Hi *,
I have some difficulties in applying flexible rules [1] in my Catalyst app.
Until now, I only used easy rules (mainly with deny_access_unless) like:
deny_access_unless(
"/users/edit" ,
sub{ shift->check_any_user_role(qw/admin user/) }
);
What I now want to achieve is, that 'admin' users can edit _every_ user, and
'user' users only themselves. So if 'user' user foo has p.ex. the id 5, he is
allowed to /user/edit/5 but not /user/edit/4.
So I looked at the flexible rules documentation which I guess might do the job.
I tried to apply the example mentioned there but I guess I don't understand
these "die $ALLOWED"/"die $DENIED" lines (I am still Perl/Catalyst newbie):
Although I added "Authorization::ACL::Engine" to my "use Catalyst" in myapp.pm,
I get errors like "Global symbol '$ALLOWED/$DENIED' requires explicit package
name at myapp.pm"
Any hints? Thanks in advance.
Jens
[1] http://tinyurl.com/c5eeml
--
Psssst! Schon vom neuen GMX MultiMessenger gehört? Der kann`s mit allen:
http://www.gmx.net/de/go/multimessenger
_______________________________________________
List: [email protected]
Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
Searchable archive: http://www.mail-archive.com/[email protected]/
Dev site: http://dev.catalyst.perl.org/
