File Coverage

blib/lib/ACL/Lite.pm

Criterion	Covered	Total	%
statement	50	51	98.0
branch	18	22	81.8
condition	2	5	40.0
subroutine	6	6	100.0
pod	3	3	100.0
total	79	87	90.8

line	stmt	bran	cond	sub	pod	time	code
1							package ACL::Lite;
2
3	2			2		53956	use 5.006;
	2					9
	2					85
4	2			2		14	use strict;
	2					5
	2					72
5	2			2		12	use warnings;
	2					11
	2					1191
6
7							=head1 NAME
8
9							ACL::Lite - Liteweight and flexible ACL checks
10
11							=head1 VERSION
12
13							Version 0.0004
14
15							=cut
16
17							our $VERSION = '0.0004';
18
19							=head1 SYNOPSIS
20
21							use ACL::Lite;
22
23							$acl = ACL::Lite->new(permissions => 'foo,bar');
24
25							$acl->check('foo');
26
27							if ($ret = $acl->check([qw/baz bar/])) {
28							print "Check successful with permission $ret\n";
29							}
30
31							unless ($acl->check('baz')) {
32							print "Permission denied\n";
33							}
34
35							$acl = ACL::Lite->new(uid => 666);
36
37							$acl->check('authenticated');
38
39							=head1 DESCRIPTION
40
41							C is a simple permission checker without any prerequisites.
42
43							C stands for "Access Control Lists".
44
45							=head2 DEFAULT PERMISSION
46
47							The default permission depends on whether you pass a C (authenticated)
48							or not (anonymous).
49
50							=head1 CONSTRUCTOR
51
52							=head2 new
53
54							Creates an ACL::Lite object by passing the following parameters:
55
56							=over 4
57
58							=item uid
59
60							User identifier for authenticated users.
61
62							=item permissions
63
64							Granted permissions.
65
66							=item separator
67
68							Separator used to parse permission strings. Defaults to C<,>.
69
70							=back
71
72							=cut
73
74							sub new {
75	5			5	1	351	my ($class, $self, $type, %args);
76
77	5					7	$class = shift;
78
79	5					30	%args = @_;
80
81	5		50			42	$self = {separator => $args{separator} \|\| ',',
82							permissions => {},
83							uid => $args{uid},
84							volatile => 0};
85
86	5					12	bless $self, $class;
87
88	5	50				15	if (exists $args{permissions}) {
89	5					8	$type = ref($args{permissions});
90
91	5	100				28	if ($type eq 'ARRAY') {
		100
		50
92	1					2	for my $perm (@{$args{permissions}}) {
	1					4
93	2					6	$self->{permissions}->{$perm} = 1;
94							}
95							}
96							elsif ($type eq 'CODE') {
97	1					3	$self->{volatile} = 1;
98	1					3	$self->{sub} = $args{permissions};
99							}
100							elsif (defined $args{permissions}) {
101	3					3	my @perms;
102
103	3					38	for my $perm (split(/$self->{separator}/, $args{permissions})) {
104	2					5	$perm =~ s/^\s+//;
105	2					6	$perm =~ s/\s+$//;
106	2	50				7	next unless length($perm);
107
108	2					10	$self->{permissions}->{$perm} = 1;
109							}
110							}
111							}
112
113							# add default permissions
114	5	100				15	if ($self->{uid}) {
115	1					4	$self->{permissions}->{authenticated} = 1;
116							}
117							else {
118	4					12	$self->{permissions}->{anonymous} = 1;
119							}
120
121	5					18	return $self;
122							}
123
124							=head2 check $permissions, $uid
125
126							Checks whether any of the permissions in $permissions is granted.
127							Returns first permission which grants access.
128
129							=cut
130
131							sub check {
132	16			16	1	2757	my ($self, $permissions, $uid) = @_;
133	16					18	my (@check, $user_permissions);
134
135	16	100				38	if (ref($permissions) eq 'ARRAY') {
136	3					8	@check = @$permissions;
137							}
138							else {
139	13					25	@check = ($permissions);
140							}
141
142	16	50	33			68	if ($uid && $uid ne $self->{uid}) {
143							# mismatch on user identifier
144	0					0	return;
145							}
146
147	16					37	$user_permissions = $self->permissions;
148
149	16					28	for my $perm (@check) {
150	16	100				50	if (exists $user_permissions->{$perm}) {
151	11					60	return $perm;
152							}
153							}
154
155	5					22	return;
156							}
157
158							=head2 permissions
159
160							Returns permissions as hash reference:
161
162							$perms = $acl->permissions;
163
164							Returns permissions as list:
165
166							@perms = $acl->permissions;
167
168							=cut
169
170							sub permissions {
171	22			22	1	1845	my ($self) = @_;
172
173	22	100				58	if ($self->{volatile}) {
174	6					14	$self->{permissions} = $self->{sub}->();
175							}
176
177	22	100				84	if (wantarray) {
178	3					4	return keys %{$self->{permissions}};
	3					19
179							}
180
181	19					40	return $self->{permissions};
182							}
183
184							=head1 CAVEATS
185
186							Please anticipate API changes in this early state of development.
187
188							=head1 AUTHOR
189
190							Stefan Hornburg (Racke), C
191
192							=head1 BUGS
193
194							Please report any bugs or feature requests to C, or through
195							the web interface at L. I will be notified, and then you'll
196							automatically be notified of progress on your bug as I make changes.
197
198							=head1 SUPPORT
199
200							You can find documentation for this module with the perldoc command.
201
202							perldoc ACL::Lite
203
204
205							You can also look for information at:
206
207							=over 4
208
209							=item * RT: CPAN's request tracker (report bugs here)
210
211							L
212
213							=item * AnnoCPAN: Annotated CPAN documentation
214
215							L
216
217							=item * CPAN Ratings
218
219							L
220
221							=item * Search CPAN
222
223							L
224
225							=back
226
227
228							=head1 ACKNOWLEDGEMENTS
229
230
231							=head1 LICENSE AND COPYRIGHT
232
233							Copyright 2011-2013 Stefan Hornburg (Racke).
234
235							This program is free software; you can redistribute it and/or modify it
236							under the terms of either: the GNU General Public License as published
237							by the Free Software Foundation; or the Artistic License.
238
239							See http://dev.perl.org/licenses/ for more information.
240
241
242							=cut
243
244							1; # End of ACL::Lite