💯 Doug Bell

NAME

Beam::Runnable::AllowUsers - Only allow certain users to run a command

VERSION

version 0.012

SYNOPSIS

    ### In a Runnable module
    package My::Runnable::Script;
    use Moo;
    with 'Beam::Runnable', 'Beam::Runnable::AllowUsers';
    has '+allow_users' => ( default => [ 'root' ] );
    sub run { }

    ### In a container config file
    runnable:
        $class: My::Runnable::Script
        $with:
            - 'Beam::Runnable::AllowUsers'
        allow_users:
            - root
            - doug

DESCRIPTION

This role checks to ensure that only certain users can run a command. If an unauthorized user runs the command, it dies with an error instead.

NOTE: This is mostly a demonstration of a Beam::Runnable role. Users that can write to the configuration file can edit who is allowed to run the command, and there are other ways to prevent access to a file/command.

ATTRIBUTES

allow_users

An array reference of user names that are allowed to run this task.

METHODS

run

This role wraps the run method of your runnable class to check that the user is authorized.

SEE ALSO

Beam::Runnable, "getpwuid" in perlfunc, "$>" in perlvar

AUTHOR

Doug Bell <preaction@cpan.org>

COPYRIGHT AND LICENSE

This software is copyright (c) 2016 by Doug Bell.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.