pub/Impl: Lib/IMPL/Web/Security.pm annotate

annotate Lib/IMPL/Web/Security.pm @ 256:32aceba4ee6d

corrected ViewHandlers to handle cookies and headers. Dirty hacks to handle binary data RestController doesn't deal with file extensions anymore.

author	sergey
date	Wed, 12 Dec 2012 04:29:50 +0400
parents	23daf2fae33a
children	63709a4e6da0

rev	line source
52 15d720913562 security in work wizard@linux-odin.local parents: diff changeset	1 package IMPL::Web::Security;
81 077357224bec IMPL::Web::Security alpha version Sergey parents: 79 diff changeset	2 use strict;
73 2f31ecabe9ea doc wizard parents: 66 diff changeset	3
81 077357224bec IMPL::Web::Security alpha version Sergey parents: 79 diff changeset	4 use IMPL::Security::Auth qw(:Const);
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	5 use IMPL::declare {
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	6 require => {
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	7 Exception => 'IMPL::Exception',
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	8 NotImplementedException => '-IMPL::NotImplementedException',
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	9 SecurityContext => 'IMPL::Security::AbstractContext'
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	10 },
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	11 };
107 0e72ad99eef7 Updated Web::TT wizard parents: 97 diff changeset	12
233 3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	13 use constant {
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	14 ERR_NO_SUCH_USER => -1,
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	15 ERR_NO_SEC_DATA => -2,
239 23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	16 ERR_NO_AUTHORITY => -3,
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	17 ERR_NO_SEC_CONTEXT => -4,
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	18 ERR_AUTH_FAIL => -5
233 3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	19 };
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	20
81 077357224bec IMPL::Web::Security alpha version Sergey parents: 79 diff changeset	21 sub AuthUser {
194 4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	22 my ($this,$name,$package,$challenge) = @_;
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	23
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	24 my $user = $this->FindUserByName($name)
233 3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	25 or return {
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	26 status => AUTH_FAIL,
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	27 code => ERR_NO_SUCH_USER
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	28 };
239 23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	29
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	30 my $auth;
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	31 if ( my $secData = $user->GetSecData($package) ) {
194 4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	32 $auth = $package->new($secData);
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	33 } else {
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	34 return {
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	35 status => AUTH_FAIL,
233 3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	36 code => ERR_NO_SEC_DATA,
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	37 user => $user
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	38 };
194 4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	39 }
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	40
239 23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	41 return {
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	42 status => AUTH_FAIL,
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	43 code => ERR_NO_SEC_CONTEXT
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	44 } unless SecurityContext->current;
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	45
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	46 return {
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	47 status => AUTH_FAIL,
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	48 code => ERR_NO_AUTHORITY
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	49 } unless SecurityContext->current->authority;
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	50
232 5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	51 my $status = SecurityContext->current->authority->InitSession(
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	52 $user,
239 23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	53 [$user->roles],
232 5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	54 $auth,
239 23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	55 $challenge
232 5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	56 );
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	57
194 4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	58 return {
4d0e1962161c Replaced tabs with spaces cin parents: 180 diff changeset	59 status => $status,
233 3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	60 code => ($status == AUTH_FAIL ? ERR_AUTH_FAIL : 0),
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	61 user => $user
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	62 };
73 2f31ecabe9ea doc wizard parents: 66 diff changeset	63 }
2f31ecabe9ea doc wizard parents: 66 diff changeset	64
239 23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	65 sub Logout {
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	66 my ($this) = @_;
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	67
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	68 my $session = SecurityContext->current;
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	69 if($session && $session->authority) {
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	70 $session->authority->CloseSession($session);
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	71
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	72 $this->CloseSession($session);
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	73 }
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	74 }
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	75
230 6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	76 sub FindUserByName {
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	77 die NotImplementedException->new();
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	78 }
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	79
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	80 sub CreateSession {
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	81 die NotImplementedException->new();
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	82 }
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	83
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	84 sub GetSession {
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	85 die NotImplementedException->new();
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	86 }
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	87
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	88 sub SaveSession {
6d8092d8ce1b reworked IMPL::Security sergey* parents: 194 diff changeset	89 die NotImplementedException->new();
73 2f31ecabe9ea doc wizard parents: 66 diff changeset	90 }
2f31ecabe9ea doc wizard parents: 66 diff changeset	91
239 23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	92 sub CloseSession {
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	93 die NotImplementedException->new();
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	94 }
23daf2fae33a security subsytem bugfixes sergey* parents: 233 diff changeset	95
52 15d720913562 security in work wizard@linux-odin.local parents: diff changeset	96 1;
15d720913562 security in work wizard@linux-odin.local parents: diff changeset	97
15d720913562 security in work wizard@linux-odin.local parents: diff changeset	98 __END__
15d720913562 security in work wizard@linux-odin.local parents: diff changeset	99
15d720913562 security in work wizard@linux-odin.local parents: diff changeset	100 =pod
15d720913562 security in work wizard@linux-odin.local parents: diff changeset	101
73 2f31ecabe9ea doc wizard parents: 66 diff changeset	102 =head1 NAME
2f31ecabe9ea doc wizard parents: 66 diff changeset	103
180 d1676be8afcc Перекодировка в utf-8 sourcer parents: 166 diff changeset	104 C<IMPL::Web::Security> Модуль для аутентификации и авторизации веб запроса.
73 2f31ecabe9ea doc wizard parents: 66 diff changeset	105
52 15d720913562 security in work wizard@linux-odin.local parents: diff changeset	106 =head1 DESCRIPTION
15d720913562 security in work wizard@linux-odin.local parents: diff changeset	107
232 5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	108 Текущий модуль обеспечивает функции верхнего уровня для работы с системой
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	109 безопасности. Поскольку модуль является абстрактым, конкретные функции
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	110 хранения и реализацию объектов модели безопасности должно обеспечить само
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	111 приложение.
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	112
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	113 Сама система безопасности в веб приложении состоит из двух частей
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	114
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	115 =over
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	116
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	117 =item Модель системы безопасности
52 15d720913562 security in work wizard@linux-odin.local parents: diff changeset	118
232 5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	119 Предоставляет такие объкты безопасности, как пользователь, сессия роль,
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	120 определяет правила проверки прав доступа субъекта к объекту.
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	121
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	122 =item Модуль безопасности
52 15d720913562 security in work wizard@linux-odin.local parents: diff changeset	123
232 5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	124 Как правило встраивается в транспортный уровеь в виде обработчика
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	125 C<IMPL::Web::Handler> и реализует непосредственно протокол аутентификации и
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	126 обмена с пользователем.
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	127
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	128 Также модуль безопасности использует модель для хранения сессий и данных
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	129 аутентификции. Контекст безопасности создается именно этим модулем.
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	130
5c82eec23bb6 Fixed degradations due refactoring sergey parents: 231 diff changeset	131 =back
52 15d720913562 security in work wizard@linux-odin.local parents: diff changeset	132
73 2f31ecabe9ea doc wizard parents: 66 diff changeset	133 =head1 MEMBERS
52 15d720913562 security in work wizard@linux-odin.local parents: diff changeset	134
233 3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	135 =head2 C<AuthUser($name,$package,$challenge)>
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	136
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	137 Инициирует создание новой сессии используя провайдера безопасности текущего
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	138 контекста безопасности.
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	139
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	140 =over
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	141
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	142 =item C<$name>
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	143
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	144 Имя пользователя, которое будет использоваться при поиске его в БД.
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	145
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	146 =item C<$package>
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	147
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	148 Имя модуля аутентификации, например, C<IMPL::Security::Auth::Simple>.
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	149
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	150 =item C<$challenge>
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	151
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	152 Данные, полученные от клиента, которые будут переданы модулю аутентификации для
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	153 начала процесса аутентификации и создания сессии.
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	154
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	155 =back
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	156
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	157 Функция возвращает хеш с элементами
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	158
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	159 =over
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	160
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	161 =item C<status>
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	162
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	163 Статус аутентификации - отражает общее состояние процесса ацтентификации,
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	164
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	165 =over
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	166
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	167 =item C<AUTH_FAIL>
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	168
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	169 Аутентификация неудачная, сессия не создана.
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	170
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	171 =item C<AUTH_INCOMPLETE>
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	172
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	173 Аутентификация требует дополнительных шагов, сессия создана, но еще не доверена.
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	174
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	175 =item C<AUTH_SUCCESS>
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	176
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	177 Аутентификация успешно проведена, сессия создана.
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	178
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	179 =back
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	180
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	181 =item C<code>
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	182
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	183 =back
3cebcf6fdb9b refactoring, cleaning code sergey parents: 232 diff changeset	184
180 d1676be8afcc Перекодировка в utf-8 sourcer parents: 166 diff changeset	185 =cut

Mercurial > pub > Impl

annotate Lib/IMPL/Web/Security.pm @ 256:32aceba4ee6d