2011/2/11 Антон Чешков
Hi Michael. I want to make authorization in Yesod application build on ACL principle. We have in Yesod "Routes". "Route" is resource. I have the list : Resource | Access ---------------------------------- RouteA | Allow RouteB | Deny I would like to : 1. save, read this list outward yesod 2. check, that the concrete route satisfy or not satisfy the list 3. have more flexible way to define resource pattern in list. For example i have RouteX String Int. I wish to define pattern "RouteX * 666" If i had this, i would to implement Yesod.isAuthorized method similar isAuthorized _ = do acl <- getACL route <- getCurrentRoute case check acl route of True -> return Authorized False -> return Unauthorized
I do not know, may be there is the way to make this now. How i can put it into practice ? Thanks.
It looks to me like, barring a small difference in the API, you already figured this out. The Yesod typeclass provides isAuthorized already: isAuthorized :: master -> Bool -- ^ is this a write request, such as POST or DELETE? -> GHandler sub master AuthResult So if you just rewrite your function as: isAuthorized route _ = do acl <- getACL case check acl route of True -> return Authorized False -> return Unauthorized you should be in good shape. Michael