DBIx::Class::Schema::RestrictWithObject - Automatically restrict resultsets


DBIx::Class::Schema::RestrictWithObject - Automatically restrict resultsets


In your the DBIx::Class::Schema manpage class:


In the the DBIx::Class manpage table class for your users:

    #let's pretend a user has_many notes, which are in ResultSet 'Notes'
    sub restrict_Notes_resultset {
      my $self = shift; #the User object
      my $unrestricted_rs = shift;
      #restrict the notes viewable to only those that belong to this user
      #this will, in effect make the following 2 equivalent
      # $user->notes $schema->resultset('Notes')
      return $self->related_resultset('notes');
     #it could also be written like this
    sub restrict_Notes_resultset {
      my $self = shift; #the User object
      my $unrestricted_rs = shift;
      return $unrestricted_rs->search_rs( { user_id => $self->id } );

Wherever you connect to your database

    my $schema = MyApp::Schema->connect(...);
    my $user = $schema->resultset('User')->find( { id => $user_id } );
    $resticted_schema = $schema->restrict_with_object( $user, $optional_prefix);

In this example we used the User object as the restricting object, but please note that the restricting object need not be a DBIC class, it can be any kind of object that provides the adequate methods.


This the DBIx::Class::Schema manpage component can be used to restrict all resultsets through an appropriately-named method in a user-supplied object. This allows you to automatically prevent data from being accessed, or automatically predefine options and search clauses on a schema-wide basis. When used to limit data sets, it allows simplified security by limiting any access to the data at the schema layer. Please note however that this is not a silver bullet and without careful programming it is still possible to expose unwanted data, so this should not be regarded as a replacement for application level security.


restrict_with_object $restricting_obj, $optional_prefix

Will restrict resultsets according to the methods available in $restricting_obj and return a restricted copy of itself. ResultSets will be restricted if methods in the form of restrict_${ResultSource_Name}_resultset are found in $restricting_obj. If the optional prefix is included it will attempt to use restrict_${prefix}_${ResultSource_Name}_resultset, if that does not exist, it will try again without the prefix, and if that's not available the resultset will not be restricted.



Restrict the Schema class and ResultSources associated with this Schema

_get_restricted_schema_class $target_schema

Return the class name for the restricted schema class;

_get_restricted_source_class $target_source

Return the class name for the restricted ResultSource class;

_get_restrictedclass $type, $target

Return an appropriate class name for a restricted class of type $type.


the DBIx::Class manpage, the DBIx::Class::Schema::RestrictWithObject::RestrictComp::Schema manpage, the DBIx::Class::Schema::RestrictWithObject::RestrictComp::Source manpage,


Matt S Trout (mst) <mst@shadowcatsystems.co.uk>

With contributions from Guillermo Roditi (groditi) <groditi@cpan.org>


You may distribute this code under the same terms as Perl itself.

 DBIx::Class::Schema::RestrictWithObject - Automatically restrict resultsets