For authorization, if the class should not be accessed, then it should not be "touched" at all. If the authorization functionality is a method of the class itself, obviously the class will be touched in order to to determine whether it should be touched, which is logically a loop hole. So a separate class should be employed.
I guess you don't know and haven't used CGI::Application?

Anyway, the way it usually works is that you inherit from CGI::Application, and have methods in it that are runmodes (screens or however you would call it).

With it's plug-in CGI::Application::Dispatch that I'm using whole thing becomes nice M-V-C. Based on the path (such as /index.pl/Module/method - I'm using URL rewriting so it's actually /Module/method.perl) it creates creates the Module (can control it's prefix of name-space such as AppName::Runmodex::Module). And calls method.

Of course there are many things that are done before the method is actually called ... But in the end, one way or the other, that class is initialised ...

For the DB connection, this is a typical good opportunity for class factory. This class factory produces classes that wrap DB connections. For other classes in your application that access the DB , there is no need for them to know the details such as how to get DB connection, or what is the maximum number of connections allowed etc, even not through inheritance. All they care is to ask the class factory for a class that represents DB connection.
I'm using something like that : 491418. Altho I added support for multiple connections (to different DB's) and things like that. So in the end, anywhere in the application I just ask for $self->param('DB') and get DBIx::Handy object. Or I can just make new one (in case I'm in some other module so I wouldn't pass that param around the whole thing).
Have you tried freelancing? Check out Scriptlance - I work there.

In reply to Re^2: User authorization and design of larger web/intranet applications. by techcode
in thread User authorization and design of larger web/intranet applications. by techcode

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.