NAME
DBIx::Class::Schema::RestrictByUser - Automatically restrict resultsets by user
SYNOPSYS
In your DBIx::Class::Schema class:
__PACKAGE__->load_components(qw/Schema::RestrictByUser/);
In the DBIx::Class table class for your users:
#let's pretend a user has_many notes, which are in ResultSet 'Notes'
sub restrict_Notes_resultset {
my $self = shift; #the User object
my $unrestricted_rs = shift;
#restrict the notes viewable to only those that belong to this user
#this will, in effect make the following 2 equivalent
# $user->notes $schema->resultset('Notes')
return $self->related_resultset('notes');
}
#it could also be written like this
sub restrict_Notes_resultset {
my $self = shift; #the User object
my $unrestricted_rs = shift;
return $unrestricted_rs->search_rs( { user_id => $self->id } );
}
Wherever you connect to your database
my $schema = MyApp::Schema->connect(...);
my $user = $schema->resultset('User')->find( { id => $user_id } );
$resticted_schema = $schema->restrict_by_user( $user, $optional_prefix);
DESCRIPTION
This DBIx::Class::Schema component can be used to restrict all resultsets through an appropriately-named method in a user's result_class. This can be done to automatically prevent data from being accessed by a user, effectively enforcing security by limiting any access to the data store.
PUBLIC METHODS
restrict_by_user $user_obj, $optional_prefix
Will restrict resultsets according to the methods available in $user_obj and return a restricted copy of itself. ResultSets will be restricted if methods in the form of restrict_${ResultSet_Name}_resultset
are found in $user_obj. If the optional prefix is included it will attempt to use restrict_${prefix}_${ResultSet_Name}_resultset
, if that does not exist, it will try again without the prefix, and if that's not available the resultset will not be restricted.
PRIVATE METHODS
make_restricted
Restrict the Schema class and ResultSources associated with this Schema
_get_restricted_schema_class $target_schema
Return the class name for the restricted schema class;
_get_restricted_source_class $target_source
Return the class name for the restricted ResultSource class;
_get_restrictedclass $type, $target
Return an appropriate class name for a restricted class of type $type.
SEE ALSO
DBIx::Class, DBIx::Class::Schema::RestrictByUser::RestrictComp::Schema, DBIx::Class::Schema::RestrictByUser::RestrictComp::Source,
AUTHORS
Matt S Trout (mst) <mst@shadowcatsystems.co.uk>
With contributions from Guillermo Roditi (groditi) <groditi@cpan.org>
LICENSE
You may distribute this code under the same terms as Perl itself.