NAME

Apache::SiteControl::Rule - Permission manager access rule.

DESCRIPTION

Each rule is a custom-written class that implements some aspect of your site's access logic. Rules can choose to grant or deny a request.

   package sample::Test;

   use strict;
   use warnings;
   use Carp;
   use Apache::SiteControl::Rule;

   use base qw(Apache::SiteControl::Rule);

   sub grants($$$$)
   {
      my $this = shift;
      my $user = shift;
      my $action = shift;
      my $resource = shift;

      if($action eq "edit" && $resource->isa("sample::Record")) {
         return 1 if($user{name} eq "root");
      }

      return 0;
   }

   sub denies($$$$)
   {
      return 0;
   }

   1;

The PermissionManager will only give permission if at least one rule grants permission, and no rule denies it.

It is important that your rules never grant or deny a request they do not understand, so it is a good idea to use type checking to prevent strangeness. Assertions should not be used if you expect different rules to accept different resource types or user types, since each rule is used on every access request.

EXPORT

None by default.

SEE ALSO

Apache::SiteControl::UserFactory, Apache::SiteControl::ManagerFactory, Apache::SiteControl::PermissionManager, Apache::SiteControl

AUTHOR

This module was written by Tony Kay, <tkay@uoregon.edu>.

COPYRIGHT AND LICENSE