NAME¶
CGI::Application::Plugin::Authorization::Driver - Base module for building
driver classes for CGI::Application::Plugin::Authorization
SYNOPSIS¶
package CGI::Application::Plugin::Authorization::Driver::MyDriver;
use base qw(CGI::Application::Plugin::Authorization::Driver);
sub authorize_user {
my $self = shift;
my @params = @_;
if ( >>> Valid Access Permissions <<< ) {
return 1;
}
return;
}
DESCRIPTION¶
This module is a base class for all driver classes for the
CGI::Application::Plugin::Authorization plugin. Each driver class is required
to provide only one method to authorize the given parameters. Often this will
be a list of groups that the user needs to be a part of, although it could be
anything.
METHODS¶
new¶
This is a constructor that can create a new Driver object. It requires an
Authorization object as its first parameter, and any number of other
parameters that will be used as options depending on which Driver object is
being created. You shouldn't need to call this as the Authorization plugin
takes care of creating Driver objects.
initialize¶
This method will be called right after a new Driver object is created. So any
startup customizations can be dealt with here.
options¶
This will return a list of options that were provided when this driver was
configured by the user.
find_option¶
This method will search the Driver options for a specific key and return the
value it finds. This method assumes that the Driver configuration contains a
hash of information. If it does not, then you will have to parse the option
manually in the subclass.
authz¶
This will return the underlying CGI::Application::Plugin::Authorization object.
In most cases it will not be necessary to access this.
username¶
This will return the name of the current logged in user by calling the
"username" method documented in
CGI::Application::Plugin::Authorization.
authorize¶
# User must be in the admin group to have access to this runmode
return $self->authz->forbidden unless $self->authz->authorize('admin');
This method will verify that the currently logged in user (as found through
username) passes the authorization checks based on the given parameters,
usually a list of groups.
authorize_user¶
This method needs to be provided by the driver class. It needs to be an object
method that accepts a username, followed by a list of parameters, and will
verify that the user passes the authorization checks based on the given
parameters. It should return a true value if the checks succeed.
SEE ALSO¶
CGI::Application::Plugin::Authorization,
perl(1)
AUTHOR¶
Cees Hek <ceeshek@gmail.com>
LICENCE AND COPYRIGHT¶
Copyright (c) 2005, SiteSuite. All rights reserved.
This module is free software; you can redistribute it and/or modify it under the
same terms as Perl itself.
DISCLAIMER OF WARRANTY¶
BECAUSE THIS SOFTWARE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE
SOFTWARE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE
STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE
SOFTWARE "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR
IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO
THE QUALITY AND PERFORMANCE OF THE SOFTWARE IS WITH YOU. SHOULD THE SOFTWARE
PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR, OR
CORRECTION.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY
COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE
SOFTWARE AS PERMITTED BY THE ABOVE LICENCE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE SOFTWARE (INCLUDING BUT NOT LIMITED TO
LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR
THIRD PARTIES OR A FAILURE OF THE SOFTWARE TO OPERATE WITH ANY OTHER
SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.