Commit | Line | Data |
6727afe2 |
1 | package Catalyst::Authentication::Store::DBIx::Class::User; |
5000f545 |
2 | |
6d4bea88 |
3 | use Moose; |
4 | use namespace::autoclean; |
5 | extends 'Catalyst::Authentication::User'; |
6 | |
7 | use List::MoreUtils 'all'; |
51f40056 |
8 | use Try::Tiny; |
6d4bea88 |
9 | |
10 | has 'config' => (is => 'rw'); |
11 | has 'resultset' => (is => 'rw'); |
12 | has '_user' => (is => 'rw'); |
13 | has '_roles' => (is => 'rw'); |
5000f545 |
14 | |
15 | sub new { |
ff7203cb |
16 | my ( $class, $config, $c) = @_; |
5000f545 |
17 | |
9064f42f |
18 | $config->{user_model} = $config->{user_class} |
19 | unless defined $config->{user_model}; |
f55cb81e |
20 | |
ff7203cb |
21 | my $self = { |
f55cb81e |
22 | resultset => $c->model($config->{'user_model'}), |
ff7203cb |
23 | config => $config, |
078727e0 |
24 | _roles => undef, |
ff7203cb |
25 | _user => undef |
26 | }; |
4bebb973 |
27 | |
5000f545 |
28 | bless $self, $class; |
f55cb81e |
29 | |
9064f42f |
30 | Catalyst::Exception->throw( |
31 | "\$c->model('${ \$self->config->{user_model} }') did not return a resultset." |
32 | . " Did you set user_model correctly?" |
33 | ) unless $self->{resultset}; |
f55cb81e |
34 | |
70462180 |
35 | $self->config->{'id_field'} = [$self->{'resultset'}->result_source->primary_columns] |
36 | unless exists $self->config->{'id_field'}; |
f55cb81e |
37 | |
70462180 |
38 | $self->config->{'id_field'} = [$self->config->{'id_field'}] |
39 | unless ref $self->config->{'id_field'} eq 'ARRAY'; |
40 | |
9064f42f |
41 | Catalyst::Exception->throw( |
42 | "id_field set to " |
43 | . join(q{,} => @{ $self->config->{'id_field'} }) |
44 | . " but user table has no column by that name!" |
45 | ) unless all { $self->{'resultset'}->result_source->has_column($_) } @{ $self->config->{'id_field'} }; |
4bebb973 |
46 | |
5000f545 |
47 | ## if we have lazyloading turned on - we should not query the DB unless something gets read. |
48 | ## that's the idea anyway - still have to work out how to manage that - so for now we always force |
49 | ## lazyload to off. |
ff7203cb |
50 | $self->config->{lazyload} = 0; |
4bebb973 |
51 | |
ff7203cb |
52 | # if (!$self->config->{lazyload}) { |
53 | # return $self->load_user($authinfo, $c); |
54 | # } else { |
55 | # ## what do we do with a lazyload? |
4bebb973 |
56 | # ## presumably this is coming out of session storage. |
ff7203cb |
57 | # ## use $authinfo to fill in the user in that case? |
58 | # } |
59 | |
5000f545 |
60 | return $self; |
61 | } |
62 | |
63 | |
ff7203cb |
64 | sub load { |
5000f545 |
65 | my ($self, $authinfo, $c) = @_; |
4bebb973 |
66 | |
ff7203cb |
67 | my $dbix_class_config = 0; |
4bebb973 |
68 | |
ff7203cb |
69 | if (exists($authinfo->{'dbix_class'})) { |
70 | $authinfo = $authinfo->{'dbix_class'}; |
71 | $dbix_class_config = 1; |
72 | } |
4bebb973 |
73 | |
5000f545 |
74 | ## User can provide an arrayref containing the arguments to search on the user class. |
ff7203cb |
75 | ## or even provide a prepared resultset, allowing maximum flexibility for user retreival. |
4bebb973 |
76 | ## these options are only available when using the dbix_class authinfo hash. |
6bd97524 |
77 | if ($dbix_class_config && exists($authinfo->{'result'})) { |
78 | $self->_user($authinfo->{'result'}); |
79 | } elsif ($dbix_class_config && exists($authinfo->{'resultset'})) { |
ff7203cb |
80 | $self->_user($authinfo->{'resultset'}->first); |
81 | } elsif ($dbix_class_config && exists($authinfo->{'searchargs'})) { |
4bebb973 |
82 | $self->_user($self->resultset->search(@{$authinfo->{'searchargs'}})->first); |
5000f545 |
83 | } else { |
84 | ## merge the ignore fields array into a hash - so we can do an easy check while building the query |
4bebb973 |
85 | my %ignorefields = map { $_ => 1} @{$self->config->{'ignore_fields_in_find'}}; |
5000f545 |
86 | my $searchargs = {}; |
4bebb973 |
87 | |
5000f545 |
88 | # now we walk all the fields passed in, and build up a search hash. |
89 | foreach my $key (grep {!$ignorefields{$_}} keys %{$authinfo}) { |
ff7203cb |
90 | if ($self->resultset->result_source->has_column($key)) { |
5000f545 |
91 | $searchargs->{$key} = $authinfo->{$key}; |
92 | } |
ff7203cb |
93 | } |
87920e64 |
94 | if (keys %{$searchargs}) { |
95 | $self->_user($self->resultset->search($searchargs)->first); |
96 | } else { |
9064f42f |
97 | Catalyst::Exception->throw( |
98 | "Failed to load user data. You passed [" . join(',', keys %{$authinfo}) . "]" |
99 | . " to authenticate() but your user source (" . $self->config->{'user_model'} . ")" |
100 | . " only has these columns: [" . join( ",", $self->resultset->result_source->columns ) . "]" |
101 | . " Check your authenticate() call." |
102 | ); |
87920e64 |
103 | } |
ff7203cb |
104 | } |
105 | |
106 | if ($self->get_object) { |
93102ff5 |
107 | return $self; |
ff7203cb |
108 | } else { |
109 | return undef; |
5000f545 |
110 | } |
5000f545 |
111 | |
112 | } |
113 | |
114 | sub supported_features { |
115 | my $self = shift; |
5000f545 |
116 | |
117 | return { |
5000f545 |
118 | session => 1, |
119 | roles => 1, |
120 | }; |
121 | } |
122 | |
123 | |
124 | sub roles { |
b5c13b47 |
125 | my ( $self ) = shift; |
126 | ## this used to load @wantedroles - but that doesn't seem to be used by the roles plugin, so I dropped it. |
5000f545 |
127 | |
128 | ## shortcut if we have already retrieved them |
ff7203cb |
129 | if (ref $self->_roles eq 'ARRAY') { |
130 | return(@{$self->_roles}); |
5000f545 |
131 | } |
4bebb973 |
132 | |
5000f545 |
133 | my @roles = (); |
ff7203cb |
134 | if (exists($self->config->{'role_column'})) { |
ad93b3e9 |
135 | my $role_data = $self->get($self->config->{'role_column'}); |
4bebb973 |
136 | if ($role_data) { |
87920e64 |
137 | @roles = split /[\s,\|]+/, $self->get($self->config->{'role_column'}); |
ad93b3e9 |
138 | } |
078727e0 |
139 | $self->_roles(\@roles); |
ff7203cb |
140 | } elsif (exists($self->config->{'role_relation'})) { |
141 | my $relation = $self->config->{'role_relation'}; |
142 | if ($self->_user->$relation->result_source->has_column($self->config->{'role_field'})) { |
9064f42f |
143 | @roles = map { |
144 | $_->get_column($self->config->{role_field}) |
145 | } $self->_user->$relation->search(undef, { |
146 | columns => [ $self->config->{role_field} ] |
147 | })->all; |
078727e0 |
148 | $self->_roles(\@roles); |
5000f545 |
149 | } else { |
ff7203cb |
150 | Catalyst::Exception->throw("role table does not have a column called " . $self->config->{'role_field'}); |
5000f545 |
151 | } |
5000f545 |
152 | } else { |
153 | Catalyst::Exception->throw("user->roles accessed, but no role configuration found"); |
154 | } |
155 | |
ff7203cb |
156 | return @{$self->_roles}; |
5000f545 |
157 | } |
158 | |
159 | sub for_session { |
ff7203cb |
160 | my $self = shift; |
4bebb973 |
161 | |
f26005a7 |
162 | #return $self->get($self->config->{'id_field'}); |
4bebb973 |
163 | |
be7c0c30 |
164 | #my $frozenuser = $self->_user->result_source->schema->freeze( $self->_user ); |
165 | #return $frozenuser; |
4bebb973 |
166 | |
f26005a7 |
167 | my %userdata = $self->_user->get_columns(); |
e746d363 |
168 | |
169 | # If use_userdata_from_session is set, then store all of the columns of the user obj in the session |
170 | if (exists($self->config->{'use_userdata_from_session'}) && $self->config->{'use_userdata_from_session'} != 0) { |
171 | return \%userdata; |
172 | } else { # Otherwise, we just need the PKs for load() to use. |
173 | my %pk_fields = map { ($_ => $userdata{$_}) } @{ $self->config->{id_field} }; |
174 | return \%pk_fields; |
175 | } |
ff7203cb |
176 | } |
177 | |
178 | sub from_session { |
179 | my ($self, $frozenuser, $c) = @_; |
4bebb973 |
180 | |
be7c0c30 |
181 | #my $obj = $self->resultset->result_source->schema->thaw( $frozenuser ); |
182 | #$self->_user($obj); |
4bebb973 |
183 | |
be7c0c30 |
184 | #if (!exists($self->config->{'use_userdata_from_session'}) || $self->config->{'use_userdata_from_session'} == 0) { |
185 | # $self->_user->discard_changes(); |
186 | # } |
4bebb973 |
187 | # |
be7c0c30 |
188 | # return $self; |
4bebb973 |
189 | # |
be7c0c30 |
190 | ## if use_userdata_from_session is defined in the config, we fill in the user data from the session. |
70462180 |
191 | if (exists($self->config->{'use_userdata_from_session'}) && $self->config->{'use_userdata_from_session'} != 0) { |
f26005a7 |
192 | my $obj = $self->resultset->new_result({ %$frozenuser }); |
193 | $obj->in_storage(1); |
194 | $self->_user($obj); |
195 | return $self; |
f26005a7 |
196 | } |
70462180 |
197 | |
198 | if (ref $frozenuser eq 'HASH') { |
199 | return $self->load({ |
200 | map { ($_ => $frozenuser->{$_}) } |
201 | @{ $self->config->{id_field} } |
9db54bcf |
202 | }, $c); |
70462180 |
203 | } |
204 | |
205 | return $self->load( { $self->config->{'id_field'} => $frozenuser }, $c); |
5000f545 |
206 | } |
207 | |
208 | sub get { |
209 | my ($self, $field) = @_; |
4bebb973 |
210 | |
c305eeac |
211 | if (my $code = $self->_user->can($field)) { |
212 | return $self->_user->$code; |
6d4bea88 |
213 | } |
51f40056 |
214 | elsif (my $accessor = |
215 | try { $self->_user->result_source->column_info($field)->{accessor} }) { |
6d4bea88 |
216 | return $self->_user->$accessor; |
5000f545 |
217 | } else { |
51f40056 |
218 | # XXX this should probably throw |
5000f545 |
219 | return undef; |
220 | } |
221 | } |
222 | |
c1d29ab7 |
223 | sub get_object { |
f26005a7 |
224 | my ($self, $force) = @_; |
4bebb973 |
225 | |
f26005a7 |
226 | if ($force) { |
227 | $self->_user->discard_changes; |
228 | } |
229 | |
c1d29ab7 |
230 | return $self->_user; |
5000f545 |
231 | } |
232 | |
c1d29ab7 |
233 | sub obj { |
f26005a7 |
234 | my ($self, $force) = @_; |
4bebb973 |
235 | |
f26005a7 |
236 | return $self->get_object($force); |
5000f545 |
237 | } |
238 | |
69100364 |
239 | sub auto_create { |
240 | my $self = shift; |
241 | $self->_user( $self->resultset->auto_create( @_ ) ); |
242 | return $self; |
243 | } |
244 | |
245 | sub auto_update { |
246 | my $self = shift; |
247 | $self->_user->auto_update( @_ ); |
248 | } |
249 | |
28db23cf |
250 | sub can { |
251 | my $self = shift; |
252 | return $self->SUPER::can(@_) || do { |
a4523c16 |
253 | my ($method) = @_; |
28db23cf |
254 | if (my $code = $self->_user->can($method)) { |
255 | sub { shift->_user->$code(@_) } |
256 | } elsif (my $accessor = |
257 | try { $self->_user->result_source->column_info($method)->{accessor} }) { |
258 | sub { shift->_user->$accessor } |
259 | } else { |
260 | undef; |
261 | } |
262 | }; |
263 | } |
264 | |
5000f545 |
265 | sub AUTOLOAD { |
266 | my $self = shift; |
267 | (my $method) = (our $AUTOLOAD =~ /([^:]+)$/); |
268 | return if $method eq "DESTROY"; |
269 | |
8e553a46 |
270 | if (my $code = $self->_user->can($method)) { |
271 | return $self->_user->$code(@_); |
272 | } |
273 | elsif (my $accessor = |
274 | try { $self->_user->result_source->column_info($method)->{accessor} }) { |
275 | return $self->_user->$accessor(@_); |
276 | } else { |
277 | # XXX this should also throw |
278 | return undef; |
279 | } |
5000f545 |
280 | } |
281 | |
6d4bea88 |
282 | __PACKAGE__->meta->make_immutable(inline_constructor => 0); |
283 | |
5000f545 |
284 | 1; |
285 | __END__ |
286 | |
287 | =head1 NAME |
288 | |
6727afe2 |
289 | Catalyst::Authentication::Store::DBIx::Class::User - The backing user |
290 | class for the Catalyst::Authentication::Store::DBIx::Class storage |
c1d29ab7 |
291 | module. |
5000f545 |
292 | |
293 | =head1 VERSION |
294 | |
a1c47a34 |
295 | This documentation refers to version 0.1503. |
5000f545 |
296 | |
297 | =head1 SYNOPSIS |
298 | |
c1d29ab7 |
299 | Internal - not used directly, please see |
6727afe2 |
300 | L<Catalyst::Authentication::Store::DBIx::Class> for details on how to |
c1d29ab7 |
301 | use this module. If you need more information than is present there, read the |
302 | source. |
93102ff5 |
303 | |
4bebb973 |
304 | |
5000f545 |
305 | |
306 | =head1 DESCRIPTION |
307 | |
6727afe2 |
308 | The Catalyst::Authentication::Store::DBIx::Class::User class implements user storage |
c1d29ab7 |
309 | connected to an underlying DBIx::Class schema object. |
5000f545 |
310 | |
311 | =head1 SUBROUTINES / METHODS |
312 | |
4bebb973 |
313 | =head2 new |
5000f545 |
314 | |
c1d29ab7 |
315 | Constructor. |
5000f545 |
316 | |
4bebb973 |
317 | =head2 load ( $authinfo, $c ) |
5000f545 |
318 | |
c1d29ab7 |
319 | Retrieves a user from storage using the information provided in $authinfo. |
5000f545 |
320 | |
c1d29ab7 |
321 | =head2 supported_features |
5000f545 |
322 | |
c1d29ab7 |
323 | Indicates the features supported by this class. These are currently Roles and Session. |
5000f545 |
324 | |
325 | =head2 roles |
326 | |
c1d29ab7 |
327 | Returns an array of roles associated with this user, if roles are configured for this user class. |
5000f545 |
328 | |
329 | =head2 for_session |
330 | |
4bebb973 |
331 | Returns a serialized user for storage in the session. |
5000f545 |
332 | |
fbe76043 |
333 | =head2 from_session |
334 | |
4bebb973 |
335 | Revives a serialized user from storage in the session. |
fbe76043 |
336 | |
c1d29ab7 |
337 | =head2 get ( $fieldname ) |
5000f545 |
338 | |
4bebb973 |
339 | Returns the value of $fieldname for the user in question. Roughly translates to a call to |
c1d29ab7 |
340 | the DBIx::Class::Row's get_column( $fieldname ) routine. |
5000f545 |
341 | |
4bebb973 |
342 | =head2 get_object |
5000f545 |
343 | |
c1d29ab7 |
344 | Retrieves the DBIx::Class object that corresponds to this user |
5000f545 |
345 | |
346 | =head2 obj (method) |
347 | |
c1d29ab7 |
348 | Synonym for get_object |
5000f545 |
349 | |
69100364 |
350 | =head2 auto_create |
351 | |
4bebb973 |
352 | This is called when the auto_create_user option is turned on in |
353 | Catalyst::Plugin::Authentication and a user matching the authinfo provided is not found. |
4117c46f |
354 | By default, this will call the C<auto_create()> method of the resultset associated |
69100364 |
355 | with this object. It is up to you to implement that method. |
356 | |
357 | =head2 auto_update |
358 | |
4117c46f |
359 | This is called when the auto_update_user option is turned on in |
cccbdd0a |
360 | Catalyst::Plugin::Authentication. Note that by default the DBIx::Class store |
4117c46f |
361 | uses every field in the authinfo hash to match the user. This means any |
50631330 |
362 | information you provide with the intent to update must be ignored during the |
363 | user search process. Otherwise the information will most likely cause the user |
364 | record to not be found. To ignore fields in the search process, you |
365 | have to add the fields you wish to update to the 'ignore_fields_in_find' |
366 | authinfo element. Alternately, you can use one of the advanced row retrieval |
367 | methods (searchargs or resultset). |
4117c46f |
368 | |
369 | By default, auto_update will call the C<auto_update()> method of the |
370 | DBIx::Class::Row object associated with the user. It is up to you to implement |
371 | that method (probably in your schema file) |
69100364 |
372 | |
9791ac85 |
373 | =head2 AUTOLOAD |
374 | |
375 | Delegates method calls to the underlieing user row. |
376 | |
377 | =head2 can |
378 | |
379 | Delegates handling of the C<< can >> method to the underlieing user row. |
380 | |
5000f545 |
381 | =head1 BUGS AND LIMITATIONS |
382 | |
383 | None known currently, please email the author if you find any. |
384 | |
385 | =head1 AUTHOR |
386 | |
fbe76043 |
387 | Jason Kuri (jayk@cpan.org) |
5000f545 |
388 | |
28db23cf |
389 | =head1 CONTRIBUTORS |
390 | |
391 | Matt S Trout (mst) <mst@shadowcat.co.uk> |
392 | |
a4523c16 |
393 | (fixes wrt can/AUTOLOAD sponsored by L<http://reask.com/>) |
394 | |
c1d29ab7 |
395 | =head1 LICENSE |
5000f545 |
396 | |
28db23cf |
397 | Copyright (c) 2007-2010 the aforementioned authors. All rights |
c1d29ab7 |
398 | reserved. This program is free software; you can redistribute |
399 | it and/or modify it under the same terms as Perl itself. |
5000f545 |
400 | |
401 | =cut |