Доброго всем

Mojolicious::Plugin::RoutesAuthDBI

¡ ¡ ¡ ALL GLORY TO GLORIA ! ! !

VERSION

0.413

NAME

Mojolicious::Plugin::RoutesAuthDBI - from DBI sql-tables does generate routes, make authentication and make restrict access (authorization) to request. Plugin makes an auth operations throught the plugin Mojolicious::Plugin::Authentication on which is based.

DB DESIGN DIAGRAM

First of all you will see SVG or PNG

SYNOPSIS

$app->plugin('RoutesAuthDBI',
    dbh => $app->dbh,
    auth => {...},
    access => {...},
    admin => {...},
);

OPTIONS

  • dbh - handler DBI connection where are tables: controllers, actions, routes, users, roles, refs.

  • auth - hashref options pass to base plugin Mojolicious::Plugin::Authentication. By default the option:

    current_user_fn => 'auth_user',

    The options:

    load_user => \&load_user,
    validate_user => \&validate_user,

    are imported from package access module. See below.

  • access - hashref options for special access module. This module has subs and methods for manage auth and access operations, has appling routes from sql-table. By default plugin will load the builtin module:

    access => {
        module => 'Access',
        namespace => 'Mojolicious::Plugin::RoutesAuthDBI',
        ...,
    },

    You might define your own module by passing options:

    access => {
        module => 'Foo',
        namespace => 'Bar::Baz', 
        ...,
    },

    See Mojolicious::Plugin::RoutesAuthDBI::Access for detail options list.

  • admin - hashref options for admin controller for actions on SQL tables routes, roles, users. By default the builtin module:

    admin => {
        controller => 'Access',
        namespace => 'Mojolicious::Plugin::RoutesAuthDBI',
        ...,
    },

    You might define your own controller by passing options:

    admin => {
        controller => 'Foo',
        namespace => 'Bar::Baz', 
        ...,
    },

    See Mojolicious::Plugin::RoutesAuthDBI::Admin for detail options list.

INSTALL

See Mojolicious::Plugin::RoutesAuthDBI::Install.

OVER CONDITIONS

access

Heart of this plugin! This condition apply for all db routes even if column auth set to 0. It is possible to apply this condition to non db routes:

$r->route('/foo')->...->over(access=>{auth=>0})->...;# no access check to route, but authorization by session will ready

$r->route('/bar-bar-any-namespace')->to('bar#bar',)->over(access=>{auth=>1})->...;# route accessible if user roles assigned to either B<loadable> namespace or controller 'Bar.pm' (which assigned neither namespece on db or assigned to that loadable namespace) or action 'bar' on controller Bar.pm (action record in table actions)

$r->route('/bar-bar-bar')->to('bar#bar', namespace=>'Bar')->over(access=>{auth=>1})->...;# because explicit defined namespace route accessible either namespace 'Bar' or 'Bar::Bar.pm' controller or action 'bar' in controller 'Bar.pm' which assigned to namespace 'Bar'.

$r->route('/bar-nsX')->to('bar#bar', namespace=>'Bar')->over(access=>{auth=>1, namespace=>'BarX'})->...;# check access by overriden namespace 'BarX': controller and action also with that namespace in db refs

$r->route('/bar-nsX-cX')->to('bar#bar', namespace=>'Bar')->over(access=>{auth=>1, namespace=>'BarX', controller=>'BarX'})->...;# check access by overriden namespace 'BarX' and controller 'BarX.pm', action record also with that ns & c in db refs

$r->route('/bar-nsX-cX-aX')->to('bar#bar', namespace=>'Bar')->over(access=>{auth=>1, namespace=>'BarX', controller=>'BarX', action=>'barX'})->...;# full override names access

$r->route('/bar-cX-aX')->to('bar#bar',)->over(access=>{auth=>1, controller=>'BarX', action=>'barX'})->...;#

$r->route('/bar-role-admin')->to('bar#bar',)->over(access=>{auth=>1, role=> 'admin'})->...;# accessible if user roles list has defined role (admin)

HELPERS

access

Returns access instance obiect. See Mojolicious::Plugin::RoutesAuthDBI::Access methods.

$c->access->db_routes;
if ($c->access->access_explicit([1,2,3], [1,2,3])) {
  # yes, accessible
}

METHODS and SUBS

Internal.

Example routing table records

Request
HTTP method(s) (optional)
and the URL (space delim)
                           Contoller    Method          Route Name        Auth
-------------------------  -----------  --------------  ----------------- -----
GET /city/new              City         new_form        city_new_form     1
GET /city/:id              City         show            city_show         1
GET /city/edit/:id         City         edit_form       city_edit_form    1
GET /cities                City         index           city_index        1
POST /city                 City         save            city_save         1
GET /city/delete/:id       City         delete_form     city_delete_form  1
DELETE /city/:id           City         delete          city_delete       1
/                          Home         index           home_index        0
get post /foo/baz          Foo          baz             foo_baz           1

It table will generate the Mojolicious routes:

# GET /city/new 
$r->route('/city/new')->via('get')->over(<access>)->to(controller => 'city', action => 'new_form')->name('city_new_form');

# GET /city/123 - show item with id 123
$r->route('/city/:id')->via('get')->over(<access>)->to(controller => 'city', action => 'show')->name('city_show');

# GET /city/edit/123 - form to edit an item
$r->route('/city/edit/:id')->via('get')->over(<access>)->to(controller => 'city', action => 'edit_form')->name('city_edit_form');

# GET /cities - list of all items
$r->route('/cities')->via('get')->over(<access>)->to(controller => 'city', action => 'index')->name('cities_index');

# POST /city - create new item or update the item
$r->route('/city')->via('post')->to(controller => 'city', action => 'save')->name('city_save');

# GET /city/delete/123 - form to confirm delete an item id=123
$r->route('/city/delete/:id')->via('get')->over(<access>)->to(controller => 'city', action => 'delete_form')->name('city_delete_form');

# DELETE /city/123 - delete an item id=123
$r->route('/city/:id')->via('delete')->over(<access>)->to(controller => 'city', action => 'delete')->name('city_delete');
    
# without HTTP method and no auth restrict
$r->route('/')->to(controller => 'Home', action => 'index')->name('home_index');
    
# GET or POST /foo/baz 
$r->route('/foo/baz')->via('GET', 'post')->over(<access>)->to(controller => 'Foo', action => 'baz')->name('foo_baz');

Warning

If you changed the routes table then kill -HUP or reload app to regenerate routes. Changing assess not require reloading the service.

SEE ALSO

Mojolicious::Plugin::Authentication

Mojolicious::Plugin::Authorization

AUTHOR

Михаил Че (Mikhail Che), <mche[-at-]cpan.org>

BUGS / CONTRIBUTING

Please report any bugs or feature requests at https://github.com/mche/Mojolicious-Plugin-RoutesAuthDBI/issues. Pull requests also welcome.

COPYRIGHT

Copyright 2016 Mikhail Che.

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.