Deprecated.

The maintainer of this distribution has indicated that it is deprecated and no longer suitable for use.

NAME

PlugAuth::Routes - routes for plugauth

VERSION

version 0.39

DESCRIPTION

This module defines the HTTP URL routes provided by PlugAuth. This document uses Mojolicious conventions to describe routes, see Mojolicious::Guides::Routing for details.

ROUTES

Public routes

These routes work for unauthenticated and unauthorized users.

GET /

Returns the string "welcome to plug auth"

GET /auth

if username and password provided using BASIC authentication and are correct

Return 200 ok
if username and password provided using BASIC authentication but are not correct

Return 403 not ok
if username and password are not provided using BASIC authentication

Return 401 please authenticate

GET /authz/user/#user/#action/(*resource)

if the given user (#user) is permitted to perform the given action (#action) on the given resource (*resource)

Return 200 ok
otherwise

Return 403 "unauthorized : $user cannot $action $resource"

GET /authz/resources/#user/#action/(*resourceregex)

Returns a list of resources that the given user (#user) is permitted to perform action (#action) on. The regex is used to filter the results (*resourceregex).

GET /actions

Return a list of actions that PlugAuth knows about.

GET /groups/#user

Return a list of groups that the given user (#user) belongs to.

Returns 404 not ok if the user does not exist.

GET /host/#host/:tag

if the given host (#host) has the given tag (:tag)

return 200 ok
otherwise

return 403 not ok

GET /user

Returns a list of all users that PlugAuth knows about.

GET /group

Returns a list of all groups that PlugAuth knows about.

GET /users/:group

Returns the list of users that belong to the given group (:group)

Accounts Routes

These routes are available to users authenticates and authorized to perform the 'accounts' action. They will return

401

If no credentials are provided
403

If the user is unauthorized.
503

If the PlugAuth server cannot reach itself or the delegated PlugAuth server.

POST /user

Create a user. The username and password are provided autodata arguments (JSON, YAML, form data, etc).

If supported by your authentication plugin (requires create_user_cb to be implemented see PlugAuth::Plugin::Auth for details) You may also optionally include groups as an autodata argument, which specifies the list of groups to which the new user should belong. groups should be a comma separated list stored as a string.

Emits event 'create_user' on success

$app->on(create_user => sub {
  my($event, $hash) = @_;
  my $admin    = $hash->{admin};  # user who created the group
  my $user     = $hash->{user};
});

DELETE /user/#user

Delete the given user (#user). Returns 200 ok on success, 404 not ok on failure.

Emits event 'delete_user' on success

$app->on(delete_user => sub {
  my($event, $hash) = @_;
  my $admin    = $hash->{admin};  # user who created the group
  my $user     = $hash->{user};
});

POST /group

Create a group. The group name and list of users are provided as autodata arguments (JSON, YAML, form data etc). Returns 200 ok on success, 403 not ok on failure.

Emits event 'create_group' on success

$app->on(create_group => sub {
  my($event, $hash) = @_;
  my $admin    = $hash->{admin};  # user who created the group
  my $group    = $hash->{group};
  my $users    = $hash->{users};
});

DELETE /group/:group

Delete the given group (:group). Returns 200 ok on success, 403 not ok on failure.

Emits event 'delete_group' on success

$app->on(delete_group => sub {
  my($event, $hash) = @_;
  my $admin    = $hash->{admin};  # user who deleted the group
  my $group    = $hash->{group};
});

POST /group/:group

Update the list of users belonging to the given group (:group). The list of users is provided as an autodata argument (JSON, YAML, form data etc.). Returns 200 ok on success, 404 not ok on failure.

Emits event 'update_group' on success

$app->on(update_group => sub {
  my($event, $hash) = @_;
  my $admin    = $hash->{admin};  # user who updated the group
  my $group    = $hash->{group};
  my $users    = $hash->{users};
});

POST /group/:group/#username

Add the given user (#username) to the given group (:group). Returns 200 ok on success, 404 not ok on failure.

Emits event 'update_group' (see route for POST /group/:group for an example).

DELETE /group/:group/#username

Remove the given user (#username) from the given group (:group). Returns 200 ok on success, 404 not ok on failure.

Emits event 'update_group' (see route for POST /group/:group for an example).

POST /grant/#group/:action1/(*resource)

Grant access to the given group (#group) so they can perform the given action (:action1) on the given resource (*resource). Returns 200 ok on success, 404 not ok on failure.

Emits event 'grant' on success

$app->on(grant => sub {
  my($event, $hash) = @_;
  my $admin    = $hash->{admin};  # user who did the granting
  my $group    = $hash->{group};
  my $action   = $hash->{action};
  my $resource = $hash->{resource};
});

DELETE /grant/#group/:action1/(*resource)

Revoke permission to the given group (#group) to perform the given action (:action1) on the given resource (*resource). Returns 200 ok on success, 404 not ok on failure.

(the action is specified in the route as action1 because action is reserved by Mojolicious).

Emits event 'revoke' on success

$app->on(revoke => sub {
  my($event, $hash) = @_;
  my $admin    = $hash->{admin};  # user who did the revoking
  my $group    = $hash->{group};
  my $action   = $hash->{action};
  my $resource = $hash->{resource};
});

GET /grant

Get the list of granted permissions.

Change Password routes

These routes are available to users authenticates and authorized to perform the 'change_password' action. They will return

401

If no credentials are provided
403

If the user is unauthorized.
503

If the PlugAuth server cannot reach itself or the delegated PlugAuth server.

POST /user/#user

Change the password of the given user (#user). The password is provided as an autodata argument (JSON, YAML, form data, etc.). Returns 200 ok on success, 403 not ok on failure.

Emits event 'change_password' on success

$app->on(change_password => sub {
  my($event, $hash) = @_;
  my $admin = $hash->{admin};  # user who changed the password
  my $user  = $hash->{user};   # user whos password is changed
});

AUTHOR

Graham Ollis <gollis@sesda3.com>

COPYRIGHT AND LICENSE

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.

To install PlugAuth, copy and paste the appropriate command in to your terminal.

cpanm

cpanm PlugAuth

CPAN shell

perl -MCPAN -e shell
install PlugAuth

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)