changeset 94:79bf75223afe

Fixed security related bugs
author wizard
date Thu, 29 Apr 2010 01:31:27 +0400 (2010-04-28)
parents 0667064553ef
children 67eb8eaec3d4
files Lib/IMPL/Exception.pm Lib/IMPL/Security/Context.pm Lib/IMPL/Security/Role.pm Lib/IMPL/Security/Rule/RoleCheck.pm Lib/IMPL/Web/Security.pm
diffstat 5 files changed, 16 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/Lib/IMPL/Exception.pm	Wed Apr 28 17:50:55 2010 +0400
+++ b/Lib/IMPL/Exception.pm	Thu Apr 29 01:31:27 2010 +0400
@@ -100,6 +100,10 @@
 our @ISA = qw(IMPL::Exception);
 __PACKAGE__->PassThroughArgs;
 
+package IMPL::SecurityException;
+our @ISA = qw(IMPL::Exception);
+__PACKAGE__->PassThroughArgs;
+
 package Exception;
 our @ISA = qw(IMPL::Exception);
 __PACKAGE__->PassThroughArgs;
--- a/Lib/IMPL/Security/Context.pm	Wed Apr 28 17:50:55 2010 +0400
+++ b/Lib/IMPL/Security/Context.pm	Thu Apr 29 01:31:27 2010 +0400
@@ -65,6 +65,14 @@
 	$current;
 }
 
+sub Satisfy {
+	my ($this,@roles) = @_;
+	
+	my $roleEffective = new IMPL::Security::Role ( _effective => $this->rolesAssigned );
+	
+	return $roleEffective->Satisfy(@roles);
+}
+
 1;
 
 __END__
--- a/Lib/IMPL/Security/Role.pm	Wed Apr 28 17:50:55 2010 +0400
+++ b/Lib/IMPL/Security/Role.pm	Thu Apr 29 01:31:27 2010 +0400
@@ -20,6 +20,7 @@
 	my ($this,@roles) = @_;	
 	
 	return 1 unless $this->_FilterRoles( @roles );
+	return 0;
 }
 
 sub _FilterRoles {
@@ -27,7 +28,7 @@
 	
 	@roles = grep not (ref $_ ? $this == $_ : $this->roleName eq $_), @roles;
 	
-	@roles = $_->_FilterRoles(@roles) or return foreach @{$this->parentRoles} ;
+	@roles = $_->_FilterRoles(@roles) or return foreach $this->parentRoles ;
 	
 	return @roles;
 }
--- a/Lib/IMPL/Security/Rule/RoleCheck.pm	Wed Apr 28 17:50:55 2010 +0400
+++ b/Lib/IMPL/Security/Rule/RoleCheck.pm	Thu Apr 29 01:31:27 2010 +0400
@@ -5,7 +5,7 @@
 sub SatisfyAll {
 	my ($secPackage,$object,$desiredAccess,$context) = @_;
 	
-	my $roleEffective = new IMPL::Security::Role ( effective => $context->AssignedRoles );
+	my $roleEffective = new IMPL::Security::Role ( _effective => $context->rolesAssigned );
 	
 	return $roleEffective->Satisfy(ExtractRoles($object));
 }
--- a/Lib/IMPL/Web/Security.pm	Wed Apr 28 17:50:55 2010 +0400
+++ b/Lib/IMPL/Web/Security.pm	Thu Apr 29 01:31:27 2010 +0400
@@ -35,7 +35,7 @@
 	return {
 		status => $status,
 		answer => $answer,
-		context => $this->MakeContext( $user, $user->roles, $auth )
+		context => $this->MakeContext( $user, [$user->roles], $auth )
 	}
 }