Home · Authors · Recent · News · Mirrors · FAQ · Feedback

in  
James G Smith > Gestinanna-0.02 > Gestinanna::Authz

Download:
Gestinanna-0.02.tar.gz

Dependencies

Annotate this POD

CPAN RT

Open  0
Report a bug
Module Version: 0.00_02   Source  

NAME ^

Gestinanna::Authz

SYNOPSIS ^

 $authz = Gestinanna::Authz -> new(alzabo_schema => $schema);

 if($authz -> has_attributes($user, $path, $attrs)) {
    # do something
 }

 $authz -> grant($granter, $grantee, $path, $attrs);

DESCRIPTION ^

PATHS ^

In addition to the paths used by Gestinanna::Util/path_cmp, they may also contain special components:

SELF

This refers to the path describing the user or actor. This allows the specification of ACLs that are specific to each user without having to have a separate ACL for each user. For example, to allow each user their own test area, allow /testing/SELF//* for all users that can do testing.

SELFTYPE

This refers to the type of object described by SELF. This defaults to user.

Fn

The components beginning with F followed by an integer refer to particular parts of the user path that are variable, such as // or *. These are numbered starting at 1 and increasing as they are encountered. Each part of an intersection is also counted.

METHODS ^

new

 $authz = Gestinanna::Authz -> new(alzabo_schema => $schema);

This constructs a new authorization management object. The following options may be passed.

group

This is the string to use to denote the user group type.

resource_group

This is the string to use to denote the resource group type.

alzabo_schema

The Alzabo runtime schema to use when fetching information.

user

This is the string to use to denote the user type.

fetch_acls

 $acls = $authz -> fetch_acls($user, $resource)

This method provides any ACL information that might be useful in the current ACL query as indicated by the user and resource string arguments.

The return value is a hash reference with the following structure:

  { user_path => { resource_path => { %attributes } } }

The attribute mapping maps attribute names to numeric values. Negative values are considered to be prohibitive while positive values are permissive. Undefined or zero values are ignored.

Both $user and $resource will be array references. The first element will be the type of object the path is referring to. The second element will be the path describing the set of such objects.

The safest set of information to return is all ACLs that describe the relationship between the $user and $resource object types.

AUTHOR ^

James G. Smith, <jsmith@cpan.org>

COPYRIGHT ^

Copyright (C) 2003-2004 Texas A&M University. All Rights Reserved.

This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

59723 Uploads, 19129 Distributions 76266 Modules, 7835 Uploaders
hosted by YellowBot
do. tag. write. share.