NAME

DCE::ACL - Perl interface to DCE ACL client API

SYNOPSIS

  use DCE::ACL;

  $aclh = DCE::ACL->bind($object);
  

DESCRIPTION

DCE::ACL provides a Perl interface to the sec_acl_* client API. As the sec_acl_list_t structure is rather complex, additional classes and methods are provided so Perl scripts can deal with it in a reasonable fashion.

DCE::ACL::handle methods

DCE::ACL::handle->bind

See DCE::ACL->bind.

$aclh->num_acls

Returns the number of acls in the sec_acl_list_t structure.

 $num = $aclh->num_acls
$aclh->get_manager_types

Equivalent to the sec_acl_get_manager_types function. $manager_types is a array reference.

 ($num_used, $num_types, $manager_types, $status) = 
    $aclh->get_manager_types();

If called in a scalar context, only the $manager_types array reference is returned.

 $manager = $achl->get_manager_types->[0]; #first manager

 
$aclh->get_access

Equivalent to the sec_acl_get_access function.

 ($permset, $status) = $aclh->get_access($manager);
$aclh->get_printstring

Equivalent to the sec_acl_get_printstring function.

$printstrings is an array reference of hash references.

 ($chain, $mgr_info, $tokenize, $total, $num, $printstrings, $status) = 
    $aclh->get_printstring($manager); 

If called in a scalar context, only the $printstrings reference is returned.

 $printstrings = $aclh->get_printstring($manager);

 foreach $str (@$printstrings) {
     $permstr .= 
         ($str->{permissions} & $entry->perms) ?  
             $str->{printstring} : "-";
 }
$aclh->test_access

Equivalent to the sec_acl_test_access function.

 ($ok, $status) = $aclh->test_access($manager, $perms);
$aclh->replace

Equivalent to the sec_acl_replace function.

 $status = $aclh->replace($manager, $aclh->type_object, $list);
$aclh->lookup

Equivalent to the sec_acl_lookup function. $list is a reference to a sec_acl_list_t structure, blessed into the DCE::ACL::list class. $type is an optional argument which defaults to DCE::ACL-type_object>.

 ($list, $status) = $aclh->lookup($manager, [$type]);
$aclh->new_list

This method does a lookup, deleting all entries and returns the empty list. $type is an optional argument which defaults to DCE::ACL-type_object>.

 ($list, $status) = $aclh->new_list($manager, [$type]);

DCE::ACL::list methods

$list->acls

Returns a list of all acls if no index argument is given, when called in a scalar context, only the first acl is returned. Objects returned are references to sec_acl_t structures, blessed into the DCE::ACL class.

 $acl = $list->acls;

DCE::ACL methods

DCE::ACL->bind

Equivalent to the sec_acl_bind function. Returns a reference to the sec_acl_list_t structure bless into the DCE::ACL::handle class. The optional argument $bind_to_entry defaults to FALSE.

 ($aclh, $status) = DCE::ACL->bind($object, [$bind_to_entry]);
DCE::ACL->type

When given an integer argument, returns the string representation.

 $str = DCE::ACL->type(0); #returns 'user_obj'
DCE::ACL->type_*

A method is provided foreach sec_acl_type_t type, returning an integer.

 $type = DCE::ACL->type_user;
$acl->num_entries

Returns the number of sec_acl_entry_t structures.

 $num = $acl->num_entries;

 
$acl->default_realm

Returns a hash reference with uuid and name keys.

 $name = $acl->default_realm->{name}; #/.../cell.foo.com
$acl->remove

Removes the specifed entry from the acl structure, where entry is a reference to sec_acl_entry_t structure, blessed into the DCE::ACL::entry class.

 $status = $acl->remove($entry);
$acl->delete

Removes all entries from the $acl.

$acl->new_entry

Allocates memory needed for a new sec_acl_entry_t structure, returns a reference to that structure blessed in to the DCE::ACL::entry class.

 $entry = $acl->new_entry;
 
$acl->add

Adds a sec_acl_entry_t structure to a sec_acl_t structure.

 $status = $acl->add($entry);
$acl->entries

Returns references to sec_acl_entry_t structures blessed in to the DCE::ACL::entry class. If an integer argument is given, only that entry will be returned, otherwise, a list of all entries will be returned.

 $entry = $acl->entries(0); #return the first entry

 foreach $entry ($acl->entries) { #return all entries
    ...

DCE::ACL::entry methods

$entry->compare

Compares two acl entries, returns true if they are the same, returns false otherwise.

 $match = $entry1->compare($entry2);
$entry->perms

Returns the permission bits for the specified entry, setting the bits if given an argument.

    $bits = $entry->perms;

    for (qw(perm_read perm_control perm_insert)) {
        $bits |= DCE::ACL->$_();
    }

    $e->perms($bits); 
$entry->entry_info

Returns a hash reference containing entry info, changing it if given an argument.

    $uuid = $entry->entry_info->{id}{uuid};

    $entry->entry_info({
        entry_type => DCE::ACL->type_user,
        id => {
            uuid => $uuid,
        },
    });

AUTHOR

Doug MacEachern <dougm@osf.org>

SEE ALSO

perl(1), DCE::aclbase(3), DCE::Registry(3), DCE::UUID(3), DCE::Login(3), DCE::Status(3).