# HG changeset patch
# User cin
# Date 1392381672 -14400
# Node ID 69a1f1508696c7b7afa2b81de6dca01744782885
# Parent  54b1dc9e808a84d1c22cd506f8e77f38dafdc5cf
minor security refactoring

diff -r 54b1dc9e808a -r 69a1f1508696 Lib/IMPL/Security/AbstractRole.pm
--- a/Lib/IMPL/Security/AbstractRole.pm	Fri Feb 14 03:31:45 2014 +0400
+++ b/Lib/IMPL/Security/AbstractRole.pm	Fri Feb 14 16:41:12 2014 +0400
@@ -2,7 +2,7 @@
 use strict;
 
 use IMPL::Const qw(:prop);
-
+use IMPL::lang qw(equals_s); 
 use parent qw(IMPL::Class::Meta);
 
 __PACKAGE__->static_accessor_clone( abstractProps => [
@@ -20,7 +20,7 @@
 sub _FilterRoles {
     my ($this,@roles) = @_;
     
-    @roles = grep not (ref $_ ? $this->roleName eq $_->roleName : $this->roleName eq $_), @roles;
+    @roles = grep not (ref $_ ? equals_s($this->roleName,$_->roleName) : equals_s($this->roleName, $_) ), @roles;
     
     @roles = $_->_FilterRoles(@roles) or return foreach $this->parentRoles ;
     
diff -r 54b1dc9e808a -r 69a1f1508696 Lib/IMPL/Security/Role.pm
--- a/Lib/IMPL/Security/Role.pm	Fri Feb 14 03:31:45 2014 +0400
+++ b/Lib/IMPL/Security/Role.pm	Fri Feb 14 16:41:12 2014 +0400
@@ -10,14 +10,9 @@
         'IMPL::Object' => undef,
         'IMPL::Security::AbstractRole' => undef 
     ],
-    props => [
-        @{AbstractRole->abstractProps()}
-    ]
+    _implement => 1
 };
 
-__PACKAGE__->abstractProps([]);
-
-
 sub CTOR {
     my ($this,$name,$parentRoles) = @_;
     
diff -r 54b1dc9e808a -r 69a1f1508696 Lib/IMPL/TypeKeyedCollection.pm
--- a/Lib/IMPL/TypeKeyedCollection.pm	Fri Feb 14 03:31:45 2014 +0400
+++ b/Lib/IMPL/TypeKeyedCollection.pm	Fri Feb 14 16:41:12 2014 +0400
@@ -2,6 +2,7 @@
 use strict;
 
 use IMPL::Const qw(:prop);
+use IMPL::lang;
 use IMPL::declare {
 	require => {
 		ArgException => '-IMPL::InvalidArgumentException'
diff -r 54b1dc9e808a -r 69a1f1508696 Lib/IMPL/Web/Handler/ErrorHandler.pm
--- a/Lib/IMPL/Web/Handler/ErrorHandler.pm	Fri Feb 14 03:31:45 2014 +0400
+++ b/Lib/IMPL/Web/Handler/ErrorHandler.pm	Fri Feb 14 16:41:12 2014 +0400
@@ -45,8 +45,6 @@
 	
 	if (my $err = $@) {
 	    
-	    warn "error handler: $err";
-	    
 		my $vars = {
 			error => $err
 		};
diff -r 54b1dc9e808a -r 69a1f1508696 Lib/IMPL/Web/Handler/SecureCookie.pm
--- a/Lib/IMPL/Web/Handler/SecureCookie.pm	Fri Feb 14 03:31:45 2014 +0400
+++ b/Lib/IMPL/Web/Handler/SecureCookie.pm	Fri Feb 14 16:41:12 2014 +0400
@@ -92,7 +92,7 @@
     die OperationException->new("A HttpResponse instance is expected")
         unless ref $httpResponse && eval { $httpResponse->isa(HttpResponse) };
     
-    return $this->WriteResponse($httpResponse);
+    return $this->_WriteResponse($httpResponse);
 }
 
 sub InitSession {
@@ -143,7 +143,7 @@
 	}
 }
 
-sub WriteResponse {
+sub _WriteResponse {
     my ($this,$response) = @_;
     
     if (my $data = $this->_cookies) {
diff -r 54b1dc9e808a -r 69a1f1508696 Lib/IMPL/Web/Security.pm
--- a/Lib/IMPL/Web/Security.pm	Fri Feb 14 03:31:45 2014 +0400
+++ b/Lib/IMPL/Web/Security.pm	Fri Feb 14 16:41:12 2014 +0400
@@ -19,10 +19,27 @@
     ERR_AUTH_FAIL => -5
 };
 
+sub interactiveAuthPackage {
+	die NotImplementedException->new();
+}
+
+sub users {
+	die NotImplementedException->new();
+}
+
+sub roles {
+	die die NotImplementedException->new();
+}
+
+sub sessions {
+	die NotImplementedException->new();
+}
+
 sub AuthUser {
-    my ($this,$name,$challenge,$package) = @_;
+    my ($this,$name,$challenge,$roles,$package) = @_;
     
     $package ||= $this->interactiveAuthPackage;
+    $roles ||= [];
     
     my $user = $this->users->GetById($name)
         or return {
@@ -53,7 +70,7 @@
 
     my $status = SecurityContext->current->authority->InitSession(
         $user,
-        [$user->roles],
+        $roles,
         $auth,
         $challenge
     );
diff -r 54b1dc9e808a -r 69a1f1508696 Lib/IMPL/Web/Security/Session.pm
--- a/Lib/IMPL/Web/Security/Session.pm	Fri Feb 14 03:31:45 2014 +0400
+++ b/Lib/IMPL/Web/Security/Session.pm	Fri Feb 14 16:41:12 2014 +0400
@@ -9,7 +9,7 @@
     ]
 };
 
-push @{__PACKAGE__->abstractProps}, sessionId => PROP_RW;
+push @{__PACKAGE__->abstractProps}, sessionId => PROP_RW, security => PROP_RW;
 
 1;
 
@@ -53,6 +53,11 @@
 
 Идентификатор сессии
 
+=item C<[get] security>
+
+Экземпляр C<IMPL::Web::Security> в рамках которого создана сессия (откуда взят
+пользователь и роли).
+
 =back
 
 =cut
diff -r 54b1dc9e808a -r 69a1f1508696 Lib/IMPL/Web/Security/User.pm
--- a/Lib/IMPL/Web/Security/User.pm	Fri Feb 14 03:31:45 2014 +0400
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,25 +0,0 @@
-package IMPL::Web::Security::User;
-use strict;
-
-use IMPL::Const qw(:prop);
-use IMPL::declare {
-    require => {
-        Exception => 'IMPL::Exception',
-        NotImplementedException => '-IMPL::NotImplementedException'        
-    },
-    base => [
-        'IMPL::Security::AbstractPrincipal' => undef
-    ]
-};
-
-push @{__PACKAGE__->abstractProps}, roles => PROP_RW | PROP_LIST;
-
-sub GetSecData {
-    die NotImplementedException->new();
-}
-
-sub SetSecData {
-    die NotImplementedException->new();
-}
-
-1;