* On Sun, Jul 19 2009, Jesse Sheidlower wrote:
> This is more of a philosophical question about how to handle
> authz with roles, but is perhaps OT for Catalyst, I suppose.
http://blog.woobling.org/2009/06/users-accounts-identities-and-roles.html
--
print just => another => perl => hacker => if $
> outside people can have read access. But these people probably
> shouldn't be able to see what I paid for each book. In the old
> system, I checked if the user had jts_access >= 7 in order to
> display this. In the new system, I don't want to create a role
> for "jts_price-paid_viewing" or whatev
This is more of a philosophical question about how to handle
authz with roles, but is perhaps OT for Catalyst, I suppose.
I am converting an older app that had a very messy
authorization system. I have three different libraries, and
users were assigned a numerical access level to each one; a
"3"