[Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
I can't get roles to work with an dynamic (Schema::Loader) set of models. I am doing all the config in YAML, none in the App.pms. Authentication *is* working. Authorization is throwing this: Caught exception in MyApp::Controller::Thingy->add "user->roles + accessed, but no role configuration found at + /usr/lib/perl5/site_perl/5.8.8/Catalyst/Plugin/Authorization/Roles + .pm line 109" What am I doing wrong (yml and tables below)? Anything obvious? I have played around with the config quite a bit (fully qualified model names, not, combinations of vars). I have no "map_user_role" b/c it's dynamic Schema::Loader. Do I have to have it? I really want (need for the short term) to do Schema::Loader dynamically. Thanks! -Ashley Config - authentication: default_realm: users realms: users: credential: class: Password password_field: password password_type: hashed password_hash_type: SHA-1 store: class: DBIx::Class user_class: User id_field: username authorization: dbic: role_class: Role user_class: User role_field: name role_rel: UserRole user_role_user_field: user user_role_role_field: role Tables --- CREATE TABLE user ( `id` int unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY, `username` varchar(50) NOT NULL UNIQUE, `password` varchar(50) NOT NULL ); -- Add some users... CREATE TABLE `role` ( `id` int unsigned NOT NULL auto_increment, `name` VARCHAR(80) NOT NULL UNIQUE, `description` TEXT NULL, `created` datetime NOT NULL, `updated` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; INSERT INTO `role` VALUES (NULL, "admin", "", NOW(), NULL); INSERT INTO `role` VALUES (NULL, "tracker_admin", "", NOW(), NULL); INSERT INTO `role` VALUES (NULL, "employee", "", NOW(), NULL); INSERT INTO `role` VALUES (NULL, "student", "", NOW(), NULL); INSERT INTO `role` VALUES (NULL, "test", "", NOW(), NULL); CREATE TABLE `user_role` ( `id` int unsigned NOT NULL auto_increment, `user` int unsigned NOT NULL, `role` int unsigned NOT NULL, `created` datetime NOT NULL, `updated` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP, PRIMARY KEY (`id`), FOREIGN KEY (`user`) REFERENCES user(id), FOREIGN KEY (`role`) REFERENCES role(id) ) ENGINE=InnoDB; -- add some user_roles... ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
Ashley Pond V ha scritto: I have no "map_user_role" b/c it's dynamic Schema::Loader. Do I have to have it? Yes, you have to set user_role relation in config. Bye, \fer ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
Can you elaborate? "map_user_role" ne "user_role." I have "role_rel" set to the UserRole class. I tried adding "user_role" but it didn't help and I don't see it anywhere in the docs. I should rephrase, I think. Is anyone using DBIC::Schema::Loader dynamically with role authorization? If so, please share your configuration or advise of which FMTR. Thanks again, -Ashley On Dec 15, 2007, at 1:39 AM, Ferruccio Zamuner wrote: Ashley Pond V ha scritto: I have no "map_user_role" b/c it's dynamic Schema::Loader. Do I have to have it? Yes, you have to set user_role relation in config. Bye, \fer ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/ [EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
Progressing… Looking at Catalyst/Plugin/Authentication/Store/DBIC/ User.pm I saw a couple of items in the "authentication" config I could set. With "role_relation" and "role_field" set-- authentication: default_realm: users realms: users: credential: class: Password password_field: password password_type: hashed password_hash_type: SHA-1 store: class: DBIx::Class user_class: User role_relation: user_roles role_field: role --I now get the roles checked but they are failing because they are checking (returning) the role "id" instead of the "name." $c->user->roles returns a list of the IDs too. So, from reading this, Catalyst::Plugin::Authentication::Store::DBIx::Class::roles() it looks like dynamic loader schemas are incompatible right now? I'm trying to figure this out but there is a lot of inter-related code to read, cross-package-configuration, and documentation drift/lag. Throw me a bone, er, a line! -Ashley On Dec 15, 2007, at 10:18 AM, Ashley Pond V wrote: Can you elaborate? "map_user_role" ne "user_role." I have "role_rel" set to the UserRole class. I tried adding "user_role" but it didn't help and I don't see it anywhere in the docs. I should rephrase, I think. Is anyone using DBIC::Schema::Loader dynamically with role authorization? If so, please share your configuration or advise of which FMTR. Thanks again, -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
While I don't use the DBIx::Class::Loader, I did notice that since the Catalyst::Plugin::Auth refactor, that set of modules doesn't like dealing with role_id's any longer. I ended up creating a database view (and corresponding DBIC class) that spits out role names rather than role IDs, and Catalyst::Plugin::Authentication::Store::DBIx::Class liked that much better. This may not be the only way to solve it, but it worked for me. On 12/15/07, Ashley Pond V <[EMAIL PROTECTED]> wrote: > > Progressing… Looking at Catalyst/Plugin/Authentication/Store/DBIC/ > User.pm I saw a couple of items in the "authentication" config I > could set. With "role_relation" and "role_field" set-- > > authentication: >default_realm: users >realms: > users: >credential: > class: Password > password_field: password > password_type: hashed > password_hash_type: SHA-1 >store: > class: DBIx::Class > user_class: User > role_relation: user_roles > role_field: role > > --I now get the roles checked but they are failing because they are > checking (returning) the role "id" instead of the "name." > > $c->user->roles returns a list of the IDs too. So, from reading this, > Catalyst::Plugin::Authentication::Store::DBIx::Class::roles() > it looks like dynamic loader schemas are incompatible right now? I'm > trying to figure this out but there is a lot of inter-related code to > read, cross-package-configuration, and documentation drift/lag. > > Throw me a bone, er, a line! > -Ashley > > > On Dec 15, 2007, at 10:18 AM, Ashley Pond V wrote: > > Can you elaborate? "map_user_role" ne "user_role." I have > > "role_rel" set to the UserRole class. I tried adding "user_role" > > but it didn't help and I don't see it anywhere in the docs. > > > > I should rephrase, I think. Is anyone using DBIC::Schema::Loader > > dynamically with role authorization? If so, please share your > > configuration or advise of which FMTR. > > > > Thanks again, > > -Ashley > > > > ___ > List: Catalyst@lists.scsys.co.uk > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst > Searchable archive: > http://www.mail-archive.com/[EMAIL PROTECTED]/ > Dev site: http://dev.catalyst.perl.org/ > ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
Hi There Ashley,
The DBIx::Class module expects to use the relation provided in the
role_relation config element to retrieve one or more rows, which must
contain a field called by whatever you provide in role_field.
My guess is that your user_roles table is a cross-ref table - userid
and roleid essentially. In order to solve this you need to use a
many_to_many relationship mapping to the textual role names.
The DBIx::Class module expects you are going to route it to the
information it needs using the role_relation. So what you really need
to do is create the schema class and just define the many-to-many for
roles. Then provide that relation to 'role_relation' and all your
problems should go away.
It still works with dynamic schema - but you have to create the
relationship. You can do that by creating your schema module to look
something like this:
package MyApp::Schema::Users;
use strict;
use warnings;
use base 'DBIx::Class';
__PACKAGE__->load_components("PK::Auto", "Core");
__PACKAGE__->has_many('roles_map', "MyApp::Schema::RoleMap", user_id');
__PACKAGE__->many_to_many( roles => 'role_map, 'role');
1;
I might have that slightly wrong - I've been moving today so I'm a bit
overtired. but basically that allows your schema to dynamically
figure itself out, but you define the relationships for it.
For some database types, DBIx::Class can figure out your relationships
for you - but I don't think it can sort out many-to-many's anyway.
Hope that helps. And I hope it makes as much sense to you as I make
to myself in my head at the moment. This, I understand, may not be
the case. If not, I'll try again tomorrow.
Jay
On Dec 15, 2007, at 5:57 PM, Ashley Pond V wrote:
Progressing… Looking at Catalyst/Plugin/Authentication/Store/DBIC/
User.pm I saw a couple of items in the "authentication" config I
could set. With "role_relation" and "role_field" set--
authentication:
default_realm: users
realms:
users:
credential:
class: Password
password_field: password
password_type: hashed
password_hash_type: SHA-1
store:
class: DBIx::Class
user_class: User
role_relation: user_roles
role_field: role
--I now get the roles checked but they are failing because they are
checking (returning) the role "id" instead of the "name."
$c->user->roles returns a list of the IDs too. So, from reading this,
Catalyst::Plugin::Authentication::Store::DBIx::Class::roles()
it looks like dynamic loader schemas are incompatible right now? I'm
trying to figure this out but there is a lot of inter-related code
to read, cross-package-configuration, and documentation drift/lag.
Throw me a bone, er, a line!
-Ashley
On Dec 15, 2007, at 10:18 AM, Ashley Pond V wrote:
Can you elaborate? "map_user_role" ne "user_role." I have
"role_rel" set to the UserRole class. I tried adding "user_role"
but it didn't help and I don't see it anywhere in the docs.
I should rephrase, I think. Is anyone using DBIC::Schema::Loader
dynamically with role authorization? If so, please share your
configuration or advise of which FMTR.
Thanks again,
-Ashley
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/
Dev site: http://dev.catalyst.perl.org/
---
For most things, throwing yourself at the wall over and over is a
better way to improve than thinking hard about the wall and taking
pictures of it. -- D.Litwack
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
Thanks Jay! That's in line with the more recent documents (and sort
of what I was hoping to avoid). Right now my schema is nothing but a
Schema::Loader base class but I'll set it up to do a dump_to_dir
probably so I can add the many_to_many in User.pm and leave
everything else alone.
On Dec 15, 2007, at 9:52 PM, Jay K wrote:
Hi There Ashley,
The DBIx::Class module expects to use the relation provided in the
role_relation config element to retrieve one or more rows, which
must contain a field called by whatever you provide in role_field.
My guess is that your user_roles table is a cross-ref table -
userid and roleid essentially. In order to solve this you need to
use a many_to_many relationship mapping to the textual role names.
The DBIx::Class module expects you are going to route it to the
information it needs using the role_relation. So what you really
need to do is create the schema class and just define the many-to-
many for roles. Then provide that relation to 'role_relation' and
all your problems should go away.
It still works with dynamic schema - but you have to create the
relationship. You can do that by creating your schema module to
look something like this:
package MyApp::Schema::Users;
use strict;
use warnings;
use base 'DBIx::Class';
__PACKAGE__->load_components("PK::Auto", "Core");
__PACKAGE__->has_many('roles_map', "MyApp::Schema::RoleMap",
user_id');
__PACKAGE__->many_to_many( roles => 'role_map, 'role');
1;
I might have that slightly wrong - I've been moving today so I'm a
bit overtired. but basically that allows your schema to
dynamically figure itself out, but you define the relationships for
it.
For some database types, DBIx::Class can figure out your
relationships for you - but I don't think it can sort out many-to-
many's anyway.
Hope that helps. And I hope it makes as much sense to you as I
make to myself in my head at the moment. This, I understand, may
not be the case. If not, I'll try again tomorrow.
Jay
On Dec 15, 2007, at 5:57 PM, Ashley Pond V wrote:
Progressing… Looking at Catalyst/Plugin/Authentication/Store/DBIC/
User.pm I saw a couple of items in the "authentication" config I
could set. With "role_relation" and "role_field" set--
authentication:
default_realm: users
realms:
users:
credential:
class: Password
password_field: password
password_type: hashed
password_hash_type: SHA-1
store:
class: DBIx::Class
user_class: User
role_relation: user_roles
role_field: role
--I now get the roles checked but they are failing because they
are checking (returning) the role "id" instead of the "name."
$c->user->roles returns a list of the IDs too. So, from reading this,
Catalyst::Plugin::Authentication::Store::DBIx::Class::roles()
it looks like dynamic loader schemas are incompatible right now?
I'm trying to figure this out but there is a lot of inter-related
code to read, cross-package-configuration, and documentation drift/
lag.
Throw me a bone, er, a line!
-Ashley
On Dec 15, 2007, at 10:18 AM, Ashley Pond V wrote:
Can you elaborate? "map_user_role" ne "user_role." I have
"role_rel" set to the UserRole class. I tried adding "user_role"
but it didn't help and I don't see it anywhere in the docs.
I should rephrase, I think. Is anyone using DBIC::Schema::Loader
dynamically with role authorization? If so, please share your
configuration or advise of which FMTR.
Thanks again,
-Ashley
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/
[EMAIL PROTECTED]/
Dev site: http://dev.catalyst.perl.org/
---
For most things, throwing yourself at the wall over and over is a
better way to improve than thinking hard about the wall and taking
pictures of it. -- D.Litwack
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/
[EMAIL PROTECTED]/
Dev site: http://dev.catalyst.perl.org/
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
Continuing saga. So I set up the many_to_many and lo! It worked. But
it worked with *any* role, even fake ones, so obviously something was
bad. Turned out that it was silently failing instead of throwing an
access exception (but there was a template set by the namespace so
the page rendered as expected).
# failed silently (as far as Cat was concerned)
$c->assert_user_roles("there is no role called this");
So, dug into the log:
[Sun Dec 16 16:13:20 2007] [error] [client 67.170.68.172] [warn]
Store class "Catalyst::Authentication::Store::DBIx::Class" not found,
trying deprecated ::Plugin:: style naming. , referer: [...]
Would love to have more, rather than fewer exceptions thrown. I think
the missing class was the cause of a couple of red herrings I
followed down the rabbit hole trying to get this running yesterday
[I'm entitled to mix metaphors, I pay an annual fee]. After I get an
admin to install the missing package in the morning I'll regale you
with my next series of missteps and annoying language.
Live free or die early, die often,
-Ashley
On Dec 15, 2007, at 9:52 PM, Jay K wrote:
Hi There Ashley,
The DBIx::Class module expects to use the relation provided in the
role_relation config element to retrieve one or more rows, which
must contain a field called by whatever you provide in role_field.
My guess is that your user_roles table is a cross-ref table -
userid and roleid essentially. In order to solve this you need to
use a many_to_many relationship mapping to the textual role names.
The DBIx::Class module expects you are going to route it to the
information it needs using the role_relation. So what you really
need to do is create the schema class and just define the many-to-
many for roles. Then provide that relation to 'role_relation' and
all your problems should go away.
It still works with dynamic schema - but you have to create the
relationship. You can do that by creating your schema module to
look something like this:
package MyApp::Schema::Users;
use strict;
use warnings;
use base 'DBIx::Class';
__PACKAGE__->load_components("PK::Auto", "Core");
__PACKAGE__->has_many('roles_map', "MyApp::Schema::RoleMap",
user_id');
__PACKAGE__->many_to_many( roles => 'role_map, 'role');
1;
I might have that slightly wrong - I've been moving today so I'm a
bit overtired. but basically that allows your schema to
dynamically figure itself out, but you define the relationships for
it.
For some database types, DBIx::Class can figure out your
relationships for you - but I don't think it can sort out many-to-
many's anyway.
Hope that helps. And I hope it makes as much sense to you as I
make to myself in my head at the moment. This, I understand, may
not be the case. If not, I'll try again tomorrow.
Jay
On Dec 15, 2007, at 5:57 PM, Ashley Pond V wrote:
Progressing… Looking at Catalyst/Plugin/Authentication/Store/DBIC/
User.pm I saw a couple of items in the "authentication" config I
could set. With "role_relation" and "role_field" set--
authentication:
default_realm: users
realms:
users:
credential:
class: Password
password_field: password
password_type: hashed
password_hash_type: SHA-1
store:
class: DBIx::Class
user_class: User
role_relation: user_roles
role_field: role
--I now get the roles checked but they are failing because they
are checking (returning) the role "id" instead of the "name."
$c->user->roles returns a list of the IDs too. So, from reading this,
Catalyst::Plugin::Authentication::Store::DBIx::Class::roles()
it looks like dynamic loader schemas are incompatible right now?
I'm trying to figure this out but there is a lot of inter-related
code to read, cross-package-configuration, and documentation drift/
lag.
Throw me a bone, er, a line!
-Ashley
On Dec 15, 2007, at 10:18 AM, Ashley Pond V wrote:
Can you elaborate? "map_user_role" ne "user_role." I have
"role_rel" set to the UserRole class. I tried adding "user_role"
but it didn't help and I don't see it anywhere in the docs.
I should rephrase, I think. Is anyone using DBIC::Schema::Loader
dynamically with role authorization? If so, please share your
configuration or advise of which FMTR.
Thanks again,
-Ashley
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/
[EMAIL PROTECTED]/
Dev site: http://dev.catalyst.perl.org/
---
For most things, throwing yourself at the wall over and over is a
better way to improve than thinking hard about the wall and taking
pictures of it. -- D.Litwack
___
List: Catalyst@lists.scsys.co.uk
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/
[EMAIL PROTE
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
Hi Ashley,
The log message you see is a result of the recent move away from the
Catalyst::Plugin::Authentication namespace for stores / credentials.
It falls back to the old naming and warns if it can't find the new
module.. It should, however, have no effect on the functionality of
the code.
It's not a bad idea to update the DBIx::Class store - but be sure to
remove the Catalyst::Plugin::Authentication::Store::DBIx::Class module
first - just to avoid conflicts. Nothing has changed related to roles
in the update, so it shouldn't make any difference.
I don't know why the assert is failing, it should not - what do you
get if you use $c->check_user_roles() - valid results?
Jay
On Dec 16, 2007, at 4:27 PM, Ashley Pond V wrote:
Continuing saga. So I set up the many_to_many and lo! It worked. But
it worked with *any* role, even fake ones, so obviously something
was bad. Turned out that it was silently failing instead of throwing
an access exception (but there was a template set by the namespace
so the page rendered as expected).
# failed silently (as far as Cat was concerned)
$c->assert_user_roles("there is no role called this");
So, dug into the log:
[Sun Dec 16 16:13:20 2007] [error] [client 67.170.68.172] [warn]
Store class "Catalyst::Authentication::Store::DBIx::Class" not
found, trying deprecated ::Plugin:: style naming. , referer: [...]
Would love to have more, rather than fewer exceptions thrown. I
think the missing class was the cause of a couple of red herrings I
followed down the rabbit hole trying to get this running yesterday
[I'm entitled to mix metaphors, I pay an annual fee]. After I get an
admin to install the missing package in the morning I'll regale you
with my next series of missteps and annoying language.
Live free or die early, die often,
-Ashley
On Dec 15, 2007, at 9:52 PM, Jay K wrote:
Hi There Ashley,
The DBIx::Class module expects to use the relation provided in the
role_relation config element to retrieve one or more rows, which
must contain a field called by whatever you provide in role_field.
My guess is that your user_roles table is a cross-ref table -
userid and roleid essentially. In order to solve this you need to
use a many_to_many relationship mapping to the textual role names.
The DBIx::Class module expects you are going to route it to the
information it needs using the role_relation. So what you really
need to do is create the schema class and just define the many-to-
many for roles. Then provide that relation to 'role_relation' and
all your problems should go away.
It still works with dynamic schema - but you have to create the
relationship. You can do that by creating your schema module to
look something like this:
package MyApp::Schema::Users;
use strict;
use warnings;
use base 'DBIx::Class';
__PACKAGE__->load_components("PK::Auto", "Core");
__PACKAGE__->has_many('roles_map', "MyApp::Schema::RoleMap",
user_id');
__PACKAGE__->many_to_many( roles => 'role_map, 'role');
1;
I might have that slightly wrong - I've been moving today so I'm a
bit overtired. but basically that allows your schema to
dynamically figure itself out, but you define the relationships for
it.
For some database types, DBIx::Class can figure out your
relationships for you - but I don't think it can sort out many-to-
many's anyway.
Hope that helps. And I hope it makes as much sense to you as I
make to myself in my head at the moment. This, I understand, may
not be the case. If not, I'll try again tomorrow.
Jay
On Dec 15, 2007, at 5:57 PM, Ashley Pond V wrote:
Progressing… Looking at Catalyst/Plugin/Authentication/Store/DBIC/
User.pm I saw a couple of items in the "authentication" config I
could set. With "role_relation" and "role_field" set--
authentication:
default_realm: users
realms:
users:
credential:
class: Password
password_field: password
password_type: hashed
password_hash_type: SHA-1
store:
class: DBIx::Class
user_class: User
role_relation: user_roles
role_field: role
--I now get the roles checked but they are failing because they
are checking (returning) the role "id" instead of the "name."
$c->user->roles returns a list of the IDs too. So, from reading
this,
Catalyst::Plugin::Authentication::Store::DBIx::Class::roles()
it looks like dynamic loader schemas are incompatible right now?
I'm trying to figure this out but there is a lot of inter-related
code to read, cross-package-configuration, and documentation drift/
lag.
Throw me a bone, er, a line!
-Ashley
On Dec 15, 2007, at 10:18 AM, Ashley Pond V wrote:
Can you elaborate? "map_user_role" ne "user_role." I have
"role_rel" set to the UserRole class. I tried adding "user_role"
but it didn't help and I don't see it anywhere in the docs.
I should rephrase, I think. Is anyone using DBIC::Schema::Loader
dynamically with role authoriza
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
Thanks for still looking at this, Jay. This is the top of the method
with some "die" decoration:
Take 1:
my ( $self, $c ) = @_;
die "This will die";
$c->assert_user_roles("no such role");
Take 2:
my ( $self, $c ) = @_;
$c->assert_user_roles("no such role");
die "This will not fire";
I can put the assert in an eval block but $@ is not set so it doesn't
help to see what's happening. There is no information in the logs at
the point the code fails.
I guess I'll ask our admin to pull
Catalyst::Plugin::Authentication::Store::DBIx::Class, yeah?
Authentication is working fine, by the by. It's just Authorization
that's wonky right now.
Pasting my setup stuff below.
-Ashley
--
use Catalyst qw/
ConfigLoader
-Debug
Unicode
StackTrace
Static::Simple
Authentication
Authorization::Roles
Session
Session::Store::FastMmap
Session::State::Cookie
/;
...User.pm
__PACKAGE__->has_many(
"user_roles",
"MyApp::Schema::UserRole",
{ "foreign.user" => "self.id" },
);
# Created by DBIx::Class::Schema::Loader v0.04004 @ 2007-12-16 13:36:55
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:qroNdEXQL4pOH80kVPQquw
__PACKAGE__->many_to_many(roles => 'user_roles', 'name');
---
yml
authentication:
default_realm: users
realms:
users:
credential:
class: Password
password_type: hashed
password_hash_type: SHA-1
store:
class: DBIx::Class
user_class: User
role_relation: roles
role_field: name
# doesn't matter whether or not the authorization stuff is there but
this is what i've played with (and *many* permutations of the arguments)
authorization:
dbic:
role_class: Role
role_field: name
user_class: User
user_field: user
user_role_user_field: user
user_role_role_field: role
role_rel: user_roles
user_role_class: UserRole
On Dec 16, 2007, at 9:20 PM, Jay K wrote:
Hi Ashley,
The log message you see is a result of the recent move away from
the Catalyst::Plugin::Authentication namespace for stores /
credentials.
It falls back to the old naming and warns if it can't find the new
module.. It should, however, have no effect on the functionality of
the code.
It's not a bad idea to update the DBIx::Class store - but be sure
to remove the Catalyst::Plugin::Authentication::Store::DBIx::Class
module first - just to avoid conflicts. Nothing has changed
related to roles in the update, so it shouldn't make any difference.
I don't know why the assert is failing, it should not - what do you
get if you use $c->check_user_roles() - valid results?
Jay
On Dec 16, 2007, at 4:27 PM, Ashley Pond V wrote:
Continuing saga. So I set up the many_to_many and lo! It worked.
But it worked with *any* role, even fake ones, so obviously
something was bad. Turned out that it was silently failing instead
of throwing an access exception (but there was a template set by
the namespace so the page rendered as expected).
# failed silently (as far as Cat was concerned)
$c->assert_user_roles("there is no role called this");
So, dug into the log:
[Sun Dec 16 16:13:20 2007] [error] [client 67.170.68.172] [warn]
Store class "Catalyst::Authentication::Store::DBIx::Class" not
found, trying deprecated ::Plugin:: style naming. , referer: [...]
Would love to have more, rather than fewer exceptions thrown. I
think the missing class was the cause of a couple of red herrings
I followed down the rabbit hole trying to get this running
yesterday [I'm entitled to mix metaphors, I pay an annual fee].
After I get an admin to install the missing package in the morning
I'll regale you with my next series of missteps and annoying
language.
Live free or die early, die often,
-Ashley
On Dec 15, 2007, at 9:52 PM, Jay K wrote:
Hi There Ashley,
The DBIx::Class module expects to use the relation provided in
the role_relation config element to retrieve one or more rows,
which must contain a field called by whatever you provide in
role_field.
My guess is that your user_roles table is a cross-ref table -
userid and roleid essentially. In order to solve this you need
to use a many_to_many relationship mapping to the textual role
names.
The DBIx::Class module expects you are going to route it to the
information it needs using the role_relation. So what you really
need to do is create the schema class and just define the many-to-
many for roles. Then provide that relation to 'role_relation'
and all your problems should go away.
It still works with dynamic schema - but you have to create the
relationship. You can do that by creating your schema module to
look something like this:
package MyApp::Schema::Users;
use strict;
use warnings;
use base 'DBIx::Class';
__PACKAGE__->load_components("PK::Auto", "Core");
__PACKAGE__->has_many('roles_map', "MyApp::Schema::RoleMap",
user_id');
__P
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
I backed up to a simple test script, got easier to find errors, and
found the trouble with what I was doing.
__PACKAGE__->many_to_many(roles => 'user_roles', 'name');
needed to be
__PACKAGE__->many_to_many(roles => 'user_roles', 'role');
and a corresponding many_to_many in Role.pm
__PACKAGE__->many_to_many(users => 'user_roles', 'user');
So, I'm all good now but still a bit mystified about the silent
failure(?).
Thanks again,
-Ashley
On Dec 16, 2007, at 10:49 PM, Ashley Pond V wrote:
Thanks for still looking at this, Jay. This is the top of the
method with some "die" decoration:
Take 1:
my ( $self, $c ) = @_;
die "This will die";
$c->assert_user_roles("no such role");
Take 2:
my ( $self, $c ) = @_;
$c->assert_user_roles("no such role");
die "This will not fire";
I can put the assert in an eval block but $@ is not set so it
doesn't help to see what's happening. There is no information in
the logs at the point the code fails.
I guess I'll ask our admin to pull
Catalyst::Plugin::Authentication::Store::DBIx::Class, yeah?
Authentication is working fine, by the by. It's just Authorization
that's wonky right now.
Pasting my setup stuff below.
-Ashley
--
use Catalyst qw/
ConfigLoader
-Debug
Unicode
StackTrace
Static::Simple
Authentication
Authorization::Roles
Session
Session::Store::FastMmap
Session::State::Cookie
/;
...User.pm
__PACKAGE__->has_many(
"user_roles",
"MyApp::Schema::UserRole",
{ "foreign.user" => "self.id" },
);
# Created by DBIx::Class::Schema::Loader v0.04004 @ 2007-12-16
13:36:55
# DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:qroNdEXQL4pOH80kVPQquw
__PACKAGE__->many_to_many(roles => 'user_roles', 'name');
---
yml
authentication:
default_realm: users
realms:
users:
credential:
class: Password
password_type: hashed
password_hash_type: SHA-1
store:
class: DBIx::Class
user_class: User
role_relation: roles
role_field: name
# doesn't matter whether or not the authorization stuff is there
but this is what i've played with (and *many* permutations of the
arguments)
authorization:
dbic:
role_class: Role
role_field: name
user_class: User
user_field: user
user_role_user_field: user
user_role_role_field: role
role_rel: user_roles
user_role_class: UserRole
On Dec 16, 2007, at 9:20 PM, Jay K wrote:
Hi Ashley,
The log message you see is a result of the recent move away from
the Catalyst::Plugin::Authentication namespace for stores /
credentials.
It falls back to the old naming and warns if it can't find the new
module.. It should, however, have no effect on the functionality
of the code.
It's not a bad idea to update the DBIx::Class store - but be sure
to remove the Catalyst::Plugin::Authentication::Store::DBIx::Class
module first - just to avoid conflicts. Nothing has changed
related to roles in the update, so it shouldn't make any difference.
I don't know why the assert is failing, it should not - what do
you get if you use $c->check_user_roles() - valid results?
Jay
On Dec 16, 2007, at 4:27 PM, Ashley Pond V wrote:
Continuing saga. So I set up the many_to_many and lo! It worked.
But it worked with *any* role, even fake ones, so obviously
something was bad. Turned out that it was silently failing
instead of throwing an access exception (but there was a template
set by the namespace so the page rendered as expected).
# failed silently (as far as Cat was concerned)
$c->assert_user_roles("there is no role called this");
So, dug into the log:
[Sun Dec 16 16:13:20 2007] [error] [client 67.170.68.172] [warn]
Store class "Catalyst::Authentication::Store::DBIx::Class" not
found, trying deprecated ::Plugin:: style naming. , referer: [...]
Would love to have more, rather than fewer exceptions thrown. I
think the missing class was the cause of a couple of red herrings
I followed down the rabbit hole trying to get this running
yesterday [I'm entitled to mix metaphors, I pay an annual fee].
After I get an admin to install the missing package in the
morning I'll regale you with my next series of missteps and
annoying language.
Live free or die early, die often,
-Ashley
On Dec 15, 2007, at 9:52 PM, Jay K wrote:
Hi There Ashley,
The DBIx::Class module expects to use the relation provided in
the role_relation config element to retrieve one or more rows,
which must contain a field called by whatever you provide in
role_field.
My guess is that your user_roles table is a cross-ref table -
userid and roleid essentially. In order to solve this you need
to use a many_to_many relationship mapping to the textual role
names.
The DBIx::Class module expects you are going to route it to the
information it needs using the role_relation. So what you
really need to do is create the schema class
