NAME

SPOPS::Security::DBI - Implement a security object and basic operations for DBI datasources

SYNOPSIS

# Define your implementation and create the class

my %config = (
  'security' => {
     class          => 'My::Security',
     isa            => [ 'SPOPS::Secure::DBI', 'SPOPS::DBI' ],
     rules_from     => [ 'SPOPS::Tool::DBI::DiscoverField' ],
     field_discover => 'yes',
     field          => [],
     id_field       => 'sid',
     increment_field => 1,
     sequence_name  => 'sp_security_seq',
     no_insert      => [ qw/ sid / ],
     skip_undef     => [ qw/ object_id scope_id / ],
     no_update      => [ qw/ sid object_id class scope scope_id / ],
     base_table     => 'spops_security',
     sql_defaults   => [ qw/ object_id scope_id / ],
  },
);

SPOPS::Initialize->process({ config => \%config });

# Create a security object with security level WRITE for user $user
# on object $obj

my $sec = My::Security->new();
$sec->{class}          = ref $obj;
$sec->{object_id}      = $obj->id;
$sec->{scope}          = SEC_SCOPE_USER;
$sec->{scope_id}       = $user->id;
$sec->{security_level} = SEC_LEVEL_WRITE;
$sec->save;

# Clone that object and change its scope to GROUP and level to READ

my $secg = $sec->clone({ scope          => SEC_SCOPE_GROUP,
                         scope_id       => $group->id,
                         security_level => SEC_LEVEL_READ });
$secg->save;

# Find security settings for a particular object ($spops) and user

my $settings = My::Security->fetch_by_object(
                                       $spops,
                                       { user => [ $user ] } );
foreach my $scope ( keys %{ $settings } ) {
  print "Security for scope $scope: $settings{ $scope }\n";
}

# See if there are any security objects protecting a particular SPOPS
# object ($spops) related to a particular user (this isn't used as
# often as 'fetch_by_object')

use SPOPS::Secure qw( SEC_SCOPE_USER );

my $sec_obj = My::Security->fetch_match( $spops,
                                         { scope    => SEC_SCOPE_USER,
                                           scope_id => $user->id } );

DESCRIPTION

This class implements the methods necessary to create a DBI datastore for security objects. See SPOPS::Manual::Security for a definition of the interface in broader terms.

Each security setting to an object is itself an object. In this manner we can use the SPOPS framework to create/edit/remove security settings. (Note that if you modify this class to use 'SPOPS::Secure' in its @ISA, you will probably collapse the Earth -- or at least your system -- in a self-referential object definition cycle. Do not do that.)

METHODS

fetch_by_object( $obj, [ { user = \@, group => \@ } ] )>

Returns a hashref with security information for a particular object. The keys of the hashref are SEC_SCOPE_WORLD, SEC_SCOPE_USER, and SEC_SCOPE_GROUP as exported by SPOPS::Secure.

You can restrict the security returned for USER and/or GROUP by passing an arrayref of objects or ID values under the 'user' or 'group' keys.

Examples:

my \%info = $sec->fetch_by_object( $obj );

Returns all security information for $obj.

my \%info = $sec->fetch_by_object( $obj, { user  => 2,
                                           group => [ 817, 901, 716 ] } );

Returns $obj security information for WORLD, USER 2 and GROUPs 817, 901, 716.

my $current_user = My::Object->global_user_current;
my \%info = $sec->fetch_by_object( undef, { class     => 'My::Object',
                                            object_id => 'dandelion',
                                            user      => $user,
                                            group     => $user->group } );

Returns security information for the object of class My::Object with the ID dandelion for the current user and the user's groups.

fetch_match( $obj, { scope = SCOPE, scope_id => $ } );

Returns a security object matching the $obj for the scope and scope_id passed in, undef if none found.

Examples:

my $sec_class = 'My::Security';

# Returns security object matching $obj with a scope of WORLD

my $secw = $sec_class->fetch_match( $obj,
                                    { scope => SEC_SCOPE_WORLD } );

# Returns security object matching $obj with a scope of GROUP
# matching the ID from $group
my $secg = $sec_class->fetch_match( $obj,
                                    { scope    => SEC_SCOPE_GROUP,
                                      scope_id => $group->id } );

# Returns security object matching $obj with a scope of USER
# matching the ID from $user
my $secg = $sec_class->fetch_match( $obj, scope => SEC_SCOPE_USER,
                                    scope_id => $user->id );

TO DO

Nothing known.

BUGS

None known.

COPYRIGHT

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

AUTHORS

Chris Winters <chris@cwinters.com>

To install SPOPS, copy and paste the appropriate command in to your terminal.

cpanm

cpanm SPOPS

CPAN shell

perl -MCPAN -e shell
install SPOPS

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)