[Lift] Re: Feature Request: Add S.findComet(theType: String, name: String): Option[CometActor]
Is this too inconvenient ? val myComet = Box(findComet(myType).filter(_.name == myname)) I have nothing against your proposal except it should return a Box not an Option. Br's, Marius On Sep 6, 6:17 am, Xavi Ramirez xavi@gmail.com wrote: Hello, Would it be possible to add the following findComet override to LiftSession? def findComet(theType: String, name: String): Option[CometActor] = synchronized { asyncComponents get (theType, name) } // I'm not sure if this is the correct implementation, but you get the idea I'd like to be able to get hold of a specific CometActor without storing it in a session variable. Thanks, Xavi --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: Using Roles and LIftRules.authentication
Glen, Tim is correct however HTTP auth support + it's Role model can be used for SiteMenu as well. Please see: case class HttpAuthProtected(role: () = Box[Role]) extends LocParam You easily can specify that a Loc is a protected resource you just need to return the Role that guards this resource. This Loc will be served only if HTTP authentication succeeds and the Role match. So this is an RBAC. Br's, Marius On Sep 5, 7:57 pm, Timothy Perrett timo...@getintheloop.eu wrote: Glenn, its simply not designed to do what your asking - however, the most lift way of doing access control is with SiteMap, so potentially look into that as a solution. You don't detail your needs, but we've had this conversation several times on-list so just look through the archives and that might spawn some other ideas for you. Tim PS: Is there any good reason you always put an ellipsis after your name? For some reason it bothers me quite a bit! On Sep 5, 5:32 pm, glenn gl...@exmbly.com wrote: Marius, I appreciate your reply, but the question I asked regards useage of the Role trait in what Charles refers to as a Role-Based Access Control (RBAC) system. I could not find this addressed in the Lift Book and, no, there is no illuminating code in the lift- authentication example. It's established the trait is not a good mixin for a mapper class in maintaining persistent role/access data. I was asking, on a lark, if anyone had ideas on a pattern that might help. I guess I've gotten an answer - No. I certainly don't expect Lift, out-of-the-box, to provide a complete authorization package and I would have been surprised if it had. Glenn... On Sep 5, 12:38 am, marius d. marius.dan...@gmail.com wrote: I'll let Tim provide you a concrete code example but AFAIK there is a lift-authetication example in examples? A few points: 1. We support both BASIC and DIGEST HTTP authentication 2. First, to apply authentication you need to specify which resource (by URI) is a protected resource. Here we say that resource X is protected by Role A (Roles are hierarchicaly structured) 3. Secondly you set up the authentication function in Boot (for Basic or Digest) you check the credentials. If authentication succeeds that request is being processed. Here is an example from lift-authentication: LiftRules.httpAuthProtectedResource.prepend { case (ParsePath(secure-basic :: Nil, _, _, _)) = Full(AuthRole(admin)) } // This resource is protected by an AuthRole named admin. LiftRules.authentication = HttpBasicAuthentication(lift) { case (someuser, 1234, req) = { Log.info(You are now authenticated !) userRoles(AuthRole(admin)) true } } When we try to access /secure-basic resource HTTP basic auth. is applied. If credentials are correct we set the AuthRole as admin on the Requestvar userRoles. If we would have set another role such as userRoles (AuthRole (guest)) the resource would still not be served as guest has nothing to do with an admin. The lift-book describes the rules of Roles application. All this has nothing to do with Mapper or Record etc. it is purely about HTTP authentication and a simple authorization mechanism Br's, Marius On Sep 5, 12:53 am, glenn gl...@exmbly.com wrote: I'm looking for direction on the best pattern for implementing basic authentication and authorization in Lift. For example, if I already have a Role mapper to store roles in the database, to what do I attach the Role trait in the net.liftweb.http.auth package? 1) The mapper. You would have to make sure there were no naming conflicts ( i.e., def name in the trait and the mapped string, name, in the mapper. Not the best design pattern to link the two, in my humble opinion.) or 2) A new class, or perhaps an object, with the trait that wraps a Role mapper instance. The other piece to the puzzle is managing the list of AuthRoles, create protected resources and build the Lift.authentication cases. If you limit this to Boot, then you give up on dynamic authentication and authorization, or do you? Glenn... --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: Using Roles and LIftRules.authentication
Right, i know it has a sitemap aspect... just based on what chas has asked about RBAC before, I can only presume he's still looking for more granularity than sitemap offers :-) Perhaps it might work for Glenn though... Cheers, Tim On Sep 6, 3:44 pm, marius d. marius.dan...@gmail.com wrote: Glen, Tim is correct however HTTP auth support + it's Role model can be used for SiteMenu as well. Please see: case class HttpAuthProtected(role: () = Box[Role]) extends LocParam You easily can specify that a Loc is a protected resource you just need to return the Role that guards this resource. This Loc will be served only if HTTP authentication succeeds and the Role match. So this is an RBAC. Br's, Marius On Sep 5, 7:57 pm, Timothy Perrett timo...@getintheloop.eu wrote: Glenn, its simply not designed to do what your asking - however, the most lift way of doing access control is with SiteMap, so potentially look into that as a solution. You don't detail your needs, but we've had this conversation several times on-list so just look through the archives and that might spawn some other ideas for you. Tim PS: Is there any good reason you always put an ellipsis after your name? For some reason it bothers me quite a bit! On Sep 5, 5:32 pm, glenn gl...@exmbly.com wrote: Marius, I appreciate your reply, but the question I asked regards useage of the Role trait in what Charles refers to as a Role-Based Access Control (RBAC) system. I could not find this addressed in the Lift Book and, no, there is no illuminating code in the lift- authentication example. It's established the trait is not a good mixin for a mapper class in maintaining persistent role/access data. I was asking, on a lark, if anyone had ideas on a pattern that might help. I guess I've gotten an answer - No. I certainly don't expect Lift, out-of-the-box, to provide a complete authorization package and I would have been surprised if it had. Glenn... On Sep 5, 12:38 am, marius d. marius.dan...@gmail.com wrote: I'll let Tim provide you a concrete code example but AFAIK there is a lift-authetication example in examples? A few points: 1. We support both BASIC and DIGEST HTTP authentication 2. First, to apply authentication you need to specify which resource (by URI) is a protected resource. Here we say that resource X is protected by Role A (Roles are hierarchicaly structured) 3. Secondly you set up the authentication function in Boot (for Basic or Digest) you check the credentials. If authentication succeeds that request is being processed. Here is an example from lift-authentication: LiftRules.httpAuthProtectedResource.prepend { case (ParsePath(secure-basic :: Nil, _, _, _)) = Full(AuthRole(admin)) } // This resource is protected by an AuthRole named admin. LiftRules.authentication = HttpBasicAuthentication(lift) { case (someuser, 1234, req) = { Log.info(You are now authenticated !) userRoles(AuthRole(admin)) true } } When we try to access /secure-basic resource HTTP basic auth. is applied. If credentials are correct we set the AuthRole as admin on the Requestvar userRoles. If we would have set another role such as userRoles (AuthRole (guest)) the resource would still not be served as guest has nothing to do with an admin. The lift-book describes the rules of Roles application. All this has nothing to do with Mapper or Record etc. it is purely about HTTP authentication and a simple authorization mechanism Br's, Marius On Sep 5, 12:53 am, glenn gl...@exmbly.com wrote: I'm looking for direction on the best pattern for implementing basic authentication and authorization in Lift. For example, if I already have a Role mapper to store roles in the database, to what do I attach the Role trait in the net.liftweb.http.auth package? 1) The mapper. You would have to make sure there were no naming conflicts ( i.e., def name in the trait and the mapped string, name, in the mapper. Not the best design pattern to link the two, in my humble opinion.) or 2) A new class, or perhaps an object, with the trait that wraps a Role mapper instance. The other piece to the puzzle is managing the list of AuthRoles, create protected resources and build the Lift.authentication cases. If you limit this to Boot, then you give up on dynamic authentication and authorization, or do you? Glenn... --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to
[Lift] Re: Feature Request: Add S.findComet(theType: String, name: String): Option[CometActor]
I didn't realize that a list of one item could be turned into a Box directly. Thanks for the tip. -Xavi On Sun, Sep 6, 2009 at 10:37 AM, marius d.marius.dan...@gmail.com wrote: Is this too inconvenient ? val myComet = Box(findComet(myType).filter(_.name == myname)) I have nothing against your proposal except it should return a Box not an Option. Br's, Marius On Sep 6, 6:17 am, Xavi Ramirez xavi@gmail.com wrote: Hello, Would it be possible to add the following findComet override to LiftSession? def findComet(theType: String, name: String): Option[CometActor] = synchronized { asyncComponents get (theType, name) } // I'm not sure if this is the correct implementation, but you get the idea I'd like to be able to get hold of a specific CometActor without storing it in a session variable. Thanks, Xavi --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] putting data in a session
How do I put something in the session from one page and take it out from another page? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: putting data in a session
object FooVar extends SessionVar[Box[String]](Empty) // to set FooVar.set(Full(fooValToSet)) // to retreive val foo = FooVar.is.openOr(Not found) Cheers, Indrajit On Sep 7, 12:36 am, jack jack.wid...@gmail.com wrote: How do I put something in the session from one page and take it out from another page? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: putting data in a session
Thanks Indrajit for the quick response! On Sun, Sep 6, 2009 at 4:22 PM, Indrajit Raychaudhuri indraj...@gmail.comwrote: object FooVar extends SessionVar[Box[String]](Empty) // to set FooVar.set(Full(fooValToSet)) // to retreive val foo = FooVar.is.openOr(Not found) Cheers, Indrajit On Sep 7, 12:36 am, jack jack.wid...@gmail.com wrote: How do I put something in the session from one page and take it out from another page? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: putting data in a session
I'm sorry for such an elementary question, but what is Empty here? On Sun, Sep 6, 2009 at 4:22 PM, Indrajit Raychaudhuri indraj...@gmail.comwrote: object FooVar extends SessionVar[Box[String]](Empty) // to set FooVar.set(Full(fooValToSet)) // to retreive val foo = FooVar.is.openOr(Not found) Cheers, Indrajit On Sep 7, 12:36 am, jack jack.wid...@gmail.com wrote: How do I put something in the session from one page and take it out from another page? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: putting data in a session
I'm sorry. You probably meant 'None' On Sun, Sep 6, 2009 at 5:05 PM, Jack Widman jack.wid...@gmail.com wrote: I'm sorry for such an elementary question, but what is Empty here? On Sun, Sep 6, 2009 at 4:22 PM, Indrajit Raychaudhuri indraj...@gmail.com wrote: object FooVar extends SessionVar[Box[String]](Empty) // to set FooVar.set(Full(fooValToSet)) // to retreive val foo = FooVar.is.openOr(Not found) Cheers, Indrajit On Sep 7, 12:36 am, jack jack.wid...@gmail.com wrote: How do I put something in the session from one page and take it out from another page? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: putting data in a session
Lift has Box which is like Option but with a third state for a failure. Empty corresponds to None, and Full, to Some. - Jack Widmanjack.wid...@gmail.com wrote: I'm sorry for such an elementary question, but what is Empty here? On Sun, Sep 6, 2009 at 4:22 PM, Indrajit Raychaudhuri indraj...@gmail.comwrote: object FooVar extends SessionVar[Box[String]](Empty) // to set FooVar.set(Full(fooValToSet)) // to retreive val foo = FooVar.is.openOr(Not found) Cheers, Indrajit On Sep 7, 12:36 am, jack jack.wid...@gmail.com wrote: How do I put something in the session from one page and take it out from another page? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Invalid dates
How do you deal with users entering invalid dates? 1) The default implementation is dependent on the global date formatter/parser, which is nonoptimal. How do you enter a time for a MappedTime? MappedDates should not show the time of day, nor MappedTimes the date. 2) If toForm or setFromAny fails to parse the date, there is no information about it available to validation. I would like to suggest that Mapped(Date)(Time)s hold a DateFormat. MappedDate should default to DateFormat.getDateInstance and MappedTime to DateFormat.getTimeInstance(DateFormat.SHORT). MappedDateTime can use the global. And they could hold a Boxed String which would be Full if parsing failed, and a validator that requires it to be Empty. The actual set method would reset it to Empty. Thanks. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] FieldIdentifier
How do FieldErrors work? When does a fields uniqueFieldId get set? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] How to stop validations if previous validator returns error.
I'm looking for a way to stop MappedField validations if prefvious validator returns error. For example: object Alphabets extends MappedString(this, 20) { override def validations = valMinLen(1, Alphabets is required) _ :: valRegex(Pattern.compile(^[a-zA-Z]+$, It's not alphabets!) _ :: super.validations } if valMinLen returns error, I don't want to process valRegex. My solutions are (1) define custom validator which works as I want. (2) override MappedField#validate() If you have other ideas, please help me. Thanks in advance. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: Invalid dates
OK, I just went through a lot of work on this over the past month ... My solution, in a webapp environment, was to hold all date-times as UNIX timestamps (milliseconds from 1970.1.1), which are in UTC, and then let the client do all conversions, because the browser is set for the local timezone. What I like is that the DB number is a pure Long, so I can add or subtract as I need (either server-side or client-side), and I can even sneak in a call on the server to java.util.Date for a (new Date ()).getTime() if I need a timestamp. The downside is there are some gymnastics to do for JavaScript formatting, conversion, and even validation on input and display, but otherwise it works nicely. On Sep 6, 2:32 pm, Naftoli Gugenheim naftoli...@gmail.com wrote: How do you deal with users entering invalid dates? 1) The default implementation is dependent on the global date formatter/parser, which is nonoptimal. How do you enter a time for a MappedTime? MappedDates should not show the time of day, nor MappedTimes the date. 2) If toForm or setFromAny fails to parse the date, there is no information about it available to validation. I would like to suggest that Mapped(Date)(Time)s hold a DateFormat. MappedDate should default to DateFormat.getDateInstance and MappedTime to DateFormat.getTimeInstance(DateFormat.SHORT). MappedDateTime can use the global. And they could hold a Boxed String which would be Full if parsing failed, and a validator that requires it to be Empty. The actual set method would reset it to Empty. Thanks. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: Invalid dates
My problem has nothing to do with timezones, and I don't want to switch away from Mapped(Date)(Time) or rely on Javascript. There's no reason why a MappedTime toForm or toString should display a date. And if it doesn't like 10:00A rather than 10:00 AM then I should get a validation error. - g-mangregor...@gmail.com wrote: OK, I just went through a lot of work on this over the past month ... My solution, in a webapp environment, was to hold all date-times as UNIX timestamps (milliseconds from 1970.1.1), which are in UTC, and then let the client do all conversions, because the browser is set for the local timezone. What I like is that the DB number is a pure Long, so I can add or subtract as I need (either server-side or client-side), and I can even sneak in a call on the server to java.util.Date for a (new Date ()).getTime() if I need a timestamp. The downside is there are some gymnastics to do for JavaScript formatting, conversion, and even validation on input and display, but otherwise it works nicely. On Sep 6, 2:32 pm, Naftoli Gugenheim naftoli...@gmail.com wrote: How do you deal with users entering invalid dates? 1) The default implementation is dependent on the global date formatter/parser, which is nonoptimal. How do you enter a time for a MappedTime? MappedDates should not show the time of day, nor MappedTimes the date. 2) If toForm or setFromAny fails to parse the date, there is no information about it available to validation. I would like to suggest that Mapped(Date)(Time)s hold a DateFormat. MappedDate should default to DateFormat.getDateInstance and MappedTime to DateFormat.getTimeInstance(DateFormat.SHORT). MappedDateTime can use the global. And they could hold a Boxed String which would be Full if parsing failed, and a validator that requires it to be Empty. The actual set method would reset it to Empty. Thanks. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Upcoming 1.1-M5?
Hey, Just wondering if there are plans to create a new milestone sometime soon, or if there is some other way to freeze my lift libraries to a stable build of 1.1-SNAPSHOT while still using maven to manage the dependencies. - Jon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: Upcoming 1.1-M5?
1.1-M5 was to be done on Friday, but I accidentally misplaced my credentials for the server, and am waiting until Josh gets back from Labor Day weekend. It will be out tomorrow or Tuesday at the latest. Sorry for the delay. Chas. Munat jon wrote: Hey, Just wondering if there are plans to create a new milestone sometime soon, or if there is some other way to freeze my lift libraries to a stable build of 1.1-SNAPSHOT while still using maven to manage the dependencies. - Jon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---