Andy Grundman > Catalyst-Plugin-Authorization-Roles-0.02 > Catalyst::Plugin::Authorization::Roles

Download:
Catalyst-Plugin-Authorization-Roles-0.02.tar.gz

Dependencies

Annotate this POD

CPAN RT

New  1
Open  0
View/Report Bugs
Module Version: 0.02   Source   Latest Release: Catalyst-Plugin-Authorization-Roles-0.09

NAME ^

Catalyst::Plugin::Authorization::Roles - Role based authorization for Catalyst based on Catalyst::Plugin::Authentication.

SYNOPSIS ^

        use Catalyst qw/
                Authentication
                Authentication::Store::ThatSupportsRoles
                Authorization::Roles
        /;

        sub delete : Local {
                my ( $self, $c ) = @_;

                $c->assert_user_roles( qw/admin/ ); # only admins can delete

                $c->model("Foo")->delete_it();
        }

DESCRIPTION ^

Role based authentication is very simple: every user has a list of roles, which that user is allowed to assume.

Whenever an area that is restricted for e.g. admins, or members, or any other role is accessed a check is made to see whether or not the user has all the required roles.

In this plugin the user objects being checked have the roles method invoked. This method is supposed to return a list of the roles the user is allowed to assume. The roles may be any item that can be compared using Set::Object.

For example, if you have a CRUD application, for every mutating action you probably want to check that the user is allowed to edit. To do this, create an editor role, and add that role to every user who is allowed to edit.

        sub edit : Local {
                my ( $self, $c ) = @_;
                $c->assert_user_roles( qw/editor/ );
                $c->model("TheModel")->make_changes();
        }

METHODS ^

assert_user_roles [ $user ], @roles

Cheks that the user (as supplied by the first argument, or, if omitted, <$c-user>>) has the specified roles.

If for any reason (<$c-user>> is not defined, the user is missing a role, etc) the check fails, an error is thrown.

check_user_roles [ $user ], @roles

Takes the same args as assert_user_roles, and performs the same check, but instead of throwing errors returns a boolean value.

SEE ALSO ^

Catalyst::Plugin::Authentication

AUTHOR ^

Yuval Kogman, nothingmuch@woobling.org

COPYRIGHT & LICNESE ^

        Copyright (c) 2005 the aforementioned authors. All rights
        reserved. This program is free software; you can redistribute
        it and/or modify it under the same terms as Perl itself.
syntax highlighting: