[Catalyst] Re: Problem using Static::Simple
On 19/09/2007, Will Hawes [EMAIL PROTECTED] wrote:
Having upgraded all Catalyst modules to their latest versions today, I
think I'm seeing strangeness with Static::Simple. I've boiled it down to the
following:
1) $ catalyst.pl MyApp
2) Modify MyApp::Controller::Root::default() as follows:
sub default {
my( $self, $c ) = @_;
$c-response-status(404);
$c-response-body( 'not found' );
}
3) $ PATH_INFO=/static1 perl MyApp/script/myapp_cgi.pl
Content-Length: 9
Content-Type: text/html; charset=utf-8
Status: 404
not found
When accessing the app through Apache using Firefox with the
LiveHTTPHeaders extension, the response headers are reported as follows:
HTTP/1.x 404 OK
Date: Wed, 19 Sep 2007 17:48:48 GMT
Server: Apache/2.0.55 (Ubuntu) ...
X-Catalyst: 5.7010
Content-Length: 9
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
4) Modify myapp.yml as follows (the intention being to serve static files
from /var/www/static/*):
static:
dirs: [ 'static' ]
include_path: [ '/var/www' ]
5) $ PATH_INFO=/static1 perl MyApp/script/myapp_cgi.pl
Status: 404
Note that the Catalyst-generated Content-Length and Content-Type response
headers, as well as the response body, have disappeared. Accessing the
script via Firefox with LiveHTTPHeaders now shows the following:
HTTP/1.x 404 OK
Date: Wed, 19 Sep 2007 17:48:17 GMT
Server: Apache/2.0.55 (Ubuntu) ...
X-Catalyst: 5.7010
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/x-perl
I'd have thought a request for /static1 should be ignored by
Static::Simple using the above config and that only URLs like /static/1
should be treated as pointing to static content.
Have I misunderstood something?
*BUMP*
Anyone?
___
List: Catalyst@lists.rawmode.org
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Re: Problem using Static::Simple
On 24/09/2007, Andy Grundman [EMAIL PROTECTED] wrote: I've pushed Static::Simple 0.20 with these fixes. URLs like /static1 in your case will now be handled by Cat instead of S::S and 404 will have a text/html content-type. Thanks Andy, much appreciated. ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Re: Problem using Static::Simple
On 19/09/2007, Will Hawes [EMAIL PROTECTED] wrote:
On 19/09/2007, Will Hawes [EMAIL PROTECTED] wrote:
Having upgraded all Catalyst modules to their latest versions today, I
think I'm seeing strangeness with Static::Simple. I've boiled it down to the
following:
1) $ catalyst.pl MyApp
2) Modify MyApp::Controller::Root::default() as follows:
sub default {
my( $self, $c ) = @_;
$c-response-status(404);
$c-response-body( 'not found' );
}
3) $ PATH_INFO=/static1 perl MyApp/script/myapp_cgi.pl
Content-Length: 9
Content-Type: text/html; charset=utf-8
Status: 404
not found
When accessing the app through Apache using Firefox with the
LiveHTTPHeaders extension, the response headers are reported as follows:
HTTP/1.x 404 OK
Date: Wed, 19 Sep 2007 17:48:48 GMT
Server: Apache/2.0.55 (Ubuntu) ...
X-Catalyst: 5.7010
Content-Length: 9
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
4) Modify myapp.yml as follows (the intention being to serve static
files from /var/www/static/*):
static:
dirs: [ 'static' ]
include_path: [ '/var/www' ]
5) $ PATH_INFO=/static1 perl MyApp/script/myapp_cgi.pl
Status: 404
Note that the Catalyst-generated Content-Length and Content-Type
response headers, as well as the response body, have disappeared. Accessing
the script via Firefox with LiveHTTPHeaders now shows the following:
HTTP/1.x 404 OK
Date: Wed, 19 Sep 2007 17:48:17 GMT
Server: Apache/2.0.55 (Ubuntu) ...
X-Catalyst: 5.7010
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/x-perl
Forgot to mention, these response headers cause Firefox to try to
download a PL file.
I'd have thought a request for /static1 should be ignored by
Static::Simple using the above config and that only URLs like /static/1
should be treated as pointing to static content.
Have I misunderstood something?
I've dug around for a while in Catalyst::Plugin::Static::Simple, here's what
I've found:
1) The unexpected matching of URLs like /static1 (as well as the expected
/static/1) seems to be because no trailing slash is used in the regular
expression that performs the match:
my $re = ( $dir =~ m{^qr/}xms ) ? eval $dir : qr/^${dir_re}/;
Perhaps this is by design, but adding the trailing slash to appears to fix
the problem while still allowing files to be served from the specified
static directories:
my $re = ( $dir =~ m{^qr/}xms ) ? eval $dir : qr/^${dir_re}\//;
I assume the trailing slash could be added to each item in dirs in my
config to achieve the same effect. I haven't tested that but even if there's
a good reason not to modify the regex, I think the behaviour should be
documented in ::Static::Simple.
2) When a non-existent static file is requested, Firefox tries to download a
PL file rather than displaying a 404 message. This appears to be because
::Static::Simple sets $c-res-status to 404, but does not set a content
type. This causes content-type to be auto-detected as text/x-perl, which
in turn makes Firefox want to download the file. Hacking ::Static::Simple to
set $c-res-content_type manually to text/html fixes the problem.
I can't see why the standard behaviour in either case above would be by
design. Are these valid problems I've highlighted and what do you think of
the suggested fixes?
___
List: Catalyst@lists.rawmode.org
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
Dev site: http://dev.catalyst.perl.org/
[Catalyst] Problem using Static::Simple
Having upgraded all Catalyst modules to their latest versions today, I think
I'm seeing strangeness with Static::Simple. I've boiled it down to the
following:
1) $ catalyst.pl MyApp
2) Modify MyApp::Controller::Root::default() as follows:
sub default {
my( $self, $c ) = @_;
$c-response-status(404);
$c-response-body( 'not found' );
}
3) $ PATH_INFO=/static1 perl MyApp/script/myapp_cgi.pl
Content-Length: 9
Content-Type: text/html; charset=utf-8
Status: 404
not found
When accessing the app through Apache using Firefox with the LiveHTTPHeaders
extension, the response headers are reported as follows:
HTTP/1.x 404 OK
Date: Wed, 19 Sep 2007 17:48:48 GMT
Server: Apache/2.0.55 (Ubuntu) ...
X-Catalyst: 5.7010
Content-Length: 9
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
4) Modify myapp.yml as follows (the intention being to serve static files
from /var/www/static/*):
static:
dirs: [ 'static' ]
include_path: [ '/var/www' ]
5) $ PATH_INFO=/static1 perl MyApp/script/myapp_cgi.pl
Status: 404
Note that the Catalyst-generated Content-Length and Content-Type response
headers, as well as the response body, have disappeared. Accessing the
script via Firefox with LiveHTTPHeaders now shows the following:
HTTP/1.x 404 OK
Date: Wed, 19 Sep 2007 17:48:17 GMT
Server: Apache/2.0.55 (Ubuntu) ...
X-Catalyst: 5.7010
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/x-perl
I'd have thought a request for /static1 should be ignored by
Static::Simple using the above config and that only URLs like /static/1
should be treated as pointing to static content.
Have I misunderstood something?
___
List: Catalyst@lists.rawmode.org
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
Dev site: http://dev.catalyst.perl.org/
[Catalyst] Re: Problem using Static::Simple
On 19/09/2007, Will Hawes [EMAIL PROTECTED] wrote:
Having upgraded all Catalyst modules to their latest versions today, I think
I'm seeing strangeness with Static::Simple. I've boiled it down to the
following:
1) $ catalyst.pl MyApp
2) Modify MyApp::Controller::Root::default() as follows:
sub default {
my( $self, $c ) = @_;
$c-response-status(404);
$c-response-body( 'not found' );
}
3) $ PATH_INFO=/static1 perl MyApp/script/myapp_cgi.pl
Content-Length: 9
Content-Type: text/html; charset=utf-8
Status: 404
not found
When accessing the app through Apache using Firefox with the LiveHTTPHeaders
extension, the response headers are reported as follows:
HTTP/1.x 404 OK
Date: Wed, 19 Sep 2007 17:48:48 GMT
Server: Apache/2.0.55 (Ubuntu) ...
X-Catalyst: 5.7010
Content-Length: 9
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
4) Modify myapp.yml as follows (the intention being to serve static files
from /var/www/static/*):
static:
dirs: [ 'static' ]
include_path: [ '/var/www' ]
5) $ PATH_INFO=/static1 perl MyApp/script/myapp_cgi.pl
Status: 404
Note that the Catalyst-generated Content-Length and Content-Type response
headers, as well as the response body, have disappeared. Accessing the script
via Firefox with LiveHTTPHeaders now shows the following:
HTTP/1.x 404 OK
Date: Wed, 19 Sep 2007 17:48:17 GMT
Server: Apache/2.0.55 (Ubuntu) ...
X-Catalyst: 5.7010
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/x-perl
Forgot to mention, these response headers cause Firefox to try to
download a PL file.
I'd have thought a request for /static1 should be ignored by Static::Simple
using the above config and that only URLs like /static/1 should be treated
as pointing to static content.
Have I misunderstood something?
___
List: Catalyst@lists.rawmode.org
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Some guidance needed please
On 13/09/2007, Ian Docherty [EMAIL PROTECTED] wrote:
I have found a thread on DBIx-class mailing list that throws some light
on this using
http://search.cpan.org/~ash/DBIx-Class-0.08006/lib/DBIx/Class/Schema.pm#load_namespaces
This seems to solve the problem for putting such logic into the
Model/Schema but would it be better to put this type of logic into a
business logic layer? In which case how would I obtain a $schema object?
Would I have to then pass this as a parameter to the method?
Regards
Ian
Ian Docherty wrote:
Hi
My existing Catalyst application is being extended. I want to keep a
record of previous passwords used by a user to prevent them being
re-used.
I have Model 'UsedPassword' to keep track of the previous 8 (say)
passwords as so-
package MyApp::Schema::UsedPassword;
use strict;
use base qw(DBIx::Class);
__PACKAGE__-load_components(qw(PK::Auto Core));
__PACKAGE__-table('used_password');
__PACKAGE__-add_columns(qw(id user password));
__PACKAGE__-set_primary_key('id');
So, if I want a method (create_limited) to create a new UsedPassword
object, that ensures no more that 8 (say) passwords are stored in the
database (against each User) where should it go?
Ideally (I think) I would like to do something like
$c-model('DBIC::UsedPassword')-create_limited({
user= $user-id,
password = $password,
});
but i can't see how to add it to MyApp::Schema::UsedPassword (since
$c-model('DBIC::UsedPassword') returns a ResultSet not a
MyApp::Schema::UsedPassword)
Any other suggestions where to put it (polite one's only please)?
Regards
Ian
Isn't this just a case of adding a create_limited() method to your model
class?
package MyApp::Schema::UsedPassword;
...
sub create_limited {
my( $self, $user, $password ) = @_;
# password checking logic here
}
In your controller:
$c-model('DBIC::UsedPassword')-create_limited( ... );
___
List: Catalyst@lists.rawmode.org
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Some guidance needed please
On 13/09/2007, Ian Docherty [EMAIL PROTECTED] wrote:
My application has (effectively, subject to some cut and paste) the
following.
package MyApp::Schema;
use strict;
use warning;
use base qw(DBIx::Class::Schema);
__PACKAGE__-load_classes(qw(
UsedPassword
));
1;
package MyApp::Schema::UsedPassword;
use strict;
use warning;
use base qw(DBIx::Class);
__PACKAGE__-load_components(qw(PK::Auto Core));
__PACKAGE__-table('used_password');
__PACKAGE__-add_columns(qw(id user password));
__PACKAGE__-set_primary_key('id');
sub create_limited {
my ($self, $user, $password) = @_;
# password checking logic here
}
1;
package MyApp::Model::DBIC;
use strict;
use warning;
use base qw(Catalyst::Model::DBIC::Schema);
__PACKAGE__-config(
schema_class= 'MyApp::Schema',
connect_info = [
MyApp-config-{db},
MyApp-config-{db_user},
MyApp-config-{db_password},
{AutoCommit = 1, quote_char = '`', name_sep = '.'},
]);
1;
As I mentioned, if I try to do a call to
$c-model('DBIC::UsedPassword')-create_limited( ... ); I get the fatal
error
Can't locate object method create_limited via package
DBIx::Class::ResultSet
Which is why I think this is not the approach, unless you know otherwise?
Whoops, my bad. $c-model() does indeed return a DBIx::Class::ResultSet, so
you would need to retrieve/create an instance of your UsedPassword class
from the resultset in order to call any methods on it:
my $used_password = $c-model('DBIC::UsedPassword')-create( { user =
'user', password = 'password' } );
$used_password-foo_method()
Having said that, if I understand correctly what you are trying to do, you
probably don't want a create_limited method at all. I think you need to
override the new() method in your UsedPassword class and perform the checks
there instead:
package MyApp::Schema::UsedPassword;
...
sub new {
my ( $class, $attrs ) = @_;
my $user = $attrs-{user};
my $password = $attrs-{password};
# password checking logic here
my $new = $class-next::method($attrs);
return $new;
}
Also (and this may have been a typo on your part, but just in case), please
note it's use warnings not use warning to enable warnings in Perl.
Hope the above is useful.
___
List: Catalyst@lists.rawmode.org
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] FastCGI config for standalone mode
On 04/09/07, Matt S Trout [EMAIL PROTECTED] wrote: On Thu, Aug 30, 2007 at 11:42:51PM +0100, Will Hawes wrote: I've set up a Catalyst app with Apache2 and FastCGI using the config described under Standalone server mode at http://search.cpan.org/~jrockway/Catalyst-Manual-5.701002/lib/Catalyst/Manual/Cookbook.pod#Standalone_server_mode. Everything works fine when the FastCGI server is running via the helper script and I can use the app without problems. The docs state that when the backend FastCGI server is down, Apache will return a 502 error. The suggestion is to use an ErrorDocument directive to display a down for maintenance page when this is the case. However, Apache is actually returning a 500 error, not a 502. Apache's error log contains only the following: This may be a stupid suggestion. But wouldn't it be more useful to just trap 500s for a general sorry page and have a static page httpd.conf you can use during maint? It's not like your fcgi server should ever really be down except when you're fucking with the backend DB or whatever That's a perfectly good suggestion IMO. The question was really only down to curiosity and the discrepancy between what the Catalyst docs say and what I'm seeing in practice, not any specific desire to catch 502 errors. Just wondered whether I'm missing a trick as usual, or whether the docs need altering. ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] FastCGI config for standalone mode
I've set up a Catalyst app with Apache2 and FastCGI using the config described under Standalone server mode at http://search.cpan.org/~jrockway/Catalyst-Manual-5.701002/lib/Catalyst/Manual/Cookbook.pod#Standalone_server_mode. Everything works fine when the FastCGI server is running via the helper script and I can use the app without problems. The docs state that when the backend FastCGI server is down, Apache will return a 502 error. The suggestion is to use an ErrorDocument directive to display a down for maintenance page when this is the case. However, Apache is actually returning a 500 error, not a 502. Apache's error log contains only the following: [Thu Aug 30 23:26:19 2007] [error] [client 127.0.0.1] (111)Connection refused: FastCGI: failed to connect to server /tmp/myapp.fcgi: connect() failed [Thu Aug 30 23:26:19 2007] [error] [client 127.0.0.1] FastCGI: incomplete headers (0 bytes) received from server /tmp/myapp.fcgi I have copied everything verbatim from the docs so assuming they are correct, I'd have expected this to work. I must have missed something. Does anyone have this setup working successfully? Why would I be getting a 500 error as opposed to a 502 here? ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Should CATALYST_DEBUG suppress manual calls to $c-log-debug()?
I've been trying unsuccessfully to disable all debug messages while running tests on my app with prove. Setting CATALYST_DEBUG=0 eliminates all the test server debug output such as the list of loaded actions, but i am still seeing the output of every call made to $c-log-debug by my controller code. As far as I can see the docs regarding CATALYST_DEBUG=0 don't make any distinction about where debug messages originate, only that they are suppressed, which presumably means I shouldn't be seeing any debug output at all. Is my mistake in misunderstanding how $c-log-debug() is supposed to work? Or is it likely that I've somehow overridden CATALYST_DEBUG elsewhere? ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] putting an object in the stash
On 13/03/07, Octavian Rasnita [EMAIL PROTECTED] wrote:
Hi,
I have a DBIC record object like
my $obj = $c-model(Database::Table)-find($id);
The table has very many fields and I would like to put their values in a TT
template without inserting them one by one in the stash.
So I would like to create a hash ref from $obj where the name of the field
is the key and the value from the table is the value in that hash, then use
$c-stash($hashref).
Is it possible to create that hash (ref) from $obj, or I need to do
something like
$c-stash-{obj} = $obj;
and in the template use [% obj.name1 %]... [% obj.name2 %]?
And by the way, which do you think is the recommended way?
I'd have thought the second one. $obj is essentially just a hash, so
I'm not sure what you'd stand to gain using the first method.
___
List: Catalyst@lists.rawmode.org
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] automatic form generation based on data models
A lot of people seem to be using HTML::Widget for forms these days, but as far as I'm aware no module currently exists that will generate HTML::Widget forms from the model automatically. Probably http://search.cpan.org/~jrobinson/DBIx-Class-WebForm/lib/DBIx/Class/WebForm.pm is more along the lines of what you're looking for. marcus baker wrote: The one thing about Django that keeps them from looking anywhere else is it's ability to create data-editing forms on the fly based on the data model. In an attempt to get them to consider Catalyst a little more, I was wondering if Catalyst has this kind of capability anywhere... Is this something I should take to the CDBI/DBIxC lists specifically? Thanks -Marcus ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Anyone got a nice form generator for dbix::class objects?
Josef Karthauser wrote: I'm in a twisty maze of passages all alike. :) Having just started playing with Catalyst, I'm trying to work out the best way to implement an editing facility for DBIx::Class::RecordSet objects. I think you mean ResultSet ;) Ideally instead of coding a widget within a controller I'd like to control the layout within the templates. This means that I need to be able to call something like: [% record.editboxfor($column) % or some such thing. Is this a sensible thing to do? Has anyone got any nice recipies to solve this? Good places to start would be the docs for either DBIx::Class::WebForm or (as most people seem to prefer at present) HTML::Widget. Catalyst::Manual::Tutorial is definitely worth a read too, as it covers the same sort of thing you're doing. If you're using a decent view like Template Toolkit, you will be able to manipulate forms from either Controller or View as you see fit. HTH ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] ::Model::SomeTable-some_method() problem
Chisel Wright wrote: On Thu, Jul 13, 2006 at 12:49:21PM +0100, Ash Berlin wrote: 1) You should really think about converting to DBIC::Schema instead. Yes, I'd like to, but I have no idea where to start. The number of users still using a class-based approach must be very small by now so I think you'd have a better chance of getting this fixed by switching to Schema. I fretted for quite a while about switching, thinking it must be terribly complicated. IIRC it was about as difficult as making the base model class inherit from Schema and changing use base in the other classes and took me about 20 minutes. It also improved the startup time of my app by several orders of magnitude. You should find what you need at http://search.cpan.org/dist/DBIx-Class/lib/DBIx/Class/Manual/Intro.pod. ___ List: Catalyst@lists.rawmode.org Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] Restricting access to the model
I need to restrict access to certain model classes based on which user
is logged in to my app. For example, users should not be able to view
orders belonging to other users. Possibly due to thinking about it too
much, I can't decide whether it makes sense to put this functionality in
the Controller or Model layer of the app. My initial thought was to add
subs to model classes something like:
package My::Model::Order;
sub can_view {
my ( $self, $user ) = @_;
if( $user-id ne $self-user-id ) {
return 0;
}
return 1;
}
The thing I don't particularly like about this is that if I want to use
the same functionality in another app sharing this model (fairly likely)
then they will have to agree about the specific rules for who can access
which model classes, which may not always be desirable.
Instead I thought about using a dedicated controller class to add the
aforementioned subs to model classes instead, i.e. only for that
controller's application. This seems to make sense but I'm not sure if
I've overlooked any problems it may introduce.
I imagine similar functionality must be a reasonably common requirement,
so my question is, how have others implemented it?
___
List: Catalyst@lists.rawmode.org
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] Restricting access to the model
Andreas Marienborg wrote:
If the Order has a user field, why not just relationships?
package My::Model::User;
__PACKAGE__-has_many(orders and so on);
then you always do $user-orders to get a users orders for instance.
If you need it for more complex things, I would say it belongs in the
model.
Restricting access was probably not the best term to use - it's not so
much which orders belong to user X? that I'm trying to answer (I
already use the approach you describe for that).
It's can user X access this order?. IMO it does seem to fit better in
the model - I just can't see for the moment how I could implement
different access rules in different apps if I'm using common model
classes. That's what makes me wonder about putting this in a controller
instead.
andreas
On 3. jul. 2006, at 12.54, Will Hawes wrote:
I need to restrict access to certain model classes based on which user
is logged in to my app. For example, users should not be able to view
orders belonging to other users. Possibly due to thinking about it too
much, I can't decide whether it makes sense to put this
functionality in
the Controller or Model layer of the app. My initial thought was to
add
subs to model classes something like:
package My::Model::Order;
sub can_view {
my ( $self, $user ) = @_;
if( $user-id ne $self-user-id ) {
return 0;
}
return 1;
}
The thing I don't particularly like about this is that if I want to
use
the same functionality in another app sharing this model (fairly
likely)
then they will have to agree about the specific rules for who can
access
which model classes, which may not always be desirable.
Instead I thought about using a dedicated controller class to add the
aforementioned subs to model classes instead, i.e. only for that
controller's application. This seems to make sense but I'm not sure if
I've overlooked any problems it may introduce.
I imagine similar functionality must be a reasonably common
requirement,
so my question is, how have others implemented it?
___
List: Catalyst@lists.rawmode.org
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/
catalyst@lists.rawmode.org/
Dev site: http://dev.catalyst.perl.org/
___
List: Catalyst@lists.rawmode.org
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
Dev site: http://dev.catalyst.perl.org/
___
List: Catalyst@lists.rawmode.org
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
Dev site: http://dev.catalyst.perl.org/
