[cgiapp] Re: RFC - C:A:P:RMAuth

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cgiapp] Re: RFC - C:A:P:RMAuth

Subject: [cgiapp] Re: RFC - C:A:P:RMAuth
Date: Mon, 4 Jul 2005 21:47:04 +0000 (UTC)
From: Mark Stosberg <suppressed>

On 2005-07-04, Steve Comrie <suppressed> wrote:
>>I would include rm_denied() in the plugin, as well as hooking
>>this into setup:
>>
>>    $self->run_modes( 'rm_denied' => 'rm_denied' );
>>
>>If people want a different "denied" run mode, they can load the plugin
>>in a super class and sub-class it, but a sensible default would be nice. 
>>  
>>
> What about including the rm_denied run-mode as the default and instead 
> of having it return any html or text in the run-mode I could get it to 
> throw the 403 Forbidden error message. That way, if anyone has their 403 
> Error redirect to a custom page, that code will take over.

Oooh. Shiny. I like it. 

> Otherwise, instead of sub-classing C:A:P:RMAuth I could provide them 
> with the config option to point to a *different* run-mode that resides 
> in their standard module for when something goes wrong.

Works for me. 

>>I suggest having the config variables be in a Perl data structure
>>format. People who want to use XML or any other format can convert it
>>to Perl. 
>>  
>>
> This makes the most sense. I might play around with AnyData.pm 
> (http://search.cpan.org/~jzucker/AnyData-0.10/AnyData.pm) and maybe just 
> include an example in the docs of using AnyData to load a permission 
> file, but not require AnyData or XML::Simple, etc inside the RMAuth package.
>
>>Also, provide some defaults so this can be skipped:
>>
>>    # init rm authorization
>>    $self->rmauth_init
>>    (
>>          PERMISSIONS     => $self->cfg('RM_PERMISSIONS'),
>>          UNAUTH_RUNMODE  => 'denied',
>>    );
>>  
>>
> This also makes the most sense, although, maybe use:
>
> $permit = $self->cfg{'RM_PERMISSIONS'} ? $self->cfg{'RM_PERMISSIONS'} : 
> $self->param('RM_PERMISSIONS');
>
> Or something, so that if someone isn't using one of the Config Plugins, 
> they can still just default store it in $self->param() and still get 
> access to it by default.

I think you'll want to use 'can' first to test if the 'cfg' method
exists, and then if it does, test that RM_PERMISSIONS exists through
that API. 

I think your idea of falling back to looking in param() is reasonable. 

> I'll make a couple patches and revisions shortly and release it with 
> some pod, etc.

Great! Thanks. 

    Mark


---------------------------------------------------------------------
Web Archive:  http://www.mail-archive.com/suppressed/
              http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
To unsubscribe, e-mail: suppressed
For additional commands, e-mail: suppressed

References:
- [cgiapp] Re: RFC - C:A:P:RMAuth
  - From: Mark Stosberg
- Re: [cgiapp] Re: RFC - C:A:P:RMAuth
  - From: Steve Comrie

Prev by Date: Re: [cgiapp] Param method?
Next by Date: [cgiapp] internal name space issue for Plugins (was: Re: Param method?)
Previous by thread: Re: [cgiapp] Re: RFC - C:A:P:RMAuth
Next by thread: Re: [cgiapp] BREAD (or CRUD) Project
Index(es):
- Date
- Thread

Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.