PApp::User - manage user and access rights
use PApp::User;
This module helps administrate users and groups (groups are more commonly
called ``access rights'' within PApp). Wherever a so-called ``group'' or
``access right'' is required you can either use a string (group name) or a
number (the numerical group id).
Both usernames and group names must be valid XML-Names (this might or
might not be enforced).
The API in this module is rather borken. A nicer, more sane interface will
be created at some point.
- authen_p
-
Return true when the user has logged on using this module
- access_p
-
Return true when the user has the specified access right (and is logged
in!).
- admin_p
-
Return true when user has the ``admin'' access right.
- known_user_p [access]
-
Check wether the current user is already known in the access
database. Returns his username (login) if yes, and nothing otherwise.
If the optional argument access
is given, it additionally checks wether
the user has the given access right (even if not logged in).
- update_username [$userid, ]$user
-
Change the login-name of the current user (or the user with id $userid)
to
$user
and return the userid. If another user of that name already
exists, do nothing and return undef
. (See choose_username
).
- choose_username $stem
-
Guess a more-or-less viable but very probable unique username from the
stem given. To create a new username that is unique, use something like
this pseudo-code:
while not update_username $username; do
$username = choose_username $username
done
- update_password $pass
-
Set the (non-crypted) password of the current user to
$pass
. If
$pass
is undef
, the password will be deleted and the user cannot
log-in using verify_login
anymore. This is not the same as an empty
password, which is just that: a valid password with length zero.
- update_comment $comment
-
Change the comment field for the given user by setting it to
$comment
.
- username [$userid]
-
Return the username of the user with id
$userid
or of the current user,
if no arguments are given.
- userid $username
-
Return the userid associated with the given user.
- user_login $userid
-
Log out the current user, switch to the userid
$userid
and
UNCONDITIONALLY FETCH ACCESS RIGHTS FROM THE USER DB. For a safer
interface using password, see verify_login
.
If the $userid
is zero creates a new user without any access rights but
keeps the state otherwise unchanged. You might want to call save_prefs
to save the user preferences (for the current application only, the other
preferences currently are discarded).
- user_logout
-
Log the current user out (remove any access rights fromt he current
session).
- SURL_USER_LOGOUT
-
This surl-cookie (see
PApp::surl
logs the user out (see user_logout
)
when the link is followed.
- user_delete $userid
-
Deletes the given userid from the system, i.e. the user with the given ID
can no longer log-in or do useful things. Other sessions using this userid
will get errors, so don't use this function lightly.
- grant_access accessright
-
Grant the specified access right to the logged-in user.
- revoke_access accessright
-
Revoke the specified access right to the logged-in user.
- verify_login $user, $pass
-
Try to login as user $user, with pass $pass. If the password verifies
correctly, switch the userid (if necessary), add any access rights and
return true. Otherwise, return false and do nothing else.
Unlike the unix password system, empty password fields (i.e. set to undef)
never log-in successfully using this function.
- grpid grpname-or-grpid
-
Return the numerical group id of the given group.
- grpname $gid
-
Return the group name associated with the given id.
- newgrp $grpname, $comment
-
Create a new group with the given name.
- rmgrp $group
-
Delete the group with the given name.
the PApp manpage.
Marc Lehmann <pcg@goof.com>
http://www.goof.com/pcg/marc/