Dancer::Plugin::Auth::RBAC member registration example? - perl

I'm trying to build a membership site and I'm interested in using Perl to do this.
I looked at the Dancer framework which seems nice, but I can't figure out how to actually create a member registration / login process using Dancer::Plugin::Auth::RBAC. The CPAN page shows some example code but nothing that is very explicit or complete.
Googling around didn't turn up much usable except some simple examples with hardcoded login/passwords.
Thanks
B

Auth::RBAC is not for creating the members or the registration/management system but rather to do the actual authentication and authorisation based upon existing accounts.
Registering members is easy. You just create a suitable data store (DBIC is very nice and easy) and write a method to take details from the form, validate them and store them in the data store.

Related

how to reset password using email in laravel 5

i want to reset password using email which is defalt provided by laravel 5.
i don't have any idea or knowledge how is password reset code sent to email and use that password to do reset in laravel.
I have mail configuration correct now i want to send the user the password from email.
How to send email having password to gmail and how to put password and update password in our laravel project.
For us to really help you, it is much better if you give something a try and if it doesn't work then post the code so that we can help you debug and improve it.
To begin with, I would suggest reading the documentation on how this all works.
Next, this blog post lays the whole process out from start to finish on how to implement password reset functionality using the default files that come with Laravel. There is too much to post the whole process here so I suggest you attempt to follow it then when/if you run in to trouble then you have something that you can actually post for us to help you on.
Finally, this package provides the auth scaffold that was removed in Laravel 5 that you might find useful as it provides all the views etc for registering, logging in and resetting passwords.
Check those out, give it a go and then come back to us with specific issues that you are having and post the code that is causing the issues and we can help you much more from there.
EDIT to clarify on comments
Trait
A Trait is intended to reduce some limitations of single inheritance
by enabling a developer to reuse sets of methods freely in several
independent classes living in different class hierarchies. The
semantics of the combination of Traits and classes is defined in a way
which reduces complexity, and avoids the typical problems associated
with multiple inheritance and Mixins.
A Trait is similar to a class, but only intended to group
functionality in a fine-grained and consistent way. It is not possible
to instantiate a Trait on its own. It is an addition to traditional
inheritance and enables horizontal composition of behavior; that is,
the application of class members without requiring inheritance.
This is from the PHP docs, essentially it groups a whole load of functionality for us to use.
In this case the ResetsPasswords holds all of the actual code that resets the password and is called in to the Controller that handles this using use ResetsPasswords;.

Zend Force Login

I have my shell application working and I now want to ensure that a user is logged in before anything else occurs. I have a working auth controller and associated database tables, etc.
I assumed that the best ay to do this was to put the identity test in the bootstrap, as I don't want to check for identity in each controller. Basically, I think I want to put code in the bootstrap that says if identity, then run the index otherwise, run auth. Is this the best way to do it in Zend? If not, what is the preferred method?
I was thinking Bootstrap because for every request of any type, I don't want to allow it if the user is logged in and of course, it would be best to chave this check only in ne place.
I have more commonly seen this in done via a plugin. These can be done at various stages of the Zend Application dispatch cycle. The most common set up I have encountered would be to put a check user login status plugin in at preDispatch.
Search the Zend documentation for preDispatch plugins, or have a look on Youtube as there are some good video tutorials that walk you through it.
An advantage to doing this is that in the future you may want to run some kind of functionality prior to the user authentication test. In such an instance you could put new functionality in a dispatchLoopStartup plugin.
Having said this, there is nothing really wrong with checking the user login status in the bootstrap - I have seen this done many times. It is possibly just tidier to user plugins as they are more repeatable in new applications.
This is just my opinion of course, but I hope this helps.

Creating a user controlled data service with Google App engine

I am designing a to-do list manager for the iPhone using GAE as the back end. My end goal is to create user sharable lists, and I was looking for some advice/examples of how to go about designing something like that. I know the google user API provides functionality for authenticating users, but from what I can tell any additional user management would be something I would need to implement myself.
Can something like this be done by simply adding usernames to a list that is a property of the data I want to share? I am guessing I am oversimplifying things, but any suggestions would be appreciated.
Thanks
you're right, app engine doesn't have any built in support for user ACLs or permissions, and a few quick web searches didn't immediately turn up any obvious open source libraries.
how to implement full-fledged permissions and ACLs for group sharing is definitely a nontrivial design question. there are a number of other questions here about it.
having said that, as a very rough first pass, you're probably on the right track with storing lists of users. i'd suggest that you abstract the list into separate Group entities, and attach those to yor data instead, so that users can define groups once instead of for every piece of data. i'd also consider storing separate lists of groups that can read vs write. finally, i'd store User properties in the group entities, instead of string usernames or email addresses.

Acessing a wordpress database from an iPhone App

I've been asked to create an app that will get data back from a database where the CMS will be Wordpress. I've never used a CMS so I'm trying to get a (overview)picture in my head of how it could all work and what each of the components would be. And what a CMS actually brings to the party.
Creating the app itself is pretty clear. I've done a few already. I've made a database before and shouldnt cause a problem.
But what is going to be in the middle between the app and the database?
Part A:
I'm guessing iphone apps typically would call some php file that's hosted on the server? The php then would make a call to the database and return the data somehow, maybe as xml. But this is really basic and wouldnt require a CMS. Just a database and a phpfile, or am I wrong?
Part B:
If i wanted to run a check on the database every minute to see if any of the data in database was no longer valid and remove it if needed, that would require somekind of program running on the server. So that program would be Wordpress, since it is managing the content, so a content management system is actually needed and is for these kind of taskes. Am i understanding the role of CMS?
Many Thanks,
-Code
Part A: Yes, that's definitely how it would normally work. Of course, you're not accessing "a" database, you're accessing the database WordPress creates, but otherwise, sure.
Part B: The role of a CMS is to provide a structured, easily-edited way of presenting information. It abstracts both the database and the user interface stuff, allowing the CMS administrator to CRUD data via the use of simple forms.
In your case, no, you wouldn't (usually) ask the WordPress software to provide information because it's not set up to provide data that's programmatically requested. Instead it's designed to display HTML pages with the data embedded. The WordPress software is specifically for humans to CRUD the data through a human-friendly interface. You'd write your own, as in Part A.
This article shows some basic PHP for retrieving blog entries and user comments, likely most of what you'd want. The WordPress database format is well-documented: here's an article that lays it out and provides more PHP examples for retrieving the information.
Have a look how the Wordpress for iOS team is doing it:
http://ios.wordpress.org/development/
I would not try to access the db directly or through some custom php-code, but use the official WordPress API (which uses xml-rpc) instead.
and this xml-rpc objective-c library might even make this a pretty straightforward exercise?

Jira RPC/SOAP GetCustomFields() can only be used by an administrator?

I'm currently using the Jira SOAP interface within a C# (I suppose the language used here isn't terribly important).
Basically, I'm creating an API and a Winform that wraps some of the functionality of the soap service so that our Devs can programmaticly add bugs when something goes wrong in our application.
As part of this, I need to know the custom field IDs that are in use in Jira, rather than hardcoding them (as they are still prone to the occasional change) I used the GetCustomFields() method in the jira-rpc api then filtered it, so that all the developer needs to know is the name of the field, then the ID is filled in for them automagically.
This all works fine, but with one quite important proviso: that you login to the SOAP/RPC service as a user with administrative privaliges.
The Jira documentation indicates that the soap/rpc service follows the usual workflows and security schemes, however I can't find anything anywhere that would appear to remove this restriction on enumerating custom fields (and quite why in any instance you would want someone to HAVE to be an administrator to gain this access, especially as the custom field id's tend to be in Jira's HTML source is beyond me)
Does anyone know if I've missed a setting somewhere? Or if there is some sort of work-around for this, short of hardcoding the custom field id's?
Or is this a case of having to delve in to Jira's RPC plugin and modifying the source for it in order to give me the functionality I require?
Cheers
Edit for the sake of google/posterity
Wow, all this time on, and it looks like Atlassian still haven't changed this behavior.
Worked around this by creating a custom dictionary that logs in as an administrative user, grabs the custom fields and then logs out. Not ideal, but it should work 'til atlassian change things
You're not missing anything - there's no way to get custom fields via standard SOAP API.
In JIRA Client, we learn about custom fields in two ways:
We download issues via RSS view of the issue navigator, or via XML representation of a specific issue. If a custom field is set for an issue, the XML will have its id, class and value (values).
From time to time we inspect the content of IssueNavigator search page - looking for searchers for the custom fields. Screen-scraping the HTML gives us not only ids of the custom fields but also possible values for enum fields.
This is hackery, of course, and it may go wrong, so a good API would have been a lot better.
In your case, I can suggest two solutions:
Create your own SOAP (or REST) remote API plugin that will give you just that info that you miss from the standard API. Since you're seemingly in control of your JIRA, you can install anything there.
Screen-scrape the "New Bug" page for the project and type of issue you need to submit. You'll get all the info - fields, options, default values, which field is required.