Provided by: libjifty-perl_1.10518+dfsg-1ubuntu2_all bug

NAME

       Jifty::Manual::AccessControl_zhtw - XX Jifty XXX ACL XX

DESCRIPTION

       X Jifty XXXXXXXXXXXXXXXX (ACL) XXXXXXXXXXXXX "current_user_can"
       XXXXXXXXXXXXXXXXXXXXXXXX Jifty::Record XXXXXXXXX ( ACL )X

       XXXXXXXXX CRUD XXXXXXXXXXXXXXXX "current_user" XXX

       X "create()" XXXXX "current_user_can('create')" XX false XXXXXXXX

       X "_value()" X "somefieldname" XXX XX "current_user_can('read')" XX
       false XXXXXXXX

       X "_set()" X "set_somefieldname" XXXXX "current_user_can('read')" XX
       false XXXXXXXX

       X "delete()" XXXXX "current_user_can('read')" XX false XXXXXXXX

       XXXXXXXXX "current_user_can" XX 1X

       XXXXX ACLs XXXXXXXX "Jifty::Record" XXX "current_user_can()" XXX

       It's likely that at some point, you'll decide you want to ask other
       questions on certain types of operations.  Say, you only want to let
       administrators update the "paid_account" field. In that case, you'd
       override "check_update_rights()" to look for the "admin" right rather
       than the "update" right, if the "FIELD" is "paid_account".

XXXXXXXXXXX ( ENABLING ACCESS CONTROL USING THE USER PLUGIN )

       XXXXX AccessControl XXXXXXXX User XXXXXXXXXXXX X
       "Authentication::Password" XXXXXXXX etc/config.yml XXXXXXXXX:

           Plugins:
             - Authentication::Password: {}

       XXXXXXX "App::Model::User" XXXXXXX
       "Jifty::Plugin::User::Mixin::Model::User" XXXXXXX
       "Jifty::Plugin::Authentication::Password::Mixin::Model::User" XXXX:

           use strict;
           use warnings;

           package App::Model::User;

           use Jifty::DBI::Schema;

           use App::Record schema {
           };

           use Jifty::Plugin::User::Mixin::Model::User;
           use Jifty::Plugin::Authentication::Password::Mixin::Model::User;

           # Your model-specific methods go here.

           1;

       XXXXXX jifty XXXXXXXXXXXXXXXXXX:

           $ bin/jifty schema --setup

   XXXXXX
       XX "User" XXXXXXXXXXXXXXXXXX

       XXXXXXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXXXX

       XXXXXXXXXXXXX ( schema ) XXXXXXXXXXXXXX:

           use Jifty::DBI::Schema;
           use App::Record schema {
               column 'extra_column_name';

               column 'mygroup' =>
                      valid_values are qw/admin moderator user/,
                      default is 'user';

               # more columns if necessary
           };

       XXXXXXXXXXXXXXXXXX Jifty::Manual::Models X Jifty::DBI::Schema
       XXXXXXXXXX

       XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX (superuser) XXXX

       XXXXXXXX "App::Model::User" XX "current_user_can" XX:

           sub current_user_can {
               my $self = shift;
               my $type = shift;
               my %args = (@_);

               return 0
                   if ( $type eq 'update'
                       and !$self->current_user->is_superuser
                       and $args{'column'} eq 'mygroup' );

               return 1;
           }

       XXX "App::CurrentUser" XXXXXX "_init" XX XXXXXXXXXXXXXX "CurrentUser"
       XXX

       XXXXXXXXX "_init" XXXXXXXXXXXX

           package App::CurrentUser;

           use strict;
           use warnings;

           use base qw(Jifty::CurrentUser);

           __PACKAGE__->mk_accessors(qw(group));

           sub _init {
               my $self = shift;
               my %args = (@_);

               if (keys %args) {
                   $self->user_object(App::Model::User->new(current_user => $self));
                   $self->user_object->load_by_cols(%args);

                   if ( $self->user_object->mygroup eq 'admin') {
                       $self->is_superuser(1);
                   };

                   $self->group($self->user_object->mygroup);
               };
               $self->SUPER::_init(%args);
           };

       XXXXXXX "App::CurrentUser" , X admin XXXXXXXXXXXXXXX (superuser)
       XXXXXXXXXXXXXXX "Jifty->web->current_user->group"X

   "Authentication::Password" XXXXXXXX
       "Authentication::Password" XXXXXXXXXXXXXXXXXXXXXXXXXX

       /login
           XXXXXXXXXXXXXXXX (signup) XXXX

           XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX / X

       /logout
           XXXXXXXX

       /signup
           XXXXXXX XXXXXXXXXXXXXXX

       /passwordreminder
           XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX X /let/reset_lost_password
           XXXXX

       /let/confirm_email
           XXXXXXXXXXXXXXXXXXXXXXXXXXX

       /let/reset_lost_password
           XXXXX XXXXXXXXXXXXXXX

   Doing checks at other places in your code
       XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX XXXXXXX "Jifty->web->current_user"
       XXX "App::CurrentUser" XXXXXXXXXXXXXXXXXXXXXXXXXXX:

       "username"
           XXXXXXXXXXXXXXXXXXXXX "undef"

       "id"
           XXXXXXXX ID XXXXXXXXXX "undef"

SEE ALSO

       Jifty::CurrentUser, Jifty::Record, Jifty::RightsFrom,
       Jifty::Plugin::Authentication::Ldap, Jifty::Plugin::Authentication::CAS

XXX

       XXX (c9s) ( "cornelius.howl_at_gmail.com" ) <http://oulixe.us/>

perl v5.12.4                      2010-0Jifty::Manual::AccessControl_zhtw(3pm)