water has asked for the wisdom of the Perl Monks concerning the following question:

Hi --

Playing with Catalyst, using Mason for the view.

Working on access control: certain pages can only be accessed by users in certain roles.

My question: where to store the roles for a given page?

One method is to have the controller for each page check, storing the valid roles for each page there in the corresponding method.

A different way (perhaps) which seems more natural to me would be to store the list of eligble roles for each page on the template for that page itself.

What do folks think about this design?

And how can a list defined on a mason template be accessed by the app (eg a catalyst method) that populates said template?

Thanks for advice suggestions etc!


Replies are listed 'Best First'.
Re: Passing Data Back From Mason template
by Joost (Canon) on Jun 02, 2006 at 02:07 UTC
    Access checks should be handled by the controller/model- not the view. Depending on your situation (and I haven't used Catalyst), you might be able to move certain restricted actions to specific urls (i.e. /$role/$action) and have an "authentication-controller" catch all unauthorized acces, edit: before referring to the "actual" controller.

    I don't recommend binding views to roles directly, since I at least tend to end up using re-using views for different actions, and the actions that take place before showing the view should determine the type of access.

    update: also, this makes views simpler, which is a good thing.


      Hmmm... don't like embedding roles in URLS -- we often need to change who can do what, create new roles, etc -- would be mess if necessitated remapping urls.

      so basically each action (method) in the controller needs a role-list, and jumps off to confirm current user is a member of at least one allowed role, else redirects off to a not-enough-access-to-do-that page, yes?

        The url mapping isn't going to be useful to you then :-)

        Yes, I would suggest mapping role-lists against actions. If you do that in the database or whatever storage system you use, or use a consisten interface in your action classes, you can still do a generic access control system after request to action mapping and before dispatching to the action.