Beefy Boxes and Bandwidth Generously Provided by pair Networks Joe
There's more than one way to do things
 
PerlMonks  

Re^2: User access controlled by subroutine attribute.

by rlb3 (Deacon)
on Aug 14, 2006 at 17:39 UTC ( [id://567346]=note: print w/replies, xml ) Need Help??

This is an archived low-energy page for bots and other anonmyous visitors. Please sign up if you are a human and want to interact.


in reply to Re: User access controlled by subroutine attribute.
in thread User access controlled by subroutine attribute.

Thanks for replying.

It's funny, I was listening to your talk on PDX.pm that got me thinking about Attribute::Handler. And I agree that your access control to objects works but I'm having this nagging feeling that using it for user access will have weird problems for users. Like a user getting so far into a program before they get an access denied. That may not be a bad thing. I'm just not sure.

rlb3
  • Comment on Re^2: User access controlled by subroutine attribute.

Replies are listed 'Best First'.
Re^3: User access controlled by subroutine attribute.
by ikegami (Patriarch) on Aug 14, 2006 at 17:45 UTC
    You could check permissions up front, and check it again at the function level as a failsafe. That way, your users won't normally get "far into a program" before getting an error.
[reply]

      That is true but then there is no point of making access attached to each sub with an attribute.

      rlb3
[reply]

        I see it as protection from developer error. You probably want to have authorization handled in a way that allows you to both restrict the overt choices that a user can make and also to give the user a more friendly message up front, which all probably requires explicit coding nearer the front end. However if there is the possibility of an unintended method getting called (a typo in a dispatch table or an unchecked action parameter for instance,) then you might feel it is appropriate to prevent that method being called by unauthorized users. Call it a belt and braces approach.

        /J\

[reply]

In Section Seekers of Perl Wisdom

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?

www.com | www.net | www.org
Node Status?
node history
Node Type: note [id://567346]
help
Sections?
Information?
Find Nodes?
Leftovers?
    Notices?
    hippoepoptai's answer Re: how do I set a cookie and redirect was blessed by hippo!
    erzuuliAnonymous Monks are no longer allowed to use Super Search, due to an excessive use of this resource by robots.