DBIx::Class::Schema::RestrictWithObject - Automatically restrict resultsets
In your DBIx::Class::Schema class:
__PACKAGE__->load_components(qw/Schema::RestrictWithObject/);
In the DBIx::Class table class for your users:
#let's pretend a user has_many notes, which are in ResultSet 'Notes' sub restrict_Notes_resultset { my $self = shift; #the User object my $unrestricted_rs = shift; #restrict the notes viewable to only those that belong to this user #this will, in effect make the following 2 equivalent # $user->notes $schema->resultset('Notes') return $self->related_resultset('notes'); } #it could also be written like this sub restrict_Notes_resultset { my $self = shift; #the User object my $unrestricted_rs = shift; return $unrestricted_rs->search_rs( { user_id => $self->id } ); }
Wherever you connect to your database
my $schema = MyApp::Schema->connect(...); my $user = $schema->resultset('User')->find( { id => $user_id } ); $resticted_schema = $schema->restrict_with_object( $user, $optional_prefix);
In this example we used the User object as the restricting object, but please note that the restricting object need not be a DBIC class, it can be any kind of object that provides the adequate methods.
This DBIx::Class::Schema component can be used to restrict all resultsets through an appropriately-named method in a user-supplied object. This allows you to automatically prevent data from being accessed, or automatically predefine options and search clauses on a schema-wide basis. When used to limit data sets, it allows simplified security by limiting any access to the data at the schema layer. Please note however that this is not a silver bullet and without careful programming it is still possible to expose unwanted data, so this should not be regarded as a replacement for application level security.
Will restrict resultsets according to the methods available in $restricting_obj and return a restricted copy of itself. ResultSets will be restricted if methods in the form of restrict_${ResultSource_Name}_resultset are found in $restricting_obj. If the optional prefix is included it will attempt to use restrict_${prefix}_${ResultSource_Name}_resultset, if that does not exist, it will try again without the prefix, and if that's not available the resultset will not be restricted.
restrict_${ResultSource_Name}_resultset
restrict_${prefix}_${ResultSource_Name}_resultset
Restrict the Schema class and ResultSources associated with this Schema
Return the class name for the restricted schema class;
Return the class name for the restricted ResultSource class;
Return an appropriate class name for a restricted class of type $type.
DBIx::Class, DBIx::Class::Schema::RestrictWithObject::RestrictComp::Schema, DBIx::Class::Schema::RestrictWithObject::RestrictComp::Source,
Matt S Trout (mst) <mst@shadowcatsystems.co.uk>
With contributions from Guillermo Roditi (groditi) <groditi@cpan.org>
You may distribute this code under the same terms as Perl itself.
To install DBIx::Class::Schema::RestrictWithObject, copy and paste the appropriate command in to your terminal.
cpanm
cpanm DBIx::Class::Schema::RestrictWithObject
CPAN shell
perl -MCPAN -e shell install DBIx::Class::Schema::RestrictWithObject
For more information on module installation, please visit the detailed CPAN module installation guide.