[Lift] Re: Best method to protect most menu items?
On 23 Jun 2009, David Pollak wrote: Jeppe, I just checked in code (it'll take 45 minutes to hit the Maven repo) that has global LocParams for each SiteMap. The SiteMap constructor is now: SiteMap(globalParamFuncs: List[PartialFunction[Box[Req], Loc.LocParam]], kids: Menu*) You can put your Redirect stuff in like: List({ case _ if !User.loggedIn_? = ... }) Brilliant! Works nicely. I ended up with this val menuDispatch:List[PartialFunction[Box[Req], Loc.LocParam]] = List({ case Full(Req(profile :: login :: Nil , _, _)) = Hidden case Full(Req(profile :: lost_password :: Nil , _, _)) = Hidden case Full(Req(_, _, _)) if !User.loggedIn_? = Loc.EarlyResponse(() = Full(RedirectResponse(/profile/login?returnTo=+S.uri))) }) A couple of questions: 1) Why the need for Box[Req]? When will it be Empty? 2) In the above I had to use Hidden as a dummy value to signal no Loc. It might be useful with a Box[Loc.LocParam] as return value? /Jeppe --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: Best method to protect most menu items?
On Wed, Jun 24, 2009 at 12:58 AM, Jeppe Nejsum Madsen je...@ingolfs.dkwrote: On 23 Jun 2009, David Pollak wrote: Jeppe, I just checked in code (it'll take 45 minutes to hit the Maven repo) that has global LocParams for each SiteMap. The SiteMap constructor is now: SiteMap(globalParamFuncs: List[PartialFunction[Box[Req], Loc.LocParam]], kids: Menu*) You can put your Redirect stuff in like: List({ case _ if !User.loggedIn_? = ... }) Brilliant! Works nicely. I ended up with this val menuDispatch:List[PartialFunction[Box[Req], Loc.LocParam]] = List({ case Full(Req(profile :: login :: Nil , _, _)) = Hidden case Full(Req(profile :: lost_password :: Nil , _, _)) = Hidden I would put these Hidden items on the specific menu items rather than matching against a path. Locating Hidden with the items to be hidden will help you and other developers see what the non-global rules are. case Full(Req(_, _, _)) if !User.loggedIn_? = Loc.EarlyResponse(() = Full(RedirectResponse(/profile/login?returnTo=+S.uri))) This could be case _ if User.loggedIn_? = or case Full(_) if User.loggedIn_? = }) A couple of questions: 1) Why the need for Box[Req]? When will it be Empty? If the menu building takes place inside the scope of a CometActor. There are times when Lift does stuff outside of the scope of a specific request. It's unlikely that this will happen in the normal case, but it could happen (e.g., someone updates menus in a CometActor). 2) In the above I had to use Hidden as a dummy value to signal no Loc. It might be useful with a Box[Loc.LocParam] as return value? Oh... I get why you did the Hidden thing... I'd do the following: case Full(Req(path, _, _)) if !User.loggedIn_? path != List(profile, login) path != path != List(profile, lost_password) = Loc.EarlyResponse(() = Full(RedirectResponse(/profile/login?returnTo=+S.uri))) If you prefer to do the pattern matching thing, you can return: new Loc.LocParam{} That's a noop. Thanks, David /Jeppe -- Lift, the simply functional web framework http://liftweb.net Beginning Scala http://www.apress.com/book/view/1430219890 Follow me: http://twitter.com/dpp Git some: http://github.com/dpp --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: Best method to protect most menu items?
On Wed, Jun 24, 2009 at 3:25 PM, David Pollak feeder.of.the.be...@gmail.com wrote: Oh... I get why you did the Hidden thing... I'd do the following: case Full(Req(path, _, _)) if !User.loggedIn_? path != List(profile, login) path != path != List(profile, lost_password) = Loc.EarlyResponse(() = Full(RedirectResponse(/profile/login?returnTo=+S.uri))) If you prefer to do the pattern matching thing, you can return: new Loc.LocParam{} That's a noop. Ahh yes (Note to self: Not everything needs to be pattern matched :-) Thanks for the quick solution! /Jeppe --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: Best method to protect most menu items?
On Wed, Jun 24, 2009 at 7:49 AM, Jeppe Nejsum Madsen je...@ingolfs.dkwrote: On Wed, Jun 24, 2009 at 3:25 PM, David Pollak feeder.of.the.be...@gmail.com wrote: Oh... I get why you did the Hidden thing... I'd do the following: case Full(Req(path, _, _)) if !User.loggedIn_? path != List(profile, login) path != path != List(profile, lost_password) = Loc.EarlyResponse(() = Full(RedirectResponse(/profile/login?returnTo=+S.uri))) If you prefer to do the pattern matching thing, you can return: new Loc.LocParam{} That's a noop. Ahh yes (Note to self: Not everything needs to be pattern matched :-) Guards are your friend. Thanks for the quick solution! /Jeppe -- Lift, the simply functional web framework http://liftweb.net Beginning Scala http://www.apress.com/book/view/1430219890 Follow me: http://twitter.com/dpp Git some: http://github.com/dpp --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: Best method to protect most menu items?
I'll enhance sitemap to support global additions of parameters. On Tue, Jun 23, 2009 at 1:21 AM, Jeppe Nejsum Madsen je...@ingolfs.dkwrote: Hi, Our app is private, which means only the signin and related pages are visible without authentication. I've made this Loc to protect menu items, val loggedIn = Loc.EarlyResponse(() = Full(RedirectResponse(/profile/login?returnTo=+S.uri)).filter(ignore = !User.loggedIn_?)) and while this works, I think there must be a better solution since: 1) It's easy to forget adding this to menu items that should be protected (ie most in our case) 2) It's not easy to add this to MenuItems generated by Lift, e.g. CRUDIfy entries. So, I created this DispatchPF LiftRules.dispatch.prepend(NamedPF(Protect) { case Req(profile :: login :: Nil , , _) = () = Empty case Req(_, , _) = () = Full(RedirectResponse(/profile/login?returnTo=+S.uri)).filter(ignore = !User.loggedIn_?) }) but it doesn't seem to work since now /profile/login gives a 404. So basically, I have two questions 1) Is there a way for requests to fall through in the DispatchPF, ie /profile/login should just be processed as usual 2) Is there a better way to accomplish this? It seems the DispatchPF method would need to allow requests to javascript, css etc to be handled without authentication so you would have to maintain this whitelist (but this is less of a problem than maintaining the protected list) /Jeppe -- Lift, the simply functional web framework http://liftweb.net Beginning Scala http://www.apress.com/book/view/1430219890 Follow me: http://twitter.com/dpp Git some: http://github.com/dpp --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: Best method to protect most menu items?
On 23 Jun 2009, David Pollak wrote: I'll enhance sitemap to support global additions of parameters. Cool. Looking forward to this :-) Just out of curiosity: Is it possible to fall through in a DispatchPF, ie. do the default processing, even if the function is defined at the request? /Jeppe --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---
[Lift] Re: Best method to protect most menu items?
Jeppe, I just checked in code (it'll take 45 minutes to hit the Maven repo) that has global LocParams for each SiteMap. The SiteMap constructor is now: SiteMap(globalParamFuncs: List[PartialFunction[Box[Req], Loc.LocParam]], kids: Menu*) You can put your Redirect stuff in like: List({ case _ if !User.loggedIn_? = ... }) On Tue, Jun 23, 2009 at 7:05 AM, Jeppe Nejsum Madsen je...@ingolfs.dkwrote: On 23 Jun 2009, David Pollak wrote: I'll enhance sitemap to support global additions of parameters. Cool. Looking forward to this :-) Just out of curiosity: Is it possible to fall through in a DispatchPF, ie. do the default processing, even if the function is defined at the request? No. If the function is defined, then that's how the request is services. However, you can use a guard in the pattern: case Req(path, _, _) if path != List(user, login) = ... Thanks, David /Jeppe -- Lift, the simply functional web framework http://liftweb.net Beginning Scala http://www.apress.com/book/view/1430219890 Follow me: http://twitter.com/dpp Git some: http://github.com/dpp --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups Lift group. To post to this group, send email to liftweb@googlegroups.com To unsubscribe from this group, send email to liftweb+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/liftweb?hl=en -~--~~~~--~~--~--~---