CONTENTS

• NAME
• VERSION
• SYNOPSIS
• DESCRIPTION
• CONFIGURATION
  • schema
  • userid_field
  • role_field
• HELPERS
  • yancy.auth.has_role
  • yancy.auth.require_role
• SEE ALSO
• AUTHOR
• COPYRIGHT AND LICENSE

#NAME

Yancy::Plugin::Roles - Role-based access controls (RBAC)

#VERSION

version 1.081

#SYNOPSIS

plugin Yancy => ...;
plugin Auth => ...;
plugin Roles => {
    schema => 'roles',
    userid_field => 'username',
};

#DESCRIPTION

Note: This module is EXPERIMENTAL and its API may change before Yancy v2.000 is released.

This plugin provides user authorization based on roles. Roles are created by using the "require_role" method. User accounts are provided by Yancy::Plugin::Auth (or a subclass). Accounts are mapped to roles in the database.

#CONFIGURATION

This plugin has the following configuration options.

#schema

The name of the Yancy schema that holds role memberships. Required.

#userid_field

The name of the field in the schema which is the user's identifier. This field should be named the same in both the user schema and the roles schema.

#role_field

The name of the field in the schema which holds the role. Defaults to role.

#HELPERS

This plugin has the following helpers.

#yancy.auth.has_role

Return true if the current user has the given role.

get '/admin' => sub {
    my $c = shift;
    return $c->reply->not_found unless $c->yancy->auth->has_role( 'admin' );
};

#yancy.auth.require_role

Validate there is a logged-in user and that the user belongs to the given role(s). Returns a callback that can be used in under.

my $require_admin = $app->yancy->auth->require_role( 'admin' );
my $admin_routes = $app->routes->under( '/admin', $require_admin );

#SEE ALSO

Yancy::Plugin::Auth

#AUTHOR

Doug Bell <preaction@cpan.org>

#COPYRIGHT AND LICENSE

This software is copyright (c) 2021 by Doug Bell.

This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself.