All geek questions in one place

Why are Mojolicious nesting my routes?

My Mojolicious application has its own authentication mechanism, which I implement in the routing state with the name auth_permission :

 $app->add_condition(auth_permission => sub { return is_user_allowed(...) ? 1 : 0; });

So my routes look something like this:

 my $r = $app->routes; $r->get('/prefs') # no permission necessary here ->to(...); $r->get('/objects') ->over(auth_permission => 'view objects') ->to(...); $r->get('/objects/delete/:id') ->over(auth_permission => 'delete objects') ->to(...);

The to() rules are handled correctly: GET /objects gives me a list of objects, and GET /objects/delete/42 deletes object 42.

The problem is that the permission of view objects checked for both queries, although the second route should check the permission of delete objects .

The reason is that /objects/delete/42 is the path below /objects . The same problem does not occur with the /prefs route, which does not have a common base with other routes.

My current workaround is to put the rule for /objects below one for /objects/delete/:id , but that a) is unbalanced and b) is about to break when another developer is editing the file. Is it possible to explicitly disable nesting behavior in this case?

+6
source share
1 answer

Mojolicious docs seem to indicate that you should build an extended route from an object that handles a shorter one. See the section Nested Routes in the documents section.

This means that you have the route $ objects and the route $ objects_delete obtained from it. Eliminates problems with ordering (except that you need to specify a shorter route first).

+1
source

Source: https://habr.com/ru/post/920946/

More articles:


All Articles