Re^5: User access controlled by subroutine attribute.

I see it as protection from developer error. You probably want to have authorization handled in a way that allows you to both restrict the overt choices that a user can make and also to give the user a more friendly message up front, which all probably requires explicit coding nearer the front end. However if there is the possibility of an unintended method getting called (a typo in a dispatch table or an unchecked action parameter for instance,) then you might feel it is appropriate to prevent that method being called by unauthorized users. Call it a belt and braces approach.

/J\

Comment on Re^5: User access controlled by subroutine attribute.

Replies are listed 'Best First'.
Re^6: User access controlled by subroutine attribute. by rlb3 (Deacon) on Aug 15, 2006 at 14:50 UTC
Hello, All Thank you all for your responses. After thinking about it I decided to make a basic implementation. package Access::Attribute; use strict; use warnings; use Attribute::Handlers; use Data::Dumper; sub UNIVERSAL::access_root : ATTR(CODE) { my ($package, $symbol, $referent, $attr, $data, $phase) = @_; if ($< != 0) { die "Access Denied to subroutine " . {$symbol}{NAME} . "\n"; } } sub UNIVERSAL::access_list : ATTR(CODE) { my ($package, $symbol, $referent, $attr, $data, $phase) = @_; return if !$data; my @data = (ref $data) ? @$data : $data; my $match = 0; for my $user (@data) { my @passwd = getpwnam($user); next if !@passwd; $match = 1 if $< == $passwd[2]; } if ($match == 0) { die "Access Denied to subroutine " . {$symbol}{NAME} . "\n"; } } 1; [download] This is mostly to teach myself Attributes, but I thought I would share it. Thanks, rlb3	[reply] [d/l]

Replies are listed 'Best First'.

Re^6: User access controlled by subroutine attribute.
by rlb3 (Deacon) on Aug 15, 2006 at 14:50 UTC

Hello, All

Thank you all for your responses. After thinking about it I decided to make a basic implementation.

package Access::Attribute;

use strict;
use warnings;

use Attribute::Handlers;
use Data::Dumper;

sub UNIVERSAL::access_root : ATTR(CODE) {
    my ($package, $symbol, $referent, $attr, $data, $phase) = @_;

    if ($< != 0) {
        die "Access Denied to subroutine " . *{$symbol}{NAME} . "\n";
    }

}

sub UNIVERSAL::access_list : ATTR(CODE) {
    my ($package, $symbol, $referent, $attr, $data, $phase) = @_;

    return if !$data;
    
    my @data = (ref $data) ? @$data : $data;
    
    my $match = 0;
    for my $user (@data) {
        my @passwd = getpwnam($user);
        next if !@passwd;
        $match = 1 if $< == $passwd[2];
    }
    
    if ($match == 0) {
        die "Access Denied to subroutine " . *{$symbol}{NAME} . "\n";
    }
}

1;
[download]

This is mostly to teach myself Attributes, but I thought I would share it.

Thanks,

rlb3

[reply]
[d/l]