I'd like to add some notion of group roles to an app and am not 100%
clear how best to do it with Catalyst::Plugin::Authorization::Roles.
Here's the setup: we have a ServiceProfile which is effectively a
client contract and under that there are a number of client users
(e.g. a bunch of people at Company X we do business with). I'd like to
represent some role where all the folks at Company X which has a
contract with Supplier Y can Do Stuff. So I could say
$c->check_user_roles($user->service_profile,
qw[can_access_supplier_y_data]);
This feels a bit like a user role but where the 'user' here is the
ServiceProfile and the roles are then defined on that 'user'.
What I'm not clear on is that C:P:Authz::Roles seems to only admit one
set off backends and refers to that as the default_auth_store.
__PACKAGE__->config->{authorization}->{dbic} = {
role_class => 'DBIC_Readonly::Role',
role_field => 'role',
role_rel => 'map_user_role',
user_role_user_field => 'user',
# Then I'd guess something like these fictional fields,
group_role_user_field => 'service_profile',
group_role_rel => 'map_service_profile_role',
};
Any suggestions/cookbook ideas?
Thanks,
P
_______________________________________________
List: [email protected]
Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/[email protected]/
Dev site: http://dev.catalyst.perl.org/
