[Catalyst] Re: Calling Controller Methods from inside begin or auto.

Bill Moseley moseley at hank.org
Wed Sep 30 13:53:13 GMT 2009


On Wed, Sep 30, 2009 at 5:23 AM, Derek Wueppelmann <dwueppel at gmail.com>wrot=
e:

> On Tue, 2009-09-29 at 14:39 +0200, Aristotle Pagaltzis wrote:
> > * monkey <dwueppel at gmail.com> [2009-09-29 14:35]:
> > > Is there another way to do the above without having to write
> > > the auth handling at the top of every method used to display
> > > pages?
> >
> > Chained dispatch. Do an auth check early in the chain, then the
> > actions down the chain don=92t need to do it.
>
> So I found a different way to do this. It's pretty close to my original
> method I had mentioned, but instead of calling $self->auth_required I
> changed it to:
>
>        $c->action->class->auth_required()
>
> Which has the desired effect. Now all I need to do is if a controller
> does not require authentication in order to be viewed I override the
> auth_required method in that controller to return 0 instead of the
> default 1.
>

Does that approach provide you with enough fine-grained access control?
I suppose you can check the action name in auth_required().

There are a number of existing modules to consider, for example:

Catalyst::Action::Role::ACL
Catalyst::Plugin::Authorization::ACL

I've also used an approach where I check for roles in each controller's auto
method, and I've also used method attributes to indicate the access level
required for each action (which has the benefit where I can require *every*
dispatched action to have an access level specified or be blocked).

I also do not detach to a login page, rather I always redirect.  Not sure I
remember the details of that choice, but one reason might have been I didn't
want a URL for one resource to return a 200 yet not return the response for
that URL and instead return a login form.



-- =

Bill Moseley
moseley at hank.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20090930/f5e69=
440/attachment.htm


More information about the Catalyst mailing list