NAME
Data::ACL - Perl extension for simple ACL lists
SYNOPSIS
use Data::ACL;
use Set::NestedGroups; # See Set::NestedGroups documentation
my $groups = Set::NestedGroups->new;
$groups->add( 'root', 'wheel' );
$groups->add( 'wheel', 'staff' );
$groups->add( 'webmaster', 'staff' );
my $acl = Data::ACL->new( $groups );
my $web = $acl->Realm( 'web' );
$web->Deny( 'all' );
$web->Allow( 'staff' );
&DenyAccess unless $acl->IsAuthorized( $user, 'web' );
DESCRIPTION
This module implements a series of allowed and denied access control
lists for permissive controls. The Set::NestedGroups module is used to
define users and nested permissive groups.
METHODS
The following methods are available through this module for use in the
creation and manipulation of access control lists. No methods of this
module may be exported into the calling namespace.
new
my $acl = Data::ACL->new( $groups );
The method creates a new access control list module and requires the
Set::NestedGroups object of defined users and nested permissive
groups to be passed to this object constructor.
Realm
my $realm = $acl->Realm( $name );
This method creates a new authentication realm to which users and
groups can be assigned access rights via the Allow and Deny methods.
Allow
$realm->Allow( $group );
This method grants access rights to the user or group passed as an
argument to this method within the authentication realm object
defined previously by the $acl->Realm method.
Deny
$realm->Deny( $group );
This method denies access rights to the user or group passed as an
argument to this method within the authentication realm object
defined previously by the $acl->Realm method.
IsAuthorized
if ( $acl->IsAuthorized( $user, $name ) ) { ... }
This method is used to test the access rights of a user or group to
the authentication realm defined by $name.
SEE ALSO
Set::NestedGroups
VERSION
0.02
AUTHOR
Ariel Brosh, schop@cpan.org (Inactive); Rob Casey, robau@cpan.org