callbacks results from the CPAN

CGI-Application-Plugin-Authorization
view release on metacpan or search on metacpan
lib/CGI/Application/Plugin/Authorization.pm view on Meta::CPAN
package CGI::Application::Plugin::Authorization;

use strict;
use vars qw($VERSION);
$VERSION = '0.07';

our %__CONFIG;

use UNIVERSAL::require;
use Scalar::Util;
use List::Util qw(first);
use Carp;

sub import {
    my $pkg     = shift;
    my $callpkg = caller;
    {
        no strict qw(refs);
        *{ $callpkg . '::authz' }
            = \&CGI::Application::Plugin::_::Authorization::authz;
        *{ $callpkg . '::authorization' }
            = \&CGI::Application::Plugin::_::Authorization::authz;
    }
    if ( !UNIVERSAL::isa( $callpkg, 'CGI::Application' ) ) {
        warn
            "Calling package is not a CGI::Application module so not setting up the prerun hook.  If you are using \@ISA instead of 'use base', make sure it is in a BEGIN { } block, and make sure these statements appear before the plugin is loaded";
    }
    elsif ( !UNIVERSAL::can( $callpkg, 'add_callback' ) ) {
        warn
            "You are using an older version of CGI::Application that does not support callbacks, so the prerun method can not be registered automatically (Lookup 'CGI::Application CALLBACKS' in the docs for more info)";
    }
    else {
        $callpkg->add_callback( prerun => \&prerun_callback );
    }
}

=head1 NAME

CGI::Application::Plugin::Authorization - Authorization framework for
CGI::Application


=head1 SYNOPSIS

 use base qw(CGI::Application);
 use CGI::Application::Plugin::Authentication;
 use CGI::Application::Plugin::Authorization;

 # default config for runmode authorization
 __PACKAGE__->authz->config(
     DRIVER => [ 'HTGroup', FILE => 'htgroup' ],
 );

 # Using a named configuration to distinguish it from
 # the above configuration
 __PACKAGE__->authz('dbaccess')->config(
     DRIVER => [ 'DBI',
         DBH   => $self->dbh,
         TABLES      => ['user', 'access'],
         JOIN_ON     => 'user.id = access.user_id',
         CONSTRAINTS => {
             'user.name'      => '__USERNAME__',
             'access.table'   => '__PARAM_1__',
             'access.item_id' => '__PARAM_2__'
         }
     ],
 );

 sub admin_runmode {
    my $self = shift;

    # User must be in the admin group to have access to this runmode
    return $self->authz->forbidden unless $self->authz->authorize('admin');

    # rest of the runmode
    ...
 }

 sub update_widget {
    my $self = shift;
    my $widget = $self->query->param('widget_id');

    # Can this user edit this widget in the widgets table?
    return $self->authz->forbidden unless $self->authz('dbaccess')->authorize(widgets => $widget);

    # save changes to the widget
    ...
 }

=head1 DESCRIPTION
( run in 2.131 seconds using v1.01-cache-2.11-cpan-39bf76dae61 )