Re: [Catalyst] question about authorization and roles
On Tue, Feb 10, 2015 at 9:26 AM, Dmitry L. dim0...@gmail.com wrote: What do you get in debug console output? By code (Catalyst::Plugin::Authorization::Roles) you have to see something like this: Role denied: @roles This is what appears in the debug console: [debug] Path is tickets/list [debug] Found sessionid 382d4de8c7ec3a66712bf2f6b3c09bea1b180235 in cookie [debug] Restored session 382d4de8c7ec3a66712bf2f6b3c09bea1b180235 [debug] GET request for tickets/list from 192.168.200.1 [debug] running ACL rule CODE(0x2b93a488) defined at /mnt/ada1a/sviluppo/Perl/Smickets/script/../lib/Smickets.pm line 85 on tickets/list [debug] Form (tickets/list): Looking for config file tickets/list.fb [debug] Form (tickets/list): Found form config /mnt/ada1a/sviluppo/Perl/Smickets/root/forms/tickets/list.fb [debug] Rendering template tickets/list.tt2 please note that in my application config I've an ACL entry as follows: _PACKAGE__-allow_access_if_any( '/tickets', [ qw/Admin Manutentore/ ] ); I don't know if this is interfering with the test I'm performing, but the result is that even if the user has the manutentore role it is not evaluated as such. Any idea? Thanks, Luca ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] question about authorization and roles
What do you get in debug console output? By code (Catalyst::Plugin::Authorization::Roles) you have to see something like this: Role denied: @roles Anyway, you should look into Catalyst::Plugin::Authorization::Roles and try debug it, code is simple. On 10 February 2015 at 11:01, Luca Ferrari fluca1...@infinito.it wrote: Ciao, this is what I did in order to get more info: # in the controller if ( ! $c-check_any_user_role( qw/Admin Manutentore/ ) ) { $c-stash-{ message } = User exists . $c-user_exists() . - with username . $c-user-username . and roles \ . $c-user-roles_to_string . and the check is . $c-check_any_user_role( qw/Admin Manutentore/ ); my @roles = $c-user-users_roles-all(); @roles = map { $_-role-pk . = . $_-role-description } @roles; $c-stash-{ message } .= Roles [@roles]; } and what is printed is: User exists 1 - with username fluca1978 and roles [Manutentore] and the check is 0Roles [12 = Manutentore] so: 1) the user exists 2) the username is correct 3) the user has one role, the description of the role is matched 4) the check_any_user_role reports false (0) 5) the lookup of all the roles reports the right primary key and description. Any idea about what I'm missing? Thanks, Luca On Mon, Feb 9, 2015 at 9:43 PM, Luca Ferrari fluca1...@infinito.it wrote: Ciao, On Mon, Feb 9, 2015 at 6:12 PM, Jeff Black jeffrey.bl...@yahoo.com wrote: Perhaps it's a stupid question, but have you checked that the user exists? if ( $c-user_exists() ... Apparently it exists because I print the username and its role list to check...and of course the role is there. Luca ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ -- //wbr, Dmitry L. ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] question about authorization and roles
Ciao, this is what I did in order to get more info: # in the controller if ( ! $c-check_any_user_role( qw/Admin Manutentore/ ) ) { $c-stash-{ message } = User exists . $c-user_exists() . - with username . $c-user-username . and roles \ . $c-user-roles_to_string . and the check is . $c-check_any_user_role( qw/Admin Manutentore/ ); my @roles = $c-user-users_roles-all(); @roles = map { $_-role-pk . = . $_-role-description } @roles; $c-stash-{ message } .= Roles [@roles]; } and what is printed is: User exists 1 - with username fluca1978 and roles [Manutentore] and the check is 0Roles [12 = Manutentore] so: 1) the user exists 2) the username is correct 3) the user has one role, the description of the role is matched 4) the check_any_user_role reports false (0) 5) the lookup of all the roles reports the right primary key and description. Any idea about what I'm missing? Thanks, Luca On Mon, Feb 9, 2015 at 9:43 PM, Luca Ferrari fluca1...@infinito.it wrote: Ciao, On Mon, Feb 9, 2015 at 6:12 PM, Jeff Black jeffrey.bl...@yahoo.com wrote: Perhaps it's a stupid question, but have you checked that the user exists? if ( $c-user_exists() ... Apparently it exists because I print the username and its role list to check...and of course the role is there. Luca ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] question about authorization and roles
Luca, Perhaps it's a stupid question, but have you checked that the user exists? if ( $c-user_exists() ... jb On Monday, February 9, 2015 7:53 AM, Luca Ferrari fluca1...@infinito.it wrote: Hi all, I'm trying to setup the authorization in an application, and therefore in my controller method I've something like the following: if ( ! $c-check_any_user_role( qw/Admin Manutentore/ ) ){ } and the above is always failing. At first I thought I was missing something with the role configuration, but in my application I also use ACLS that to the same path are configured as follows (and do work): if ( ! $c-check_any_user_role( qw/Admin Manutentore/ ) ) The configuration of the application is as follows: __PACKAGE__-config('Plugin:: Authentication' = { default_realm = 'members', realms = { members = { credential = { class = 'Password', password_field = 'password', password_type = 'clear' }, store = { class = 'DBIx::Class', user_model = 'SmicketsDB::User', role_relation = 'roles', role_field = 'description', } } } }); Any idea about? Thanks, Luca ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/ ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
Re: [Catalyst] question about authorization and roles
Ciao, On Mon, Feb 9, 2015 at 6:12 PM, Jeff Black jeffrey.bl...@yahoo.com wrote: Perhaps it's a stupid question, but have you checked that the user exists? if ( $c-user_exists() ... Apparently it exists because I print the username and its role list to check...and of course the role is there. Luca ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/
[Catalyst] question about authorization and roles
Hi all, I'm trying to setup the authorization in an application, and therefore in my controller method I've something like the following: if ( ! $c-check_any_user_role( qw/Admin Manutentore/ ) ){ } and the above is always failing. At first I thought I was missing something with the role configuration, but in my application I also use ACLS that to the same path are configured as follows (and do work): if ( ! $c-check_any_user_role( qw/Admin Manutentore/ ) ) The configuration of the application is as follows: __PACKAGE__-config('Plugin:: Authentication' = { default_realm = 'members', realms = { members = { credential = { class = 'Password', password_field = 'password', password_type = 'clear' }, store = { class = 'DBIx::Class', user_model = 'SmicketsDB::User', role_relation = 'roles', role_field = 'description', } } } }); Any idea about? Thanks, Luca ___ List: Catalyst@lists.scsys.co.uk Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/ Dev site: http://dev.catalyst.perl.org/