view release on metacpan or  search on metacpan

lib/AxKit/App/TABOO/XSP/User.pm  view on Meta::CPAN

it in a taglib before handing the data to a Data object. See e.g. the
internals of the C<E<lt>store/E<gt>> tag for an example.


=cut

sub is_authorized : attribOrChild(username,authlevel) {
    return ''; # Gotta be something here
} 

sub is_authorized___true__open {
return << 'EOC';
  my $session = AxKit::App::TABOO::session($r);
  my $editinguser = AxKit::App::TABOO::loggedin($session);
  my $authlevel = AxKit::App::TABOO::authlevel($session);
  AxKit::Debug(9, $editinguser . " is authorized at level " . $authlevel);
  if ((defined($editinguser))
      && (defined($authlevel))) {
    if (($attr_username eq $editinguser)
      || (($attr_authlevel) 
	  && ($attr_authlevel <= $authlevel))) # Grant access
	{
EOC
}


sub is_authorized___true {
  return '} }'
}


sub is_authorized___false__open { 
return << 'EOC'; 
  my $session = AxKit::App::TABOO::session($r);
  my $editinguser = AxKit::App::TABOO::loggedin($session);
  my $authlevel = AxKit::App::TABOO::authlevel($session);
  if ((! defined($editinguser)
       || ($attr_username ne $editinguser))
      && ((! defined($authlevel))
	  || ($attr_authlevel > $authlevel))) # Deny access
    {
EOC
}  


sub is_authorized___false {
  return '}'
}

=head2 C<E<lt>valid-authlevels/E<gt>>

This returns a list of the authorization levels that the present user
can legitimitely set. This is an ugly and temporary solution, I think
it should be worked out elsewhere than the taglib, but I couldn't find
a way to do it....

=cut

sub valid_authlevels : nodelist({http://www.kjetil.kjernsmo.net/software/TABOO/NS/User/Output}level) attribOrChild(username) {
    return << 'EOC';
# my @levels = ("Guest", "New member", "Member", "Oldtimer", "Assistant", "Editor", "Administrator", "Director", "Guru", "God"); 
my $extremes = AxKit::App::TABOO::XSP::User::authlevel_extremes($attr_username);
(${$extremes}{'minlevel'} > ${$extremes}{'maxlevel'}) 
    ? () 
    : (${$extremes}{'minlevel'} .. ${$extremes}{'maxlevel'});    
EOC
}


=head2 C<E<lt>random-password/E<gt>>

Shamelessly stolen from Jörg Walter's L<AxKit::XSP::Auth> taglib, this
would generate a new random password, see his documentation for
details.

=cut

sub random_password : expr attribOrChild(lang,signs,numbers,minlen,maxlen)
{
	return 'Crypt::GeneratePassword::word(int($attr_minlen)||7,int($attr_maxlen)||7,$attr_lang,int($attr_signs),(defined $attr_numbers?int($attr_numbers):2))';
}

=head2 C<E<lt>authnuser/E<gt>>

This tag will return the username of the logged in and authenticated user.

=cut

sub authnuser : expr {
  return 'AxKit::App::TABOO::loggedin(AxKit::App::TABOO::session($r));'
}



1;

=head1 TODO

Currently, C<E<lt>existsE<gt>> checks if a user exists by checking if
the real name is defined. This is likely to change in the future. Do
not rely on this behaviour, but do make sure every-one has a real
name!


=head1 FORMALITIES

See L<AxKit::App::TABOO>.

=cut