diff options
author | Daniel Silverstone <dsilvers@digital-scurf.org> | 2012-05-13 14:45:27 +0100 |
---|---|---|
committer | Daniel Silverstone <dsilvers@digital-scurf.org> | 2012-05-13 14:45:27 +0100 |
commit | 3a3b114e2f2d7895af6baa026b41f163c1ebba8f (patch) | |
tree | 32956590fe5bec88fe8947c51d631a4c23ea7156 | |
download | lace-3a3b114e2f2d7895af6baa026b41f163c1ebba8f.tar.gz |
Initial bits of lace
-rw-r--r-- | .gitignore | 1 | ||||
-rw-r--r-- | COPYING | 26 | ||||
-rw-r--r-- | README | 29 |
3 files changed, 56 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b25c15b --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +*~ @@ -0,0 +1,26 @@ +Copyright 2012 Daniel Silverstone <dsilvers@digital-scurf.org> +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions +are met: +1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. +3. Neither the name of the author nor the names of their contributors + may be used to endorse or promote products derived from this software + without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +SUCH DAMAGE. @@ -0,0 +1,29 @@ +Lua Access Control Engine - Lace +================================ + +Lace is a simple access control engine modelled on Squid's acl syntax. +It provides a parser of rulesets and an engine to execute the parsed +rulesets. It relies on the calling application to provide access +control types and then Lace runs the boolean logic and returns an +allow/deny result along with the location of the decision and any +description provided by it. Lace also handles errors in the control +callbacks to always return gracefully in the form: + +local result, reason = engine:run(context) + +if result == nil then + report_error(reason) +elseif result == false then + handle_deny(reason) +else + handle_allow(reason) +end + +Lace is designed to allow a ruleset loaded into an engine to be run +multiple times with different contexts, each time unaffected by the +last. Of course, this relies on various idempotency requirements +being placed on the control type callbacks, but that is covered in the +usage documentation. + +For some examples of using Lace, please see the examples/ tree. + |