annotate Lib/IMPL/Security/Role.pm @ 393:69a1f1508696

minor security refactoring
author cin
date Fri, 14 Feb 2014 16:41:12 +0400
parents 6d8092d8ce1b
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
1 package IMPL::Security::Role;
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
2 use strict;
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
3
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
4 use IMPL::require {
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
5 AbstractRole => 'IMPL::Security::AbstractRole'
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
6 };
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
7
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
8 use IMPL::declare {
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
9 base => [
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
10 'IMPL::Object' => undef,
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
11 'IMPL::Security::AbstractRole' => undef
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
12 ],
393
69a1f1508696 minor security refactoring
cin
parents: 230
diff changeset
13 _implement => 1
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
14 };
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
15
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
16 sub CTOR {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
17 my ($this,$name,$parentRoles) = @_;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
18
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
19 $this->roleName($name) if $name;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
20 $this->parentRoles($parentRoles) if $parentRoles;
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
21 }
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
22
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
23 1;
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
24
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
25 __END__
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
26
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
27 =pod
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
28
73
wizard
parents: 51
diff changeset
29 =head1 NAME
wizard
parents: 51
diff changeset
30
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
31 C<IMPL::Security::Role> - стандартная реализация роли безопасности.
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
32
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
33 =head1 SYNOPSIS
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
34
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
35 =begin code
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
36
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
37 # create the megarole
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
38 my $role = IMPL::Security::Role->new(megarole => [ $adminRole, $directorRole ] );
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
39
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
40 #use it in context
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
41 my $context = IMPL::Security::Context->new(
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
42 principal => $user,
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
43 assignedRoles => [$user->roles, $megarole]
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
44 );
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
45
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
46 $context->Impersonate( sub {
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
47 # do something forbidden
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
48 });
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
49
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
50 =end code
73
wizard
parents: 51
diff changeset
51
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
52 =head1 DESCRIPTION
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
53
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
54 Позволяет создавать объекты ролей без привязки к источникам данных и модулям
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
55 авторизации. Чаще всего используется при реализации каких либо механизмов
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
56 безопасности, где требуется создать временную роль.
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
57
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
58 C<IMPL::Security::AbstractRole>
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents:
diff changeset
59
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
60 =cut