[Catalyst] Catalyst::Plugin::Prototype: current state?

Ovid publiustemp-catalyst at yahoo.com
Mon Mar 22 11:41:08 GMT 2010


----- Original Message ----
> From: Charlie Garrison <garrison at zeta.org.au>


> I'd really like to get more info on that. 
> Looking at all the actions for my app in the debug output on startup, I can see 
> lots of private and chained actions for AutoCRUD, and they are all under the 
> /autocrud path. What part of AutoCRUD is accessed outside the /autocrud 
> path?

> AutoCRUD is very nice convenience, but it's not so nice to warrant 
> running a separate app for it. To me, *having* to run a separate app indicates a 
> design flaw. And if that's the case then I need to look at alternate solutions. 
> (Note, I'm not against server-level auth, and I use it for other things outside 
> my app, but within the app.....)


I can't answer these questions. I can only refer you to the rt queue discussion:

    https://rt.cpan.org/Ticket/Display.html?id=55742
 
I didn't see creating a separate app and securing it at the server level as being a big deal (for me, your mileage may vary). It seemed easy enough that I wasn't terribly inclined to look further at potential security holes by integrating AutoCRUD directly (I'm very concerned about security for this app and if I see an easy route to better security, I'm going to take it).  If you want "all or nothing" AutoCRUD, this may not be an issue. If you desperately need fine-grained control, it could be complicated.  Again, see the RT discussion.

Cheers,
Ovid
--
Buy the book - http://www.oreilly.com/catalog/perlhks/
Tech blog - http://blogs.perl.org/users/ovid/
Twitter - http://twitter.com/OvidPerl
Official Perl 6 Wiki - http://www.perlfoundation.org/perl6





More information about the Catalyst mailing list