NAME

Gestinanna::POF::Secure - provides security for POF classes

SYNOPSIS

package My::Security;

use base qw(Gestinanna::POF::Secure);

sub has_access {
    my($self, $attribute, $access) = @_;

    # do check - return true or false
}

package My::DataObject;

use base qw(My::Security);
use base qw(Gestinanna::POF::Container);

__PACKAGE__ -> contained_objects(
);

DESCRIPTION

The following parameters are required for the security code.

actor: This is the object acting on this object. Permissions may be based on both the actor and the object being acted upon.

METHODS

ACCESS METHODS

By default, access methods are created as needed for attributes. The following are part of the base POF security object class and should not be used for anything else.

actor
auth_id: This returns the identifier for the object in the form [ object_type, object_id ].

SECURITY (has_access)

Secured objects will call the has_access method to check whether or not a particular actor has a particular access to a particular attribute. This method should return a true value if the actor has the access and should return a false value if it does not.

The Gestinanna::POF::Base class (from which the other data store classes in the Gestinanna::POF distribution are based) uses the following values for the access:

read: This is used to indicate read access to an attribute.
write: This is used to indicate write access to an attribute.
search: This is used to indicate the searchability of an attribute.

The has_access method should be prepared to receive an array reference containing one or more attributes or array references. Nested array references are allowed. Elements within an array reference either must all be satisfied, or any of them be satisfied, alternately.

For example, given [ qw(read write) ], the actor must have both read and write access. But given [ 'exec', [ qw(read write) ] ], the actor must have exec access and at least one of read or write access. Given [ [ qw(read write) ] ], the actor must have at least one of read or write access.

Some security systems may allow for arbitrary attributes (such as exec in the example above). For example, the Gestinanan application framework makes use of such attributes as admin to indicate an administrative role, exec to indicate execute permission for a state machine, and create for the ability to create a new folder or file in a repository.

TODO

Need to be able to query available attributes considering security and not considering security.

AUTHOR

James Smith, <jsmith@cpan.org>

COPYRIGHT

This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

To install Gestinanna::POF, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Gestinanna::POF

CPAN shell

perl -MCPAN -e shell
install Gestinanna::POF

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)