Help-Site Computer Manuals
Software
Hardware
Programming
Networking
  Algorithms & Data Structures   Programming Languages   Revision Control
  Protocols
  Cameras   Computers   Displays   Keyboards & Mice   Motherboards   Networking   Printers & Scanners   Storage
  Windows   Linux & Unix   Mac

AxKit::App::TABOO::XSP::User
User information management and authorization tag library for TABOO

AxKit::App::TABOO::XSP::User - User information management and authorization tag library for TABOO


NAME

AxKit::App::TABOO::XSP::User - User information management and authorization tag library for TABOO


SYNOPSIS

Add the user: namespace to your XSP <xsp:page> tag, e.g.:


    <xsp:page

         language="Perl"

         xmlns:xsp="http://apache.org/xsp/core/v1";

         xmlns:user="http://www.kjetil.kjernsmo.net/software/TABOO/NS/User";

    >

Add this taglib to AxKit (via httpd.conf or .htaccess):


  AxAddXSPTaglib AxKit::App::TABOO::XSP::User


DESCRIPTION

This XSP taglib provides a few tags to retrieve, set, modify and save user information, as it communicates with TABOO Data objects, particulary the AxKit::App::TABOO::Data::User manpage and <AxKit::App::TABOO::Data::User::Contributor>.

the Apache::AxKit::Language::XSP::SimpleTaglib manpage has been used to write this taglib.


Tag Reference

<store/>

It will take whatever data it finds in the the Apache::Request manpage object held by AxKit, and hand it to a new the AxKit::App::TABOO::Data::User manpage object, which will use whatever data it finds useful. It may also take newpasswd1 and newpasswd2 fields, and if they are encountered, they will be checked if they are equal and then the password will be encrypted before it is sent to the Data object. The Data object is then instructed to save itself.

<new-user/>

This tag will store the contents of an Apache::Request object in the data store, but perform little checks on the data given. The only thing it checks is that the username isn't in use and allready. Then, if the authlevel is different from 1, it is checked if the logged in user is privileged to set the authlevel.

<get-passwd username="foo"/>

This tag will return the password of a user. The username may be given in an attribute or child element named username.

<get-authlevel username="foo"/>

This tag will return the authorization level of a user, which is an integer that may be used to grant or deny access to certain elements or pages. The username may be given in an attribute or child element named username.

<get-user username="foo"/>

This tag will return and XML representation of the user information. The username may be given in an attribute or child element named username.

<exists username="foo"/>

This tag will check if a user allready exists. Like <password-matches> this tag is a boolean tag, which has child elements <true> and <false>. It takes a username, which may be given as an attribute or a child element named username, and if the user is found in the data store, the contents of <true> child element is included, otherwise, the contents of <false> is included.

<is-authorized authlevel="5" username="foo">

This is a boolean tag, which has child elements <true> and <false>. It takes an autherization level in an attribute or child element named authlevel, and an attribute or child element named username. If the authenticated user has it least this level or the given username matches the username of the authenticated user, the contents of the <true> element will be included in the output document. Conversely, if the user has insufficient privileges the contents of <false> will be in the result document.

NOTE: This should not be looked upon as a ``security feature''. While it is possible to use it to make sure that an input control is not shown to someone who is not authorized to modify it (and this may indeed be its primary use), a malicious user could still insert data to that field by supplying arguments in a POST or GET request. Consequently, critical data must be checked for sanity before they are passed to the Data objects. The Data objects themselves are designed to believe anything they're fed, so it is most natural to do it in a taglib before handing the data to a Data object. See e.g. the internals of the <store/> tag for an example.

<valid-authlevels/>

This returns a list of the authorization levels that the present user can legitimitely set. This is an ugly and temporary solution, I think it should be worked out elsewhere than the taglib, but I couldn't find a way to do it....

<random-password/>

Shamelessly stolen from Jörg Walter's the AxKit::XSP::Auth manpage taglib, this would generate a new random password, see his documentation for details.

<authnuser/>

This tag will return the username of the logged in and authenticated user.


TODO

Currently, <exists> checks if a user exists by checking if the real name is defined. This is likely to change in the future. Do not rely on this behaviour, but do make sure every-one has a real name!


FORMALITIES

See the AxKit::App::TABOO manpage.

Programminig
Wy
Wy
yW
Wy
Programming
Wy
Wy
Wy
Wy