second half looks at how moving your authorization code to your model
can simplify your code and make things easier to maintain.
-You can checkout the source code for this example from the catalyst
-subversion repository as per the instructions in
+Source code for the tutorial in included in the F</home/catalyst/Final>
+directory of the Tutorial Virtual machine (one subdirectory per
+chapter). There are also instructions for downloading the code in
L<Catalyst::Manual::Tutorial::01_Intro>.
way to demonstrate that TT templates will not be used if the response
body has already been set. In reality you would probably want to use a
technique that maintains the visual continuity of your template layout
-(for example, using L<Catalyst::Plugin::StateMessage> as shown in the
+(for example, using L<Catalyst::Plugin::StatusMessage> as shown in the
L<last chapter|Catalyst::Manual::Tutorial::05_Authentication> to
redirect to an "unauthorized" page).
return any(map { $_->role } $self->roles) eq $role;
}
-Let's also add Perl6::Junction to the requirements listed in
+Let's also add C<Perl6::Junction> to the requirements listed in
Makefile.PL:
requires 'Perl6::Junction';
+B<Note:> Feel free to use C<grep> in lieu of C<Perl6::Junction::any> if
+you prefer. Also, please don't let the use of the C<Perl6::Junction>
+module above lead you to believe that Catalyst is somehow dependent on
+Perl 6... we are simply using that module for its
+L<easy-to-read|http://blogs.perl.org/users/marc_sebastian_jakobs/2009/11/my-favorite-module-of-the-month-perl6junction.html>
+C<any> function.
+
Now we need to add some enforcement inside our controller. Open
C<lib/MyApp/Controller/Books.pm> and update the C<delete> method to
match the following code:
$c->detach('/error_noperms')
unless $c->stash->{object}->delete_allowed_by($c->user->get_object);
+ # Saved the PK id for status_msg below
+ my $id = $c->stash->{object}->id;
+
# Use the book object saved by 'object' and delete it along
# with related 'book_authors' entries
$c->stash->{object}->delete;
- # Use 'flash' to save information across requests until it's read
- $c->flash->{status_msg} = "Book deleted";
-
# Redirect the user back to the list page
$c->response->redirect($c->uri_for($self->action_for('list'),
{mid => $c->set_status_msg("Deleted book $id")}));
L<http://localhost:3000/logout> URL directly) when you are done.
+You can jump to the next chapter of the tutorial here:
+L<Debugging|Catalyst::Manual::Tutorial::07_Debugging>
+
+
=head1 AUTHOR
Kennedy Clark, C<hkclark@gmail.com>
Feel free to contact the author for any errors or suggestions, but the
best way to report issues is via the CPAN RT Bug system at
-<https://rt.cpan.org/Public/Dist/Display.html?Name=Catalyst-Manual>.
-
-The most recent version of the Catalyst Tutorial can be found at
-L<http://dev.catalyst.perl.org/repos/Catalyst/Catalyst-Manual/5.80/trunk/lib/Catalyst/Manual/Tutorial/>.
+L<https://rt.cpan.org/Public/Dist/Display.html?Name=Catalyst-Manual>.
-Copyright 2006-2010, Kennedy Clark, under the
+Copyright 2006-2011, Kennedy Clark, under the
Creative Commons Attribution Share-Alike License Version 3.0
(L<http://creativecommons.org/licenses/by-sa/3.0/us/>).
projects / catagits/Catalyst-Manual.git / blobdiff