|
NAMESPOPS::Security::DBI - Implement a security object and basic operations for DBI datasourcesSYNOPSIS# Define your implementation and create the class my %config = ( 'security' => { class => 'My::Security', isa => [ 'SPOPS::Secure::DBI', 'SPOPS::DBI' ], rules_from => [ 'SPOPS::Tool::DBI::DiscoverField' ], field_discover => 'yes', field => [], id_field => 'sid', increment_field => 1, sequence_name => 'sp_security_seq', no_insert => [ qw/ sid / ], skip_undef => [ qw/ object_id scope_id / ], no_update => [ qw/ sid object_id class scope scope_id / ], base_table => 'spops_security', sql_defaults => [ qw/ object_id scope_id / ], }, ); SPOPS::Initialize->process({ config => \%config }); # Create a security object with security level WRITE for user $user # on object $obj my $sec = My::Security->new(); $sec->{class} = ref $obj; $sec->{object_id} = $obj->id; $sec->{scope} = SEC_SCOPE_USER; $sec->{scope_id} = $user->id; $sec->{security_level} = SEC_LEVEL_WRITE; $sec->save; # Clone that object and change its scope to GROUP and level to READ my $secg = $sec->clone({ scope => SEC_SCOPE_GROUP, scope_id => $group->id, security_level => SEC_LEVEL_READ }); $secg->save; # Find security settings for a particular object ($spops) and user my $settings = My::Security->fetch_by_object( $spops, { user => [ $user ] } ); foreach my $scope ( keys %{ $settings } ) { print "Security for scope $scope: $settings{ $scope }\n"; } # See if there are any security objects protecting a particular SPOPS # object ($spops) related to a particular user (this isn't used as # often as 'fetch_by_object') use SPOPS::Secure qw( SEC_SCOPE_USER ); my $sec_obj = My::Security->fetch_match( $spops, { scope => SEC_SCOPE_USER, scope_id => $user->id } ); DESCRIPTIONThis class implements the methods necessary to create a DBI datastore for security objects. See SPOPS::Manual::Security for a definition of the interface in broader terms.Each security setting to an object is itself an object. In this manner we can use the SPOPS framework to create/edit/remove security settings. (Note that if you modify this class to use 'SPOPS::Secure' in its @ISA, you will probably collapse the Earth -- or at least your system -- in a self-referential object definition cycle. Do not do that.) METHODSfetch_by_object( $obj, [ { user => \@, group => \@ } ] )Returns a hashref with security information for a particular object. The keys of the hashref are SEC_SCOPE_WORLD, SEC_SCOPE_USER, and SEC_SCOPE_GROUP as exported by SPOPS::Secure. You can restrict the security returned for USER and/or GROUP by passing an arrayref of objects or ID values under the 'user' or 'group' keys. Examples: my \%info = $sec->fetch_by_object( $obj ); Returns all security information for $obj. my \%info = $sec->fetch_by_object( $obj, { user => 2, group => [ 817, 901, 716 ] } ); Returns $obj security information for WORLD, USER 2 and GROUPs 817, 901, 716. my $current_user = My::Object->global_user_current; my \%info = $sec->fetch_by_object( undef, { class => 'My::Object', object_id => 'dandelion', user => $user, group => $user->group } ); Returns security information for the object of class "My::Object" with the ID "dandelion" for the current user and the user's groups. fetch_match( $obj, { scope => SCOPE, scope_id => $ } ) Returns a security object matching the $obj for the scope and scope_id passed in, undef if none found. Examples: my $sec_class = 'My::Security'; # Returns security object matching $obj with a scope of WORLD my $secw = $sec_class->fetch_match( $obj, { scope => SEC_SCOPE_WORLD } ); # Returns security object matching $obj with a scope of GROUP # matching the ID from $group my $secg = $sec_class->fetch_match( $obj, { scope => SEC_SCOPE_GROUP, scope_id => $group->id } ); # Returns security object matching $obj with a scope of USER # matching the ID from $user my $secg = $sec_class->fetch_match( $obj, scope => SEC_SCOPE_USER, scope_id => $user->id ); TO DONothing known.BUGSNone known.COPYRIGHTCopyright (c) 2001-2004 intes.net, inc.. All rights reserved.This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself. AUTHORSChris Winters <chris@cwinters.com>
Visit the GSP FreeBSD Man Page Interface. |