[Lift] Re: Feature Request: Add S.findComet(theType: String, name: String): Option[CometActor]
Is this too inconvenient ?
val myComet = Box(findComet(myType).filter(_.name == myname))
I have nothing against your proposal except it should return a Box not
an Option.
Br's,
Marius
On Sep 6, 6:17 am, Xavi Ramirez xavi@gmail.com wrote:
Hello,
Would it be possible to add the following findComet override to LiftSession?
def findComet(theType: String, name: String): Option[CometActor] =
synchronized { asyncComponents get (theType, name) } // I'm not sure
if this is the correct implementation, but you get the idea
I'd like to be able to get hold of a specific CometActor without
storing it in a session variable.
Thanks,
Xavi
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Lift group.
To post to this group, send email to liftweb@googlegroups.com
To unsubscribe from this group, send email to
liftweb+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/liftweb?hl=en
-~--~~~~--~~--~--~---
[Lift] Re: Using Roles and LIftRules.authentication
Glen,
Tim is correct however HTTP auth support + it's Role model can be used
for SiteMenu as well. Please see:
case class HttpAuthProtected(role: () = Box[Role]) extends LocParam
You easily can specify that a Loc is a protected resource you just
need to return the Role that guards this resource. This Loc will be
served only if HTTP authentication succeeds and the Role match.
So this is an RBAC.
Br's,
Marius
On Sep 5, 7:57 pm, Timothy Perrett timo...@getintheloop.eu wrote:
Glenn, its simply not designed to do what your asking - however, the
most lift way of doing access control is with SiteMap, so
potentially look into that as a solution. You don't detail your needs,
but we've had this conversation several times on-list so just look
through the archives and that might spawn some other ideas for you.
Tim
PS: Is there any good reason you always put an ellipsis after your
name? For some reason it bothers me quite a bit!
On Sep 5, 5:32 pm, glenn gl...@exmbly.com wrote:
Marius,
I appreciate your reply, but the question I asked regards useage of
the Role trait in what Charles
refers to as a Role-Based Access Control (RBAC) system. I could not
find this addressed in the
Lift Book and, no, there is no illuminating code in the lift-
authentication example. It's established
the trait is not a good mixin for a mapper class in maintaining
persistent role/access
data. I was asking, on a lark, if anyone had ideas on a pattern that
might help. I guess
I've gotten an answer - No.
I certainly don't expect Lift, out-of-the-box, to provide a complete
authorization package
and I would have been surprised if it had.
Glenn...
On Sep 5, 12:38 am, marius d. marius.dan...@gmail.com wrote:
I'll let Tim provide you a concrete code example but AFAIK there is a
lift-authetication example in examples?
A few points:
1. We support both BASIC and DIGEST HTTP authentication
2. First, to apply authentication you need to specify which resource
(by URI) is a protected resource. Here we say that resource X is
protected by Role A (Roles are hierarchicaly structured)
3. Secondly you set up the authentication function in Boot (for Basic
or Digest) you check the credentials. If authentication succeeds that
request is being processed.
Here is an example from lift-authentication:
LiftRules.httpAuthProtectedResource.prepend {
case (ParsePath(secure-basic :: Nil, _, _, _)) =
Full(AuthRole(admin))
}
// This resource is protected by an AuthRole named admin.
LiftRules.authentication = HttpBasicAuthentication(lift) {
case (someuser, 1234, req) = {
Log.info(You are now authenticated !)
userRoles(AuthRole(admin))
true
}
}
When we try to access /secure-basic resource HTTP basic auth. is
applied. If
credentials are correct we set the AuthRole as admin on the
Requestvar
userRoles. If we would have set another role such as userRoles
(AuthRole
(guest)) the resource would still not be served as guest has nothing
to do with
an admin. The lift-book describes the rules of Roles application.
All this has nothing to do with Mapper or Record etc. it is purely
about HTTP authentication and a simple authorization mechanism
Br's,
Marius
On Sep 5, 12:53 am, glenn gl...@exmbly.com wrote:
I'm looking for direction on the best pattern for implementing basic
authentication and authorization in Lift.
For example, if I already have a Role mapper to store roles in the
database, to what do I attach the Role trait in
the net.liftweb.http.auth package?
1) The mapper. You would have to make sure there were no naming
conflicts ( i.e., def name in the trait and the mapped string, name,
in the mapper. Not the best design pattern to link the two, in my
humble opinion.)
or
2) A new class, or perhaps an object, with the trait that wraps a Role
mapper instance.
The other piece to the puzzle is managing the list of AuthRoles,
create protected resources and build the Lift.authentication cases. If
you limit this to Boot, then you give up on dynamic authentication and
authorization, or do you?
Glenn...
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Lift group.
To post to this group, send email to liftweb@googlegroups.com
To unsubscribe from this group, send email to
liftweb+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/liftweb?hl=en
-~--~~~~--~~--~--~---
[Lift] Re: Using Roles and LIftRules.authentication
Right, i know it has a sitemap aspect... just based on what chas has
asked about RBAC before, I can only presume he's still looking for
more granularity than sitemap offers :-)
Perhaps it might work for Glenn though...
Cheers, Tim
On Sep 6, 3:44 pm, marius d. marius.dan...@gmail.com wrote:
Glen,
Tim is correct however HTTP auth support + it's Role model can be used
for SiteMenu as well. Please see:
case class HttpAuthProtected(role: () = Box[Role]) extends LocParam
You easily can specify that a Loc is a protected resource you just
need to return the Role that guards this resource. This Loc will be
served only if HTTP authentication succeeds and the Role match.
So this is an RBAC.
Br's,
Marius
On Sep 5, 7:57 pm, Timothy Perrett timo...@getintheloop.eu wrote:
Glenn, its simply not designed to do what your asking - however, the
most lift way of doing access control is with SiteMap, so
potentially look into that as a solution. You don't detail your needs,
but we've had this conversation several times on-list so just look
through the archives and that might spawn some other ideas for you.
Tim
PS: Is there any good reason you always put an ellipsis after your
name? For some reason it bothers me quite a bit!
On Sep 5, 5:32 pm, glenn gl...@exmbly.com wrote:
Marius,
I appreciate your reply, but the question I asked regards useage of
the Role trait in what Charles
refers to as a Role-Based Access Control (RBAC) system. I could not
find this addressed in the
Lift Book and, no, there is no illuminating code in the lift-
authentication example. It's established
the trait is not a good mixin for a mapper class in maintaining
persistent role/access
data. I was asking, on a lark, if anyone had ideas on a pattern that
might help. I guess
I've gotten an answer - No.
I certainly don't expect Lift, out-of-the-box, to provide a complete
authorization package
and I would have been surprised if it had.
Glenn...
On Sep 5, 12:38 am, marius d. marius.dan...@gmail.com wrote:
I'll let Tim provide you a concrete code example but AFAIK there is a
lift-authetication example in examples?
A few points:
1. We support both BASIC and DIGEST HTTP authentication
2. First, to apply authentication you need to specify which resource
(by URI) is a protected resource. Here we say that resource X is
protected by Role A (Roles are hierarchicaly structured)
3. Secondly you set up the authentication function in Boot (for Basic
or Digest) you check the credentials. If authentication succeeds that
request is being processed.
Here is an example from lift-authentication:
LiftRules.httpAuthProtectedResource.prepend {
case (ParsePath(secure-basic :: Nil, _, _, _)) =
Full(AuthRole(admin))
}
// This resource is protected by an AuthRole named admin.
LiftRules.authentication = HttpBasicAuthentication(lift) {
case (someuser, 1234, req) = {
Log.info(You are now authenticated !)
userRoles(AuthRole(admin))
true
}
}
When we try to access /secure-basic resource HTTP basic auth. is
applied. If
credentials are correct we set the AuthRole as admin on the
Requestvar
userRoles. If we would have set another role such as userRoles
(AuthRole
(guest)) the resource would still not be served as guest has nothing
to do with
an admin. The lift-book describes the rules of Roles application.
All this has nothing to do with Mapper or Record etc. it is purely
about HTTP authentication and a simple authorization mechanism
Br's,
Marius
On Sep 5, 12:53 am, glenn gl...@exmbly.com wrote:
I'm looking for direction on the best pattern for implementing basic
authentication and authorization in Lift.
For example, if I already have a Role mapper to store roles in the
database, to what do I attach the Role trait in
the net.liftweb.http.auth package?
1) The mapper. You would have to make sure there were no naming
conflicts ( i.e., def name in the trait and the mapped string, name,
in the mapper. Not the best design pattern to link the two, in my
humble opinion.)
or
2) A new class, or perhaps an object, with the trait that wraps a Role
mapper instance.
The other piece to the puzzle is managing the list of AuthRoles,
create protected resources and build the Lift.authentication cases. If
you limit this to Boot, then you give up on dynamic authentication and
authorization, or do you?
Glenn...
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Lift group.
To post to this group, send email to liftweb@googlegroups.com
To unsubscribe from this group, send email to
[Lift] Re: Feature Request: Add S.findComet(theType: String, name: String): Option[CometActor]
I didn't realize that a list of one item could be turned into a Box directly.
Thanks for the tip.
-Xavi
On Sun, Sep 6, 2009 at 10:37 AM, marius d.marius.dan...@gmail.com wrote:
Is this too inconvenient ?
val myComet = Box(findComet(myType).filter(_.name == myname))
I have nothing against your proposal except it should return a Box not
an Option.
Br's,
Marius
On Sep 6, 6:17 am, Xavi Ramirez xavi@gmail.com wrote:
Hello,
Would it be possible to add the following findComet override to LiftSession?
def findComet(theType: String, name: String): Option[CometActor] =
synchronized { asyncComponents get (theType, name) } // I'm not sure
if this is the correct implementation, but you get the idea
I'd like to be able to get hold of a specific CometActor without
storing it in a session variable.
Thanks,
Xavi
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Lift group.
To post to this group, send email to liftweb@googlegroups.com
To unsubscribe from this group, send email to
liftweb+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/liftweb?hl=en
-~--~~~~--~~--~--~---
[Lift] putting data in a session
How do I put something in the session from one page and take it out from another page? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: putting data in a session
object FooVar extends SessionVar[Box[String]](Empty) // to set FooVar.set(Full(fooValToSet)) // to retreive val foo = FooVar.is.openOr(Not found) Cheers, Indrajit On Sep 7, 12:36 am, jack jack.wid...@gmail.com wrote: How do I put something in the session from one page and take it out from another page? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: putting data in a session
Thanks Indrajit for the quick response! On Sun, Sep 6, 2009 at 4:22 PM, Indrajit Raychaudhuri indraj...@gmail.comwrote: object FooVar extends SessionVar[Box[String]](Empty) // to set FooVar.set(Full(fooValToSet)) // to retreive val foo = FooVar.is.openOr(Not found) Cheers, Indrajit On Sep 7, 12:36 am, jack jack.wid...@gmail.com wrote: How do I put something in the session from one page and take it out from another page? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: putting data in a session
I'm sorry for such an elementary question, but what is Empty here? On Sun, Sep 6, 2009 at 4:22 PM, Indrajit Raychaudhuri indraj...@gmail.comwrote: object FooVar extends SessionVar[Box[String]](Empty) // to set FooVar.set(Full(fooValToSet)) // to retreive val foo = FooVar.is.openOr(Not found) Cheers, Indrajit On Sep 7, 12:36 am, jack jack.wid...@gmail.com wrote: How do I put something in the session from one page and take it out from another page? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: putting data in a session
I'm sorry. You probably meant 'None' On Sun, Sep 6, 2009 at 5:05 PM, Jack Widman jack.wid...@gmail.com wrote: I'm sorry for such an elementary question, but what is Empty here? On Sun, Sep 6, 2009 at 4:22 PM, Indrajit Raychaudhuri indraj...@gmail.com wrote: object FooVar extends SessionVar[Box[String]](Empty) // to set FooVar.set(Full(fooValToSet)) // to retreive val foo = FooVar.is.openOr(Not found) Cheers, Indrajit On Sep 7, 12:36 am, jack jack.wid...@gmail.com wrote: How do I put something in the session from one page and take it out from another page? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: putting data in a session
Lift has Box which is like Option but with a third state for a failure. Empty corresponds to None, and Full, to Some. - Jack Widmanjack.wid...@gmail.com wrote: I'm sorry for such an elementary question, but what is Empty here? On Sun, Sep 6, 2009 at 4:22 PM, Indrajit Raychaudhuri indraj...@gmail.comwrote: object FooVar extends SessionVar[Box[String]](Empty) // to set FooVar.set(Full(fooValToSet)) // to retreive val foo = FooVar.is.openOr(Not found) Cheers, Indrajit On Sep 7, 12:36 am, jack jack.wid...@gmail.com wrote: How do I put something in the session from one page and take it out from another page? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Invalid dates
How do you deal with users entering invalid dates? 1) The default implementation is dependent on the global date formatter/parser, which is nonoptimal. How do you enter a time for a MappedTime? MappedDates should not show the time of day, nor MappedTimes the date. 2) If toForm or setFromAny fails to parse the date, there is no information about it available to validation. I would like to suggest that Mapped(Date)(Time)s hold a DateFormat. MappedDate should default to DateFormat.getDateInstance and MappedTime to DateFormat.getTimeInstance(DateFormat.SHORT). MappedDateTime can use the global. And they could hold a Boxed String which would be Full if parsing failed, and a validator that requires it to be Empty. The actual set method would reset it to Empty. Thanks. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] FieldIdentifier
How do FieldErrors work? When does a fields uniqueFieldId get set? --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] How to stop validations if previous validator returns error.
I'm looking for a way to stop MappedField validations if prefvious
validator returns error.
For example:
object Alphabets extends MappedString(this, 20) {
override def validations =
valMinLen(1, Alphabets is required) _ ::
valRegex(Pattern.compile(^[a-zA-Z]+$, It's not alphabets!)
_ ::
super.validations
}
if valMinLen returns error, I don't want to process valRegex.
My solutions are
(1) define custom validator which works as I want.
(2) override MappedField#validate()
If you have other ideas, please help me.
Thanks in advance.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
Lift group.
To post to this group, send email to liftweb@googlegroups.com
To unsubscribe from this group, send email to
liftweb+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/liftweb?hl=en
-~--~~~~--~~--~--~---
[Lift] Re: Invalid dates
OK, I just went through a lot of work on this over the past month ... My solution, in a webapp environment, was to hold all date-times as UNIX timestamps (milliseconds from 1970.1.1), which are in UTC, and then let the client do all conversions, because the browser is set for the local timezone. What I like is that the DB number is a pure Long, so I can add or subtract as I need (either server-side or client-side), and I can even sneak in a call on the server to java.util.Date for a (new Date ()).getTime() if I need a timestamp. The downside is there are some gymnastics to do for JavaScript formatting, conversion, and even validation on input and display, but otherwise it works nicely. On Sep 6, 2:32 pm, Naftoli Gugenheim naftoli...@gmail.com wrote: How do you deal with users entering invalid dates? 1) The default implementation is dependent on the global date formatter/parser, which is nonoptimal. How do you enter a time for a MappedTime? MappedDates should not show the time of day, nor MappedTimes the date. 2) If toForm or setFromAny fails to parse the date, there is no information about it available to validation. I would like to suggest that Mapped(Date)(Time)s hold a DateFormat. MappedDate should default to DateFormat.getDateInstance and MappedTime to DateFormat.getTimeInstance(DateFormat.SHORT). MappedDateTime can use the global. And they could hold a Boxed String which would be Full if parsing failed, and a validator that requires it to be Empty. The actual set method would reset it to Empty. Thanks. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: Invalid dates
My problem has nothing to do with timezones, and I don't want to switch away from Mapped(Date)(Time) or rely on Javascript. There's no reason why a MappedTime toForm or toString should display a date. And if it doesn't like 10:00A rather than 10:00 AM then I should get a validation error. - g-mangregor...@gmail.com wrote: OK, I just went through a lot of work on this over the past month ... My solution, in a webapp environment, was to hold all date-times as UNIX timestamps (milliseconds from 1970.1.1), which are in UTC, and then let the client do all conversions, because the browser is set for the local timezone. What I like is that the DB number is a pure Long, so I can add or subtract as I need (either server-side or client-side), and I can even sneak in a call on the server to java.util.Date for a (new Date ()).getTime() if I need a timestamp. The downside is there are some gymnastics to do for JavaScript formatting, conversion, and even validation on input and display, but otherwise it works nicely. On Sep 6, 2:32 pm, Naftoli Gugenheim naftoli...@gmail.com wrote: How do you deal with users entering invalid dates? 1) The default implementation is dependent on the global date formatter/parser, which is nonoptimal. How do you enter a time for a MappedTime? MappedDates should not show the time of day, nor MappedTimes the date. 2) If toForm or setFromAny fails to parse the date, there is no information about it available to validation. I would like to suggest that Mapped(Date)(Time)s hold a DateFormat. MappedDate should default to DateFormat.getDateInstance and MappedTime to DateFormat.getTimeInstance(DateFormat.SHORT). MappedDateTime can use the global. And they could hold a Boxed String which would be Full if parsing failed, and a validator that requires it to be Empty. The actual set method would reset it to Empty. Thanks. --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Upcoming 1.1-M5?
Hey, Just wondering if there are plans to create a new milestone sometime soon, or if there is some other way to freeze my lift libraries to a stable build of 1.1-SNAPSHOT while still using maven to manage the dependencies. - Jon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: Upcoming 1.1-M5?
1.1-M5 was to be done on Friday, but I accidentally misplaced my credentials for the server, and am waiting until Josh gets back from Labor Day weekend. It will be out tomorrow or Tuesday at the latest. Sorry for the delay. Chas. Munat jon wrote: Hey, Just wondering if there are plans to create a new milestone sometime soon, or if there is some other way to freeze my lift libraries to a stable build of 1.1-SNAPSHOT while still using maven to manage the dependencies. - Jon --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
