Jesse Vincent > Jifty > Jifty::Record

Download:
Jifty-0.70824.tar.gz

Dependencies

Annotate this POD

CPAN RT

New  13
Open  4
Stalled  1
View/Report Bugs
Source   Latest Release: Jifty-1.10518

NAME ^

Jifty::Record - Represents a Jifty object that lives in the database.

DESCRIPTION ^

Jifty::Record is a kind of Jifty::Object that has a database representation; that is, it is also a Jifty::DBI::Record as well.

METHODS ^

create PARAMHASH

create can be called as either a class method or an object method.

Takes an array of key-value pairs and inserts a new row into the database representing this object.

Override's Jifty::DBI::Record in these ways:

Remove id values unless they are truly numeric
Automatically load by id after create
actually stop creating the new record if a field fails to validate.

id

Returns the record id value. This routine short-circuits a much heavier call up through Jifty::DBI

load_or_create

load_or_create can be called as either a class method or an object method. It attempts to load a record with the named parameters passed in. If it can't do so, it creates a new record.

_guess_table_name

Guesses a table name based on the class's last part. In addition to the work performed in Jifty::DBI::Record, this method also prefixes the table name with the plugin table prefix, if the model belongs to a plugin.

current_user_can RIGHT [ATTRIBUTES]

Should return true if the current user ($self->current_user) is allowed to do RIGHT. Possible values for RIGHT are:

create

Called just before an object's create method is called, as well as before parameter validation. ATTRIBUTES is the attributes that the object is trying to be created with, as the attributes aren't on the object yet to be inspected.

read

Called before any attribute is accessed on the object. ATTRIBUTES is a hash with a single key column and a single value, the name of the column being queried.

update

Called before any attribute is changed on the object. ATTRIBUTES is a hash of the arguments passed to _set.

delete

Called before the object is deleted.

Models wishing to customize authorization checks should override this method. You can do so like this:

  sub current_user_can {
      my ($self, $right, %args) = @_;

      # Make any custom checks that return 1 to allow or return 0 to deny...
      
      # Fallback upon the default implementation to handle the
      # SkipAccessControl configuration setting, superuser, bootstrap,
      # delegation, and the before_access hook
      return $self->SUPER::current_user_can($right, %args);
  }

If you are sure you don't want your model to fallback using the default implementation, you can replace the last line with whatever fallback policy required.

Authorization steps

The default implementation proceeds as follows:

  1. If the SkipAccessControl setting is set to a true value in the framework configuration section of etc/config.yml, current_user_can always returns true.
  2. The method first attempts to call the before_access hooks to check for any allow or denial. See "The before_access hook".
  3. Next, the default implementation returns true if the current user is a superuser or a boostrap user.
  4. Then, if the model can perform delegation, usually by using Jifty::RightsFrom, the access control decision is deferred to another object (via the delegate_current_user_can subroutine).
  5. Otherwise, it returns false.

The before_access hook

This implementation may make use of a trigger called before_access to make the decision. A new handler can be added to the trigger point by calling add_handler:

  $record->add_trigger(
      name => 'before_access',
      code => \&before_access,
      abortable => 1,
  );

The before_access handler will be passed the same arguments that were used to call current_user_can, including the current record object, the operation being checked, and any arguments being passed to the operation.

The before_access handler should return one of three strings: 'deny', 'allow', or 'ignore'. The current_user_can implementation reacts as follows to these results:

  1. If a handler is abortable and aborts by returning a false value (such as undef), current_user_can returns false.
  2. If any handler returns 'deny', current_user_can returns false.
  3. If any handler returns 'allow' and no handler returns 'deny', current_user_can returns true.
  4. In all other cases, the results of the handlers are ignored and current_user_can proceeds to check using superuser, bootstrap, and delegation.

check_create_rights ATTRIBUTES

Internal helper to call "current_user_can" with create.

check_read_rights

Internal helper to call "current_user_can" with read.

Passes column as a named parameter for the column the user is checking rights on.

check_update_rights

Internal helper to call "current_user_can" with update.

check_delete_rights

Internal helper to call "current_user_can" with delete.

as_superuser

Returns a copy of this object with the current_user set to the superuser. This is a convenient way to duck around ACLs if you have code that needs to for some reason or another.

_collection_value METHOD

A method ripped from the pages of Jifty::DBI::Record so we could change the invocation method of the collection generator to add a current_user argument.

delete PARAMHASH

Overrides Jifty::DBI::Record to check the delete ACL.

brief_description

Display the friendly name of the record according to _brief_description.

_brief_description

When displaying a list of records, Jifty can display a friendly value rather than the column's unique id. Out of the box, Jifty always tries to display the 'name' field from the record. You can override this method to return the name of a method on your record class which will return a nice short human readable description for this record.

_to_record

This is the Jifty::DBI function that is called when you fetch a value which REFERENCES a Record class. The only change from the Jifty::DBI code is the arguments to new.

cache_key_prefix

Returns a unique key for this application for the Memcached cache. This should be global within a given Jifty application instance.

since

By default, all models exist since undef, the ur-time when the application was created. Please override it for your model class.

printable_table_schema

When called, this method will generate the SQL schema for the current version of this class and return it as a scalar, suitable for printing or execution in your database's command line.

create_table_in_db

When called, this method will generate the SQL schema for the current version of this class and insert it into the application's currently open database.

drop_table_in_db

When called, this method will generate the SQL to remove this model's table in the database and execute it in the application's currently open database. This method can destroy a lot of data. Be sure you know what you're doing.

add_column_sql column_name

Returns the SQL statement necessary to add column_name to this class's representation in the database

add_column_in_db column_name

Executes the SQL code generated by add_column_sql. Dies on failure.

drop_column_sql column_name

Returns the SQL statement necessary to remove column_name from this class's representation in the database

drop_column_in_db column_name

Executes the SQL code generated by drop_column_sql. Dies on failure.

schema_version

This method is used by Jifty::DBI::Record to determine which schema version is in use. It returns the current database version stored in the configuration.

Jifty's notion of the schema version is currently broken into two:

  1. The Jifty version is the first. In the case of models defined by Jifty itself, these use the version found in $Jifty::VERSION.
  2. Any model defined by your application use the database version declared in the configuration. In etc/config.yml, this is lcoated at:
      framework:
        Database:
          Version: 0.0.1

A model is considered to be defined by Jifty if it the package name starts with "Jifty::". Otherwise, it is assumed to be an application model.

syntax highlighting: