[Catalyst] Re: Validating single arg id

Bill Moseley moseley at hank.org
Wed Oct 21 23:53:36 GMT 2009 

On Wed, Oct 21, 2009 at 6:52 AM, Aristotle Pagaltzis <pagaltzis at gmx.de>wrot=
e:

> * Zbigniew Lukasiak <zzbbyy at gmail.com> [2009-10-21 14:15]:
> > What is the advantage of this over:
> >
> > sub view : Local {
> >  my ( $self, $c, $id ) =3D @_;
> >  $self->start( $c, $id );
> >  # do something with $c->stash->{obj}
> >  return 1;
> > }
>
> Consider `/forum/7/topic/13/post/4/editform`. The end point in
> that chain would be
>
>    sub editform : Chained('post') {
>        my ( $self, $c ) =3D @_;
>        # ...
>    }
>
> The equivalent URI with Local would be `/editpost/7/13/4` and the
> action would look like this:
>
>    sub editform : Local {
>        my ( $self, $c, $forum, $topic, $post ) =3D @_;
>        $self->load_post( $forum, $topic, $post );
>        # ...
>    }
>

I think that depends on your data.  If $forum, $topic, and $post make up a
path on disk then yes, the chain is really useful.
If $post is a primary key and there's a relationship $post->topic->forum
then there's no need for those, of course, and confusion if $post->topic is
not the same id as passed in the URL for the forum.

Perhaps a good use for the chain there is for access control -- the current
user might only have access to some forums so a chain makes it easy to do
that kind of validation early in the chain and then detach if access fails.

The chain also allows fetching the $forum and $topic objects and place them
in the stash.  But, again if they are related can load the $post with a join
and avoid separate calls to the database.  (But, it may be the case that
caching the $forum and $topic individually make sense.)

Anyway, my actions often look like this: (a bit oversimplified)

package MyApp::Forum::Post;
sub view : Local {
    my ( $self, $c, $post_id ) =3D @_;

    $c->stash->{post} =3D $c->user->fetch_post( $id ) || return
$c->res->status( 404 );
}

Kind of ugly calling that on the user object, but it's just an example.
That method, for example, might do a join with the forum and topic tables
and also with a permissions table to make sure the user can access the post.

I do prefer the /forum/post/334/view type of URLs, though, but my CRUD
actions often end up like this:

   /forum/post - list
   /forum/post/edit  - create (POST)
   /forum/post/edit/22 - view (GET) update (PUT/POST)
   /forum/post/delete/22

And it's very DRY because there's separate model method for each.

The create method may have a different URL structure to specify the topic,
or it might be ?topic=3D123, or it might be part of the post parameters.





-- =

Bill Moseley
moseley at hank.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20091021/5c40c=
dcd/attachment.htm

More information about the Catalyst mailing list