X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=catagits%2FCatalyst-Manual.git;a=blobdiff_plain;f=lib%2FCatalyst%2FManual%2FTutorial%2FAuthorization.pod;h=fce6161619b09cb046ac8b392d37005ac6184207;hp=3fa136e216ff7b0a6f29a9524a922da39e3578cb;hb=3b1fa91be1d89d2297aa9e8e83462344d9cd9820;hpb=8a472b348fcfa36ba50a5182fbd4449a71b8044a diff --git a/lib/Catalyst/Manual/Tutorial/Authorization.pod b/lib/Catalyst/Manual/Tutorial/Authorization.pod index 3fa136e..fce6161 100644 --- a/lib/Catalyst/Manual/Tutorial/Authorization.pod +++ b/lib/Catalyst/Manual/Tutorial/Authorization.pod @@ -80,73 +80,32 @@ Edit C and add C to the list: # Load plugins use Catalyst qw/-Debug - ConfigLoader - Static::Simple + ConfigLoader + Static::Simple - StackTrace + StackTrace - Authentication - Authorization::Roles + Authentication + Authorization::Roles - Session - Session::Store::FastMmap - Session::State::Cookie - /; + Session + Session::Store::FastMmap + Session::State::Cookie + /; B As discussed in MoreCatalystBasics, different versions of C have used a variety of methods to load the plugins. You can put the plugins in the C statement if you prefer. +Once again (remain sharp, by now you should be getting the hang of things) +include this additional plugin as a new dependency in the Makefile.PL file +like this: -=head2 Add Config Information for Authorization - -Edit C and update it to match the following (the -C and C definitions are new): - - # rename this file to MyApp.yml and put a : in front of "name" if - # you want to use yaml like in old versions of Catalyst - name MyApp - - default_realm dbic - - - - # Note this first definition would be the same as setting - # __PACKAGE__->config->{authentication}->{realms}->{dbic} - # ->{credential} = 'Password' in lib/MyApp.pm - # - # Specify that we are going to do password-based auth - class Password - # This is the name of the field in the users table with the - # password stored in it - password_field password - # Switch to more secure hashed passwords - password_type hashed - # Use the SHA-1 hashing algorithm - password_hash_type SHA-1 - - - # Use DBIC to retrieve username, password & role information - class DBIx::Class - # This is the model object created by Catalyst::Model::DBIC - # from your schema (you created 'MyApp::Schema::Result::User' - # but as the Catalyst startup debug messages show, it was - # loaded as 'MyApp::Model::DB::Users'). - # NOTE: Omit 'MyApp::Model' here just as you would when using - # '$c->model("DB::Users)' - user_class DB::Users - # This is the name of a many_to_many relation in the users - # object that points to the roles for that user - role_relation roles - # This is the name of field in the roles table that contains - # the role information - role_field role - - - - - + requires ( + ... + 'Catalyst::Plugin::Authorization::Roles' => '0', + ); =head2 Add Role-Specific Logic to the "Book List" Template @@ -158,7 +117,7 @@ lines to the bottom of the file:
    [% # Dump list of roles -%] - [% FOR role = c.user.roles %]
  • [% role %]
    • [% END %] + [% FOR role = c.user.role %]
  • [% role %]
    • [% END %]

@@ -209,28 +168,20 @@ updating C to match the following code: if ($c->check_user_roles('admin')) { # Call create() on the book model object. Pass the table # columns/field values we want to set as hash values - my $book = $c->model('DB::Books')->create({ + my $book = $c->model('DB::Book')->create({ title => $title, rating => $rating }); # Add a record to the join table for this book, mapping to # appropriate author - $book->add_to_book_authors({author_id => $author_id}); + $book->add_to_book_author({author_id => $author_id}); # Note: Above is a shortcut for this: - # $book->create_related('book_authors', {author_id => $author_id}); + # $book->create_related('book_author', {author_id => $author_id}); # Assign the Book object to the stash for display in the view $c->stash->{book} = $book; - # This is a hack to disable XSUB processing in Data::Dumper - # (it's used in the view). This is a work-around for a bug in - # the interaction of some versions or Perl, Data::Dumper & DBIC. - # You won't need this if you aren't using Data::Dumper (or if - # you are running DBIC 0.06001 or greater), but adding it doesn't - # hurt anything either. - $Data::Dumper::Useperl = 1; - # Set the TT template to use $c->stash->{template} = 'books/create_done.tt2'; } else { @@ -293,7 +244,7 @@ your controllers and views be an "thin" as possible, with all of the For example, let's add a method to our C Result Class to check if a user is allowed to delete a book. Open -C and add the following method +C and add the following method (be sure to add it below the "C" line): =head2 delete_allowed_by @@ -311,12 +262,8 @@ C and add the following method Here we call a C method on our user object, so we should add this method to our Result Class. Open -C and add this near the top: - - use Perl6::Junction qw/any/; - -And then add the following method below the "C" -line: +C and add the following method below +the "C" line: =head 2 has_role @@ -324,6 +271,7 @@ line: =cut + use Perl6::Junction qw/any/; sub has_role { my ($self, $role) = @_;