use strict;
use warnings;
use subs qw/OK DECLINED/;
-no if $] >= 5.017011, warnings => 'experimental::smartmatch';
+
our $VERSION = '0.001001';
use if $ENV{MOD_PERL}, 'Apache2::Access';
use if $ENV{MOD_PERL}, 'Apache2::Const' => qw/OK DECLINED/;
use if $ENV{MOD_PERL}, 'Apache2::RequestRec';
+use if $ENV{MOD_PERL}, 'Apache2::RequestUtil';
use YAML::Any qw/LoadFile DumpFile/;
use parent qw/Exporter/;
our $rootdir;
sub setcap{
- my ($user, $cap, $value) = @_;
- my $config = eval { LoadFile "$rootdir/$user.yml" } // {};
- $config->{caps}//={};
- my $caps=$config->{caps};
-
- delete $caps->{$cap} unless $value;
- $caps->{$cap} = 1 if $value;
- DumpFile "$rootdir/$user.yml", $config
+ my ($user, $cap, $value) = @_;
+ my $config = eval { LoadFile "$rootdir/$user.yml" } // {};
+ $config->{caps}//={};
+ my $caps=$config->{caps};
+
+ delete $caps->{$cap} unless $value;
+ $caps->{$cap} = 1 if $value;
+ DumpFile "$rootdir/$user.yml", $config
}
sub hascaps{
- my ($user, @caps) = @_;
- my $config = LoadFile "$rootdir/$user.yml";
- my $caps = $config->{caps};
- for (@caps) {
- return 0 unless $caps->{$_}
- }
- 1
+ my ($user, @caps) = @_;
+ my $config = LoadFile "$rootdir/$user.yml";
+ my $caps = $config->{caps};
+ for (@caps) {
+ return 0 unless $caps->{$_}
+ }
+ 1
}
sub handler{
- my $r=shift;
- my $user = $r->user;
- local $rootdir = $r->dir_config('AuthzCapsRootdir');
+ my $r=shift;
+ my $user = $r->user;
+ local $rootdir = $r->dir_config('AuthzCapsRootdir');
- if ($user) {
- LOOP: for my $requirement (map { $_->{requirement} } @{$r->requires}) {
- my ($command, @args) = split ' ', $requirement;
+ if ($user) {
+ for my $requirement (map { $_->{requirement} } @{$r->requires}) {
+ my ($command, @args) = split ' ', $requirement;
- given ($command){
- when('cap'){
- return OK if hascaps $user, @args
+ return OK if $command eq 'cap' && hascaps $user, @args;
}
-
- }
}
- }
- DECLINED
+ DECLINED
}
1;
Apache2::AuthzCaps is a perl module which provides simple Apache2 capability-based authorization. It contains a PerlAuthzHandler and some utility functions.
+B<< For Apache 2.4, use L<Apache2_4::AuthzCaps>. >>
+
The user data is stored in YAML files in a user-set directory. Set this directory using:
$Apache2::AuthzCaps::rootdir = "/path/to/directory"; # From perl
=head1 COPYRIGHT AND LICENSE
-Copyright (C) 2013 by Marius Gavrilescu
+Copyright (C) 2013-2015 by Marius Gavrilescu
This library is free software; you can redistribute it and/or modify
it under the same terms as Perl itself, either Perl version 5.14.2 or,