CC: | danny [...] sadinoff.com |
Subject: | Feature request: abstract validation methods |
My desire is for there to be a way to use Catayst::ActionRole::ACL to
express arbitrarily complex authorization conditions, i.e.
"you may only execute this method if the following CODEREF, when
executed, returns true". I will let the power and general usefulness of
such an approach speak for itself.
t0m's suggested design:
patch ActionRole::ACL to have an AuthValidateMethod('some_method')
method some_method ($self, $user, $action, $c) { # Your code here }
[...with the suggestion that you could]
put the some_method into a role if you need to share it..
you can even put it in a param role, and bake it in several times,
parameterised different ways, then config up it's use using
CatalystX::Component::Traits...
so the _entire_ ACL composition is done by reusing the custom code, but
entirely from config.. (FSVO config)
so.. You add handling of 1 attribute to ActionRole::ACL