28/10/2008
Role Based Access Control
30
Code
Examples - Create Authz / 2
# create authz object
my $authz =
IFL::Authz->new({ config => $authzconfig
});
$authz->begin_transaction;
$authz->add_object_type({
name => 'ring', ops => ['wear', 'destroy'], precedence => 1 });
$authz->add_user({
user => 'unittest', metadata => { name => 'Ms. Unity Test', country => 'UK' }
});
$authz->add_role({
role => 'tester', description => 'Tester Role' });
$authz->grant_permission({role
=> 'tester', description
=> 'access rings', operations => [qw( access read )], allow_deny => 'allow',
object => { type
=> 'ring', precedence => 'DEFAULT', id => {} } } );