submersible_toaster has asked for the wisdom of the Perl Monks concerning the following question:

Fellow Monks
Having maintained (hacked) an RT system for some years now, I have come to respect it's group and user 'Rights' model of access control.

I seek the collective wisdom for suggestions regarding implementing similar controls in a more generic way for example.

my $user = App::User->load( $someid );

if ($user->can_modify) {
    $app->modify_document( \%args );
}
else {
    $app->error( 'Access denied: you are not allowed to modify documen
+ts' );
}

[download]

My goal is to provide more granular control over user's rights in a web application context, rather than a rudimentary Admin/User distinction where admins can do anything and users only basic things.

Update : Data::ACL looks like a candidate.
Decision::ACL somewhat more sophisticated.

Update : Ammended links above as CPAN, thanks cazz.


I can't believe it's not psellchecked

Replies are listed 'Best First'.
Re: Implementing ACL or Privileges
by insaniac (Friar) on Apr 16, 2005 at 11:37 UTC
    Don't know if this will help you, but, do you know Maypole? (http://maypole.perl.org). They have a Maypole::Plugin::Authorization which seems to do exactly what you want..
    maybe you can get some inspiration from their code..

    to ask a question is a moment of shame
    to remain ignorant is a lifelong shame

[reply]

Back to Seekers of Perl Wisdom