100 lines
3.5 KiB
RPMSpec
100 lines
3.5 KiB
RPMSpec
#
|
|
# spec file for package perl-Catalyst-Plugin-Authorization-Roles
|
|
#
|
|
# Copyright (c) 2024 SUSE LLC
|
|
#
|
|
# All modifications and additions to the file contributed by third parties
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
# upon. The license for this file, and modifications and additions to the
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
# license for the pristine package is not an Open Source License, in which
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
# published by the Open Source Initiative.
|
|
|
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
|
#
|
|
|
|
|
|
%define cpan_name Catalyst-Plugin-Authorization-Roles
|
|
Name: perl-Catalyst-Plugin-Authorization-Roles
|
|
Version: 0.90.0
|
|
Release: 0
|
|
# 0.09 -> normalize -> 0.90.0
|
|
%define cpan_version 0.09
|
|
License: Artistic-1.0 OR GPL-1.0-or-later
|
|
Summary: Role based authorization for Catalyst based on Catalyst::Plugin::Authentication
|
|
URL: https://metacpan.org/release/%{cpan_name}
|
|
Source0: https://cpan.metacpan.org/authors/id/B/BO/BOBTFISH/%{cpan_name}-%{cpan_version}.tar.gz
|
|
Source1: cpanspec.yml
|
|
Source100: README.md
|
|
BuildArch: noarch
|
|
BuildRequires: perl
|
|
BuildRequires: perl-macros
|
|
BuildRequires: perl(Catalyst::Plugin::Authentication) >= 0.100.30
|
|
BuildRequires: perl(Catalyst::Runtime) >= 5.700.0
|
|
BuildRequires: perl(ExtUtils::MakeMaker) >= 6.42
|
|
BuildRequires: perl(Set::Object) >= 1.14
|
|
BuildRequires: perl(Test::Exception)
|
|
BuildRequires: perl(UNIVERSAL::isa) >= 0.05
|
|
Requires: perl(Catalyst::Plugin::Authentication) >= 0.100.30
|
|
Requires: perl(Catalyst::Runtime) >= 5.700.0
|
|
Requires: perl(Set::Object) >= 1.14
|
|
Requires: perl(UNIVERSAL::isa) >= 0.05
|
|
Provides: perl(Catalyst::Plugin::Authorization::Roles) = %{version}
|
|
%undefine __perllib_provides
|
|
%{perl_requires}
|
|
|
|
%description
|
|
Role based access control is very simple: every user has a list of roles,
|
|
which that user is allowed to assume, and every restricted part of the app
|
|
makes an assertion about the necessary roles.
|
|
|
|
With 'assert_user_roles', if the user is a member in *all* of the required
|
|
roles access is granted. Otherwise, access is denied. With
|
|
'assert_any_user_role' it is enough that the user is a member in *one*
|
|
role.
|
|
|
|
There are alternative approaches to do this on a per action basis, see
|
|
Catalyst::ActionRole::ACL.
|
|
|
|
For example, if you have a CRUD application, for every mutating action you
|
|
probably want to check that the user is allowed to edit. To do this, create
|
|
an editor role, and add that role to every user who is allowed to edit.
|
|
|
|
sub edit : Local {
|
|
my ( $self, $c ) = @_;
|
|
$c->assert_user_roles( qw/editor/ );
|
|
$c->model("TheModel")->make_changes();
|
|
}
|
|
|
|
When this plugin checks the roles of a user it will first see if the user
|
|
supports the self check method.
|
|
|
|
When this is not supported the list of roles is extracted from the user
|
|
using the 'roles' method.
|
|
|
|
When this is supported, the 'check_roles' method will be used to delegate
|
|
the role check to the user class. Classes like the one provided with
|
|
iCatalyst::Authentication::Store::DBIx::Class optimize the check this way.
|
|
|
|
%prep
|
|
%autosetup -n %{cpan_name}-%{cpan_version}
|
|
|
|
%build
|
|
PERL_USE_UNSAFE_INC=1 perl Makefile.PL INSTALLDIRS=vendor
|
|
%make_build
|
|
|
|
%check
|
|
make test
|
|
|
|
%install
|
|
%perl_make_install
|
|
%perl_process_packlist
|
|
%perl_gen_filelist
|
|
|
|
%files -f %{name}.files
|
|
%doc Changes README
|
|
|
|
%changelog
|