Help-Site Computer Manuals
Software
Hardware
Programming
Networking
  Algorithms & Data Structures   Programming Languages   Revision Control
  Protocols
  Cameras   Computers   Displays   Keyboards & Mice   Motherboards   Networking   Printers & Scanners   Storage
  Windows   Linux & Unix   Mac

/var/sites/help-site.com/auto/tmp/CPAN/9677/Tivoli-AccessManager-Admin-1.11/Admin/ProtObject.pm

/var/sites/help-site.com/auto/tmp/CPAN/9677/Tivoli-AccessManager-Admin-1.11/Admin/ProtObject.pm


NAME

Tivoli::AccessManager::Admin::ProtObject


SYNOPSIS


  use Tivoli::AccessManager::Admin;

  my $resp;

  my $pd = Tivoli::AccessManager::Admin->new( password => 'foobar' );

  my $pobj = Tivoli::AccessManager::Admin::ProtObject->new( $pdadmin, 

                                          name => '/test/monkey');

  # Create the object unless it already exists

  $resp = $pobj->create unless $pobj->exist;

  # Set the type and the description

  $resp = $pobj->type( 'container' );

  $resp = $pobj->description( 'Monkey!' );

  # Attach an ACL

  $resp = $pobj->acl( attach => 'default-webseal' );

  # Detach  an ACL

  $resp = $pobj->acl( detach => 1 );

  # Get the attached and effective ACL

  $resp = $pobj->acl;

  my $href = $resp->value;

  print "Effective ACL: $href->{effective}\n";

  print "Attached ACL: $href->{attached}\n";

  # Find out where else the ACL is attached

  $resp = Tivoli::AccessManager::Admin::ProtObject->find( acl => $href->{attached} );

  # Attach an authorization rule

  $resp = $pobj->authzrule( attach => 'silly' );

  # Find out where else the authzrule is attached

  $resp = Tivoli::AccessManager::Admin::ProtObject->find( authzrule => 'silly' );

  # Detach an authzrule

  $resp = $pobj->authzrule( detach => 1 );

  # Get the attached and effective Authzrule

  $resp = $pobj->authzrule;

  my $href = $resp->value;

  print "Effective Authz: $href->{effective}\n";

  print "Attached Authz: $href->{attached}\n";

  # Get a list of the objects under /test

  my $top = Tivoli::AccessManager::Admin::ProtObject->new( $pd, name => '/test' );

  $resp = $top->list;

  # See what POPs are attached to the object

  $resp = $pobj->pop;

  # Set is_policy_attachable bit to 0

  $resp = $pobj->policy_attachable( 0 );

 

  # Add some attributes

  $resp = $pobj->attributes( add => { evil => 1, 

                                      smoking => [ qw/strawberry crack/ ]

                                    });

  # Remove one of the values

  $resp = $pobj->attributes( remove => { smoking => 'crack' } );

  # Remove the keys

  $resp = $pobj->attributes( removekey => [ qw/evil smoking/ ] )

  # Finally, delete it

  $resp = $pobj->delete;


DESCRIPTION

Tivoli::AccessManager::Admin::ProtObject provides the interface to the protected object API calls.


CONSTRUCTORS

new( PDADMIN[, name => NAME, type => TYPE, description => DESC ])

Creates a new the Tivoli::AccessManager::Admin::ProtObject manpage object.

Parameters

PDADMIN
A blessed and initialized the Tivoli::AccessManager::Admin::Context manpage. This is the only required parameter.

name => NAME
The name of the protected object. This usually looks an awful lot like a UNIX path.

type => TYPE
The protected object type. See Types for a full discussion of the allowed values.

description => DESC
Some descriptive text.

Returns

A blessed the Tivoli::AccessManager::Admin::ProtObject manpage object. If the type is specified and it is not a valid type, you will get a nasty warning and a return of undef.

create(PDADMIN,name => NAME[, type => TYPE, description => DESC ])

create, as with all the other modules, can be used to both initialize the the Tivoli::AccessManager::Admin::ProtObject manpage instance and create the object in the policy database.

In this case, the newly created instance will be returned to you in a the Tivoli::AccessManager::Admin::Response manpage object. See that module's Fine Documentation to learn how to get it.

Parameters

The parameters are identical to those for new. The only difference is that the name is now a required parameter.

Returns

A the Tivoli::AccessManager::Admin::Response manpage object containing the new instance.


CLASS METHODS

find(PDADMIN, <acl => 'acl name' | authzrule => 'auth rule name'>)

Searches the object space for every object to which either the ACL or the authzrule is attached. You can use this method, but I think the find methods for the Tivoli::AccessManager::Admin::ACL manpage and the Tivoli::AccessManager::Admin::Authzrule manpage make more sense.

Parameters

You only need to provide either the acl or authzrule. If both are provided, the ACL will win.

PDADMIN
A blessed and initialized the Tivoli::AccessManager::Admin::Context manpage. This is the only required parameter.

acl => 'acl name'
The name of the ACL for which we are searching.

authzrule => 'auth rule name'
The name of the authzrule for which we are searching.

Returns

A the Tivoli::AccessManager::Admin::Response manpage object containing a possibly empty array of all objects found.


METHODS

Unless otherwise mentioned, everything returns a the Tivoli::AccessManager::Admin::Response manpage object.

create([ name => NAME, type => TYPE, description => DESC ])

Yes, create can also be used as a method.

Parameters

The same as create the constructor. You must provide the name of you did not provide it to new.

Returns

A the Tivoli::AccessManager::Admin::Response manpage object containing the new instance.

delete

Deletes the object from the policy database.

Parameters

None

Returns

Success if the object exists and it can be deleted.

get

Refreshes the cached ivadmin_protobj structure. This should almost never need to be used by you, unless you decide to bypass my nice interface and go directly to the API calls.

Parameters

None

Returns

None

acl([attach => 'ACL Name', detach => 'ACL Name'])

Attaches or detaches an ACL from the object. If called with no parameters, returns the attached and effective ACL for that object. If called with both attach and detach, detaches are handled first.

Parameters

attach => 'ACL Name'
This will cause the named ACL to be attached to the the object.

detach => 'ACL Name'
The will cause the named ACL to be detached.

Returns

Any attempt to attach an ACL that does not exist or detach an ACL not already attached will result in an error.

Otherwise, you will get a hash that looks like this:

attached
The name of the attached ACL if any

effective
The name of the effective ACL.

authzrule([attach => ``Authzrule'', detach => ``Authzrule''])

Attaches and detaches authorization rules. Unlike acl, this code is currently completely untested. I don't yet know how to create authzrules to test it.

Parameters

attach => 'authzrule Name'
This will cause the named authzrule to be attached to the the object.

detach => 'authzrule Name'
The will cause the named authzrule to be detached.

Returns

Any attempt to attach an authzrule that does not exist or detach an authzrule not already attached will result in an error.

Otherwise, you will get a hash that looks like this:

attached
The name of the attached authzrule if any

effective
The name of the effective authzrule.

pop

Returns the attached and effective POP. See the Tivoli::AccessManager::Admin::POP manpage for the attach and detach methods. Don't look at me -- I didn't write the API.

Parameters

None

Returns

A hash that looks like this:

attached
The name of the attached POP if any

effective
The name of the effective POP.

type([TYPE])

Sets or gets the object's type. See Types for a discussion of the valid types.

Parameters

type => TYPE
The object's new type.

Returns

The object's type.

description(['DESC'])

Give the object some enlightening description.

Parameters

'DESC'
The new description. This is optional, as usual.

Returns

The object's description.

policy_attachable([0|1])

Allow policies to be attached or not.

Parameters

  1. | 1
  2. 0 to disable attaching policies, 1 to enable.

Returns

1 if the object allows policies to be attached, 0 otherwise.

list

Lists all of the object immediately below the object in question.

Parameters

None

Returns

A list, possibly empty, of all the sub-objects.

attributes([add => { key => [qw/value0 value1/] | 'value0' }, remove => { key => [qw/value0 value1/] | 'value0' }, removekey => [qw/key0 key1] ] )

Adds key/value attributes to an object, removes the values and removes the entire key/value pairs. I find these to be the more ... annoying functions.

Parameters

add => { key => [qw/ value0 value1/] | 'value0' }
Causes attribute to add any number of key/value pairs to the object. As you can have multiple values associated with any given key, you can either use an array reference for multiple values, or a simple scalar if you are playing with only one.

You can, obviously, add multiple keys with the same call. You can also, strangely enough, add the same value to a key multiple times.

remove => { key => [qw/ value0 value1/] | 'value0' }
Removes the specified value(s) from the key. This does not remove the key, simply the values from the key. You will get an error if you try to remove a value that is not defined.

removekey => [qw/key0 key1]
Removes both the attribute and any associated values from the object.

Returns

A hash of lists. The hash is keyed off of the attribute names. The values for each attribute are returned as a list -- even if there is only one value.

name

Returns the name of the object. This is returned as a simple string not in a the Tivoli::AccessManager::Admin::Response manpage object.

exist

Returns a boolean indicating if the object exists or not. This does not return a the Tivoli::AccessManager::Admin::Response manpage object.


ACKNOWLEDGEMENTS

See the Tivoli::AccessManager::Admin manpage for the full list of acknoledgements.


BUGS

None known yet, although I am thinking there are parts of the interface that need to change. I do not like having to use a hash in the methods that require only one parameter, but I do not like breaking the pattern almost as much.


AUTHOR

Mik Firestone <mikfire@gmail.com>


COPYRIGHT

Copyright (c) 2004-2011 Mik Firestone. All rights reserved. This program is free software; you can redistibute it and/or modify it under the same terms as Perl itself.

Standard IBM copyright, trademark, patent and ownership statement.

Programminig
Wy
Wy
yW
Wy
Programming
Wy
Wy
Wy
Wy