NAME
Catalyst::Manual::Tutorial::BasicCRUD - Catalyst Tutorial - Part 3: Basic CRUD
OVERVIEW
This is Part 3 of 9 for the Catalyst tutorial.
Basic CRUD
DESCRIPTION
This part of the tutorial builds on the fairly primitive application created in Part 2 to add basic support for Create, Read, Update, and Delete (CRUD) of Book
objects. Note that the 'list' function in Part 2 already implements the Read portion of CRUD (although Read normally refers to reading a single object; you could implement full read functionality using the techniques introduced below). This section will focus on the Create and Delete aspects of CRUD. More advanced capabilities, including full Update functionality, will be addressed in Part 8.
You can checkout the source code for this example from the catalyst subversion repository as per the instructions in Catalyst::Manual::Tutorial::Intro
FORMLESS SUBMISSION
Our initial attempt at object creation will utilize the "URL arguments" feature of Catalyst (we will employ the more common form-based submission in the sections that follow).
Include a Create Action in the Books Controller
Edit lib/MyApp/Controller/Books.pm
and enter the following method:
=head2 url_create
Create a book with the supplied title, rating, and author
=cut
sub url_create : Local {
# In addition to self & context, get the title, rating, &
# author_id args from the URL. Note that Catalyst automatically
# puts extra information after the "/<controller_name>/<action_name/"
# into @_
my ($self, $c, $title, $rating, $author_id) = @_;
# Call create() on the book model object. Pass the table
# columns/field values we want to set as hash values
my $book = $c->model('MyAppDB::Book')->create({
title => $title,
rating => $rating
});
# Add a record to the join table for this book, mapping to
# appropriate author
$book->add_to_book_authors({author_id => $author_id});
# Note: Above is a shortcut for this:
# $book->create_related('book_authors', {author_id => $author_id});
# Assign the Book object to the stash for display in the view
$c->stash->{book} = $book;
# This is a hack to disable XSUB processing in Data::Dumper
# (it's used in the view). This is a work-around for a bug in
# the interaction of some versions or Perl, Data::Dumper & DBIC.
# You won't need this if you aren't using Data::Dumper (or if
# you are running DBIC 0.06001 or greater), but adding it doesn't
# hurt anything either.
$Data::Dumper::Useperl = 1;
# Set the TT template to use
$c->stash->{template} = 'books/create_done.tt2';
}
Notice that Catalyst takes "extra slash-separated information" from the URL and passes it as arguments in @_
. The url_create
action then uses a simple call to the DBIC create
method to add the requested information to the database (with a separate call to add_to_book_authors
to update the join table). As do virtually all controller methods (at least the ones that directly handle user input), it then sets the template that should handle this request.
Include a Template for the url_create
Action:
Edit root/src/books/create_done.tt2
and then enter:
[% # Use the TT Dumper plugin to Data::Dumper variables to the browser -%]
[% # Not a good idea for production use, though. :-) 'Indent=1' is -%]
[% # optional, but prevents "massive indenting" of deeply nested objects -%]
[% USE Dumper(Indent=1) -%]
[% # Set the page title. META can 'go back' and set values in templates -%]
[% # that have been processed 'before' this template (here it's for -%]
[% # root/lib/site/html and root/lib/site/header). Note that META on -%]
[% # simple strings (e.g., no variable interpolation). -%]
[% META title = 'Book Created' %]
[% # Output information about the record that was added. First title. -%]
<p>Added book '[% book.title %]'
[% # Output the last name of the first author. This is complicated by an -%]
[% # issue in TT 2.15 where blessed hash objects are not handled right. -%]
[% # First, fetch 'book.authors' from the DB once. -%]
[% authors = book.authors %]
[% # Now use IF statements to test if 'authors.first' is "working". If so, -%]
[% # we use it. Otherwise we use a hack that seems to keep TT 2.15 happy. -%]
by '[% authors.first.last_name IF authors.first;
authors.list.first.value.last_name IF ! authors.first %]'
[% # Output the rating for the book that was added -%]
with a rating of [% book.rating %].</p>
[% # Provide a link back to the list page -%]
[% # 'uri_for()' builds a full URI; e.g., 'http://localhost:3000/books/list' -%]
<p><a href="[% Catalyst.uri_for('/books/list') %]">Return to list</a></p>
[% # Try out the TT Dumper (for development only!) -%]
<pre>
Dump of the 'book' variable:
[% Dumper.dump(book) %]
</pre>
The TT USE
directive allows access to a variety of plugin modules (TT plugins, that is, not Catalyst plugins) to add extra functionality to the base TT capabilities. Here, the plugin allows Data::Dumper "pretty printing" of objects and variables. Other than that, the rest of the code should be familiar from the examples in Part 2.
IMPORTANT NOTE As mentioned earlier, the MyApp::View::TT.pm
view class created by TTSite redefines the name used to access the Catalyst context object in TT templates from the usual c
to Catalyst
.
Try the url_create
Feature
If the application is still running from before, use Ctrl-C
to kill it. Then restart the server:
$ script/myapp_server.pl
Note that new path for /books/url_create
appears in the startup debug output.
TIP: You can use script/myapp_server.pl -r
to have the development server auto-detect changed files and reload itself (if your browser acts odd, you should also try throwing in a -k
). If you make changes to the TT templates only, you do not need to reload the development server (only changes to "compiled code" such as Controller and Model .pm
files require a reload).
Next, use your browser to enter the following URL:
http://localhost:3000/books/url_create/TCPIP_Illustrated_Vol-2/5/4
Your browser should display " Added book 'TCPIP_Illustrated_Vol-2' by 'Stevens' with a rating of 5." along with a dump of the new book model object. You should also see the following DBIC debug messages displayed in the development server log messages:
INSERT INTO books (rating, title) VALUES (?, ?): `5', `TCPIP_Illustrated_Vol-2'
INSERT INTO book_authors (author_id, book_id) VALUES (?, ?): `4', `6'
SELECT author.id, author.first_name, author.last_name
FROM book_authors me JOIN authors author
ON ( author.id = me.author_id ) WHERE ( me.book_id = ? ): '6'
The INSERT
statements are obviously adding the book and linking it to the existing record for Richard Stevens. The SELECT
statement results from DBIC automatically fetching the book for the Dumper.dump(book)
.
If you then click the "Return to list" link, you should find that there are now six books shown (if necessary, Shift-Reload your browser at the /books/list
page).
Then add 2 more copies of the same book so that we have some extras for our delete logic that will be coming up soon. Enter the same URL above two more times (or refresh your browser twice if it still contains this URL):
http://localhost:3000/books/url_create/TCPIP_Illustrated_Vol-2/5/4
You should be able to click "Return to list" and now see 3 copies of "TCP_Illustrated_Vol-2".
MANUALLY BUILDING A CREATE FORM
Although the url_create
action in the previous step does begin to reveal the power and flexibility of both Catalyst and DBIC, it's obviously not a very realistic example of how users should be expected to enter data. This section begins to address that concern.
Add Method to Display The Form
Edit lib/MyApp/Controller/Books.pm
and add the following method:
=head2 form_create
Display form to collect information for book to create
=cut
sub form_create : Local {
my ($self, $c) = @_;
# Set the TT template to use
$c->stash->{template} = 'books/form_create.tt2';
}
This action simply invokes a view containing a book creation form.
Add a Template for the Form
Open root/src/books/form_create.tt2
in your editor and enter:
[% META title = 'Manual Form Book Create' -%]
<form method="post" action="[% Catalyst.uri_for('form_create_do') %]">
<table>
<tr><td>Title:</td><td><input type="text" name="title"></td></tr>
<tr><td>Rating:</td><td><input type="text" name="rating"></td></tr>
<tr><td>Author ID:</td><td><input type="text" name="author_id"></td></tr>
</table>
<input type="submit" name="Submit" value="Submit">
</form>
Note that we have specified the target of the form data as form_create_do
, the method created in the section that follows.
Add a Method to Process Form Values and Update Database
Edit lib/MyApp/Controller/Books.pm
and add the following method to save the form information to the database:
=head2 form_create_do
Take information from form and add to database
=cut
sub form_create_do : Local {
my ($self, $c) = @_;
# Retrieve the values from the form
my $title = $c->request->params->{title} || 'N/A';
my $rating = $c->request->params->{rating} || 'N/A';
my $author_id = $c->request->params->{author_id} || '1';
# Create the book
my $book = $c->model('MyAppDB::Book')->create({
title => $title,
rating => $rating,
});
# Handle relationship with author
$book->add_to_book_authors({author_id => $author_id});
# Store new model object in stash
$c->stash->{book} = $book;
# Avoid Data::Dumper issue mentioned earlier
# You can probably omit this
$Data::Dumper::Useperl = 1;
# Set the TT template to use
$c->stash->{template} = 'books/create_done.tt2';
}
Test Out The Form
If the application is still running from before, use Ctrl-C
to kill it. Then restart the server:
$ script/myapp_server.pl
Point your browser to http://localhost:3000/books/form_create and enter "TCP/IP Illustrated, Vol 3" for the title, a rating of 5, and an author ID of 4. You should then be forwarded to the same create_done.tt2
template seen in earlier examples. Finally, click "Return to list" to view the full list of books.
Note: Having the user enter the primary key ID for the author is obviously crude; we will address this concern with a drop-down list in Part 8.
A SIMPLE DELETE FEATURE
Turning our attention to the delete portion of CRUD, this section illustrates some basic techniques that can be used to remove information from the database.
Include a Delete Link in the List
Edit root/src/books/list.tt2
and update it to the following (two sections have changed: 1) the additional '<th>Links</th>' table header, and 2) the four lines for the Delete link near the bottom).
[% # This is a TT comment. The '-' at the end "chomps" the newline. You won't -%]
[% # see this "chomping" in your browser because HTML ignores blank lines, but -%]
[% # it WILL eliminate a blank line if you view the HTML source. It's purely -%]
[%- # optional, but both the beginning and the ending TT tags support chomping. -%]
[% # Provide a title to root/lib/site/header -%]
[% META title = 'Book List' -%]
<table>
<tr><th>Title</th><th>Rating</th><th>Author(s)</th><th>Links</th></tr>
[% # Display each book in a table row %]
[% FOREACH book IN books -%]
<tr>
<td>[% book.title %]</td>
<td>[% book.rating %]</td>
<td>
[% # First initialize a TT variable to hold a list. Then use a TT FOREACH -%]
[% # loop in 'side effect notation' to load just the last names of the -%]
[% # authors into the list. Note that the 'push' TT vmethod does not -%]
[% # a value, so nothing will be printed here. But, if you have something -%]
[% # in TT that does return a method and you don't want it printed, you -%]
[% # can: 1) assign it to a bogus value, or 2) use the CALL keyword to -%]
[% # call it and discard the return value. -%]
[% tt_authors = [ ];
tt_authors.push(author.last_name) FOREACH author = book.authors %]
[% # Now use a TT 'virtual method' to display the author count in parens -%]
([% tt_authors.size %])
[% # Use another TT vmethod to join & print the names & comma separators -%]
[% tt_authors.join(', ') %]
</td>
<td>
[% # Add a link to delete a book %]
<a href="[% Catalyst.uri_for('delete/') _ book.id %]">Delete</a>
</td>
</tr>
[% END -%]
</table>
The additional code is obviously designed to add a new column to the right side of the table with a Delete
"button" (for simplicity, links will be used instead of full HTML buttons).
Add a Delete Action to the Controller
Open lib/MyApp/Controller/Books.pm
in your editor and add the following method:
=head2 delete
Delete a book
=cut
sub delete : Local {
# $id = primary key of book to delete
my ($self, $c, $id) = @_;
# Search for the book and then delete it
$c->model('MyAppDB::Book')->search({id => $id})->delete_all;
# Set a status message to be displayed at the top of the view
$c->stash->{status_msg} = "Book deleted.";
# Forward to the list action/method in this controller
$c->forward('list');
}
This method first deletes the book with the specified primary key ID. However, it also removes the corresponding entry from the book_authors
table. Note that delete_all
was used instead of delete
: whereas delete_all
also removes the join table entries in book_authors
, delete
does not (only use delete_all
if you really need the cascading deletes... otherwise you are wasting resources).
Then, rather than forwarding to a "delete done" page as we did with the earlier create example, it simply sets the status_msg
to display a notification to the user as the normal list view is rendered.
The delete
action uses the context forward
method to return the user to the book list. The detach
method could have also been used. Whereas forward
returns to the original action once it is completed, detach
does not return. Other than that, the two are equivalent.
Try the Delete Feature
If the application is still running from before, use Ctrl-C
to kill it. Then restart the server:
$ script/myapp_server.pl
Then point your browser to http://localhost:3000/books/list and click the "Delete" link next to the first "TCPIP_Illustrated_Vol-2". A green "Book deleted" status message should display at the top of the page, along with a list of the eight remaining books.
Fixing a Dangerous URL
Note the URL in your browser once you have performed the deletetion in the prior step -- it is still referencing the delete action:
http://localhost:3000/books/delete/6
What if the user were to press reload with this URL still active? In this case the redundant delete is harmless, but in other cases this could clearly be extremely dangerous.
We can improve the logic by converting to a redirect. Unlike $c->forward('list'))
or $c->detach('list'))
that perform a server-side alteration in the flow of processing, a redirect is a client-side mechanism that causes the brower to issue an entirely new request. As a result, the URL in the browser is updated to match the destination of the redirection URL.
To convert the forward used in the previous section to a redirect, open lib/MyApp/Controller/Books.pm
and edit the existing sub delete
method to match:
=head2 delete
Delete a book
=cut
sub delete : Local {
# $id = primary key of book to delete
my ($self, $c, $id) = @_;
# Search for the book and then delete it
$c->model('MyAppDB::Book')->search({id => $id})->delete_all;
# Set a status message to be displayed at the top of the view
$c->stash->{status_msg} = "Book deleted.";
# Redirect the user back to the list page
$c->response->redirect($c->uri_for('/books/list'));
}
Try the Delete and Redirect Logic
Restart the development server and point your browser to http://localhost:3000/books/list. Delete the first copy of "TCPIP_Illustrated_Vol-2", but notice that no green "Book deleted" status message is displayed. Because the stash is reset on every request (and a redirect involves a second request), the status_msg
is cleared before it can be displayed.
Using uri_for
to Pass Query Parameters
There are several ways to pass information across a redirect. In general, the best option is to use the flash
technique that we will see in Part 4 of the tutorial; however, here we will pass the information via query parameters on the redirect itself. Open lib/MyApp/Controller/Books.pm
and update the existing sub delete
method to match the following:
=head2 delete
Delete a book
=cut
sub delete : Local {
# $id = primary key of book to delete
my ($self, $c, $id) = @_;
# Search for the book and then delete it
$c->model('MyAppDB::Book')->search({id => $id})->delete_all;
# Redirect the user back to the list page with status msg as an arg
$c->response->redirect($c->uri_for('/books/list',
{status_msg => "Book deleted."}));
}
This modification simply leverages the ability of uri_for
to include an arbitrary number of name/value pairs in a hash reference. Next, we need to update root/lib/site/layout
to handle status_msg
as a query parameter:
<div id="header">[% PROCESS site/header %]</div>
<div id="content">
<span class="message">[% status_msg || Catalyst.request.params.status_msg %]</span>
<span class="error">[% error_msg %]</span>
[% content %]
</div>
<div id="footer">[% PROCESS site/footer %]</div>
Try the Delete and Redirect With Query Param Logic
Restart the development server and point your browser to http://localhost:3000/books/list. Then delete the remaining copy of "TCPIP_Illustrated_Vol-2". The green "Book deleted" status message should return.
NOTE: Although this did present an opportunity to show a handy capability of uri_for
, it would be much better to use Catalyst's flash
feature in this situation. Although the technique here is less dangerous than leaving the delete URL in the client's browser, we have still exposed the status message to the user. With flash
, this message returns to its rightful place as a service-side mechanism (we will migrate this code to flash
in the next part of the tutorial).
AUTHOR
Kennedy Clark, hkclark@gmail.com
Please report any errors, issues or suggestions to the author. The most recent version of the Catalyst Tutorial can be found at http://dev.catalyst.perl.org/repos/Catalyst/trunk/Catalyst-Manual/lib/Catalyst/Manual/Tutorial/.
Copyright 2006, Kennedy Clark, under Creative Commons License (http://creativecommons.org/licenses/by-nc-sa/2.5/).