X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=catagits%2FCatalyst-Manual.git;a=blobdiff_plain;f=lib%2FCatalyst%2FManual%2FTutorial%2FAuthorization.pod;h=5ba80f0a0756ea7f25cd74179494a27060ccda91;hp=d6be44f7dd928017dbce8b0d535b1f1dc9d2f138;hb=d04961970a25ec3dc831f89be5cd6e27fdec884a;hpb=3778bcbe622622881133e21002eea4179453c2f0

diff --git a/lib/Catalyst/Manual/Tutorial/Authorization.pod b/lib/Catalyst/Manual/Tutorial/Authorization.pod
index d6be44f..5ba80f0 100644
--- a/lib/Catalyst/Manual/Tutorial/Authorization.pod
+++ b/lib/Catalyst/Manual/Tutorial/Authorization.pod
@@ -1,11 +1,11 @@
 =head1 NAME
 
-Catalyst::Manual::Tutorial::Authorization - Catalyst Tutorial - Part 5: Authorization
+Catalyst::Manual::Tutorial::Authorization - Catalyst Tutorial - Part 6: Authorization
 
 
 =head1 OVERVIEW
 
-This is B<Part 5 of 9> for the Catalyst tutorial.
+This is B<Part 6 of 10> for the Catalyst tutorial.
 
 L<Tutorial Overview|Catalyst::Manual::Tutorial>
 
@@ -21,36 +21,39 @@ L<Catalyst Basics|Catalyst::Manual::Tutorial::CatalystBasics>
 
 =item 3
 
-L<Basic CRUD|Catalyst::Manual::Tutorial_BasicCRUD>
+L<More Catalyst Basics|Catalyst::Manual::Tutorial::MoreCatalystBasics>
 
 =item 4
 
-L<Authentication|Catalyst::Manual::Tutorial::Authentication>
+L<Basic CRUD|Catalyst::Manual::Tutorial::BasicCRUD>
 
 =item 5
 
-B<Authorization>
+L<Authentication|Catalyst::Manual::Tutorial::Authentication>
 
 =item 6
 
-L<Debugging|Catalyst::Manual::Tutorial::Debugging>
+B<Authorization>
 
 =item 7
 
-L<Testing|Catalyst::Manual::Tutorial::Testing>
+L<Debugging|Catalyst::Manual::Tutorial::Debugging>
 
 =item 8
 
-L<AdvancedCRUD|Catalyst::Manual::Tutorial::AdvancedCRUD>
+L<Testing|Catalyst::Manual::Tutorial::Testing>
 
 =item 9
 
+L<Advanced CRUD|Catalyst::Manual::Tutorial::AdvancedCRUD>
+
+=item 10
+
 L<Appendices|Catalyst::Manual::Tutorial::Appendices>
 
 =back
 
 
-
 =head1 DESCRIPTION
 
 This part of the tutorial adds role-based authorization to the existing
@@ -79,8 +82,6 @@ Edit C<lib/MyApp.pm> and add C<Authorization::Roles> to the list:
             StackTrace
             
             Authentication
-            Authentication::Store::DBIC
-            Authentication::Credential::Password
             Authorization::Roles
             
             Session
@@ -91,47 +92,52 @@ Edit C<lib/MyApp.pm> and add C<Authorization::Roles> to the list:
 
 =head2 Add Config Information for Authorization
 
-Edit C<myapp.yml> and update it to match (everything from the
-"authorization:" line down is new):
-
-    ---
-    name: MyApp
-    authentication:
-        dbic:
-            # Note this first definition would be the same as setting
-            # __PACKAGE__->config->{authentication}->{dbic}->{user_class} = 'MyAppDB::User'
-            # in lib/MyApp.pm (IOW, each hash key becomes a "name:" in the YAML file).
-            #
-            # This is the model object created by Catalyst::Model::DBIC from your
-            # schema (you created 'MyAppDB::User' but as the Catalyst startup
-            # debug messages show, it was loaded as 'MyApp::Model::MyAppDB::User').
-            # NOTE: Omit 'MyApp::Model' here just as you would when using 
-            # '$c->model("MyAppDB::User)'
-            user_class: MyAppDB::User
-            # This is the name of the field in your 'users' table that contains the user's name
-            user_field: username
-            # This is the name of the field in your 'users' table that contains the password
-            password_field: password
-            # Other options can go here for hashed passwords
-            # Enabled hashed passwords
-            password_type: hashed
-            # Use the SHA-1 hashing algorithm
-            password_hash_type: SHA-1
-    authorization:
-        dbic:
-            # This is the model object created by Catalyst::Model::DBIC from your
-            # schema (you created 'MyAppDB::Role' but as the Catalyst startup
-            # debug messages show, it was loaded as 'MyApp::Model::MyAppDB::Role').
-            # NOTE: Omit 'MyApp::Model' here just as you would when using 
-            # '$c->model("MyAppDB::User)'
-            role_class: MyAppDB::Role
-            # The name of the field in the 'roles' table that contains the role name
-            role_field: role
-            # The name of the accessor used to map a role to the users who have this role
-            # See the has_many() in MyAppDB/Role.pm
-            role_rel: map_user_role
-            # The name of the field in the user_role table that references the user
-            user_role_user_field: user_id
+Edit C<myapp.conf> and update it to match the following (the 
+C<role_relation> and C<role_field> definitions are new):
+
+    name MyApp
+    <authentication>
+        default_realm dbic
+        <realms>
+            <dbic>
+                <credential>
+                    # Note this first definition would be the same as setting
+                    # __PACKAGE__->config->{authentication}->{realms}->{dbic}
+                    #     ->{credential} = 'Password' in lib/MyApp.pm 
+                    #
+                    # Specify that we are going to do password-based auth
+                    class Password
+                    # This is the name of the field in the users table with the
+                    # password stored in it
+                    password_field password
+                    # Switch to more secure hashed passwords
+                    password_type  hashed
+                    # Use the SHA-1 hashing algorithm
+                    password_hash_type SHA-1
+                </credential>
+                <store>
+                    # Use DBIC to retrieve username, password & role information
+                    class DBIx::Class
+                    # This is the model object created by Catalyst::Model::DBIC 
+                    # from your schema (you created 'MyApp::Schema::User' but as
+                    # the Catalyst startup debug messages show, it was loaded as 
+                    # 'MyApp::Model::DB::Users').
+                    # NOTE: Omit 'MyApp::Model' here just as you would when using 
+                    # '$c->model("DB::Users)'
+                    user_class DB::Users
+                    # This is the name of the field in your 'users' table that 
+                    # contains the user's name
+                    id_field username
+                    # This is the name of a many_to_many relation in the users
+                    # object that points to the roles for that user
+                    role_relation  roles
+                    # This is the name of field in the roles table that contains
+                    # the role information
+                    role_field role
+                </store>
+            </dbic>
+        </realms>
+    </authentication>
 
 
 =head2 Add Role-Specific Logic to the "Book List" Template
@@ -193,7 +199,7 @@ updating C<url_create> to match the following code:
         if ($c->check_user_roles('admin')) {
             # Call create() on the book model object. Pass the table 
             # columns/field values we want to set as hash values
-            my $book = $c->model('MyAppDB::Book')->create({
+            my $book = $c->model('DB::Books')->create({
                     title   => $title,
                     rating  => $rating
                 });