view Lib/Security/Authz.pm @ 144:b56ebc31bf18

Empty nodes no more created while transforming a post request to the DOM document minor speed improvements to the object CTOR caching Added support for a secure processing (and 'laundering' ) a CGI parameters Many minor fixes
author wizard
date Tue, 13 Jul 2010 02:05:38 +0400
parents 16ada169ca75
children
line wrap: on
line source

package Security::Authz;
use Common;
use Security;

our @ISA = qw(Object);

BEGIN {
    DeclareProperty User => ACCESS_READ;
}

sub _CurrentUser {
    my ($class) = @_;

    if (ref $class) {
        return $class->{$User};
    } else {
        if (Security->CurrentSession) {
            Security->CurrentSession->User;
        } else {
            return undef;
        }
    }
}

sub demand {
    my ($class,@Roles) = @_;

    return 0 if not $class->_CurrentUser;

    my %UserRoles = map { $_->Name, 1 } $class->_CurrentUser->Roles;

    return not grep {not $UserRoles{$_}} @Roles;
}