[Catalyst] Advanced role-based authorization

jakac jakac at iprom.si
Tue May 20 06:56:03 BST 2008


Hello!

Yes, I am also pretty sure that I will not be able to achieve something
like this using
one of the common plugins. So I was wondering if anybody has a simple
solution
for this kind of problem?

Since my application will be used by a limited number of users (about
100-200) I am
not afraid that users_pages_roles table would grow too big but I still
need some
kind of solution..

Thanx.

sindharta_tanuwijaya at yahoo.co.jp wrote:
> Hi,
>
> I don't think you can achieve that by Catalyst::Plugin::Authorization
> but please correct me if I am wrong.
>
> On a side note though, I also had an idea that is similar to yours
> some time ago, but I scrapped it because the number of records in
> users_pages_roles tables will increase exponentially as the number of
> users and pages increase.
> I wonder how the sharing function is implemented in Google Docs though.
>
> Sindharta
>
> *jakac <jakac at iprom.si>* wrote:
>
>     Hello!
>
>     I am new to Catalyst and I am developing my first web application
>     using this really
>     great framework. I really like the way Catalyst allows me to build
>     my application but
>     now I have a problem which I can not resolve by myself.
>
>     I studied the tutorial and I understand the whole concept of "role
>     based" authorization
>     where we have three tables:
>
>     - users (list of users with primary key user_id)
>     - roles (list of roles with primary key role_id)
>     - users_roles (with user_id - role_id relations)
>
>     but for my application I need a bit more advanced system than that
>     because every
>     user has also multiple pages and different roles for each page (he
>     can edit some,
>     only view the others etc.). One user has different permissions for
>     each of the pages and
>     also more users have access (and different permissions) to the
>     same page.
>     So I need 4 tables:
>
>     - users (list of users with primary key user_id)
>     - roles (list of roles with primary key role_id)
>     - pages (list of pages with primary key page_id)
>     - users_pages_roles (with user_id - page_id - role_id relations)
>
>     e.g.:
>     user1 | page1 | edit
>     user1 | page2 | edit
>     user2 | page2 | view
>     user3 | page1 | edit
>     user3 | page2 | view
>     etc.
>
>     How can I make this kind of authorization using Catalyst? How to
>     build a model
>     and configure "roles" plugin?
>
>     Also with simple role based system I can check if user has
>     permission to use that part
>     of application using:
>
>     $c->assert_user_roles( qw/rolename/ );
>
>     What about with this kind of "advanced" authorization?
>
>     Thank you all!
>
>     JakaC.
>
>     _______________________________________________
>     List: Catalyst at lists.scsys.co.uk
>     Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
>     Searchable archive:
>     http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
>     Dev site: http://dev.catalyst.perl.org/
>
>
> ------------------------------------------------------------------------
> GANBARE! NIPPON! Win your ticket to Olympic Games 2008.
> <http://pr.mail.yahoo.co.jp/ganbare-nippon/>
> ------------------------------------------------------------------------
>
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/
>   
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20080520/b31c29d5/attachment.htm


More information about the Catalyst mailing list