File Coverage

blib/lib/CGI/Application/Plugin/Authorization/Driver/SimpleGroup.pm
Criterion Covered Total %
statement 17 17 100.0
branch 4 6 66.6
condition n/a
subroutine 4 4 100.0
pod 1 1 100.0
total 26 28 92.8


line stmt bran cond sub pod time code
1             package CGI::Application::Plugin::Authorization::Driver::SimpleGroup;
2              
3 2     2   3457 use strict;
  2         5  
  2         78  
4 2     2   11 use warnings;
  2         4  
  2         67  
5              
6 2     2   12 use base qw(CGI::Application::Plugin::Authorization::Driver);
  2         3  
  2         1011  
7              
8              
9             =head1 NAME
10              
11             CGI::Application::Plugin::Authorization::Driver::SimpleGroup - Simple Group based Authorization driver
12              
13              
14             =head1 SYNOPSIS
15              
16             use base qw(CGI::Application);
17             use CGI::Application::Plugin::Authorization;
18              
19             __PACKAGE__->authz->config(
20             DRIVER => [ 'SimpleGroup' ],
21             # You are responsible for setting a group param somehow!
22             GET_USERNAME => sub { my $authz = shift; return $authz->cgiapp->session->param('group') },
23             );
24              
25             =head1 DESCRIPTION
26              
27             This driver achieves simplicity by assuming that the C method of
28             L will return a group rather than a
29             username. Thus it can be directly compared with the list of authorized groups passed
30             to L
31              
32             =head1 EXAMPLE
33              
34             use base qw(CGI::Application);
35             use CGI::Application::Plugin::Authorization;
36              
37             __PACKAGE__->authz->config(
38             DRIVER => [ 'SimpleGroup' ],
39             # You are responsible for setting a group param somehow!
40             GET_USERNAME => sub {
41             my $authz = shift;
42             return $authz->cgiapp->session->param('group');
43             },
44             );
45              
46             sub cgiapp_prerun {
47             my $self = shift;
48              
49             # here is an example of how you could set the
50             # group param that will be tested later
51             if ($ENV{REMOTE_USER} eq 'mark') {
52             $self->session->param('group' => 'admin');
53             }
54             }
55              
56             sub my_runmode {
57             my $self = shift;
58            
59             # make sure the user has 'admin' privileges
60             return $self->authz->forbidden unless $self->authz->authorize('admin');
61              
62             # if we get here the user has 'admin' privileges
63             }
64              
65             =head1 METHODS
66              
67             =head2 authorize_user
68              
69             I.
70              
71             This method accepts a username followed by a list of group names and will
72             return true if the user belongs to at least one of the groups.
73              
74             =cut
75              
76             sub authorize_user {
77 4     4 1 66 my $self = shift;
78 4         5 my $username = shift;
79 4         9 my @groups = @_;
80              
81 4 50       9 return 0 unless defined $username;
82              
83 4         9 foreach my $group (@groups) {
84 6 50       13 next unless defined $group;
85 6 100       34 return 1 if ($username eq $group);
86             }
87 2         13 return 0;
88             }
89              
90             =head1 SEE ALSO
91              
92             L, L, perl(1)
93              
94              
95             =head1 LICENCE AND COPYRIGHT
96              
97             Copyright (c) 2006, Mark Stosberg. All rights reserved.
98              
99             This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
100              
101             =cut
102              
103             1;