Wallet::ACL::Base

(Generic parent class for wallet ACL verifiers)

SYNOPSIS

    package Wallet::ACL::Simple
    @ISA = qw(Wallet::ACL::Base);
    sub check {
        my ($self, $principal, $acl) = @_;
        return ($principal eq $acl) ? 1 : 0;
    }

DESCRIPTION

Wallet::ACL::Base is the generic parent class for wallet ACL verifiers. It provides default functions and behavior and all ACL verifiers should inherit from it. It is not used directly.

METHODS

new()

Creates a new ACL verifier. The generic function provided here just creates and blesses an object.

syntax_check(PRINCIPAL, ACL)

This method should be overridden by any child classes that want to implement validating the name of an ACL before creation. The default implementation allows any name for an ACL.

check(PRINCIPAL, ACL, TYPE, NAME)

This method should always be overridden by child classes. The default implementation just declines all access. TYPE and NAME are the type and name of the object being accessed, which may be used by some ACL schemes or may be ignored.

error([ERROR ...])

Returns the error of the last failing operation or undef if no operations have failed. Callers should call this function to get the error message after an undef return from any other instance method.

For the convenience of child classes, this method can also be called with one or more error strings. If so, those strings are concatenated together, trailing newlines are removed, any text of the form  at \S+ line \d+\.? at the end of the message is stripped off, and the result is stored as the error. Only child classes should call this method with an error string.

SEE ALSO

Wallet::ACL(3), wallet-backend(8)

This module is part of the wallet system. The current version is available from <https://www.eyrie.org/~eagle/software/wallet/>.

AUTHOR

Russ Allbery <eagle@eyrie.org>

Last spun 2024-05-01 from POD modified 2024-04-30