[Catalyst] Effective user id ?
Will Hawes
info at whawes.co.uk
Mon Jul 10 10:32:32 CEST 2006
Nathaniel Nuss wrote:
> In the app I'm working on we would like to have 'manager' (role) users
> who would do actions and appear to the app just as if they were the user
> they are managing (effective UID) - except I'd log their actions with
> their real user id. I'd also need these manager users to be logged in
> concurrently with users they may be managing without secondarily
> affecting them (which may mean I can't mess around in the session??).
>
> [These manager users would also have a menu of other actions specific to
> their role that would not be interested in effective id.]
>
> I like the Authen/Authz plugins and have made wide use of them and
> $c->user and I would like to keep doing that (or be informed if that is
> not the current vogue).
>
> I have not seen this obviously implemented elsewhere. I may have a fair
> bit of other work before I will get to this but thought it would be best
> to ask early. So. Any strategies or pointers for doing this? Have I
> seriously missed this somewhere?
>
> TIA
>
Perhaps you could do something like the following for each action where
you need to do this:
1) stash the actual (i.e. manager's) username/password
2) retrieve username/password for the user you want to become
(presumably a manager would be allowed to access these)
3) $c->login( $user_username, $user_password )
4) perform actions while logged in as said user
5) $c->login( $manager_username, $manager_password )
More information about the Catalyst
mailing list