Re: [Catalyst] how to authenticate using database users
--- On Wed, 3/18/09, Adam Witney wrote: > From: Adam Witney > Subject: Re: [Catalyst] how to authenticate using database users > To: "The elegant MVC web framework" > Date: Wednesday, March 18, 2009, 4:33 PM > On 18 Mar 2009, at 16:24, Michael Reddick wrote: > > > > > > > On Wed, Mar 18, 2009 at 10:51 AM, Adam Witney > wrote: > > > > Hi, > > > > Our database uses actual database users rather than a > table containing usernames and password. > > > > > > Why are you doing that? > > > The database has a row level security model implemented > such that row access is controlled by the database login. > This is because several applications can be used to interact > with it. > > thanks > > adam Adam, can you tell us what database you're using? Also, what other types of apps (web, fat client, etc.)? I don't have any solution, but I'm facing a somewhat similar issue ... I'm looking to replace a custom application written in FileMaker, which allows you to create permission levels down to the field level. I'll need to replicate this in whatever replaces the original application. Anyone have any hints on how to track what users (or roles) are able to edit what fields? I'm thinking of implementing it similar to the way MySQL's permission tables are setup. A permission table for each data table with a column for each column in the data table and a column for the user / role. The values would be similar to Unix's permissions (1,2,4) to indicate if they could read, write, modify. Anyone want to tell me it's crap and offer a better way? Please ... Thanks, bill ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] how to authenticate using database users
On 18 Mar 2009, at 16:24, Michael Reddick wrote: On Wed, Mar 18, 2009 at 10:51 AM, Adam Witney wrote: Hi, Our database uses actual database users rather than a table containing usernames and password. Why are you doing that? The database has a row level security model implemented such that row access is controlled by the database login. This is because several applications can be used to interact with it. thanks adam ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] how to authenticate using database users
On Wed, Mar 18, 2009 at 10:51 AM, Adam Witney wrote: > > Hi, > > Our database uses actual database users rather than a table containing > usernames and password. Why are you doing that? -michael ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] how to authenticate using database users
Hi, Our database uses actual database users rather than a table containing usernames and password. How would I authenticate against the database itself? The examples I have come across in the Tutorial and various Catalyst::Authentication::* modules all seem to require the presence of a table containing username and password fields. I guess I could write my own authenticate method that performed a manual dbh connection somehow... but I was wondering if there was a more standard/recommended way to do this? thanks for any help adam ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Too many records returned
I have a sub that is supposed to call a record for editing if an $id
parameter is specified. If no $id is given, then it is supposed to
create a new record. It works fine when used to call an existing
record. The problem I am having is that it is returning every record in
the table associated by a has_many relationship when no $id file is
given (new record).
Character ->has_many->CharacterBackground
What I should get is zero records returned from the CharacterBackground
table because it is a new Character record. What I get is every single
record in the CharacterBackground table returned. What is wrong with my
code?
Character.pm
---
sub character : Local FormConfig('character/character.yml') {
my ($self, $c, $id) = @_;
my $book;
if (defined($id)) {
$book = $c->model('DB::Character')->find($id);
unless ($book) {
$c->stash->{error_msg} = "Invalid Character record -- Cannot
edit";
$c->response->redirect($c->uri_for('list_character'));
$c->detach;
}
} else {
$book = $c->model('DB::Character')->new_result({});
}
my $form = $c->stash->{form};
if ($form->submitted_and_valid) {
$form->model->update($book);
$c->stash->{status_msg} = 'Record ammended';
$c->response->redirect($c->uri_for('list_character'));
$c->detach;
} else {
$form->model->default_values($book);
}
$c->stash->{given_title} = 'Edit Character';
$c->stash->{template} = 'character/character.tt2';
}
Tables:
- - - - - - - - - - - - - -
Character.pm
fields:
character_id
name
etc..
set_primary_key("character_id")
__PACKAGE__->has_many('link_characterbackground_h' =>
'Orpheus::Schema::CharacterBackground', 'character_id');
CharacterBackground.pm
fields:
char_back_id
character_id
etc...
set_primary_key("char_back_id")
__PACKAGE__->belongs_to('link_charbackchar_b' =>
'Orpheus::Schema::Character', 'character_id' );
Links:
- - - - - - - - - - - - - - - - -
Here is the code that I use to edit a record. It works properly.
Edit
Here is the code I use to call for a new record.
Create a New Character
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
[Catalyst] Catalyst::Engine::HTTP and Expect.pm
Hi,
I have problems to get Expect.pm working within the builtin test server.
The following code resides inside a model:
use Expect;
my $exp = Expect->new;
$exp->log_stdout(0);
$exp->spawn('ssh', '-l' => $c->config->{client}{user},
$c->config->{client}{host})
or die "Can't spawn ssh";
$exp->expect( $c->config->{client}{timeout},
[
'Connection closed by remote host',
sub {
die "SSH failed (connection closed)";
},
],
[
'lost connection',
sub {
die "SSH failed (lost connection)";
},
],
[
'Enter passphrase',
sub {
print $exp $self->password . "\r";
exp_continue;
},
],
);
$exp->clear_accum;
# bin/command prints something like »herewego >foobarblubb«
# I want the part after the »>«.
print $exp "bin/command" . "\r";
if ( !$exp->expect($c->config->{client}{timeout}, 'herewego >') ) {
die "failure in remote command";
};
my $wanted = $exp->after;
Using the default test server (Catalyst::Engine::HTTP,
script/myapp_server.pl -r -d), $wanted is empty, but setting
CATALYST_ENGINE='HTTP::Prefork' sets $wanted to the expected value.
If I set $exp->exp_internal(1), then the last log message looks like
spawn id(7): Does `bin/command\r\n'
match:
pattern #1: -ex `herewego >'? No.
Anyone else used Expect.pm and got this behaviour?
I use Catalyst::Engine::HTTP from Catalyst-Runtime-5.8000_06.
Thanks, Frank
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
Dev site: http://dev.catalyst.perl.org/
