annotate lib/IMPL/Security/Role.pm @ 419:bbc4739c4d48 ref20150831

working on IMPL::Config::Container
author cin
date Sun, 29 Jan 2017 10:30:20 +0300
parents c6e90e02dd17
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
407
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
1 package IMPL::Security::Role;
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
2 use strict;
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
3
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
4 use IMPL::require {
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
5 AbstractRole => 'IMPL::Security::AbstractRole'
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
6 };
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
7
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
8 use IMPL::declare {
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
9 base => [
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
10 'IMPL::Object' => undef,
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
11 'IMPL::Security::AbstractRole' => undef
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
12 ],
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
13 _implement => 1
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
14 };
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
15
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
16 sub CTOR {
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
17 my ($this,$name,$parentRoles) = @_;
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
18
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
19 $this->roleName($name) if $name;
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
20 $this->parentRoles($parentRoles) if $parentRoles;
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
21 }
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
22
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
23 1;
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
24
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
25 __END__
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
26
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
27 =pod
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
28
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
29 =head1 NAME
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
30
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
31 C<IMPL::Security::Role> - стандартная реализация роли безопасности.
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
32
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
33 =head1 SYNOPSIS
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
34
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
35 =begin code
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
36
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
37 # create the megarole
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
38 my $role = IMPL::Security::Role->new(megarole => [ $adminRole, $directorRole ] );
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
39
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
40 #use it in context
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
41 my $context = IMPL::Security::Context->new(
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
42 principal => $user,
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
43 assignedRoles => [$user->roles, $megarole]
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
44 );
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
45
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
46 $context->Impersonate( sub {
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
47 # do something forbidden
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
48 });
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
49
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
50 =end code
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
51
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
52 =head1 DESCRIPTION
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
53
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
54 Позволяет создавать объекты ролей без привязки к источникам данных и модулям
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
55 авторизации. Чаще всего используется при реализации каких либо механизмов
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
56 безопасности, где требуется создать временную роль.
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
57
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
58 C<IMPL::Security::AbstractRole>
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
59
c6e90e02dd17 renamed Lib->lib
cin
parents:
diff changeset
60 =cut