NAME

Jifty::Manual::AccessControl

DESCRIPTION

Out of the box Jifty-based applications have an ACL system. The system automatically validates ACLs on Jifty::Record objects by calling the method current_user_can before any create, read, update, or delete operation. In all cases, the arguments passed to the CRUD operation are passed as extra arguments to current_user_can.

On create(), we reject the operation if current_user_can('create') returns FALSE.

On _value() or somefieldname, we reject the operation if current_user_can('read') returns false.

On _set() or set_somefieldname, we reject the operation if current_user_can('write') returns false.

On delete(), we reject the operation if current_user_can('delete') returns false.

Out of the box, current_user_can returns 1. When you want to actually check ACLs, you'll need to override current_user_can() in your Jifty::Record subclass.

It's likely that at some point, you'll decide you want to ask other questions on certain types of operation. Say, you only want to let administrators update the paid_account field. In that case, you'd override check_update_rights() to look for the admin right rather than the update right, if the FIELD is paid_account.

To install Jifty, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Jifty

CPAN shell

perl -MCPAN -e shell
install Jifty

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)

NAME

DESCRIPTION

Module Install Instructions