package Gantry::Control::C::AuthzRegular;
use strict;
use base 'Gantry::Control::C::AuthzBase';
use Gantry::Control::Model::auth_users;
use Gantry::Control::Model::auth_group_members;
use Gantry::Control::Model::auth_groups;
sub user_model {
return 'Gantry::Control::Model::auth_users';
}
sub group_members_model {
return 'Gantry::Control::Model::auth_group_members';
}
# EOF
1;
__END__
=head1 NAME
Gantry::Control::C::AuthzRegular - Database based authorization for most ORMs.
=head1 SYNOPSIS
use Gantry::Control::C::AuthzRegular qw/-Engine=MP20/;
=head1 DESCRIPTION
This is a simple database driven autorization system for use with apps
which do NOT rely on Class::DBI (or one of its descendents). If you use
Class::DBI, you want Gantry::Control::C::AuthzCDBI instead of this
module. This module also details the other Authz modules in the library.
=head1 METHODS
=over 4
=item user_model
Returns Gantry::Control::Model::auth_users. If you want something else,
try Gantry::Control::C::AuthenCDBI or make your own
Gantry::Control::C::AuthzBase subclass.
=item group_members_model
Returns Gantry::Control::Model::group_members. If you want something else,
try Gantry::Control::C::AuthzCDBI or make your own
Gantry::Control::C::AuthzBase subclass.
=back
=head1 APACHE
Sample Apache conf configuration.
<Perl>
use Gantry::Control::C::AuthzRegular qw/-Engine=MP20/;
</Perl>
<Location /location/to/auth >
AuthType Basic
AuthName "Manual"
PerlSetVar auth_dbconn 'dbi:Pg:dbname=...'
PerlSetVar auth_dbuser '<database_user>'
PerlSetVar auth_dbpass '<database_password>'
PerlSetVar auth_dbcommit off
PerlAuthzHandler Gantry::Control::C::AuthzRegular
require group "group_to_require"
</Location>
=head1 DATABASE
These are the tables that will be queried for the authorization of the
user.
create table "auth_users" (
"id" int4 default nextval('auth_users_seq') NOT NULL,
"user_id" int4,
"active" bool,
"user_name" varchar,
"passwd" varchar,
"crypt" varchar,
"first_name" varchar,
"last_name" varchar,
"email" varchar
);
create table "auth_groups" (
"id" int4 default nextval('auth_groups_seq') NOT NULL,
"ident" varchar,
"name" varchar,
"description" text
);
create table "auth_group_members" (
"id" int4 default nextval('auth_group_members_seq') NOT NULL,
"user_id" int4,
"group_id" int4
);
create table "auth_pages" (
"id" int4 default nextval('auth_pages_seq') NOT NULL,
"user_perm" int4,
"group_perm" int4,
"owner_id" int4,
"group_id" int4,
"uri" varchar,
"title" varchar
);
=head1 MODULES
=over 4
=item Gantry::Control::C::AuthzRegular::PageBased
This handler is the authorization portion for page based authorization.
It is controlled by Gantry::Control::C::Pages(3) and will authenticate only
users who have been allowed from the administrative interface into a
particular uri. The module returns FORBIDDEN if you do not have access
to a particular uri.
=back
=head1 METHODS
=over 4
=item handler
The mod_perl authz handler.
=back
=head1 SEE ALSO
Gantry::Control::C::Authen(3), Gantry::Control(3), Gantry(3)
=head1 LIMITATIONS
=head1 AUTHOR
Tim Keefer <tkeefer@gmail.com>
Nicholas Studt <nstudt@angrydwarf.org>
=head1 COPYRIGHT
Copyright (c) 2005-6, Tim Keefer.
This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself, either Perl version 5.8.6 or,
at your option, any later version of Perl 5 you may have available.
=cut