PlugAuth::Role::Authz - Role for PlugAuth authorization plugins
version 0.23
package PlugAuth::Plugin::MyAuthz; use Role::Tiny::With; with 'PlugAuth::Role::Plugin'; with 'PlugAuth::Role::Authz'; # implement at least: can_user_action_resource, match_resources, # host_has_tag, actions, groups_for_user, all_groups # and users_in_group # optionall implement: create_group, delete_group, update_group # and delete_group 1;
Use this role when writing PlugAuth plugins that manage authorization (ie. determine what the user has authorization to actually do).
If $user can perform $action on $resource, return a string containing the group and resource that permits this. Otherwise, return false.
Given a regex, return all resources that match that regex.
Returns true if the given host has the given tag.
Returns a list of actions.
Returns the groups the given user belongs to.
Returns a list of all groups.
Return the list of users (as an array ref) that belong to the given group. Each user belongs to a special group that is the same as their user name and just contains themselves, and this will be included in the list.
Returns undef if there is no such group.
These methods may be implemented by your class.
Create a new group with the given users. $users is a comma separated list of user names.
Delete the given group.
Grant the given group or user ($group) the authorization to perform the given action ($action) on the given resource ($resource).
Revoke the given group or user ($group) the authorization to perform the given action ($action) on the given resource ($resource)
Returns a list of granted permissions
Update the given group, setting the set of users that belong to that group. The existing group membership will be replaced with the new one. $users is a comma separated list of user names.
Add the given user to the given group. If you do not implement this method, but do implement the update_group method above, then this method will get the group using users_in_group and update_group, but there is a race condition if another process updates the group between these two calls, so it is better to implement it yourself using whatever native locking mechanism you can.
update_group
users_in_group
This method should return the new list of users that belong to the given group.
Remove the given user from the given group. If you do not implement this method, but do implement the update_group method above, then this method will get the group using users_in_group and update_group, but there is a race condition if another process updates the group between these two calls, so it is better to implement it yourself using whatever native locking mechanism you can.
PlugAuth, PlugAuth::Guide::Plugin
Graham Ollis <gollis@sesda3.com>
This software is copyright (c) 2012 by NASA GSFC.
This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.
To install PlugAuth, copy and paste the appropriate command in to your terminal.
cpanm
cpanm PlugAuth
CPAN shell
perl -MCPAN -e shell install PlugAuth
For more information on module installation, please visit the detailed CPAN module installation guide.