X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=blobdiff_plain;f=lib%2FCatalyst%2FManual%2FTutorial%2FAuthorization.pod;h=9af1ce3452f8fcac54f12b992c10b4683e068b33;hb=936a5dd5c424d816dd470690473c1e38127a0c3c;hp=d194e5e0dfc4074c96e6f26b1c13bd0ccfcd7d89;hpb=c19d127ebfc41407188cbb614c47635b312aad7e;p=catagits%2FCatalyst-Runtime.git diff --git a/lib/Catalyst/Manual/Tutorial/Authorization.pod b/lib/Catalyst/Manual/Tutorial/Authorization.pod index d194e5e..9af1ce3 100644 --- a/lib/Catalyst/Manual/Tutorial/Authorization.pod +++ b/lib/Catalyst/Manual/Tutorial/Authorization.pod @@ -59,13 +59,9 @@ how to use roles in both TT templates and controller actions. The first half looks at manually configured authorization. The second half looks at how the ACL authorization plugin can simplify your code. -B: Note that all of the code for this part of the tutorial can be -pulled from the Catalyst Subversion repository in one step with the -following command: - - svn checkout http://dev.catalyst.perl.org/repos/Catalyst/trunk/examples/Tutorial@### - IMPORTANT: Does not work yet. Will be completed for final version. - +You can checkout the source code for this example from the catalyst +subversion repository as per the instructions in +L =head1 BASIC AUTHORIZATION @@ -81,7 +77,6 @@ Edit C and add C to the list: Static::Simple StackTrace - DefaultEnd Authentication Authentication::Store::DBIC @@ -110,7 +105,8 @@ Edit C and update it to match (everything from the # This is the model object created by Catalyst::Model::DBIC from your # schema (you created 'MyAppDB::User' but as the Catalyst startup # debug messages show, it was loaded as 'MyApp::Model::MyAppDB::User'). - # NOTE: Omit 'MyAppDB::Model' to avoid a component lookup issue in Catalyst 5.66 + # NOTE: Omit 'MyApp::Model' here just as you would when using + # '$c->model("MyAppDB::User)' user_class: MyAppDB::User # This is the name of the field in your 'users' table that contains the user's name user_field: username @@ -126,12 +122,13 @@ Edit C and update it to match (everything from the # This is the model object created by Catalyst::Model::DBIC from your # schema (you created 'MyAppDB::Role' but as the Catalyst startup # debug messages show, it was loaded as 'MyApp::Model::MyAppDB::Role'). - # NOTE: Omit 'MyAppDB::Model' to avoid a component lookup issue in Catalyst 5.66 + # NOTE: Omit 'MyApp::Model' here just as you would when using + # '$c->model("MyAppDB::User)' role_class: MyAppDB::Role # The name of the field in the 'roles' table that contains the role name role_field: role - # The name of the accessor used to map a user to a role - # See the has_many() in MyAppDB/User.pm + # The name of the accessor used to map a role to the users who have this role + # See the has_many() in MyAppDB/Role.pm role_rel: map_user_role # The name of the field in the user_role table that references the user user_role_user_field: user_id @@ -251,9 +248,10 @@ running) and restart it: Now trying going to L and you should be taken to the login page (you might have to C your -browser). Try logging in with both C and C (both use a -password of C) and notice how the roles information updates at -the bottom of the "Book List" page. Also try the C link on the +browser and/or click the "Logout" link on the book list page). Try +logging in with both C and C (both use a password +of C) and notice how the roles information updates at the +bottom of the "Book List" page. Also try the C link on the book list page. Now the "url_create" URL will work if you are already logged in as user @@ -266,12 +264,13 @@ while logged in as each user. Use one of the 'Logout' links (or go to L in you browser directly) when you are done. + =head1 ENABLE ACL-BASED AUTHORIZATION This section takes a brief look at how the -L plugin can automate much of the -work required to perform role-based authorization in a Catalyst -application. +L +plugin can automate much of the work required to perform role-based +authorization in a Catalyst application. =head2 Add the C Plugin @@ -305,7 +304,7 @@ C<__PACKAGE__-Esetup;> statement: Each of the three statements above comprises an ACL plugin "rule". The first two rules only allow admin-level users to create new books using the form (both the form itself and the data submission logic are -protected). The third statement allows both users and admin to delete +protected). The third statement allows both users and admins to delete books. The C action will continue to be protected by the "manually configured" authorization created earlier in this part of the tutorial. @@ -359,7 +358,7 @@ C B the C<__PACKAGE__-Esetup;> line. =head2 Add a Method to Handle Access Violations By default, -L +L throws an exception when authorization fails. This will take the user to the Catalyst debug screen, or a "Please come back later" message if you are not using the C<-Debug> flag. This step uses the @@ -380,12 +379,11 @@ following method: # Set the error message $c->stash->{error_msg} = 'Unauthorized!'; - + # Display the list $c->forward('list'); } - Then run the Catalyst development server script: $ script/myapp_server.pl @@ -406,10 +404,10 @@ L URL directly) when you are done. Kennedy Clark, C -Please report any errors, issues or suggestions to the author. +Please report any errors, issues or suggestions to the author. The +most recent version of the Catalyst Tutorial can be found at +L. Copyright 2006, Kennedy Clark, under Creative Commons License (L). -Version: .94 -