[Jifty-commit] r2910 - jifty/trunk/lib/Jifty/Manual
jifty-commit at lists.jifty.org
jifty-commit at lists.jifty.org
Mon Mar 5 10:31:10 EST 2007
Author: yves
Date: Mon Mar 5 10:31:09 2007
New Revision: 2910
Modified:
jifty/trunk/lib/Jifty/Manual/AccessControl.pod
jifty/trunk/lib/Jifty/Manual/Cookbook.pod
Log:
* add doc to manage a superuser group
* add doc to emulate updated_on
Modified: jifty/trunk/lib/Jifty/Manual/AccessControl.pod
==============================================================================
--- jifty/trunk/lib/Jifty/Manual/AccessControl.pod (original)
+++ jifty/trunk/lib/Jifty/Manual/AccessControl.pod Mon Mar 5 10:31:09 2007
@@ -70,16 +70,69 @@
use App::Record schema {
column 'extra_column_name';
+ column 'group' =>
+ valid_values are qw/admin moderator user/,
+ default is 'user';
+
# more columns if necessary
};
The full syntax for defining a schema can be found in
L<Jifty::Manual::Models> or in L<Jifty::DBI::Schema>.
+If you want to manage an admin group, you must protect the group column
+as only a superuser can change it.
+Then, you override C<current_user_can> in C<App::Model::User>
+
+ sub current_user_can {
+ my $self = shift;
+ my $type = shift;
+ my %args = (@_);
+
+ return 0
+ if ( $type eq 'update'
+ and !$self->current_user->is_superuser
+ and $args{'column'} eq 'group' );
+
+
+ return $self->SUPER::current_user_can($type, %args);
+ }
+
Defining a method C<_init> in your C<App::CurrentUser> class gives you
a chance to add more data to the C<CurrentUser> object. This method
will automatically get called after the Plugin's C<_init> is done.
+ package App::CurrentUser;
+
+ use strict;
+ use warnings;
+
+ use base qw(Jifty::CurrentUser);
+
+ __PACKAGE__->mk_accessors(qw(group));
+
+ sub _init {
+ my $self = shift;
+ my %args = (@_);
+
+ if (delete $args{'_bootstrap'} ) {
+ $self->is_bootstrap_user(1);
+ } elsif (keys %args) {
+ $self->user_object(App::Model::User->new(current_user => $self));
+ $self->user_object->load_by_cols(%args);
+
+ if ( $self->user_object->group eq 'admin') {
+ $self->is_superuser(1);
+ };
+
+ $self->status($self->user_object->group);
+ };
+ $self->SUPER::_init(%args);
+ };
+
+With your C<App::CurrentUser>, users in group admin are superuser and you can
+use C<< Jifty->web->current_user->group >> in your application.
+
=head2 Templates defined by the C<Login> plugin
To avoid the need for repetitive work, the C<Login> plugin already
Modified: jifty/trunk/lib/Jifty/Manual/Cookbook.pod
==============================================================================
--- jifty/trunk/lib/Jifty/Manual/Cookbook.pod (original)
+++ jifty/trunk/lib/Jifty/Manual/Cookbook.pod Mon Mar 5 10:31:09 2007
@@ -153,6 +153,21 @@
$attr->{'created_on'} = DateTime->now;
};
+=head2 How do I emulate 'updated_on' ?
+
+If a lot of column could change, you can override C<_set> method:
+
+ sub _set {
+ my $self = shift;
+ my ($val, $msg) = $self->SUPER::_set(@_);
+
+ $self->SUPER::_set(column => 'changed_on', value => defer {DateTime->now});
+ $self->SUPER::_set(column => 'from',
+ value => $ENV{REMOTE_HOST}. " / ". Jifty->web->current_user->user_object->name );
+
+ return ($val, $msg);
+ }
+
=head2 Limit access to pages to logged-in users
The best place to do this is probably in your application's
More information about the Jifty-commit
mailing list