Session::State::Cookie
/;
+B<Note:> As discussed in MoreCatalystBasics, different versions of
+C<Catalyst::Devel> have used a variety of methods to load the plugins.
+You can put the plugins in the C<use Catalyst> statement if you prefer.
+
=head2 Add Config Information for Authorization
"/books/form_create_do",
[qw/admin/],
);
- __PACKAGE__->deny_access_unless(
+ __PACKAGE__->allow_access_if(
"/books/delete",
[qw/user admin/],
);
first two rules only allow admin-level users to create new books using
the form (both the form itself and the data submission logic are
protected). The third statement allows both users and admins to delete
-books. The C</books/url_create> action will continue to be protected by
-the "manually configured" authorization created earlier in this part of
-the tutorial.
+books; letting users delete but not create book entries may sound odd in
+the "real world", but this is just an example. The C</books/url_create>
+action will continue to be protected by the "manually configured"
+authorization created earlier in this part of the tutorial.
The ACL plugin permits you to apply allow/deny logic in a variety of
ways. The following provides a basic overview of the capabilities:
admin-level users.) If you log in as C<test01> you should be able to
view the C<form_create> form and add a new book.
-When you are done, use one of the 'Logout' links (or go to the
+Use one of the 'Logout' links (or go to the
L<http://localhost:3000/logout> URL directly) when you are done.