Jifty::Manual::AccessControl
Out of the box Jifty-based applications have an ACL system. The system automatically validates ACLs on Jifty::Record objects by calling the method current_user_can before any create, read, update, or delete operation. In all cases, the arguments passed to the CRUD operation are passed as extra arguments to current_user_can.
current_user_can
On create(), we reject the operation if current_user_can('create') returns FALSE.
create()
current_user_can('create')
On _value() or somefieldname, we reject the operation if current_user_can('read') returns false.
_value()
somefieldname
current_user_can('read')
On _set() or set_somefieldname, we reject the operation if current_user_can('write') returns false.
_set()
set_somefieldname
current_user_can('write')
On delete(), we reject the operation if current_user_can('delete') returns false.
delete()
current_user_can('delete')
Out of the box, current_user_can returns 1. When you want to actually check ACLs, you'll need to override current_user_can() in your Jifty::Record subclass.
current_user_can()
Jifty::Record
It's likely that at some point, you'll decide you want to ask other questions on certain types of operation. Say, you only want to let administrators update the paid_account field. In that case, you'd override check_update_rights() to look for the admin right rather than the update right, if the FIELD is paid_account.
paid_account
check_update_rights()
admin
update
FIELD
To install Jifty, copy and paste the appropriate command in to your terminal.
cpanm
cpanm Jifty
CPAN shell
perl -MCPAN -e shell install Jifty
For more information on module installation, please visit the detailed CPAN module installation guide.