Name

Bric::App::Authz - Exports functions for checking user authorization.

Synopsis

use Bric::App::Authz qw(:all);

chk_authz($obj, READ);
# If we get here, we can read $obj.

chk_authz($obj, EDIT);
# If we get here, we can edit $obj.

chk_authz($obj, CREATE);
# If we get here, we can create $obj.

Description

This package exports the function chk_authz(), which will return true if the current user has permission to perform a given activity to $obj, and redirect to an error page if the user does not have the permission. The permissions available are also exported. They are READ, EDIT, and CREATE. CREATE includes READ and CREATE permissions while EDIT includes READ permission.

Interface

Constructors

NONE.

Destructors

$p->DESTROY

Dummy method to prevent wasting time trying to AUTOLOAD DESTROY.

Throws: NONE.

Side Effects: NONE.

Notes: NONE.

Public Class Methods

NONE.

Public Functions

my $bool = chk_authz($obj, $permission, $no_redir, @gids)

Returns true if the current user has the given $permission on $obj, and sends an error page to the browser if the current user does not have $permission on $obj. If $no_redir is true, then the browser won't be redirected, but chk_authz() will return undef. If any group IDs are passed in via @gids, they will be checked as if $obj was a member of those groups.

Throws: NONE.

Side Effects: NONE.

Notes: NONE.

clear_authz_cache( $obj )

Clears the authz cache for an object as set by a call to chk_authz. The cache is generally useful, as it lasts for the duration of a request, but sometimes group memberships change during the lifetime of a request. In such cases, the authorzation cache for that object should be cleared before the next call to chk_authz.

Private

Private Class Methods

NONE.

Private Instance Methods

NONE.

Private Functions

NONE.

Notes

NONE.

Author

David Wheeler <david@justatheory.com>

See Also

Bric, Bric::Biz::Person::User