[Catalyst] Numerous Authorization queries
stuart at doddsweb.co.uk
Thu Nov 13 11:09:04 GMT 2008
I have a Catalyst app using the general Authentication and Authorization
setup which is in most tutorials. The Authentication part is working
fine...the user logs in and is stored in the Session....sorted.
The Authorization is also working to the extent that it does what its
supposed to do. So if i call:
it returns false for any user which does not have an entry in the
user_roles table with the role 'editor'.
Okay so far...
However, I came across what seems to be a problem when i wanted to debug
the SQL for a query being generated by DBIC. When i saw the SQL output I
found that there were hundreds of the same (authorization) queries being
generated on a page load. eg:
SELECT me.role FROM roles me LEFT JOIN user_roles map_user_role ON (
map_user_role.role_id = me.id ) WHERE ( map_user_role.user_id = ? AND
me.role IN ( ? ) ), '6', 'editor'
this is because on that particular page there is a list of links...if
the user has 'editor' rights they should be able to see the link +
content otherwise the 'viewer' role should only be able to view the
content without the link.
That means every iteration the check_user_roles() sub is being called to
display the link and hence the db is being hit every time.
First of all is this behavior supposed to happen? Or am i not supposed
to use the sub this way? I thought perhaps once you called
check_user_roles() the first time the data it got back could be stored
somewhere in the Catalyst/User/someother object so it only hits the db
once per page load (for that particular query).
Any information on this would be greatly appreciated, thanks.
More information about the Catalyst