DCE::ACL - Perl interface to DCE ACL client API

DCE-Perl documentation Contained in the DCE-Perl distribution.

Index

Code Index:

NAME

Top

DCE::ACL - Perl interface to DCE ACL client API

SYNOPSIS

Top

  use DCE::ACL;

  $aclh = DCE::ACL->bind($object);

DESCRIPTION

Top

DCE::ACL provides a Perl interface to the sec_acl_* client API. As the sec_acl_list_t structure is rather complex, additional classes and methods are provided so Perl scripts can deal with it in a reasonable fashion.

DCE::ACL::handle methods

Top

DCE::ACL::handle->bind

See DCE::ACL->bind.

$aclh->num_acls

Returns the number of acls in the sec_acl_list_t structure.

 $num = $aclh->num_acls
$aclh->get_manager_types

Equivalent to the sec_acl_get_manager_types function. $manager_types is a array reference.

 ($num_used, $num_types, $manager_types, $status) = 
    $aclh->get_manager_types();

If called in a scalar context, only the $manager_types array reference is returned.

 $manager = $achl->get_manager_types->[0]; #first manager
$aclh->get_access

Equivalent to the sec_acl_get_access function. 

 ($permset, $status) = $aclh->get_access($manager);
$aclh->get_printstring

Equivalent to the sec_acl_get_printstring function.

$printstrings is an array reference of hash references.

 ($chain, $mgr_info, $tokenize, $total, $num, $printstrings, $status) = 
    $aclh->get_printstring($manager);

If called in a scalar context, only the $printstrings reference is returned.

 $printstrings = $aclh->get_printstring($manager);

 foreach $str (@$printstrings) {
     $permstr .= 
	 ($str->{permissions} & $entry->perms) ?  
	     $str->{printstring} : "-";
 }
$aclh->test_access

Equivalent to the sec_acl_test_access function. 

 ($ok, $status) = $aclh->test_access($manager, $perms);
$aclh->replace

Equivalent to the sec_acl_replace function. 

 $status = $aclh->replace($manager, $aclh->type_object, $list);
$aclh->lookup

Equivalent to the sec_acl_lookup function. $list is a reference to a sec_acl_list_t structure, blessed into the DCE::ACL::list class. $type is an optional argument which defaults to DCE::ACL-type_object>.

 ($list, $status) = $aclh->lookup($manager, [$type]);
$aclh->new_list

This method does a lookup, deleting all entries and returns the empty list. $type is an optional argument which defaults to DCE::ACL-type_object>.

 ($list, $status) = $aclh->new_list($manager, [$type]);

DCE::ACL::list methods

Top

$list->acls

Returns a list of all acls if no index argument is given, when called in a scalar context, only the first acl is returned. Objects returned are references to sec_acl_t structures, blessed into the DCE::ACL class.

 $acl = $list->acls;

DCE::ACL methods

Top

DCE::ACL->bind

Equivalent to the sec_acl_bind function. Returns a reference to the sec_acl_list_t structure bless into the DCE::ACL::handle class. The optional argument $bind_to_entry defaults to FALSE.

 ($aclh, $status) = DCE::ACL->bind($object, [$bind_to_entry]);
DCE::ACL->type

When given an integer argument, returns the string representation.

 $str = DCE::ACL->type(0); #returns 'user_obj'
DCE::ACL->type_*

A method is provided foreach sec_acl_type_t type, returning an integer.

 $type = DCE::ACL->type_user;
$acl->num_entries

Returns the number of sec_acl_entry_t structures.

 $num = $acl->num_entries;
$acl->default_realm

Returns a hash reference with uuid and name keys.

 


 $name = $acl->default_realm->{name}; #/.../cell.foo.com
$acl->remove

Removes the specifed entry from the acl structure, where entry is a reference to sec_acl_entry_t structure, blessed into the DCE::ACL::entry class.

 $status = $acl->remove($entry);
$acl->delete

Removes all entries from the $acl.

$acl->new_entry

Allocates memory needed for a new sec_acl_entry_t structure, returns a reference to that structure blessed in to the DCE::ACL::entry class.

 $entry = $acl->new_entry;
$acl->add

Adds a sec_acl_entry_t structure to a sec_acl_t structure.

 $status = $acl->add($entry);
$acl->entries

Returns references to sec_acl_entry_t structures blessed in to the DCE::ACL::entry class. If an integer argument is given, only that entry will be returned, otherwise, a list of all entries will be returned.

 $entry = $acl->entries(0); #return the first entry

 foreach $entry ($acl->entries) { #return all entries
    ...

DCE::ACL::entry methods

Top

$entry->compare

Compares two acl entries, returns true if they are the same, returns false otherwise.

 $match = $entry1->compare($entry2);
$entry->perms

Returns the permission bits for the specified entry, setting the bits if given an argument.

    $bits = $entry->perms;

    for (qw(perm_read perm_control perm_insert)) {
	$bits |= DCE::ACL->$_();
    }

    $e->perms($bits);
$entry->entry_info

Returns a hash reference containing entry info, changing it if given an argument.

    $uuid = $entry->entry_info->{id}{uuid};

    $entry->entry_info({
	entry_type => DCE::ACL->type_user,
	id => {
	    uuid => $uuid,
	},
    });

AUTHOR

Top

Doug MacEachern <dougm@osf.org>

SEE ALSO

Top

perl(1), DCE::aclbase(3), DCE::Registry(3), DCE::UUID(3), DCE::Login(3), DCE::Status(3).

DCE-Perl documentation Contained in the DCE-Perl distribution. 
package DCE::ACL;

use strict;
use vars qw($VERSION @ISA);
use DCE::UUID ();
use DynaLoader ();
use DCE::aclbase ();

@DCE::ACL::ISA = qw(DynaLoader DCE::aclbase);
@DCE::ACL::handle::ISA = qw(DCE::ACL);

$VERSION = '1.01';

bootstrap DCE::ACL $VERSION;
*AUTOLOAD = \&DCE::aclbase::AUTOLOAD; #bleh

# Preloaded methods go here.

#sec_acl_entry_type_t
my(@types) = qw(
user_obj
group_obj
other_obj
user
group
mask_obj
foreign_user
foreign_group
foreign_other
unauthenticated
extended
any_other
user_obj_deleg
user_deleg
for_user_deleg
group_obj_deleg
group_deleg
for_group_deleg
other_obj_deleg
for_other_deleg
any_other_deleg
	    );

my(%types);
{
    my($i, $eval);
    $i = 0; $eval = "";
    foreach $_ (@types) {
	$types{$_} = $i;
	$eval .= "sub type_$_ {$i};\n";
	$i++;
    }
    eval $eval;
}

sub types { @types }

sub type { 
    my($self, $idx) = @_;
    return $types[$_[1]] if $idx =~ /^\d+$/;
    $types{$idx};
}

sub fail {
    my($self, $status) = @_;
    $status != 0;
}
#sec_acl_type_t
sub type_object {0}
sub type_default_object {1}
sub type_default_container {2}

sub DCE::ACL::handle::new_list {
    my($h, $mgr) = @_;
    my($list, $status) = $h->lookup($mgr);
    $h->acls->delete;
    ($list, $status);
}

# Autoload methods go after =cut, and are processed by the autosplit program.

1;
__END__