NAME

RBAC::Tiny - Tiny Role-Based Access Control (RBAC) implementation

VERSION

version 0.003

SYNOPSIS

my $rbac = RBAC::Tiny->new(
    roles => {
        author => {
            can => [ qw<read write publish> ],
        },

        limited_author => {
            all_from => ['author'],
            except   => ['publish'],
        },

        admin => {
            all_from => ['author'],
            can      => ['create_users'],
        },
    },
);

$rbac->can_role( author         => 'publish' );      # true
$rbac->can_role( author         => 'create_users' ); # false
$rbac->can_role( admin          => 'write' );        # true
$rbac->can_role( limited_author => 'publish' );      # false
$rbac->can_role( limited_author => 'create_users' ); # false
$rbac->can_role( author         => 'create_users' ); # false

DESCRIPTION

This module implements a tiny simple implementation of Role-Based Access Control, allowing you to specify roles and what each can do.

Each role has three optional parameters:

  • all_from

    Will gather all the permissions from a list of roles.

  • can

    Add permissions for a role. Will add to permissions provided by all_from.

  • except

    Remove permissions from a role. Will remove permissions provided by either all_from or except.

ATTRIBUTES

roles

my $roles = $rbac->roles;

Retrieves all the role definitions.

METHODS

new

Create a new object. See synopsis.

role

my $role = $rbac->role('author');

Retrieves the role definition.

can_role

if ( $rbac->can_role( author => 'write' ) ) {
    ...
}

Checks whether a role has a certain permission.

AUTHORS

  • Sawyer X <xsawyerx@cpan.org>

  • Andre Walker <andre@cpan.org>

COPYRIGHT AND LICENSE

This software is Copyright (c) 2015 by Sawyer X.

This is free software, licensed under:

The MIT (X11) License