[Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
I can't get roles to work with an dynamic (Schema::Loader) set of models. I am doing all the config in YAML, none in the App.pms. Authentication *is* working. Authorization is throwing this: Caught exception in MyApp::Controller::Thingy->add "user->roles + accessed, but no role configuration found at + /usr/lib/perl5/site_perl/5.8.8/Catalyst/Plugin/Authorization/Roles + .pm line 109" What am I doing wrong (yml and tables below)? Anything obvious? I have played around with the config quite a bit (fully qualified model names, not, combinations of vars). I have no "map_user_role" b/c it's dynamic Schema::Loader. Do I have to have it? I really want (need for the short term) to do Schema::Loader dynamically. Thanks! -Ashley Config - authentication: default_realm: users realms: users: credential: class: Password password_field: password password_type: hashed password_hash_type: SHA-1 store: class: DBIx::Class user_class: User id_field: username authorization: dbic: role_class: Role user_class: User role_field: name role_rel: UserRole user_role_user_field: user user_role_role_field: role Tables --- CREATE TABLE user ( `id` int unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY, `username` varchar(50) NOT NULL UNIQUE, `password` varchar(50) NOT NULL ); -- Add some users... CREATE TABLE `role` ( `id` int unsigned NOT NULL auto_increment, `name` VARCHAR(80) NOT NULL UNIQUE, `description` TEXT NULL, `created` datetime NOT NULL, `updated` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; INSERT INTO `role` VALUES (NULL, "admin", "", NOW(), NULL); INSERT INTO `role` VALUES (NULL, "tracker_admin", "", NOW(), NULL); INSERT INTO `role` VALUES (NULL, "employee", "", NOW(), NULL); INSERT INTO `role` VALUES (NULL, "student", "", NOW(), NULL); INSERT INTO `role` VALUES (NULL, "test", "", NOW(), NULL); CREATE TABLE `user_role` ( `id` int unsigned NOT NULL auto_increment, `user` int unsigned NOT NULL, `role` int unsigned NOT NULL, `created` datetime NOT NULL, `updated` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP, PRIMARY KEY (`id`), FOREIGN KEY (`user`) REFERENCES user(id), FOREIGN KEY (`role`) REFERENCES role(id) ) ENGINE=InnoDB; -- add some user_roles... ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
Ashley Pond V ha scritto: I have no "map_user_role" b/c it's dynamic Schema::Loader. Do I have to have it? Yes, you have to set user_role relation in config. Bye, \fer ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
Can you elaborate? "map_user_role" ne "user_role." I have "role_rel" set to the UserRole class. I tried adding "user_role" but it didn't help and I don't see it anywhere in the docs. I should rephrase, I think. Is anyone using DBIC::Schema::Loader dynamically with role authorization? If so, please share your configuration or advise of which FMTR. Thanks again, -Ashley On Dec 15, 2007, at 1:39 AM, Ferruccio Zamuner wrote: Ashley Pond V ha scritto: I have no "map_user_role" b/c it's dynamic Schema::Loader. Do I have to have it? Yes, you have to set user_role relation in config. Bye, \fer ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/ [EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
Progressing… Looking at Catalyst/Plugin/Authentication/Store/DBIC/ User.pm I saw a couple of items in the "authentication" config I could set. With "role_relation" and "role_field" set-- authentication: default_realm: users realms: users: credential: class: Password password_field: password password_type: hashed password_hash_type: SHA-1 store: class: DBIx::Class user_class: User role_relation: user_roles role_field: role --I now get the roles checked but they are failing because they are checking (returning) the role "id" instead of the "name." $c->user->roles returns a list of the IDs too. So, from reading this, Catalyst::Plugin::Authentication::Store::DBIx::Class::roles() it looks like dynamic loader schemas are incompatible right now? I'm trying to figure this out but there is a lot of inter-related code to read, cross-package-configuration, and documentation drift/lag. Throw me a bone, er, a line! -Ashley On Dec 15, 2007, at 10:18 AM, Ashley Pond V wrote: Can you elaborate? "map_user_role" ne "user_role." I have "role_rel" set to the UserRole class. I tried adding "user_role" but it didn't help and I don't see it anywhere in the docs. I should rephrase, I think. Is anyone using DBIC::Schema::Loader dynamically with role authorization? If so, please share your configuration or advise of which FMTR. Thanks again, -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
While I don't use the DBIx::Class::Loader, I did notice that since the Catalyst::Plugin::Auth refactor, that set of modules doesn't like dealing with role_id's any longer. I ended up creating a database view (and corresponding DBIC class) that spits out role names rather than role IDs, and Catalyst::Plugin::Authentication::Store::DBIx::Class liked that much better. This may not be the only way to solve it, but it worked for me. On 12/15/07, Ashley Pond V <[EMAIL PROTECTED]> wrote: > > Progressing… Looking at Catalyst/Plugin/Authentication/Store/DBIC/ > User.pm I saw a couple of items in the "authentication" config I > could set. With "role_relation" and "role_field" set-- > > authentication: >default_realm: users >realms: > users: >credential: > class: Password > password_field: password > password_type: hashed > password_hash_type: SHA-1 >store: > class: DBIx::Class > user_class: User > role_relation: user_roles > role_field: role > > --I now get the roles checked but they are failing because they are > checking (returning) the role "id" instead of the "name." > > $c->user->roles returns a list of the IDs too. So, from reading this, > Catalyst::Plugin::Authentication::Store::DBIx::Class::roles() > it looks like dynamic loader schemas are incompatible right now? I'm > trying to figure this out but there is a lot of inter-related code to > read, cross-package-configuration, and documentation drift/lag. > > Throw me a bone, er, a line! > -Ashley > > > On Dec 15, 2007, at 10:18 AM, Ashley Pond V wrote: > > Can you elaborate? "map_user_role" ne "user_role." I have > > "role_rel" set to the UserRole class. I tried adding "user_role" > > but it didn't help and I don't see it anywhere in the docs. > > > > I should rephrase, I think. Is anyone using DBIC::Schema::Loader > > dynamically with role authorization? If so, please share your > > configuration or advise of which FMTR. > > > > Thanks again, > > -Ashley > > > > ___ > List: Catalyst@lists.scsys.co.uk > Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst > Searchable archive: > http://www.mail-archive.com/[EMAIL PROTECTED]/ > Dev site: http://dev.catalyst.perl.org/ > ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
Hi There Ashley, The DBIx::Class module expects to use the relation provided in the role_relation config element to retrieve one or more rows, which must contain a field called by whatever you provide in role_field. My guess is that your user_roles table is a cross-ref table - userid and roleid essentially. In order to solve this you need to use a many_to_many relationship mapping to the textual role names. The DBIx::Class module expects you are going to route it to the information it needs using the role_relation. So what you really need to do is create the schema class and just define the many-to-many for roles. Then provide that relation to 'role_relation' and all your problems should go away. It still works with dynamic schema - but you have to create the relationship. You can do that by creating your schema module to look something like this: package MyApp::Schema::Users; use strict; use warnings; use base 'DBIx::Class'; __PACKAGE__->load_components("PK::Auto", "Core"); __PACKAGE__->has_many('roles_map', "MyApp::Schema::RoleMap", user_id'); __PACKAGE__->many_to_many( roles => 'role_map, 'role'); 1; I might have that slightly wrong - I've been moving today so I'm a bit overtired. but basically that allows your schema to dynamically figure itself out, but you define the relationships for it. For some database types, DBIx::Class can figure out your relationships for you - but I don't think it can sort out many-to-many's anyway. Hope that helps. And I hope it makes as much sense to you as I make to myself in my head at the moment. This, I understand, may not be the case. If not, I'll try again tomorrow. Jay On Dec 15, 2007, at 5:57 PM, Ashley Pond V wrote: Progressing… Looking at Catalyst/Plugin/Authentication/Store/DBIC/ User.pm I saw a couple of items in the "authentication" config I could set. With "role_relation" and "role_field" set-- authentication: default_realm: users realms: users: credential: class: Password password_field: password password_type: hashed password_hash_type: SHA-1 store: class: DBIx::Class user_class: User role_relation: user_roles role_field: role --I now get the roles checked but they are failing because they are checking (returning) the role "id" instead of the "name." $c->user->roles returns a list of the IDs too. So, from reading this, Catalyst::Plugin::Authentication::Store::DBIx::Class::roles() it looks like dynamic loader schemas are incompatible right now? I'm trying to figure this out but there is a lot of inter-related code to read, cross-package-configuration, and documentation drift/lag. Throw me a bone, er, a line! -Ashley On Dec 15, 2007, at 10:18 AM, Ashley Pond V wrote: Can you elaborate? "map_user_role" ne "user_role." I have "role_rel" set to the UserRole class. I tried adding "user_role" but it didn't help and I don't see it anywhere in the docs. I should rephrase, I think. Is anyone using DBIC::Schema::Loader dynamically with role authorization? If so, please share your configuration or advise of which FMTR. Thanks again, -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/ --- For most things, throwing yourself at the wall over and over is a better way to improve than thinking hard about the wall and taking pictures of it. -- D.Litwack ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
Thanks Jay! That's in line with the more recent documents (and sort of what I was hoping to avoid). Right now my schema is nothing but a Schema::Loader base class but I'll set it up to do a dump_to_dir probably so I can add the many_to_many in User.pm and leave everything else alone. On Dec 15, 2007, at 9:52 PM, Jay K wrote: Hi There Ashley, The DBIx::Class module expects to use the relation provided in the role_relation config element to retrieve one or more rows, which must contain a field called by whatever you provide in role_field. My guess is that your user_roles table is a cross-ref table - userid and roleid essentially. In order to solve this you need to use a many_to_many relationship mapping to the textual role names. The DBIx::Class module expects you are going to route it to the information it needs using the role_relation. So what you really need to do is create the schema class and just define the many-to- many for roles. Then provide that relation to 'role_relation' and all your problems should go away. It still works with dynamic schema - but you have to create the relationship. You can do that by creating your schema module to look something like this: package MyApp::Schema::Users; use strict; use warnings; use base 'DBIx::Class'; __PACKAGE__->load_components("PK::Auto", "Core"); __PACKAGE__->has_many('roles_map', "MyApp::Schema::RoleMap", user_id'); __PACKAGE__->many_to_many( roles => 'role_map, 'role'); 1; I might have that slightly wrong - I've been moving today so I'm a bit overtired. but basically that allows your schema to dynamically figure itself out, but you define the relationships for it. For some database types, DBIx::Class can figure out your relationships for you - but I don't think it can sort out many-to- many's anyway. Hope that helps. And I hope it makes as much sense to you as I make to myself in my head at the moment. This, I understand, may not be the case. If not, I'll try again tomorrow. Jay On Dec 15, 2007, at 5:57 PM, Ashley Pond V wrote: Progressing… Looking at Catalyst/Plugin/Authentication/Store/DBIC/ User.pm I saw a couple of items in the "authentication" config I could set. With "role_relation" and "role_field" set-- authentication: default_realm: users realms: users: credential: class: Password password_field: password password_type: hashed password_hash_type: SHA-1 store: class: DBIx::Class user_class: User role_relation: user_roles role_field: role --I now get the roles checked but they are failing because they are checking (returning) the role "id" instead of the "name." $c->user->roles returns a list of the IDs too. So, from reading this, Catalyst::Plugin::Authentication::Store::DBIx::Class::roles() it looks like dynamic loader schemas are incompatible right now? I'm trying to figure this out but there is a lot of inter-related code to read, cross-package-configuration, and documentation drift/ lag. Throw me a bone, er, a line! -Ashley On Dec 15, 2007, at 10:18 AM, Ashley Pond V wrote: Can you elaborate? "map_user_role" ne "user_role." I have "role_rel" set to the UserRole class. I tried adding "user_role" but it didn't help and I don't see it anywhere in the docs. I should rephrase, I think. Is anyone using DBIC::Schema::Loader dynamically with role authorization? If so, please share your configuration or advise of which FMTR. Thanks again, -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/ [EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/ --- For most things, throwing yourself at the wall over and over is a better way to improve than thinking hard about the wall and taking pictures of it. -- D.Litwack ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/ [EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
Continuing saga. So I set up the many_to_many and lo! It worked. But it worked with *any* role, even fake ones, so obviously something was bad. Turned out that it was silently failing instead of throwing an access exception (but there was a template set by the namespace so the page rendered as expected). # failed silently (as far as Cat was concerned) $c->assert_user_roles("there is no role called this"); So, dug into the log: [Sun Dec 16 16:13:20 2007] [error] [client 67.170.68.172] [warn] Store class "Catalyst::Authentication::Store::DBIx::Class" not found, trying deprecated ::Plugin:: style naming. , referer: [...] Would love to have more, rather than fewer exceptions thrown. I think the missing class was the cause of a couple of red herrings I followed down the rabbit hole trying to get this running yesterday [I'm entitled to mix metaphors, I pay an annual fee]. After I get an admin to install the missing package in the morning I'll regale you with my next series of missteps and annoying language. Live free or die early, die often, -Ashley On Dec 15, 2007, at 9:52 PM, Jay K wrote: Hi There Ashley, The DBIx::Class module expects to use the relation provided in the role_relation config element to retrieve one or more rows, which must contain a field called by whatever you provide in role_field. My guess is that your user_roles table is a cross-ref table - userid and roleid essentially. In order to solve this you need to use a many_to_many relationship mapping to the textual role names. The DBIx::Class module expects you are going to route it to the information it needs using the role_relation. So what you really need to do is create the schema class and just define the many-to- many for roles. Then provide that relation to 'role_relation' and all your problems should go away. It still works with dynamic schema - but you have to create the relationship. You can do that by creating your schema module to look something like this: package MyApp::Schema::Users; use strict; use warnings; use base 'DBIx::Class'; __PACKAGE__->load_components("PK::Auto", "Core"); __PACKAGE__->has_many('roles_map', "MyApp::Schema::RoleMap", user_id'); __PACKAGE__->many_to_many( roles => 'role_map, 'role'); 1; I might have that slightly wrong - I've been moving today so I'm a bit overtired. but basically that allows your schema to dynamically figure itself out, but you define the relationships for it. For some database types, DBIx::Class can figure out your relationships for you - but I don't think it can sort out many-to- many's anyway. Hope that helps. And I hope it makes as much sense to you as I make to myself in my head at the moment. This, I understand, may not be the case. If not, I'll try again tomorrow. Jay On Dec 15, 2007, at 5:57 PM, Ashley Pond V wrote: Progressing… Looking at Catalyst/Plugin/Authentication/Store/DBIC/ User.pm I saw a couple of items in the "authentication" config I could set. With "role_relation" and "role_field" set-- authentication: default_realm: users realms: users: credential: class: Password password_field: password password_type: hashed password_hash_type: SHA-1 store: class: DBIx::Class user_class: User role_relation: user_roles role_field: role --I now get the roles checked but they are failing because they are checking (returning) the role "id" instead of the "name." $c->user->roles returns a list of the IDs too. So, from reading this, Catalyst::Plugin::Authentication::Store::DBIx::Class::roles() it looks like dynamic loader schemas are incompatible right now? I'm trying to figure this out but there is a lot of inter-related code to read, cross-package-configuration, and documentation drift/ lag. Throw me a bone, er, a line! -Ashley On Dec 15, 2007, at 10:18 AM, Ashley Pond V wrote: Can you elaborate? "map_user_role" ne "user_role." I have "role_rel" set to the UserRole class. I tried adding "user_role" but it didn't help and I don't see it anywhere in the docs. I should rephrase, I think. Is anyone using DBIC::Schema::Loader dynamically with role authorization? If so, please share your configuration or advise of which FMTR. Thanks again, -Ashley ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/ [EMAIL PROTECTED]/ Dev site: http://dev.catalyst.perl.org/ --- For most things, throwing yourself at the wall over and over is a better way to improve than thinking hard about the wall and taking pictures of it. -- D.Litwack ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/ [EMAIL PROTE
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
Hi Ashley, The log message you see is a result of the recent move away from the Catalyst::Plugin::Authentication namespace for stores / credentials. It falls back to the old naming and warns if it can't find the new module.. It should, however, have no effect on the functionality of the code. It's not a bad idea to update the DBIx::Class store - but be sure to remove the Catalyst::Plugin::Authentication::Store::DBIx::Class module first - just to avoid conflicts. Nothing has changed related to roles in the update, so it shouldn't make any difference. I don't know why the assert is failing, it should not - what do you get if you use $c->check_user_roles() - valid results? Jay On Dec 16, 2007, at 4:27 PM, Ashley Pond V wrote: Continuing saga. So I set up the many_to_many and lo! It worked. But it worked with *any* role, even fake ones, so obviously something was bad. Turned out that it was silently failing instead of throwing an access exception (but there was a template set by the namespace so the page rendered as expected). # failed silently (as far as Cat was concerned) $c->assert_user_roles("there is no role called this"); So, dug into the log: [Sun Dec 16 16:13:20 2007] [error] [client 67.170.68.172] [warn] Store class "Catalyst::Authentication::Store::DBIx::Class" not found, trying deprecated ::Plugin:: style naming. , referer: [...] Would love to have more, rather than fewer exceptions thrown. I think the missing class was the cause of a couple of red herrings I followed down the rabbit hole trying to get this running yesterday [I'm entitled to mix metaphors, I pay an annual fee]. After I get an admin to install the missing package in the morning I'll regale you with my next series of missteps and annoying language. Live free or die early, die often, -Ashley On Dec 15, 2007, at 9:52 PM, Jay K wrote: Hi There Ashley, The DBIx::Class module expects to use the relation provided in the role_relation config element to retrieve one or more rows, which must contain a field called by whatever you provide in role_field. My guess is that your user_roles table is a cross-ref table - userid and roleid essentially. In order to solve this you need to use a many_to_many relationship mapping to the textual role names. The DBIx::Class module expects you are going to route it to the information it needs using the role_relation. So what you really need to do is create the schema class and just define the many-to- many for roles. Then provide that relation to 'role_relation' and all your problems should go away. It still works with dynamic schema - but you have to create the relationship. You can do that by creating your schema module to look something like this: package MyApp::Schema::Users; use strict; use warnings; use base 'DBIx::Class'; __PACKAGE__->load_components("PK::Auto", "Core"); __PACKAGE__->has_many('roles_map', "MyApp::Schema::RoleMap", user_id'); __PACKAGE__->many_to_many( roles => 'role_map, 'role'); 1; I might have that slightly wrong - I've been moving today so I'm a bit overtired. but basically that allows your schema to dynamically figure itself out, but you define the relationships for it. For some database types, DBIx::Class can figure out your relationships for you - but I don't think it can sort out many-to- many's anyway. Hope that helps. And I hope it makes as much sense to you as I make to myself in my head at the moment. This, I understand, may not be the case. If not, I'll try again tomorrow. Jay On Dec 15, 2007, at 5:57 PM, Ashley Pond V wrote: Progressing… Looking at Catalyst/Plugin/Authentication/Store/DBIC/ User.pm I saw a couple of items in the "authentication" config I could set. With "role_relation" and "role_field" set-- authentication: default_realm: users realms: users: credential: class: Password password_field: password password_type: hashed password_hash_type: SHA-1 store: class: DBIx::Class user_class: User role_relation: user_roles role_field: role --I now get the roles checked but they are failing because they are checking (returning) the role "id" instead of the "name." $c->user->roles returns a list of the IDs too. So, from reading this, Catalyst::Plugin::Authentication::Store::DBIx::Class::roles() it looks like dynamic loader schemas are incompatible right now? I'm trying to figure this out but there is a lot of inter-related code to read, cross-package-configuration, and documentation drift/ lag. Throw me a bone, er, a line! -Ashley On Dec 15, 2007, at 10:18 AM, Ashley Pond V wrote: Can you elaborate? "map_user_role" ne "user_role." I have "role_rel" set to the UserRole class. I tried adding "user_role" but it didn't help and I don't see it anywhere in the docs. I should rephrase, I think. Is anyone using DBIC::Schema::Loader dynamically with role authoriza
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
Thanks for still looking at this, Jay. This is the top of the method with some "die" decoration: Take 1: my ( $self, $c ) = @_; die "This will die"; $c->assert_user_roles("no such role"); Take 2: my ( $self, $c ) = @_; $c->assert_user_roles("no such role"); die "This will not fire"; I can put the assert in an eval block but $@ is not set so it doesn't help to see what's happening. There is no information in the logs at the point the code fails. I guess I'll ask our admin to pull Catalyst::Plugin::Authentication::Store::DBIx::Class, yeah? Authentication is working fine, by the by. It's just Authorization that's wonky right now. Pasting my setup stuff below. -Ashley -- use Catalyst qw/ ConfigLoader -Debug Unicode StackTrace Static::Simple Authentication Authorization::Roles Session Session::Store::FastMmap Session::State::Cookie /; ...User.pm __PACKAGE__->has_many( "user_roles", "MyApp::Schema::UserRole", { "foreign.user" => "self.id" }, ); # Created by DBIx::Class::Schema::Loader v0.04004 @ 2007-12-16 13:36:55 # DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:qroNdEXQL4pOH80kVPQquw __PACKAGE__->many_to_many(roles => 'user_roles', 'name'); --- yml authentication: default_realm: users realms: users: credential: class: Password password_type: hashed password_hash_type: SHA-1 store: class: DBIx::Class user_class: User role_relation: roles role_field: name # doesn't matter whether or not the authorization stuff is there but this is what i've played with (and *many* permutations of the arguments) authorization: dbic: role_class: Role role_field: name user_class: User user_field: user user_role_user_field: user user_role_role_field: role role_rel: user_roles user_role_class: UserRole On Dec 16, 2007, at 9:20 PM, Jay K wrote: Hi Ashley, The log message you see is a result of the recent move away from the Catalyst::Plugin::Authentication namespace for stores / credentials. It falls back to the old naming and warns if it can't find the new module.. It should, however, have no effect on the functionality of the code. It's not a bad idea to update the DBIx::Class store - but be sure to remove the Catalyst::Plugin::Authentication::Store::DBIx::Class module first - just to avoid conflicts. Nothing has changed related to roles in the update, so it shouldn't make any difference. I don't know why the assert is failing, it should not - what do you get if you use $c->check_user_roles() - valid results? Jay On Dec 16, 2007, at 4:27 PM, Ashley Pond V wrote: Continuing saga. So I set up the many_to_many and lo! It worked. But it worked with *any* role, even fake ones, so obviously something was bad. Turned out that it was silently failing instead of throwing an access exception (but there was a template set by the namespace so the page rendered as expected). # failed silently (as far as Cat was concerned) $c->assert_user_roles("there is no role called this"); So, dug into the log: [Sun Dec 16 16:13:20 2007] [error] [client 67.170.68.172] [warn] Store class "Catalyst::Authentication::Store::DBIx::Class" not found, trying deprecated ::Plugin:: style naming. , referer: [...] Would love to have more, rather than fewer exceptions thrown. I think the missing class was the cause of a couple of red herrings I followed down the rabbit hole trying to get this running yesterday [I'm entitled to mix metaphors, I pay an annual fee]. After I get an admin to install the missing package in the morning I'll regale you with my next series of missteps and annoying language. Live free or die early, die often, -Ashley On Dec 15, 2007, at 9:52 PM, Jay K wrote: Hi There Ashley, The DBIx::Class module expects to use the relation provided in the role_relation config element to retrieve one or more rows, which must contain a field called by whatever you provide in role_field. My guess is that your user_roles table is a cross-ref table - userid and roleid essentially. In order to solve this you need to use a many_to_many relationship mapping to the textual role names. The DBIx::Class module expects you are going to route it to the information it needs using the role_relation. So what you really need to do is create the schema class and just define the many-to- many for roles. Then provide that relation to 'role_relation' and all your problems should go away. It still works with dynamic schema - but you have to create the relationship. You can do that by creating your schema module to look something like this: package MyApp::Schema::Users; use strict; use warnings; use base 'DBIx::Class'; __PACKAGE__->load_components("PK::Auto", "Core"); __PACKAGE__->has_many('roles_map', "MyApp::Schema::RoleMap", user_id'); __P
Re: [Catalyst] "no role configuration found" -- authorization: dbic and DBI::Schema::Loader
I backed up to a simple test script, got easier to find errors, and found the trouble with what I was doing. __PACKAGE__->many_to_many(roles => 'user_roles', 'name'); needed to be __PACKAGE__->many_to_many(roles => 'user_roles', 'role'); and a corresponding many_to_many in Role.pm __PACKAGE__->many_to_many(users => 'user_roles', 'user'); So, I'm all good now but still a bit mystified about the silent failure(?). Thanks again, -Ashley On Dec 16, 2007, at 10:49 PM, Ashley Pond V wrote: Thanks for still looking at this, Jay. This is the top of the method with some "die" decoration: Take 1: my ( $self, $c ) = @_; die "This will die"; $c->assert_user_roles("no such role"); Take 2: my ( $self, $c ) = @_; $c->assert_user_roles("no such role"); die "This will not fire"; I can put the assert in an eval block but $@ is not set so it doesn't help to see what's happening. There is no information in the logs at the point the code fails. I guess I'll ask our admin to pull Catalyst::Plugin::Authentication::Store::DBIx::Class, yeah? Authentication is working fine, by the by. It's just Authorization that's wonky right now. Pasting my setup stuff below. -Ashley -- use Catalyst qw/ ConfigLoader -Debug Unicode StackTrace Static::Simple Authentication Authorization::Roles Session Session::Store::FastMmap Session::State::Cookie /; ...User.pm __PACKAGE__->has_many( "user_roles", "MyApp::Schema::UserRole", { "foreign.user" => "self.id" }, ); # Created by DBIx::Class::Schema::Loader v0.04004 @ 2007-12-16 13:36:55 # DO NOT MODIFY THIS OR ANYTHING ABOVE! md5sum:qroNdEXQL4pOH80kVPQquw __PACKAGE__->many_to_many(roles => 'user_roles', 'name'); --- yml authentication: default_realm: users realms: users: credential: class: Password password_type: hashed password_hash_type: SHA-1 store: class: DBIx::Class user_class: User role_relation: roles role_field: name # doesn't matter whether or not the authorization stuff is there but this is what i've played with (and *many* permutations of the arguments) authorization: dbic: role_class: Role role_field: name user_class: User user_field: user user_role_user_field: user user_role_role_field: role role_rel: user_roles user_role_class: UserRole On Dec 16, 2007, at 9:20 PM, Jay K wrote: Hi Ashley, The log message you see is a result of the recent move away from the Catalyst::Plugin::Authentication namespace for stores / credentials. It falls back to the old naming and warns if it can't find the new module.. It should, however, have no effect on the functionality of the code. It's not a bad idea to update the DBIx::Class store - but be sure to remove the Catalyst::Plugin::Authentication::Store::DBIx::Class module first - just to avoid conflicts. Nothing has changed related to roles in the update, so it shouldn't make any difference. I don't know why the assert is failing, it should not - what do you get if you use $c->check_user_roles() - valid results? Jay On Dec 16, 2007, at 4:27 PM, Ashley Pond V wrote: Continuing saga. So I set up the many_to_many and lo! It worked. But it worked with *any* role, even fake ones, so obviously something was bad. Turned out that it was silently failing instead of throwing an access exception (but there was a template set by the namespace so the page rendered as expected). # failed silently (as far as Cat was concerned) $c->assert_user_roles("there is no role called this"); So, dug into the log: [Sun Dec 16 16:13:20 2007] [error] [client 67.170.68.172] [warn] Store class "Catalyst::Authentication::Store::DBIx::Class" not found, trying deprecated ::Plugin:: style naming. , referer: [...] Would love to have more, rather than fewer exceptions thrown. I think the missing class was the cause of a couple of red herrings I followed down the rabbit hole trying to get this running yesterday [I'm entitled to mix metaphors, I pay an annual fee]. After I get an admin to install the missing package in the morning I'll regale you with my next series of missteps and annoying language. Live free or die early, die often, -Ashley On Dec 15, 2007, at 9:52 PM, Jay K wrote: Hi There Ashley, The DBIx::Class module expects to use the relation provided in the role_relation config element to retrieve one or more rows, which must contain a field called by whatever you provide in role_field. My guess is that your user_roles table is a cross-ref table - userid and roleid essentially. In order to solve this you need to use a many_to_many relationship mapping to the textual role names. The DBIx::Class module expects you are going to route it to the information it needs using the role_relation. So what you really need to do is create the schema class