X-Git-Url: http://git.ieval.ro/?a=blobdiff_plain;f=lib%2FApache2%2FAuthzCaps.pm;h=1ad22607176c6bb3a4184c49d758bfaaff9456a7;hb=HEAD;hp=b0ccffc4da58bab532475e4279cd862be9e7bcf3;hpb=759435399ec772d303582c4040bba5adf3cfe66b;p=apache2-authzcaps.git diff --git a/lib/Apache2/AuthzCaps.pm b/lib/Apache2/AuthzCaps.pm index b0ccffc..1ad2260 100644 --- a/lib/Apache2/AuthzCaps.pm +++ b/lib/Apache2/AuthzCaps.pm @@ -1,14 +1,16 @@ -package Apache2::AuthzCaps 0.001; +package Apache2::AuthzCaps; use 5.014000; use strict; use warnings; use subs qw/OK DECLINED/; -no if $] >= 5.017011, warnings => 'experimental::smartmatch'; + +our $VERSION = '0.002'; use if $ENV{MOD_PERL}, 'Apache2::Access'; use if $ENV{MOD_PERL}, 'Apache2::Const' => qw/OK DECLINED/; use if $ENV{MOD_PERL}, 'Apache2::RequestRec'; +use if $ENV{MOD_PERL}, 'Apache2::RequestUtil'; use YAML::Any qw/LoadFile DumpFile/; use parent qw/Exporter/; @@ -20,45 +22,40 @@ our @EXPORT_OK = qw/setcap hascaps/; our $rootdir; sub setcap{ - my ($user, $cap, $value) = @_; - my $config = eval { LoadFile "$rootdir/$user.yml" } // {}; - $config->{caps}//={}; - my $caps=$config->{caps}; - - delete $caps->{$cap} unless $value; - $caps->{$cap} = 1 if $value; - DumpFile "$rootdir/$user.yml", $config + my ($user, $cap, $value) = @_; + my $config = eval { LoadFile "$rootdir/$user.yml" } // {}; + $config->{caps}//={}; + my $caps=$config->{caps}; + + delete $caps->{$cap} unless $value; + $caps->{$cap} = 1 if $value; + DumpFile "$rootdir/$user.yml", $config } sub hascaps{ - my ($user, @caps) = @_; - my $config = LoadFile "$rootdir/$user.yml"; - my $caps = $config->{caps}; - for (@caps) { - return 0 unless $caps->{$_} - } - 1 + my ($user, @caps) = @_; + my $config = LoadFile "$rootdir/$user.yml"; + my $caps = $config->{caps}; + for (@caps) { + return 0 unless $caps->{$_} + } + 1 } sub handler{ - my $r=shift; - my $user = $r->user; - local $rootdir = $r->dir_config('AuthzCapsRootdir'); + my $r=shift; + my $user = $r->user; + local $rootdir = $r->dir_config('AuthzCapsRootdir'); - if ($user) { - LOOP: for my $requirement (map { $_->{requirement} } @{$r->requires}) { - my ($command, @args) = split ' ', $requirement; + if ($user) { + for my $requirement (map { $_->{requirement} } @{$r->requires}) { + my ($command, @args) = split ' ', $requirement; - given ($command){ - when('cap'){ - return OK if hascaps $user, @args + return OK if $command eq 'cap' && hascaps $user, @args; } - - } } - } - DECLINED + DECLINED } 1; @@ -94,6 +91,8 @@ Apache2::AuthzCaps - mod_perl2 capability authorization Apache2::AuthzCaps is a perl module which provides simple Apache2 capability-based authorization. It contains a PerlAuthzHandler and some utility functions. +B<< For Apache 2.4, use L. >> + The user data is stored in YAML files in a user-set directory. Set this directory using: $Apache2::AuthzCaps::rootdir = "/path/to/directory"; # From perl @@ -123,7 +122,7 @@ Marius Gavrilescu, Emarius@ieval.roE =head1 COPYRIGHT AND LICENSE -Copyright (C) 2013 by Marius Gavrilescu +Copyright (C) 2013-2015 by Marius Gavrilescu This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.14.2 or,