FusqlFS::Backend::PgSQL::Role::Acl - FusqlFS class to expose PostgreSQL artifact's permissions
package FusqlFS::Backend::PgSQL::Tables; use parent 'FusqlFS::Artifact'; use FusqlFS::Backend::PgSQL::Role::Acl; sub init { my $self = shift; # initialize class $self->{acl} = FusqlFS::Backend::PgSQL::Role::Acl->new('r'); } sub get { my $self = shift; my ($name) = @_; my $result = {}; # load structures into $result $result->{acl} = $self->{acl}; return $result; }
This class exposes PostgreSQL artifact's permissions (a.k.a. ACL) as a directory with subdirectories named after roles with marker files named after permissions. It is best used with plugged in FusqlFS::Backend::PgSQL::Roles module (see FusqlFS::Backend::Base for more info on plugging in different modules).
The class's new constructor accepts single char argument designating type of artifact the owner of which is to be exposed. Possible values can be seen in FusqlFS::Backend::PgSQL::Role::Base module.
new
First level of exposed files are subdirectories named after roles, e.g. if a table has perms granted to roles user1 and user2 this module will expose subdirectories ./user1 and ./user2.
user1
user2
Removing such subdirectory revokes all permissions from the role, creating subdirectory with some role's name grants all permission to the role.
Every such subdirectory has following structure:
Symlink to role in ../../../../roles which granted current role its permissions.
Symlink to current role in ../../../../roles (i.e. the role with the name equal to current subdirectory's name).
Plain files to designated correspondent permission is granted. Remove some of the files to revoke the permission or create new file with one of the names (e.g. with touch ./insert) to grant such permission.
touch ./insert
To install FusqlFS, copy and paste the appropriate command in to your terminal.
cpanm
cpanm FusqlFS
CPAN shell
perl -MCPAN -e shell install FusqlFS
For more information on module installation, please visit the detailed CPAN module installation guide.