From d586dfdf2bade50843c83de8a2c58b7c481c0916 Mon Sep 17 00:00:00 2001 From: Marius Gavrilescu Date: Sat, 12 Sep 2015 18:13:23 +0300 Subject: [PATCH] Add Apache 2.4 support --- MANIFEST | 1 + lib/Apache2/AuthzCaps.pm | 5 ++- lib/Apache2_4/AuthzCaps.pm | 66 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 71 insertions(+), 1 deletion(-) create mode 100644 lib/Apache2_4/AuthzCaps.pm diff --git a/MANIFEST b/MANIFEST index f231dcc..3919e7e 100644 --- a/MANIFEST +++ b/MANIFEST @@ -4,3 +4,4 @@ MANIFEST README t/Apache2-AuthzCaps.t lib/Apache2/AuthzCaps.pm +lib/Apache2_4/AuthzCaps.pm diff --git a/lib/Apache2/AuthzCaps.pm b/lib/Apache2/AuthzCaps.pm index 8ffaaac..0056efe 100644 --- a/lib/Apache2/AuthzCaps.pm +++ b/lib/Apache2/AuthzCaps.pm @@ -10,6 +10,7 @@ our $VERSION = '0.001001'; use if $ENV{MOD_PERL}, 'Apache2::Access'; use if $ENV{MOD_PERL}, 'Apache2::Const' => qw/OK DECLINED/; use if $ENV{MOD_PERL}, 'Apache2::RequestRec'; +use if $ENV{MOD_PERL}, 'Apache2::RequestUtil'; use YAML::Any qw/LoadFile DumpFile/; use parent qw/Exporter/; @@ -90,6 +91,8 @@ Apache2::AuthzCaps - mod_perl2 capability authorization Apache2::AuthzCaps is a perl module which provides simple Apache2 capability-based authorization. It contains a PerlAuthzHandler and some utility functions. +B<< For Apache 2.4, use L. >> + The user data is stored in YAML files in a user-set directory. Set this directory using: $Apache2::AuthzCaps::rootdir = "/path/to/directory"; # From perl @@ -119,7 +122,7 @@ Marius Gavrilescu, Emarius@ieval.roE =head1 COPYRIGHT AND LICENSE -Copyright (C) 2013 by Marius Gavrilescu +Copyright (C) 2013-2015 by Marius Gavrilescu This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.14.2 or, diff --git a/lib/Apache2_4/AuthzCaps.pm b/lib/Apache2_4/AuthzCaps.pm new file mode 100644 index 0000000..23a9a93 --- /dev/null +++ b/lib/Apache2_4/AuthzCaps.pm @@ -0,0 +1,66 @@ +package Apache2_4::AuthzCaps; + +use 5.014000; +use strict; +use warnings; + +our $VERSION = '0.001001'; + +use Apache2::AuthzCaps 'hascaps'; +use Apache2::Const qw/AUTHZ_GRANTED AUTHZ_DENIED AUTHZ_DENIED_NO_USER/; +use Apache2::RequestRec; +use Apache2::RequestUtil; + +################################################## + +# General handler template stolen from Apache2_4::AuthCookie +sub handler { + my ($r, $caps) = @_; + my $user = $r->user; + local $Apache2::AuthzCaps::rootdir = $r->dir_config('AuthzCapsRootdir'); + return AUTHZ_DENIED_NO_USER unless $user; + my @caps = split ' ', $caps; + hascaps($user, @caps) ? AUTHZ_GRANTED : AUTHZ_DENIED +} + +1; +__END__ + +=encoding utf-8 + +=head1 NAME + +Apache2_4::AuthzCaps - mod_perl2 capability authorization for Apache 2.4 + +=head1 SYNOPSIS + + # In Apache2 config + PerlAddAuthzProvider cap Apache2_4::AuthzCaps + + # Insert authentication here + PerlSetVar AuthzCapsRootdir /path/to/user/directory + Require cap staff important + Require cap admin + + # This will: + # 1) Let important staff members access /protected + # 2) Let admins access /protected + # 3) Not let anyone else (such as an important non-staff member or an non-important staff member) access /protected + +=head1 DESCRIPTION + +Apache2_4::AuthzCaps is a modification of L for +Apache 2.4. See that module's documentation for helper functions and +more information. + +=head1 AUTHOR + +Marius Gavrilescu, Emarius@ieval.roE + +=head1 COPYRIGHT AND LICENSE + +Copyright (C) 2013-2015 by Marius Gavrilescu + +This library is free software; you can redistribute it and/or modify +it under the same terms as Perl itself, either Perl version 5.14.2 or, +at your option, any later version of Perl 5 you may have available. -- 2.39.2