[Catalyst] CatalystX::SimpleLogin with multiple roles

Harold Frayman harold at dominofilms.co.uk
Tue Dec 28 14:19:57 GMT 2010


Thanks for taking a look -- 

In  ZLogin (= MyApp)
use Catalyst qw/
    -Debug
    ConfigLoader
    Static::Simple
    Authentication
    Authorization::Roles
    Session
    Session::Store::File
    Session::State::Cookie
/;

in zlogin.yml

Plugin::Session:
  flash_to_stash: 1
Controller::Login:
  traits:
    - WithRedirect

Controller::A:
  actions:
    test:
      Does: ACL
      AllowedRole: 
        - lolevel
      ACLDetachTo: /login/required
      LoginRedirectMessage: Please Login to view this Action
      
Plugin::Authentication:
  default_realm: users
  realms:
    users:
      credential:
        class: Password
        password_field: password
        password_type: clear
      store:
        class: DBIx::Class
        user_model: Users::Users
        role_relation: roles
        role_field: role

Model::Users:
  schema_class: ZLogin::Schema
  connect_info:
    - dbi:mysql:q
    - esd
    - esd
    - 
      AutoCommit: 1
      mysql_enable_utf8: 1

Controller A
package ZLogin::Controller::A;
use Moose;
use namespace::autoclean;

BEGIN { extends 'Catalyst::Controller::ActionRole' }

sub index :Path :Args(0) {
    my ( $self, $c ) = @_;
    $c->response->body('Matched ZLogin::Controller::A in A.');
}

sub test : Path('/b')
{
  my ( $self, $c ) = @_;
  $c->log->debug('logged in b.');
  $c->stash(
    template => 'a/test.tt',
  );
}

__PACKAGE__->meta->make_immutable;

1;

test.tt just contains a plain text message.

In Controller::Login (pointless, I know, but I have been trying to put code in here for debugging/fixing. I earlier tried with +CatalystX::SimpleLogin in the app's use Catalyst list, which seems to have the same effect.)

package ZLogin::Controller::Login;
use Moose;

use namespace::autoclean;

BEGIN { extends 'CatalystX::SimpleLogin::Controller::Login' }
=head1 NAME

ZLogin::Controller::Login - Catalyst Controller

=head1 DESCRIPTION

Catalyst Controller.

=head1 METHODS

=cut


=head2 index

=cut


__PACKAGE__->meta->make_immutable;

1;

Finally, I think, in the q database:
CREATE TABLE users (
            id            INTEGER PRIMARY KEY,
            username      TEXT,
            password      TEXT
    );

    CREATE TABLE roles (
            id   INTEGER PRIMARY KEY,
            role TEXT
    );
    CREATE TABLE user_roles (
            user_id INTEGER,
            role_id INTEGER,
            PRIMARY KEY (user_id, role_id)
    );

Harold


On 28 Dec 2010, at 12:08, Tomas Doran wrote:

> 
> On 28 Dec 2010, at 00:51, Harold Frayman wrote:
> 
>> Hi
>> 
>> I'm trying to use CatalystX::SimpleLogin with multiple roles via DBIx::Class and with Redirect.
>> What should happen, when a user is redirected to log in and does so but without the level of authorization required for the method they were trying to call?
>> 
>> For example. In Controller::A, method b ( :Path('/b') Args(0) ) is configured as
>> Does: ACL
>> AllowedRole:
>>     - hilevel
>> ACLDetachTo: /login/required
>> LoginRedirectMessage: Please Login to view this Action
>> 
> 
> Can you show me some of the actual code for this controller?
> 
> Are you inheriting of Catalyst::Controller::ActionRole?
> 
>> User, not logged in, addresses .../b and is presented with the login form (as expected and desired). They identify themselves correctly but have only one role: lolevel, which is not authorised to use method b.
>> 
>> What seems to happen for me is that either (1) if there exists a template a/b.tt, irs contents are displayed even though the user is not auhtorised or (2) if the template specified is anything else or not specified (eg use $c->res->body), we get an error "Couldn't render template "a/b.tt: file error - a/b.tt: not found" -- which is true but unhelpful.
> 
> So the actionrole doesn't even seem to be fired at all.. That's between you and ActionRole::ACL really - nothing to do with SimpleLogin.
> 
> But show me some actual code and I'll be happy to try to help :)
> 
> Cheers
> t0m
> 
> 
> _______________________________________________
> List: Catalyst at lists.scsys.co.uk
> Listinfo: http://lists.scsys.co.uk/cgi-bin/mailman/listinfo/catalyst
> Searchable archive: http://www.mail-archive.com/catalyst@lists.scsys.co.uk/
> Dev site: http://dev.catalyst.perl.org/

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20101228/b33c8543/attachment.htm


More information about the Catalyst mailing list