Mercurial > pub > Impl

annotate Lib/IMPL/Security/Context.pm @ 95:67eb8eaec3d4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added a security authority property to the Context and Security classes Added a WriteResponse method to the SecureCookie class Added a setCookie method to the Response class
author wizard
date Thu, 29 Apr 2010 02:21:27 +0400
parents 79bf75223afe
children 4c55aed00ff2
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
1 package IMPL::Security::Context;
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
2 use strict;
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
3 use warnings;
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
4
74
wizard
parents: 68
diff changeset
5 use base qw(IMPL::Object IMPL::Object::Autofill);
wizard
parents: 68
diff changeset
6
wizard
parents: 68
diff changeset
7 __PACKAGE__->PassThroughArgs;
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
8
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
9 use IMPL::Class::Property;
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
10
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
11 require IMPL::Security::Principal;
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
12
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents: 49
diff changeset
13 my $current;
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
14 my $nobody;
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
15
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
16 BEGIN {
68
739f1288ca84 Auth in progress
wizard
parents: 66
diff changeset
17 public property principal => prop_get;
739f1288ca84 Auth in progress
wizard
parents: 66
diff changeset
18 public property rolesAssigned => prop_all | prop_list;
739f1288ca84 Auth in progress
wizard
parents: 66
diff changeset
19 public property auth => prop_all;
95
67eb8eaec3d4 Added a security authority property to the Context and Security classes
wizard
parents: 94
diff changeset
20 public property authority => prop_all;
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
21 }
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
22
74
wizard
parents: 68
diff changeset
23 sub CTOR {
wizard
parents: 68
diff changeset
24 my ($this) = @_;
wizard
parents: 68
diff changeset
25
wizard
parents: 68
diff changeset
26 die new IMPL::InvalidArgumentException("The parameter is required", 'principal') unless $this->principal;
wizard
parents: 68
diff changeset
27 }
wizard
parents: 68
diff changeset
28
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
29 sub Impersonate {
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
30 my ($this,$code) = @_;
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
31
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
32 my $old = $current;
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
33 my $result;
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
34 local $@;
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
35 eval {
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
36 $result = $code->();
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
37 };
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
38 $current = $old;
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
39 if($@) {
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
40 die $@;
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
41 } else {
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
42 return $result;
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
43 }
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
44 }
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
45
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
46 sub isTrusted {
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
47 my ($this) = @_;
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
48
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
49 if (my $auth = $this->auth) {
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
50 return $auth->isTrusted;
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
51 } else {
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
52 return 0;
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
53 }
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
54 }
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
55
74
wizard
parents: 68
diff changeset
56 sub nobody {
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
57 my ($self) = @_;
68
739f1288ca84 Auth in progress
wizard
parents: 66
diff changeset
58 $nobody = $self->new(principal => IMPL::Security::Principal->nobody, rolesAssigned => undef) unless $nobody;
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
59 $nobody;
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
60 }
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
61
74
wizard
parents: 68
diff changeset
62 sub current {
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents: 49
diff changeset
63 my ($self) = @_;
a1498298d3ee Security in progress
wizard@linux-odin.local
parents: 49
diff changeset
64
a1498298d3ee Security in progress
wizard@linux-odin.local
parents: 49
diff changeset
65 $current = __PACKAGE__->nobody unless $current;
a1498298d3ee Security in progress
wizard@linux-odin.local
parents: 49
diff changeset
66 $current;
a1498298d3ee Security in progress
wizard@linux-odin.local
parents: 49
diff changeset
67 }
a1498298d3ee Security in progress
wizard@linux-odin.local
parents: 49
diff changeset
68
94
79bf75223afe Fixed security related bugs
wizard
parents: 81
diff changeset
69 sub Satisfy {
79bf75223afe Fixed security related bugs
wizard
parents: 81
diff changeset
70 my ($this,@roles) = @_;
79bf75223afe Fixed security related bugs
wizard
parents: 81
diff changeset
71
79bf75223afe Fixed security related bugs
wizard
parents: 81
diff changeset
72 my $roleEffective = new IMPL::Security::Role ( _effective => $this->rolesAssigned );
79bf75223afe Fixed security related bugs
wizard
parents: 81
diff changeset
73
79bf75223afe Fixed security related bugs
wizard
parents: 81
diff changeset
74 return $roleEffective->Satisfy(@roles);
79bf75223afe Fixed security related bugs
wizard
parents: 81
diff changeset
75 }
79bf75223afe Fixed security related bugs
wizard
parents: 81
diff changeset
76
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
77 1;
74
wizard
parents: 68
diff changeset
78
wizard
parents: 68
diff changeset
79 __END__
wizard
parents: 68
diff changeset
80
wizard
parents: 68
diff changeset
81 =pod
wizard
parents: 68
diff changeset
82
wizard
parents: 68
diff changeset
83 =head1 NAME
wizard
parents: 68
diff changeset
84
wizard
parents: 68
diff changeset
85 C<IMPL::Security::Context> - контекст безопасности.
wizard
parents: 68
diff changeset
86
wizard
parents: 68
diff changeset
87 =head1 SINOPSYS
wizard
parents: 68
diff changeset
88
wizard
parents: 68
diff changeset
89 =begin code
wizard
parents: 68
diff changeset
90
wizard
parents: 68
diff changeset
91 my $context = IMPL::Security::Context->nobody;
wizard
parents: 68
diff changeset
92
wizard
parents: 68
diff changeset
93 my $result = $context->Impersonate(
wizard
parents: 68
diff changeset
94 sub {
wizard
parents: 68
diff changeset
95 # do some untrusted code
wizard
parents: 68
diff changeset
96 }
wizard
parents: 68
diff changeset
97 );
wizard
parents: 68
diff changeset
98
wizard
parents: 68
diff changeset
99 =end code
wizard
parents: 68
diff changeset
100
wizard
parents: 68
diff changeset
101 =head1 DESCRIPTION
wizard
parents: 68
diff changeset
102
wizard
parents: 68
diff changeset
103 C<[Autofill]>
wizard
parents: 68
diff changeset
104
wizard
parents: 68
diff changeset
105 Являет собой контекст безопасности, описывает пользователя и привелегии, так же
wizard
parents: 68
diff changeset
106 у потока есть текущий контекст безопасности, по умолчанию он C<nobody>.
wizard
parents: 68
diff changeset
107
wizard
parents: 68
diff changeset
108 =head1 MEMBERS
wizard
parents: 68
diff changeset
109
wizard
parents: 68
diff changeset
110 =over
wizard
parents: 68
diff changeset
111
wizard
parents: 68
diff changeset
112 =item C<CTOR(%props)>
wizard
parents: 68
diff changeset
113
wizard
parents: 68
diff changeset
114 Создает объект и заполняет его свойствами.
wizard
parents: 68
diff changeset
115
wizard
parents: 68
diff changeset
116 =item C<[get] principal>
wizard
parents: 68
diff changeset
117
wizard
parents: 68
diff changeset
118 Идентификатор пользователя, владельца контекста.
wizard
parents: 68
diff changeset
119
wizard
parents: 68
diff changeset
120 =item C<[get] rolesAssigned>
wizard
parents: 68
diff changeset
121
wizard
parents: 68
diff changeset
122 Список назначенных (активных) ролей пользователю.
wizard
parents: 68
diff changeset
123
wizard
parents: 68
diff changeset
124 =item C<[get] auth>
wizard
parents: 68
diff changeset
125
wizard
parents: 68
diff changeset
126 Объект асторизации C<IMPL::Security::Auth>, использованный при создании текущего контекста.
wizard
parents: 68
diff changeset
127
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
128 =item C<[get] isTrusted>
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
129
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
130 Возвращает значение является ли контекст доверенным, тоесть сессия аутетифицирована.
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
131
74
wizard
parents: 68
diff changeset
132 =item C<Impersonate($code)>
wizard
parents: 68
diff changeset
133
wizard
parents: 68
diff changeset
134 Делает контекст текущим и выполняет в нем функцию по ссылке C<$code>. По окончании
wizard
parents: 68
diff changeset
135 выполнения, контекст восстанавливается.
wizard
parents: 68
diff changeset
136
wizard
parents: 68
diff changeset
137 =item C<[static,get] nobody>
wizard
parents: 68
diff changeset
138
wizard
parents: 68
diff changeset
139 Контекст для неаутентифицированных пользователей, минимум прав.
wizard
parents: 68
diff changeset
140
wizard
parents: 68
diff changeset
141 =item C<[static,get] current>
wizard
parents: 68
diff changeset
142
wizard
parents: 68
diff changeset
143 Текущий контекст.
wizard
parents: 68
diff changeset
144
wizard
parents: 68
diff changeset
145 =back
wizard
parents: 68
diff changeset
146
wizard
parents: 68
diff changeset
147 =cut