If you want to have control over every subroutine that could possibly be
called from every other subroutine/run mode it seems to me that you would need
to have some sort of 'prerun' at the beginning of every sub to make sure that
that user has permission for that sub. I would personally base my permissions
on run_modes not subroutines. Just make sure that your runmode only calls
subroutines that that user can access and then restrict access to run_modes by
using 'cgiapp_prerun'.
Or you might try something like this. For instance, (assuming users and
groups) a user who belongs to the 'admin' group tries to execute the 'blah'
sub. You don't actually have a 'blah' sub but a 'blah_admin' sub. So you could
do something like this.
#get the $group by looking at who is logged in.
...
#then call the blah_$group sub
$self->blah_$group();
#you then have your subs
sub blah_admin
{
my $self = shift;
...
}
sub blah_othergroup
{
my $self = shift;
...
}
sub blah_yetanothergroup
{
my $self = shift;
...
}
This way the user only executes the subs that his group belongs too. Like I
said, I wouldn't do it this way. I would restrict access to run_modes and then
just carefully plan out my run_modes.
Michael Peters
Venzia
"Joel Gwynn" <[EMAIL PROTECTED]> wrote
> OK. I think I figured out what I really need to know.
>
> I basically want my setup function to be my permissions manager. Inside
> of setup, I'm looking up the user based on the session id, and
> storing the user's permissions in a hash. The permissions refer to
> subroutines, not run-modes. I really want to be able to have a
> fine-grained control ove which users can run which subs.
>
> How do I find out which subroutine is being requested? ie, if my
> run-modes are as follows:
> $self->run_modes(
> login => \&login,
> authenticate => \&authenticate,
> list_projects => \&list_projects,
> add_project => \&list_projects,
> edit_project => \&list_projects
> ...
> }
>
> I want to find out if my user has permission to run &list_projects.
> If I know that the run-mode is called 'add_project', how do I determine
> what sub is going to be called.
>
> Sorry if I'm being too dense about this.
>
> Joel Gwynn
> Variable Data
> Spire
> 617 832-1957
>
> ---------------------------------------------------------------------
> Web Archive: http://www.mail-archive.com/[EMAIL PROTECTED]/
> http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
------- End of Original Message -------
---------------------------------------------------------------------
Web Archive: http://www.mail-archive.com/[EMAIL PROTECTED]/
http://marc.theaimsgroup.com/?l=cgiapp&r=1&w=2
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
