张淼 wrote: > Thanks, > In my MyAPP.pm > > package MyAPP; > use strict; > use warnings; > use Catalyst::Runtime '5.70'; > > use Catalyst qw/ > ...... > Authentication > Authentication::Store::DBIC > Authentication::Credential::Password > Authorization::Roles > Authorization::ACL > ...... > /; > > __PACKAGE__->config( name => 'MyAPP' ); > __PACKAGE__->setup; > > ...... > __PACKAGE__->deny_access_unless( > "/macs/create", > [qw/admin user/] > ); > ...... > > In My Macs.pm <http://Macs.pm> > package MyAPP::Controller::Macs; > ...... > sub access_denied : Private { > my ( $self, $c ) = @_; > $c->stash->{error_msg} = 'Unauthorized!'; > $c->forward('index'); > } > ...... > > When I logged as "admin" or "user", > As I access /macs/create, there shows "Unauthorized!" to me. > What's the matter with it? > > Thanks a lot!
> Message: 1 > Date: Thu, 24 May 2007 17:23:15 +0100 > From: Matt S Trout <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> > Subject: Re: [Catalyst] ACLs > To: The elegant MVC web framework < [email protected] > <mailto:[email protected]>> > Message-ID: <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> > Content-Type: text/plain; charset=utf-8 > > >When replying, please edit your Subject line so it is more specific > >than "Re: Contents of Catalyst digest..." > > ^^ I've done this for you, but please do so in future. > > On Thu, May 24, 2007 at 02:36:34PM +0800, 张淼 wrote: > > __PACAKGE__->deny_access_unless( "/foo/bar", [qw/admin user/] ); > > > > The "user" can't access /foo/bar. > > What's the matter with it? > > That fragment of code isn't nearly enough for us to help, could you give > us an idea of how your app's set up please? > > -- > Matt S Trout Need help with your Catalyst or DBIx::Class project? > Technical Director Want a managed development or deployment platform? > Shadowcat Systems Ltd. Contact mst (at) shadowcatsystems.co.uk > <http://shadowcatsystems.co.uk> for a quote > http://chainsawblues.vox.com/ http://www.shadowcatsystems.co.uk/ > >From Catalyst::Plugin::Authorization::ACL > If "allow_access_if" is used, the presence of all the roles will > immediately permit access, and if > "deny_access_unless" is used the lack of any of the roles will > immediately deny access. Given your ACL, it looks like you must have both admin and user roles. However, you didn't post the relationship between the Authentication & the Authorization tables. Did you configure that aspect? Cheers, jec _______________________________________________ List: [email protected] Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/
