P is for Practical | |
PerlMonks |
comment on |
( [id://3333]=superdoc: print w/replies, xml ) | Need Help?? |
Access checks should be handled by the controller/model- not the view. Depending on your situation (and I haven't used Catalyst), you might be able to move certain restricted actions to specific urls (i.e. /$role/$action) and have an "authentication-controller" catch all unauthorized acces, edit: before referring to the "actual" controller.
I don't recommend binding views to roles directly, since I at least tend to end up using re-using views for different actions, and the actions that take place before showing the view should determine the type of access. update: also, this makes views simpler, which is a good thing. Joost. In reply to Re: Passing Data Back From Mason template
by Joost
|
|