The following module was proposed for inclusion in the Module List:
modid: Dancer2::Plugin::Auth::YARBAC
DSLIP: bdphp
description: Dancer2 Role Based Access Control Framework
userid: AVERNA (Sarah Fuller)
chapterid: 16 (Server_and_Daemon_Utilities)
communities:
icr.perl.org #dancer, dancer mailing list
similar:
Dancer::Plugin::Auth::Extensible
rationale:
YARBAC is a role based user authentication and authorisation
framework for Dancer2 apps. Designed with security and a medium to
large user base in mind. This framework was heavily inspired by the
excellent Dancer::Plugin::Auth::Extensible framework which I'd
highly recommend as it for your consideration. YARBAC was designed
to support secure password checking, enforced password hashing,
multiple authentication realms and the ability to create your own
backend provider. YARBAC was also designed to to be as flexialbe and
as feature rich as possible in the hope that I'll never have to
write RBAC code for Dancer again. :) While similar to Extensible in
some ways, this framework has some significantly different
approaches. These differences were born out of my own experiences
writing RBAC code for various Dancer apps and finding myself always
having to extend existing modules or starting from scratch or worse
still, copy/paste my old code then reworking it. The major
difference with YARBAC is that it tries to be a complete solution to
the problem. However in order to be a little more flexible and
feature rich in some areas it is also a little more opinionated in
others. The main area of opinion in YARBAC is how it achieves
role-based access control. YARBAC is structed with users, roles,
groups and permissions. A user can have many roles but it might be a
good idea in larger enviornments to only allow a user to have one
role and then assign that role have many groups. Think of a role as
being a role-group. Then there are groups which have many
permissions. A user can have one or more roles, a role can have one
or more groups and groups can have one or more permissions. This
means when deciding if a user is authorised we could require they be
logged in, or have a specifc role, or specific group, or a specific
group with a specific permission and so on. To put it another way,
this design moves the access control down to the role-group
relationship thus allowing one to quickly and easily see, assign or
revoke permissions to a user even when dealing with a fairly complex
authorisation environment.
enteredby: AVERNA (Sarah Fuller)
enteredon: Wed Oct 1 08:36:41 2014 UTC
The resulting entry would be:
Dancer2::Plugin::Auth::
::YARBAC bdphp Dancer2 Role Based Access Control Framework AVERNA
Thanks for registering,
--
The PAUSE
PS: The following links are only valid for module list maintainers:
Registration form with editing capabilities:
https://pause.perl.org/pause/authenquery?ACTION=add_mod&USERID=1af00000_62d7c70d732d28ca&SUBMIT_pause99_add_mod_preview=1
Immediate (one click) registration:
https://pause.perl.org/pause/authenquery?ACTION=add_mod&USERID=1af00000_62d7c70d732d28ca&SUBMIT_pause99_add_mod_insertit=1
Peek at the current permissions:
https://pause.perl.org/pause/authenquery?pause99_peek_perms_by=me&pause99_peek_perms_query=Dancer2%3A%3APlugin%3A%3AAuth%3A%3AYARBAC
