[Catalyst] ACL confusion
Chisel Wright
chisel at herlpacker.co.uk
Thu Mar 20 10:11:36 GMT 2008
I'm trying to add some ACLs to Parley.
I want to restrict access to "role1 or role2 or role3"
Reading Catalyst::Manual::Tutorial::Authorization:
# third statement
__PACKAGE__->deny_access_unless(
"/books/delete",
[qw/user admin/],
);
... The third statement allows both users and admins to delete books.
Excellent! Just what I want! Except it doesn't seem to work like that.
Reading Catalyst::Plugin::Authorization::ACL:
If "allow_access_if" is used, the presence of all the roles will
immediately permit access, and if "deny_access_unless" is used the
lack of any of the roles will immediately deny access.
Unless I need more coffee, these two say different things.
Is the only way to get OR like behaviour to use the example from the
cookbook?
Zoo->deny_access_unless( "/moose_cage", sub {
my $c = shift;
$c->check_roles( "moose_trainer" )
|| $c->check_roles( "moose_feeder" );
});
Chisel
--
Chisel Wright
e: chisel at herlpacker.co.uk
w: http://www.herlpacker.co.uk/
I even make myself laugh sometimes...
More information about the Catalyst
mailing list