Catalyst-Plugin-Authorization-ACL
view release on metacpan or search on metacpan
acl_access_denied
Looks for a private action named "access_denied" from the denied
action's controller and outwards (much like "auto"), and if none is
found throws an access denied exception.
forcibly_allow_access
Within an "access_denied" action this will immediately cause the
blocked action to be executed anyway.
This means that you have several alternatives:
Provide an "access_denied" action
package MyApp::Controller::Foo;
sub access_denied : Private {
my ( $self, $c, $action ) = @_;
...
$c->forcibly_allow_access
if $you->mean_it eq "really";
}
If you call "forcibly_allow_access" then the blocked action will be
immediately unblocked. Otherwise the execution of the action will cease,
and return to it's caller or end.
Cleanup in "end"
sub end : Private {
my ( $self, $c ) = @_;
if ( $c->error and $c->error->[-1] eq "access denied" ) {
$c->error(0); # clear the error
# access denied
} else {
# normal end
}
}
Override the plugin event handler methods
package MyApp;
sub acl_access_allowed {
my ( $c, $class, $action ) = @_;
...
}
sub acl_access_denied {
my ( $c, $class, $action, $err ) = @_;
...
}
$class is the controller class the $action object was going to be
executed in, and $err is the exception cought during rule evaluation, if
any (access is denied if a rule raises an exception).
SEE ALSO
Catalyst::Plugin::Authentication,
Catalyst::Plugin::Authorization::Roles,
<http://catalyst.perl.org/calendar/2005/24>
AUTHOR
Yuval Kogman <nothingmuch@woobling.org>
CONTRIBUTORS
castaway: Jess Robinson
caelum: Rafael Kitover <rkitover@cpan.org>
COPYRIGHT & LICENSE
Copyright (c) 2005 - 2009 the Catalyst::Plugin::Authorization::ACL
"AUTHOR" and "CONTRIBUTORS" as listed above.
This library is free software; you can redistribute it and/or modify it
under the same terms as Perl itself.
( run in 0.635 second using v1.01-cache-2.11-cpan-39bf76dae61 )