[Catalyst] Restricting access to the model
Matt S Trout
dbix-class at trout.me.uk
Tue Jul 4 00:09:07 CEST 2006
Nilson Santos Figueiredo Junior wrote:
> On 7/3/06, Matt S Trout <dbix-class at trout.me.uk> wrote:
>> I tend to just modify the relevant ACCEPT_CONTEXT to return a resultset that
>> already has (e.g.) "WHERE order.user_id = $current_uid" applied to it, at
>> which point I can just do $c->model('DBIC::Orders') in my controller code and
>> it Does The Right Thing.
>
> But then how do you handle situations like when there are users which
> can see other users orders?
Programming. :)
> Also, from Catalyst::Component's docs I got the impression that
> ACCEPT_CONTEXT is something you'd put inside your model classes, so
> how do you do customize its behaviour for different database tables?
and C::M::DBIC::Schema gives you a model per table. I'm not sure I see the
problem here ...
--
Matt S Trout Offering custom development, consultancy and support
Technical Director contracts for Catalyst, DBIx::Class and BAST. Contact
Shadowcat Systems Ltd. mst (at) shadowcatsystems.co.uk for more information
+ Help us build a better perl ORM: http://dbix-class.shadowcatsystems.co.uk/ +
More information about the Catalyst
mailing list