our $rootdir;
sub setcap{
- my ($user, $cap, $value) = @_;
- my $config = eval { LoadFile "$rootdir/$user.yml" } // {};
- $config->{caps}//={};
- my $caps=$config->{caps};
-
- delete $caps->{$cap} unless $value;
- $caps->{$cap} = 1 if $value;
- DumpFile "$rootdir/$user.yml", $config
+ my ($user, $cap, $value) = @_;
+ my $config = eval { LoadFile "$rootdir/$user.yml" } // {};
+ $config->{caps}//={};
+ my $caps=$config->{caps};
+
+ delete $caps->{$cap} unless $value;
+ $caps->{$cap} = 1 if $value;
+ DumpFile "$rootdir/$user.yml", $config
}
sub hascaps{
- my ($user, @caps) = @_;
- my $config = LoadFile "$rootdir/$user.yml";
- my $caps = $config->{caps};
- for (@caps) {
- return 0 unless $caps->{$_}
- }
- 1
+ my ($user, @caps) = @_;
+ my $config = LoadFile "$rootdir/$user.yml";
+ my $caps = $config->{caps};
+ for (@caps) {
+ return 0 unless $caps->{$_}
+ }
+ 1
}
sub handler{
- my $r=shift;
- my $user = $r->user;
- local $rootdir = $r->dir_config('AuthzCapsRootdir');
+ my $r=shift;
+ my $user = $r->user;
+ local $rootdir = $r->dir_config('AuthzCapsRootdir');
- if ($user) {
- LOOP: for my $requirement (map { $_->{requirement} } @{$r->requires}) {
- my ($command, @args) = split ' ', $requirement;
+ if ($user) {
+ LOOP: for my $requirement (map { $_->{requirement} } @{$r->requires}) {
+ my ($command, @args) = split ' ', $requirement;
- given ($command){
- when('cap'){
- return OK if hascaps $user, @args
- }
+ given ($command){
+ when('cap'){
+ return OK if hascaps $user, @args
+ }
- }
+ }
+ }
}
- }
- DECLINED
+ DECLINED
}
1;