the user object, because Catalyst::Authentication::Realm::authenticate() does the right thing with it. Thanks for picking up on that one, and the explanation. I've fixed the bugs as suggested, added tests and I just pushed 1.008 to CPAN, it should show up shortly. Given that you struggled to locate the documentation for 'use_session', could you possibly do a small doc patch with a couple of lines of appropriate documentation/an example, or pointers to the documentation from where you looked but couldn't find it? Cheers t0m ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Catalyst Advent Calendar - Day 10 - Config General & Arrays
I was just reading http://www.catalystframework.org/calendar/2008/10
thinking to myself, "awesome! this really bugs me!"
I hope you'll forgive me for being old and slow, but where should one
place The Solution? [setup' => sub { }]
It's not obvious [to me] from the advent entry.
Cheers,
Chisel
--
Chisel Wright
e: [EMAIL PROTECTED]
w: http://www.herlpacker.co.uk/
Please wait a moment while Windows prepares to start for the first time..
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] disable session in authentication
On Wed 10 Dezember 2008, Bernhard Graf wrote:
> I have an application that uses two different authentication methods
> based on C:P::Authentication:
>
> The default realm uses Catalyst::Authentication::Credential::Password
> with session and cookie for the usual web login with a
> username-password login screen.
>
> For a REST service Catalyst::Authentication::Credential::HTTP is
> used. With every request to this REST service, a useless session id
> and a cookie is created by C:P::Authentication automatically.
>
> I found this config option "use_session" to disable sessions for
> authentication, but this seems to act globally. :-((
>
> Is it possible to disable session usage for the HTTP auth realm only?
Meanwhile I think I found out where to set use_session:
Plugin::Authentication:
default_realm: default
use_session: 0
realms:
default:
use_session: 1
credential:
class: Password
password_field: password
password_type: clear
store:
class: DBIx::Class
user_class: DB::User
id_field: username
role_relation: roles
role_field: id
rest:
use_session: 0
credential:
class: HTTP
type: basic
password_field: appkey
password_type: clear
username_field: name
store:
class: DBIx::Class
user_class: DB::Application
id_field: name
Getting so far it seems Catalyst::Authentication::Credential::HTTP has a
bug, lines 67ff:
if ($self->check_password($user_obj, $opts)) {
$c->set_authenticated($user_obj);
return $user_obj;
}
Here set_authenticated is called without any realmname (missing 2nd
arg), so it defaults to realmname "default", which is the wrong realm.
Finally $user_obj is returned to the caller
Catalyst::Authentication::Realm::authenticate(), and the next thing
that this method does is calling
$c->set_authenticated($user, $self->name);
again - this time with the correct realmname ("rest").
The same bug seems to be in (I didn't test this so far)
Catalyst::Authentication::Credential::HTTP::authenticate_digest():
it also calls
$c->set_authenticated($user);
without the realmname - which will fail in my case - and then returns 1,
this time the caller Catalyst::Authentication::Realm::authenticate()
doesn't call set_authenticated() with the correct realmname, so the
whole authentication would fail.
The best fix seems to delete the set_authenticated() calls in
authenticate_basic() and authenticate_digest(), and simply return the
user object, because Catalyst::Authentication::Realm::authenticate()
does the right thing with it.
--
Bernhard Graf
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] [Announce] Catalyst-Runtime 5.8000_04 shipped to CPAN
On 10 Dec 2008, at 20:20, Guillermo Roditi wrote: So, problem resolved, fix known. will fix and release when i have some time. some time later this week, maybe next. Awesome, thanks. t0m ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] calling a method or sub from the View
On Wed, Dec 10, 2008 at 2:08 PM, Ascii King <[EMAIL PROTECTED]> wrote: > > I see now that it isn't a Perl or Catalyst function I need, but a Template > Toolkit macro. I have it now and i will just keep reading. I apologize for > wasting your time. > No time wasted -- but what you are doing does in some not so light ways violate the principles of MVC. Your controller should populate a structure of selected and default values, and the view should reference that structure for rendering. -J ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Unnecessary session writes
When Catalyst::Session fetches an existing session it records its
"signature" which it then compare with the session data at the end
of the request to decide if the session should be written.
_load_session() does:
$c->_session_data_sig( Object::Signature::signature($session_data) ) if
$session_data;
And then _save_session does this:
no warnings 'uninitialized';
if ( Object::Signature::signature($session_data) ne
$c->_session_data_sig )
{
$session_data->{__updated} = time();
my $sid = $c->sessionid;
$c->store_session_data( "session:$sid" => $session_data );
}
Now, if you call $c->session and no session data is found (no session
id, or no session data in store), then a fresh session hash is created.
sub initialize_session_data {
my $c = shift;
my $now = time;
return $c->_session(
{
__created => $now,
__updated => $now,
(
$c->config->{session}{verify_address}
? ( __address => $c->request->address )
: ()
),
}
);
}
So, if you look at the session every request, for example:
# See if user has selected a language preference
my $language = $c->session->{language} || 'en';
Then if a session doesn't exist it will generate a new session id and
store the empty session to the database (or whatever store you have).
A bot could have fun inserting rows into your database.
I'm using this instead:
sub initialize_session_data {
my $c = shift;
my $now = time;
my $session_data = {
__created => $now,
__updated => $now,
(
$c->config->{session}{verify_address}
? ( __address => $c->request->address )
: ()
),
};
# Only save this session if data is added by the application
$c->_session_data_sig( Object::Signature::signature($session_data) );
return $c->_session($session_data);
}
That won't help if you do this, of course:
my $lang = $c->session->{user_prefs}{language} || 'en';
--
Bill Moseley
[EMAIL PROTECTED]
Sent from my iMutt
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] calling a method or sub from the View
I see now that it isn't a Perl or Catalyst function I need, but a Template
Toolkit macro. I have it now and i will just keep reading. I apologize for
wasting your time.
Ascii King wrote:
>
> How can I call a method or sub routine that I create? I simply want to put
> the word 'select' into the html file so the drop down list has the right
> option selected. I determine the right option by pulling it out of the
> database.
>
> I am new to Catalyst and not very good at Perl. I have searched the web
> for this answer but it eludes me. I know it is simple and I am embarrassed
> by it. I expect that I create a sub in my controller file (prior.pm it is
> called) and then I call it from within my template. I apologize if I am
> messing these terms up. Here is what I want to do.
>
> In prior.pm:
>
> sub isAppointment_Verbal : Local {
> my ($self, $c) = @_;
> print "checked";
> }
>
> Then, in the template 'testprior.tt2' I call it like this:
> name="Confirmation">
>
> Even with this simplified example I can't get any results at all. What's
> more is I don't know if this is supposed to be handled by the TTSite or
> Perl or Catalyst or what. I have purchased the Catalyst book and I am
> willing to read whatever you point me at, as well.
>
--
View this message in context:
http://www.nabble.com/calling-a-method-or-sub-from-the-View-tp20923733p20945116.html
Sent from the Catalyst Web Framework mailing list archive at Nabble.com.
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Catalyst modperl - child process segmentation fault
On Wed, Dec 10, 2008 at 2:20 PM, Terence Monteiro <[EMAIL PROTECTED]> wrote: >>> How can I find out the mysql client libraries DBD::mysql and mod_php are >>> linked with? What you say is possible because I upgraded DBD::mysql from >>> the latest debian sources in unstable, but not (yet) mod_php. But I don't >>> understand why mod_php should matter. >> >> Could you humour me, and try disabling PHP in Apache, and then seeing if >> that stops the Catalyst app crashing? >> >> I think you can do it by 'rm /etc/apache/mods-enabled/*php*.load' or >> something very similar? >> > > Disabled mod_php5 and tried again. Still get the segfaults. Has anyone else > faced this problem, with segmentation faults while running their Catalyst > app with mod_perl 2.0.4-4 on apache 2.2.9-10 or 2.2.9-11 on debian? > Install DBD::mysql 4.006 or try 4.010. Versions 4.007 and 4.008 caused segfaults exactly like the one you got. The changelog of 4.009 says this bug has been fixed, so you could try 4.010: * Fix to re-enable TAKE_IMP_DATA_VERSION. Still have to ensure DBI version 1.607 or higher But I haven't tried this version yet. 4.006 works fine for me and at that time, the latest was 4.008 so I went back to 4.006. Sergio Salvi ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Translations in Catalyst
From: "Keith Hasely" <[EMAIL PROTECTED]>
Hey All,
We are evaluating different frameworks to use, and one big aspect of the
project is how translations are handled, we deal with at least five
languages on a regular basis. I am hoping to get some input on different
template systems, and ways you all have dealt with the multilingual issues
in Catalyst. We've been using XML XSLT translations, but people in the
office find it challenging working with instead of an HTML template
system.
I've seen some modules in CPAN that help with the issue such as
"Catalyst::Plugin::I18N" which seems to work with Template Toolkit, and
Pedal. There seems to be some concern over here with the overhead HTML
template systems will take up compared to working with XML XSLT
translations. I've also noticed the "Catalyst::View::XSLT" class which
means we wouldn't need to come up with a new system to get our content
translated before we publish.
I use Catalyst::Plugin::I18N and it works fine.
It is very simple to use, and I just need to use something like the text
below for translating a certain string:
[% l("String to translate") %]
where l() is a Template-Toolkit macro:
[% MACRO l(text, args) BLOCK;c.localize(text, args);END -%]
Or you can do the translations in the program directly using:
my $translated = $c->localize("String to translate");
And the strings to translate can be kept in Gettext type of text files or in
separate perl modules that define a hash with the string translations...
Octavian
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] [Announce] Catalyst-Runtime 5.8000_04 shipped to CPAN
On Tue, Dec 9, 2008 at 9:35 AM, Tomas Doran <[EMAIL PROTECTED]> wrote: > > I agree that all 'real' Moose classes shouldn't be breaking the meta method > like this, but the fact is that there *IS* real code out there which is > going to be broken by this, and it's something which we can _avoid_ breaking > without too much effort.. > As agreed, we'll replace calls to ->can with calls to ->meta->has_method to fix this. We will also have to use Class::MOP directly to find the metaclass instead of using ->meta. So, problem resolved, fix known. will fix and release when i have some time. some time later this week, maybe next. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Catalyst modperl - child process segmentation fault
Toby Corkindale wrote: > Terence Monteiro wrote: >> Toby Corkindale wrote: >>> Terence Monteiro wrote: I'm running my Catalyst application on apache2 using modperl with mysql database accessed by DBIx::SearchBuilder. I'm getting the message in the apache2 error logs: child pid 1140 exit signal Segmentation fault (11), possible core dump in /tmp > ]snip] >>> Ugh.. Dumping core? That's rather drastic! >>> >>> What versions of DBI and DBD::mysql are you running? >>> And is DBD::mysql linked against the same mysql client libraries as >>> mod_php? >> >> Thanks, Toby >> >> DBD::mysql version: 4.008 >> DBI version:1.607 >> libapache2-mod-php5 version: 5.2.0-8+etch10 >> >> How can I find out the mysql client libraries DBD::mysql and mod_php are >> linked with? What you say is possible because I upgraded DBD::mysql from >> the latest debian sources in unstable, but not (yet) mod_php. But I don't >> understand why mod_php should matter. > > Could you humour me, and try disabling PHP in Apache, and then seeing if > that stops the Catalyst app crashing? > > I think you can do it by 'rm /etc/apache/mods-enabled/*php*.load' or > something very similar? > Disabled mod_php5 and tried again. Still get the segfaults. Has anyone else faced this problem, with segmentation faults while running their Catalyst app with mod_perl 2.0.4-4 on apache 2.2.9-10 or 2.2.9-11 on debian? > ... -- Thanks and Regards, Terence Monteiro. DeepRoot Linux, http://www.deeproot.in Ph: +91 (80) 4089 Getting GNU/Linux to work for you. Faster. Better. Today. Every way ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Translations in Catalyst
Maybe this answer os not what you meant but I use some tags stored in the database so all the translations I have it stored and then retrieved passing the desired language as a parameter, then put all the data in the stash so the template could be used for every language you can think of. Giancarlo Keith Hasely wrote: Hey All, We are evaluating different frameworks to use, and one big aspect of the project is how translations are handled, we deal with at least five languages on a regular basis. I am hoping to get some input on different template systems, and ways you all have dealt with the multilingual issues in Catalyst. We've been using XML XSLT translations, but people in the office find it challenging working with instead of an HTML template system. I've seen some modules in CPAN that help with the issue such as "Catalyst::Plugin::I18N" which seems to work with Template Toolkit, and Pedal. There seems to be some concern over here with the overhead HTML template systems will take up compared to working with XML XSLT translations. I've also noticed the "Catalyst::View::XSLT" class which means we wouldn't need to come up with a new system to get our content translated before we publish. Thanks, Keith ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Translations in Catalyst
Hey All, We are evaluating different frameworks to use, and one big aspect of the project is how translations are handled, we deal with at least five languages on a regular basis. I am hoping to get some input on different template systems, and ways you all have dealt with the multilingual issues in Catalyst. We've been using XML XSLT translations, but people in the office find it challenging working with instead of an HTML template system. I've seen some modules in CPAN that help with the issue such as "Catalyst::Plugin::I18N" which seems to work with Template Toolkit, and Pedal. There seems to be some concern over here with the overhead HTML template systems will take up compared to working with XML XSLT translations. I've also noticed the "Catalyst::View::XSLT" class which means we wouldn't need to come up with a new system to get our content translated before we publish. Thanks, Keith ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] disable session in authentication
I have an application that uses two different authentication methods based on C:P::Authentication: The default realm uses Catalyst::Authentication::Credential::Password with session and cookie for the usual web login with a username-password login screen. For a REST service Catalyst::Authentication::Credential::HTTP is used. With every request to this REST service, a useless session id and a cookie is created by C:P::Authentication automatically. I found this config option "use_session" to disable sessions for authentication, but this seems to act globally. :-(( Is it possible to disable session usage for the HTTP auth realm only? -- Bernhard Graf ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Example app showing user to "item" authorization?
Jason Gottshall wrote:
Tomas Doran wrote:
On 9 Dec 2008, at 04:24, bill hauck wrote:
So my question: is there an example application or best practice on
how to implement a check on all calls to see if the user should be
accessing a specific item? I guess this would apply to any type of
system: blog, auction, cms, etc. -- they all require checking if a
specific user can edit a specific item.
Assuming that you're using DBIx::Class, then the common way of doing
this would be to use ResultSet chaining to limit things.
What you do is add a 'limit_by_user' method (name is not important -
just pick one and stick to it for your entire app) on each ResultSet
class which you can pass $c->user, and have it return a filtered
result set..
You then arrange your controllers such that you will call this method
on all resultsets before actually searching them. The simplest
strategy is to just have code like:
$c->stash->{project} =
$c->model('DB::Project')->limit_by_user($c->user)->find_by_foo($foo);
whenever you want to do a search.
You might try using DBIx::Class::Schema::RestrictWithObject to do this
more centrally. Essentially you put all your "limit_by_user" filters
into one central package, then you just pass $c->user to the schema at
the beginning of the request. RestrictWithObject will intercept all
searches and tack on the appropriate filter for the requested resultset
for you.
Sorry, I should have given an example. Have a look at mst's great
catalyst talk; the RestrictWithObject stuff starts at slide 74:
http://www.shadowcat.co.uk/catalyst/-talks/oscon/crucible.xul
--
Jason Gottshall
[EMAIL PROTECTED]
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Example app showing user to "item" authorization?
Tomas Doran wrote:
On 9 Dec 2008, at 04:24, bill hauck wrote:
So my question: is there an example application or best practice on
how to implement a check on all calls to see if the user should be
accessing a specific item? I guess this would apply to any type of
system: blog, auction, cms, etc. -- they all require checking if a
specific user can edit a specific item.
Assuming that you're using DBIx::Class, then the common way of doing
this would be to use ResultSet chaining to limit things.
What you do is add a 'limit_by_user' method (name is not important -
just pick one and stick to it for your entire app) on each ResultSet
class which you can pass $c->user, and have it return a filtered result
set..
You then arrange your controllers such that you will call this method on
all resultsets before actually searching them. The simplest strategy is
to just have code like:
$c->stash->{project} =
$c->model('DB::Project')->limit_by_user($c->user)->find_by_foo($foo);
whenever you want to do a search.
You might try using DBIx::Class::Schema::RestrictWithObject to do this
more centrally. Essentially you put all your "limit_by_user" filters
into one central package, then you just pass $c->user to the schema at
the beginning of the request. RestrictWithObject will intercept all
searches and tack on the appropriate filter for the requested resultset
for you.
HTH,
Jason
--
Jason Gottshall
[EMAIL PROTECTED]
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
