DCE::ACL - Perl interface to DCE ACL client API


  use DCE::ACL;

  $aclh = DCE::ACL->bind($object);


DCE::ACL provides a Perl interface to the sec_acl_* client API. As the sec_acl_list_t structure is rather complex, additional classes and methods are provided so Perl scripts can deal with it in a reasonable fashion.

DCE::ACL::handle methods


See DCE::ACL->bind.


Returns the number of acls in the sec_acl_list_t structure.

 $num = $aclh->num_acls

Equivalent to the sec_acl_get_manager_types function. $manager_types is a array reference.

 ($num_used, $num_types, $manager_types, $status) = 

If called in a scalar context, only the $manager_types array reference is returned.

 $manager = $achl->get_manager_types->[0]; #first manager


Equivalent to the sec_acl_get_access function.

 ($permset, $status) = $aclh->get_access($manager);

Equivalent to the sec_acl_get_printstring function.

$printstrings is an array reference of hash references.

 ($chain, $mgr_info, $tokenize, $total, $num, $printstrings, $status) = 

If called in a scalar context, only the $printstrings reference is returned.

 $printstrings = $aclh->get_printstring($manager);

 foreach $str (@$printstrings) {
     $permstr .= 
         ($str->{permissions} & $entry->perms) ?  
             $str->{printstring} : "-";

Equivalent to the sec_acl_test_access function.

 ($ok, $status) = $aclh->test_access($manager, $perms);

Equivalent to the sec_acl_replace function.

 $status = $aclh->replace($manager, $aclh->type_object, $list);

Equivalent to the sec_acl_lookup function. $list is a reference to a sec_acl_list_t structure, blessed into the DCE::ACL::list class. $type is an optional argument which defaults to DCE::ACL-type_object>.

 ($list, $status) = $aclh->lookup($manager, [$type]);

This method does a lookup, deleting all entries and returns the empty list. $type is an optional argument which defaults to DCE::ACL-type_object>.

 ($list, $status) = $aclh->new_list($manager, [$type]);

DCE::ACL::list methods


Returns a list of all acls if no index argument is given, when called in a scalar context, only the first acl is returned. Objects returned are references to sec_acl_t structures, blessed into the DCE::ACL class.

 $acl = $list->acls;

DCE::ACL methods


Equivalent to the sec_acl_bind function. Returns a reference to the sec_acl_list_t structure bless into the DCE::ACL::handle class. The optional argument $bind_to_entry defaults to FALSE.

 ($aclh, $status) = DCE::ACL->bind($object, [$bind_to_entry]);

When given an integer argument, returns the string representation.

 $str = DCE::ACL->type(0); #returns 'user_obj'

A method is provided foreach sec_acl_type_t type, returning an integer.

 $type = DCE::ACL->type_user;

Returns the number of sec_acl_entry_t structures.

 $num = $acl->num_entries;


Returns a hash reference with uuid and name keys.

 $name = $acl->default_realm->{name}; #/.../

Removes the specifed entry from the acl structure, where entry is a reference to sec_acl_entry_t structure, blessed into the DCE::ACL::entry class.

 $status = $acl->remove($entry);

Removes all entries from the $acl.


Allocates memory needed for a new sec_acl_entry_t structure, returns a reference to that structure blessed in to the DCE::ACL::entry class.

 $entry = $acl->new_entry;

Adds a sec_acl_entry_t structure to a sec_acl_t structure.

 $status = $acl->add($entry);

Returns references to sec_acl_entry_t structures blessed in to the DCE::ACL::entry class. If an integer argument is given, only that entry will be returned, otherwise, a list of all entries will be returned.

 $entry = $acl->entries(0); #return the first entry

 foreach $entry ($acl->entries) { #return all entries

DCE::ACL::entry methods


Compares two acl entries, returns true if they are the same, returns false otherwise.

 $match = $entry1->compare($entry2);

Returns the permission bits for the specified entry, setting the bits if given an argument.

    $bits = $entry->perms;

    for (qw(perm_read perm_control perm_insert)) {
        $bits |= DCE::ACL->$_();


Returns a hash reference containing entry info, changing it if given an argument.

    $uuid = $entry->entry_info->{id}{uuid};

        entry_type => DCE::ACL->type_user,
        id => {
            uuid => $uuid,


Doug MacEachern <>


perl(1), DCE::aclbase(3), DCE::Registry(3), DCE::UUID(3), DCE::Login(3), DCE::Status(3).