NAME
Apache::SiteControl::Rule - Permission manager access rule.
DESCRIPTION
Each rule is a custom-written class that implements some aspect of your site's access logic. Rules can choose to grant or deny a request.
package sample::Test;
use strict;
use warnings;
use Carp;
use Apache::SiteControl::Rule;
use base qw(Apache::SiteControl::Rule);
sub grants($$$$)
{
my $this = shift;
my $user = shift;
my $action = shift;
my $resource = shift;
if($action eq "edit" && $resource->isa("sample::Record")) {
return 1 if($user{name} eq "root");
}
return 0;
}
sub denies($$$$)
{
return 0;
}
1;
The PermissionManager will only give permission if at least one rule grants permission, and no rule denies it.
It is important that your rules never grant or deny a request they do not understand, so it is a good idea to use assertions or type checking to prevent strangeness. Assertions should not be used if you expect different rules to accept different resource types or user types, since each rule is used on every access request.
EXPORT
None by default.
SEE ALSO
Apache::SiteControl::UserFactory, Apache::SiteControl::ManagerFactory, Apache::SiteControl::PermissionManager, Apache::SiteControl::AccessController
AUTHOR
This module was written by Tony Kay, <tkay@uoregon.edu>.