/usr/local/CPAN/Apache-SWIT-Security/Apache/SWIT/Security/Role/Loader.pm
use strict;
use warnings FATAL => 'all';
package Apache::SWIT::Security::Role::Loader;
use base 'Class::Accessor';
__PACKAGE__->mk_accessors(qw(roles_container url_manager));
use Apache::SWIT::Security::Role::Container;
use Apache::SWIT::Security::Role::Manager;
sub load_role_container {
my ($self, $roles) = @_;
my $c = Apache::SWIT::Security::Role::Container->new($roles);
$self->roles_container($c);
}
sub parse_permissions {
my ($self, $perms) = @_;
my @p;
for (@$perms) {
s/^([+-])//;
my $sign = $1;
my $id = $_ eq 'all' ?
Apache::SWIT::Security::Role::Manager::ALL
: $self->roles_container->find_role_by_name($_)->id;
push @p, ($sign eq '-') ? -1*$id : $id;
}
return \@p;
}
sub load {
my ($self, $tree) = @_;
my %urls;
$tree->for_each_url(sub {
my ($url, $pname, $pentry, $ep) = @_;
my $ps = $ep->{permissions};
$urls{$url}->{perms} = $self->parse_permissions($ps);
$urls{$url}->{hook_class} = $pentry->{class};
$urls{$url}->{hook_func} = $ep->{security_hook};
});
my @rps;
for my $rp (@{ $tree->{rule_permissions} || [] }) {
my @r = (shift @$rp);
push @r, @{ $self->parse_permissions($rp) };
push @rps, \@r;
}
my $cs = $tree->{capabilities} || {};
my %caps = map { ($_, $self->parse_permissions($cs->{$_})) }
keys %$cs;
my $mgr = Apache::SWIT::Security::Role::Manager->new(\%urls, \@rps
, \%caps);
$self->url_manager($mgr);
}
1;