Skip Menu |

This queue is for tickets about the Catalyst-Plugin-AutoCRUD CPAN distribution.

Report information
The Basics
Id: 117417
Status: resolved
Priority: 0/
Queue: Catalyst-Plugin-AutoCRUD
People
Owner: OLIVER [...] cpan.org
Requestors: jleu [...] mindspring.com
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Thu Sep 01 16:00:57 2016 jleu [...] mindspring.com - Ticket created
Subject: Not a bug: question about result from ajax requests
Date: Thu, 1 Sep 2016 15:00:32 -0500
To: bug-Catalyst-Plugin-AutoCRUD [...] rt.cpan.org
From: James Leu <jleu [...] mindspring.com>
Hello, Thank you for your wonderful software, it has made my life easier for testing/staging/debugging data related issues with catalyst web applications. In my most recent project I needed to add various levels of permissions to different users reading/writing to the tables presented by AutoCRUD. I've crafted a system to use LDAP groups to allow RW/RO to entire databases and/or individual tables. Notifying the user that they cannot read a table is trivial (redirect the request to an permission deny page), but giving feed back that their attempt to write/create is proving to be more challenging since ExtJS is handling the results. I was wondering if you had any suggestions for how to provide feedback to the user that a write/create has failed due to permissions. Thank you for your time, James -- James R. Leu jleu@mindspring.com
  Mon Sep 05 08:29:29 2016 OLIVER [...] cpan.org - Correspondence added
Hi James, Interesting question. I guess you're restricting access to view certain tables per-user outside of the AutoCRUD app itself, either in another handler in Catalyst or in the web server? As the AutoCRUD app starts, it generates a config that sets permissions and behaviour in the UI, and then that is static for all users. You can see the template generating content based on delete_allowed or update_allowed config, here: https://github.com/ollyg/Catalyst-Plugin-AutoCRUD/blob/master/lib/Catalyst/Plugin/AutoCRUD/templates/extjs2/javascript/grid.tt However, if you wish to leave those UI components active in case some users can make edits, then you could perhaps intercept the AJAX request from the page to ../delete to deny per user. Unfortunately the error message displayed to the user is hard coded and not passed from the server ("Sorry, the entry could not be deleted") which isn't helpful. I guess you got here yourself already, you're a smart person! I don't have any other ideas, and I'm not actively developing this any more. I wish you luck. Oliver. On Thu Sep 01 16:00:57 2016, jleu@mindspring.com wrote: Show quoted text
> Hello, > > Thank you for your wonderful software, it has made my life easier > for testing/staging/debugging data related issues with catalyst web > applications. > > In my most recent project I needed to add various levels of > permissions > to different users reading/writing to the tables presented by > AutoCRUD. > I've crafted a system to use LDAP groups to allow RW/RO to entire > databases > and/or individual tables. Notifying the user that they cannot read > a table is trivial (redirect the request to an permission deny page), > but giving feed back that their attempt to write/create > is proving to be more challenging since ExtJS is handling the results. > > I was wondering if you had any suggestions for how to provide feedback > to the > user that a write/create has failed due to permissions. > > Thank you for your time, > James
-- regards, oliver.
  Mon Sep 05 08:29:29 2016 The RT System itself - Status changed from 'new' to 'open'
  Mon Sep 05 08:29:34 2016 OLIVER [...] cpan.org - Status changed from 'open' to 'resolved'
  Mon Sep 05 08:29:34 2016 OLIVER [...] cpan.org - Taken