Mercurial > pub > Impl
changeset 393:69a1f1508696
minor security refactoring
author | cin |
---|---|
date | Fri, 14 Feb 2014 16:41:12 +0400 (2014-02-14) |
parents | 54b1dc9e808a |
children | 2c14f66efa08 |
files | Lib/IMPL/Security/AbstractRole.pm Lib/IMPL/Security/Role.pm Lib/IMPL/TypeKeyedCollection.pm Lib/IMPL/Web/Handler/ErrorHandler.pm Lib/IMPL/Web/Handler/SecureCookie.pm Lib/IMPL/Web/Security.pm Lib/IMPL/Web/Security/Session.pm Lib/IMPL/Web/Security/User.pm |
diffstat | 8 files changed, 31 insertions(+), 40 deletions(-) [+] |
line wrap: on
line diff
--- a/Lib/IMPL/Security/AbstractRole.pm Fri Feb 14 03:31:45 2014 +0400 +++ b/Lib/IMPL/Security/AbstractRole.pm Fri Feb 14 16:41:12 2014 +0400 @@ -2,7 +2,7 @@ use strict; use IMPL::Const qw(:prop); - +use IMPL::lang qw(equals_s); use parent qw(IMPL::Class::Meta); __PACKAGE__->static_accessor_clone( abstractProps => [ @@ -20,7 +20,7 @@ sub _FilterRoles { my ($this,@roles) = @_; - @roles = grep not (ref $_ ? $this->roleName eq $_->roleName : $this->roleName eq $_), @roles; + @roles = grep not (ref $_ ? equals_s($this->roleName,$_->roleName) : equals_s($this->roleName, $_) ), @roles; @roles = $_->_FilterRoles(@roles) or return foreach $this->parentRoles ;
--- a/Lib/IMPL/Security/Role.pm Fri Feb 14 03:31:45 2014 +0400 +++ b/Lib/IMPL/Security/Role.pm Fri Feb 14 16:41:12 2014 +0400 @@ -10,14 +10,9 @@ 'IMPL::Object' => undef, 'IMPL::Security::AbstractRole' => undef ], - props => [ - @{AbstractRole->abstractProps()} - ] + _implement => 1 }; -__PACKAGE__->abstractProps([]); - - sub CTOR { my ($this,$name,$parentRoles) = @_;
--- a/Lib/IMPL/TypeKeyedCollection.pm Fri Feb 14 03:31:45 2014 +0400 +++ b/Lib/IMPL/TypeKeyedCollection.pm Fri Feb 14 16:41:12 2014 +0400 @@ -2,6 +2,7 @@ use strict; use IMPL::Const qw(:prop); +use IMPL::lang; use IMPL::declare { require => { ArgException => '-IMPL::InvalidArgumentException'
--- a/Lib/IMPL/Web/Handler/ErrorHandler.pm Fri Feb 14 03:31:45 2014 +0400 +++ b/Lib/IMPL/Web/Handler/ErrorHandler.pm Fri Feb 14 16:41:12 2014 +0400 @@ -45,8 +45,6 @@ if (my $err = $@) { - warn "error handler: $err"; - my $vars = { error => $err };
--- a/Lib/IMPL/Web/Handler/SecureCookie.pm Fri Feb 14 03:31:45 2014 +0400 +++ b/Lib/IMPL/Web/Handler/SecureCookie.pm Fri Feb 14 16:41:12 2014 +0400 @@ -92,7 +92,7 @@ die OperationException->new("A HttpResponse instance is expected") unless ref $httpResponse && eval { $httpResponse->isa(HttpResponse) }; - return $this->WriteResponse($httpResponse); + return $this->_WriteResponse($httpResponse); } sub InitSession { @@ -143,7 +143,7 @@ } } -sub WriteResponse { +sub _WriteResponse { my ($this,$response) = @_; if (my $data = $this->_cookies) {
--- a/Lib/IMPL/Web/Security.pm Fri Feb 14 03:31:45 2014 +0400 +++ b/Lib/IMPL/Web/Security.pm Fri Feb 14 16:41:12 2014 +0400 @@ -19,10 +19,27 @@ ERR_AUTH_FAIL => -5 }; +sub interactiveAuthPackage { + die NotImplementedException->new(); +} + +sub users { + die NotImplementedException->new(); +} + +sub roles { + die die NotImplementedException->new(); +} + +sub sessions { + die NotImplementedException->new(); +} + sub AuthUser { - my ($this,$name,$challenge,$package) = @_; + my ($this,$name,$challenge,$roles,$package) = @_; $package ||= $this->interactiveAuthPackage; + $roles ||= []; my $user = $this->users->GetById($name) or return { @@ -53,7 +70,7 @@ my $status = SecurityContext->current->authority->InitSession( $user, - [$user->roles], + $roles, $auth, $challenge );
--- a/Lib/IMPL/Web/Security/Session.pm Fri Feb 14 03:31:45 2014 +0400 +++ b/Lib/IMPL/Web/Security/Session.pm Fri Feb 14 16:41:12 2014 +0400 @@ -9,7 +9,7 @@ ] }; -push @{__PACKAGE__->abstractProps}, sessionId => PROP_RW; +push @{__PACKAGE__->abstractProps}, sessionId => PROP_RW, security => PROP_RW; 1; @@ -53,6 +53,11 @@ Идентификатор сессии +=item C<[get] security> + +Экземпляр C<IMPL::Web::Security> в рамках которого создана сессия (откуда взят +пользователь и роли). + =back =cut
--- a/Lib/IMPL/Web/Security/User.pm Fri Feb 14 03:31:45 2014 +0400 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,25 +0,0 @@ -package IMPL::Web::Security::User; -use strict; - -use IMPL::Const qw(:prop); -use IMPL::declare { - require => { - Exception => 'IMPL::Exception', - NotImplementedException => '-IMPL::NotImplementedException' - }, - base => [ - 'IMPL::Security::AbstractPrincipal' => undef - ] -}; - -push @{__PACKAGE__->abstractProps}, roles => PROP_RW | PROP_LIST; - -sub GetSecData { - die NotImplementedException->new(); -} - -sub SetSecData { - die NotImplementedException->new(); -} - -1;