X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=catagits%2FCatalyst-Manual.git;a=blobdiff_plain;f=lib%2FCatalyst%2FManual%2FTutorial%2FAuthorization.pod;fp=lib%2FCatalyst%2FManual%2FTutorial%2FAuthorization.pod;h=d340d20027002fa6bb06f4e8f29b576cc2e86f2c;hp=b4d73414d904404bb3d9aa16bb74e962cf8e963f;hb=5fe0e6dd6d3c9a21c48c9c1a671a6092222a98d9;hpb=fe01b24f85098a731125f36fc4de26a654ac7efc

diff --git a/lib/Catalyst/Manual/Tutorial/Authorization.pod b/lib/Catalyst/Manual/Tutorial/Authorization.pod
index b4d7341..d340d20 100644
--- a/lib/Catalyst/Manual/Tutorial/Authorization.pod
+++ b/lib/Catalyst/Manual/Tutorial/Authorization.pod
@@ -311,7 +311,7 @@ C<__PACKAGE__-E<gt>setup> statement:
             "/books/form_create_do",
             [qw/admin/],
         );
-    __PACKAGE__->deny_access_unless(
+    __PACKAGE__->allow_access_if(
             "/books/delete",
             [qw/user admin/],
         );
@@ -320,9 +320,10 @@ Each of the three statements above comprises an ACL plugin "rule".  The
 first two rules only allow admin-level users to create new books using
 the form (both the form itself and the data submission logic are
 protected).  The third statement allows both users and admins to delete
-books.  The C</books/url_create> action will continue to be protected by
-the "manually configured" authorization created earlier in this part of
-the tutorial.
+books; letting users delete but not create book entries may sound odd in
+the "real world", but this is just an example.  The C</books/url_create>
+action will continue to be protected by the "manually configured"
+authorization created earlier in this part of the tutorial.
 
 The ACL plugin permits you to apply allow/deny logic in a variety of
 ways.  The following provides a basic overview of the capabilities: