[Catalyst] "no role configuration found" -- authorization:
dbic and DBI::Schema::Loader
Jay K
jayk at ion0.com
Mon Dec 17 05:20:06 GMT 2007
Hi Ashley,
The log message you see is a result of the recent move away from the
Catalyst::Plugin::Authentication namespace for stores / credentials.
It falls back to the old naming and warns if it can't find the new
module.. It should, however, have no effect on the functionality of
the code.
It's not a bad idea to update the DBIx::Class store - but be sure to
remove the Catalyst::Plugin::Authentication::Store::DBIx::Class module
first - just to avoid conflicts. Nothing has changed related to roles
in the update, so it shouldn't make any difference.
I don't know why the assert is failing, it should not - what do you
get if you use $c->check_user_roles() - valid results?
Jay
On Dec 16, 2007, at 4:27 PM, Ashley Pond V wrote:
> Continuing saga. So I set up the many_to_many and lo! It worked. But
> it worked with *any* role, even fake ones, so obviously something
> was bad. Turned out that it was silently failing instead of throwing
> an access exception (but there was a template set by the namespace
> so the page rendered as expected).
>
> # failed silently (as far as Cat was concerned)
> $c->assert_user_roles("there is no role called this");
>
> So, dug into the log:
>
> [Sun Dec 16 16:13:20 2007] [error] [client 67.170.68.172] [warn]
> Store class "Catalyst::Authentication::Store::DBIx::Class" not
> found, trying deprecated ::Plugin:: style naming. , referer: [...]
>
> Would love to have more, rather than fewer exceptions thrown. I
> think the missing class was the cause of a couple of red herrings I
> followed down the rabbit hole trying to get this running yesterday
> [I'm entitled to mix metaphors, I pay an annual fee]. After I get an
> admin to install the missing package in the morning I'll regale you
> with my next series of missteps and annoying language.
>
> Live free or die early, die often,
> -Ashley
>
> On Dec 15, 2007, at 9:52 PM, Jay K wrote:
>
>> Hi There Ashley,
>>
>> The DBIx::Class module expects to use the relation provided in the
>> role_relation config element to retrieve one or more rows, which
>> must contain a field called by whatever you provide in role_field.
>>
>> My guess is that your user_roles table is a cross-ref table -
>> userid and roleid essentially. In order to solve this you need to
>> use a many_to_many relationship mapping to the textual role names.
>>
>> The DBIx::Class module expects you are going to route it to the
>> information it needs using the role_relation. So what you really
>> need to do is create the schema class and just define the many-to-
>> many for roles. Then provide that relation to 'role_relation' and
>> all your problems should go away.
>>
>> It still works with dynamic schema - but you have to create the
>> relationship. You can do that by creating your schema module to
>> look something like this:
>>
>> package MyApp::Schema::Users;
>> use strict;
>> use warnings;
>>
>> use base 'DBIx::Class';
>> __PACKAGE__->load_components("PK::Auto", "Core");
>>
>>
>> __PACKAGE__->has_many('roles_map', "MyApp::Schema::RoleMap",
>> user_id');
>> __PACKAGE__->many_to_many( roles => 'role_map, 'role');
>>
>> 1;
>>
>> I might have that slightly wrong - I've been moving today so I'm a
>> bit overtired. but basically that allows your schema to
>> dynamically figure itself out, but you define the relationships for
>> it.
>>
>> For some database types, DBIx::Class can figure out your
>> relationships for you - but I don't think it can sort out many-to-
>> many's anyway.
>>
>> Hope that helps. And I hope it makes as much sense to you as I
>> make to myself in my head at the moment. This, I understand, may
>> not be the case. If not, I'll try again tomorrow.
>>
>> Jay
>>
>> On Dec 15, 2007, at 5:57 PM, Ashley Pond V wrote:
>>
>>> Progressing… Looking at Catalyst/Plugin/Authentication/Store/DBIC/
>>> User.pm I saw a couple of items in the "authentication" config I
>>> could set. With "role_relation" and "role_field" set--
>>>
>>> authentication:
>>> default_realm: users
>>> realms:
>>> users:
>>> credential:
>>> class: Password
>>> password_field: password
>>> password_type: hashed
>>> password_hash_type: SHA-1
>>> store:
>>> class: DBIx::Class
>>> user_class: User
>>> role_relation: user_roles
>>> role_field: role
>>>
>>> --I now get the roles checked but they are failing because they
>>> are checking (returning) the role "id" instead of the "name."
>>>
>>> $c->user->roles returns a list of the IDs too. So, from reading
>>> this,
>>> Catalyst::Plugin::Authentication::Store::DBIx::Class::roles()
>>> it looks like dynamic loader schemas are incompatible right now?
>>> I'm trying to figure this out but there is a lot of inter-related
>>> code to read, cross-package-configuration, and documentation drift/
>>> lag.
>>>
>>> Throw me a bone, er, a line!
>>> -Ashley
>>>
>>>
>>> On Dec 15, 2007, at 10:18 AM, Ashley Pond V wrote:
>>>> Can you elaborate? "map_user_role" ne "user_role." I have
>>>> "role_rel" set to the UserRole class. I tried adding "user_role"
>>>> but it didn't help and I don't see it anywhere in the docs.
>>>>
>>>> I should rephrase, I think. Is anyone using DBIC::Schema::Loader
>>>> dynamically with role authorization? If so, please share your
>>>> configuration or advise of which FMTR.
>>>>
>>>> Thanks again,
>>>> -Ashley
>>>>
>>>
>>> _______________________________________________
>>> List: Catalyst at lists.scsys.co.uk
>>> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
>>> Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
>>> Dev site: http://dev.catalyst.perl.org/
>>
>> ---
>> For most things, throwing yourself at the wall over and over is a
>> better way to improve than thinking hard about the wall and taking
>> pictures of it. -- D.Litwack
>>
>>
>>
>> _______________________________________________
>> List: Catalyst at lists.scsys.co.uk
>> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
>> Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
>> Dev site: http://dev.catalyst.perl.org/
>
>
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.rawmode.org/
> Dev site: http://dev.catalyst.perl.org/
---
"Those who can make you believe absurdities can make you commit
atrocities." --Voltaire
More information about the Catalyst
mailing list