annotate Lib/IMPL/Security/AbstractContext.pm @ 300:bf3af33b9003

sync
author cin
date Fri, 22 Mar 2013 01:05:11 +0400
parents 2879cdb6b8cd
children fe725fad2d90
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
1 package IMPL::Security::AbstractContext;
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
2 use strict;
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
3 use warnings;
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
4
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
5 use IMPL::Const qw(:prop);
260
sergey
parents: 238
diff changeset
6
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
7 use IMPL::require {
260
sergey
parents: 238
diff changeset
8 Role => 'IMPL::Security::Role',
sergey
parents: 238
diff changeset
9 Exception => 'IMPL::Exception',
sergey
parents: 238
diff changeset
10 NotImplementedException => '-IMPL::NotImplementedException'
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
11 };
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
12
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
13 use parent qw(IMPL::Class::Meta);
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
14
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
15 __PACKAGE__->static_accessor_clone(abstractProps => [
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
16 principal => PROP_RW,
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
17 rolesAssigned => PROP_RW | PROP_LIST,
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
18 auth => PROP_RW,
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
19 authority => PROP_RW
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
20 ]);
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
21
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
22 my $current; # current session if any
74
wizard
parents: 68
diff changeset
23
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
24 sub Impersonate {
238
b8c724f6de36 DOM model refactoring
sergey
parents: 230
diff changeset
25 my ($this,$code,@args) = @_;
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
26
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
27 my $old = $current;
97
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 96
diff changeset
28 $current = $this;
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
29 my $result;
97
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 96
diff changeset
30 my $e;
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 96
diff changeset
31
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 96
diff changeset
32 {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
33 local $@;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
34 eval {
238
b8c724f6de36 DOM model refactoring
sergey
parents: 230
diff changeset
35 $result = $code->(@args);
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
36 };
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
37 $e = $@;
97
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 96
diff changeset
38 }
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
39 $current = $old;
97
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 96
diff changeset
40 if($e) {
964587c5183c Added SecureCall to Web QueryHandlers stack
wizard
parents: 96
diff changeset
41 die $e;
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
42 } else {
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
43 return $result;
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
44 }
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
45 }
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
46
121
92c850d0bdb9 Minor changes
wizard
parents: 97
diff changeset
47 sub Apply {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
48 my ($this) = @_;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
49
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
50 $current = $this;
121
92c850d0bdb9 Minor changes
wizard
parents: 97
diff changeset
51 }
92c850d0bdb9 Minor changes
wizard
parents: 97
diff changeset
52
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
53 sub isTrusted {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
54 my ($this) = @_;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
55
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
56 if (my $auth = $this->auth) {
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
57 return $auth->isTrusted;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
58 } else {
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
59 return 0;
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
60 }
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
61 }
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
62
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
63 sub Satisfy {
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
64 my ($this,@roles) = @_;
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
65
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
66 my $roleEffective = Role->new ( _effective => scalar $this->rolesAssigned );
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
67
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
68 return $roleEffective->Satisfy(@roles);
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
69 }
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
70
74
wizard
parents: 68
diff changeset
71 sub current {
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
72 $current;
51
a1498298d3ee Security in progress
wizard@linux-odin.local
parents: 49
diff changeset
73 }
a1498298d3ee Security in progress
wizard@linux-odin.local
parents: 49
diff changeset
74
49
16ada169ca75 migrating to the Eclipse IDE
wizard@linux-odin.local
parents: 47
diff changeset
75 1;
74
wizard
parents: 68
diff changeset
76
wizard
parents: 68
diff changeset
77 __END__
wizard
parents: 68
diff changeset
78
wizard
parents: 68
diff changeset
79 =pod
wizard
parents: 68
diff changeset
80
wizard
parents: 68
diff changeset
81 =head1 NAME
wizard
parents: 68
diff changeset
82
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
83 C<abstract IMPL::Security::Context> - контекст безопасности.
74
wizard
parents: 68
diff changeset
84
wizard
parents: 68
diff changeset
85 =head1 SINOPSYS
wizard
parents: 68
diff changeset
86
wizard
parents: 68
diff changeset
87 =begin code
wizard
parents: 68
diff changeset
88
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
89 package MyApp::Model::Session;
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
90 use strict;
74
wizard
parents: 68
diff changeset
91
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
92 use IMPL::delare {
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
93 base => [
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
94 'MyApp::Model::BaseDBO' => '@_',
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
95 'IMPL::Security::AbstractContext' => undef
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
96 ],
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
97 props {
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
98 IMPL::Security::AbstractContext->abstractProps,
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
99 qouta => PROP_GET
194
4d0e1962161c Replaced tabs with spaces
cin
parents: 180
diff changeset
100 }
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
101 }
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
102
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
103 package main;
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
104
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
105 $app->model->GetSession('546a54df4')->Impersonate(sub{
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
106 # do something
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
107 });
74
wizard
parents: 68
diff changeset
108
wizard
parents: 68
diff changeset
109 =end code
wizard
parents: 68
diff changeset
110
wizard
parents: 68
diff changeset
111 =head1 DESCRIPTION
wizard
parents: 68
diff changeset
112
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
113 Код приложения, которое выполняется
74
wizard
parents: 68
diff changeset
114
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 173
diff changeset
115 Являет собой контекст безопасности, описывает пользователя и привелегии, так же
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 173
diff changeset
116 у программы есть текущий контекст безопасности, по умолчанию он C<nobody>.
74
wizard
parents: 68
diff changeset
117
wizard
parents: 68
diff changeset
118 =head1 MEMBERS
wizard
parents: 68
diff changeset
119
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
120 =head2 C<[get] principal>
74
wizard
parents: 68
diff changeset
121
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 173
diff changeset
122 Идентификатор пользователя, владельца контекста.
74
wizard
parents: 68
diff changeset
123
260
sergey
parents: 238
diff changeset
124 =head2 C<[get,set] rolesAssigned>
74
wizard
parents: 68
diff changeset
125
260
sergey
parents: 238
diff changeset
126 Явно назначенные роли. Если список пуст, то считается, что используются роли
sergey
parents: 238
diff changeset
127 пользователя по-умолчанию.
74
wizard
parents: 68
diff changeset
128
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
129 =head2 C<[get] auth>
74
wizard
parents: 68
diff changeset
130
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 173
diff changeset
131 Объект асторизации C<IMPL::Security::Auth>, использованный при создании текущего контекста.
74
wizard
parents: 68
diff changeset
132
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
133 =head2 C<[get] authority>
96
4c55aed00ff2 Minor changes
wizard
parents: 95
diff changeset
134
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
135 Модуль безопасности, породивший данный контекст. Модуль безопасности, отвечающий
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
136 за создание контекста безопасности должен реализовывать метод
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
137 C<CreateContext($user,$auth,$roles)>
96
4c55aed00ff2 Minor changes
wizard
parents: 95
diff changeset
138
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
139 =head2 C<[get] isTrusted>
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
140
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
141 Возвращает значение является ли контекст доверенным, тоесть клиент
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
142 аутентифицирован и сессия установлена. Если C<false> значит, что сессия была
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
143 начата, однако не установлена до конца.
81
077357224bec IMPL::Web::Security alpha version
Sergey
parents: 74
diff changeset
144
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
145 =head2 C<Impersonate($code)>
74
wizard
parents: 68
diff changeset
146
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 173
diff changeset
147 Делает контекст текущим и выполняет в нем функцию по ссылке C<$code>. По окончании
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
148 выполнения, контекст восстанавливается в предыдущий (не зависимо от того, что
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
149 с ним происходило во время выполнения C<$code>).
74
wizard
parents: 68
diff changeset
150
230
6d8092d8ce1b *reworked IMPL::Security
sergey
parents: 194
diff changeset
151 =head2 C<Apply()>
121
92c850d0bdb9 Minor changes
wizard
parents: 97
diff changeset
152
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 173
diff changeset
153 Заменяет текущий контекст на себя, но до конца действия метода C<Impersonate>, если
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 173
diff changeset
154 таковой был вызван.
121
92c850d0bdb9 Minor changes
wizard
parents: 97
diff changeset
155
260
sergey
parents: 238
diff changeset
156 =head2 C<Satisfy(@roles)>
sergey
parents: 238
diff changeset
157
sergey
parents: 238
diff changeset
158 Проверяет наличие необходимых ролей у контекста. Данный метод позволяет
sergey
parents: 238
diff changeset
159 абстрагироваться от механизмов связи контекста и ролей. Возвращает истинное
sergey
parents: 238
diff changeset
160 значение если список необходимых ролей у пользователя имеется.
sergey
parents: 238
diff changeset
161
180
d1676be8afcc Перекодировка в utf-8
sourcer
parents: 173
diff changeset
162 =cut