[Catalyst] Authorization Failure
Tomas Doran
bobtfish at bobtfish.net
Fri May 8 17:09:07 GMT 2009
Ascii King wrote:
> the authorization component of my application no longer works properly.
> Did something change with Catalyst::Plugin::Authorization? I searched
> the lists, but I didn't see anything.
<snip>
The tests still all pass, and they do test this sort of thing.
> When testing the above statement, admin and office are supposed to be
> allowed access to 'list_account'. However, admin can access it, but
> office and remote cannot. If I change it to 'allow_access_if' then
> everyone can get access.
I can't really make a call about if it's working or not without knowing
a lot more about your application structure, and your currently logged
in user / roles etc.
I'd recommend making a TestApp, pulling the relevant bits of controller
code out (the bodies can be mostly blank, you only care about the
paths), setting up trivial auth (no DB or anything needed, just use
Auth::Store::Minimal), and see if you can replicate the issue outside of
your main application..
Even if you get the same issues, you now have something small and easy
to understand which you can show to other people, without them having to
grok your entire app..
Cheers
t0m
More information about the Catalyst
mailing list