Initial bits of lace

3 files changed, 56 insertions, 0 deletions

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..b25c15b
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+*~
diff --git a/COPYING b/COPYING
new file mode 100644
index 0000000..a4ddae0
--- /dev/null
+++ b/COPYING
@@ -0,0 +1,26 @@
+Copyright 2012 Daniel Silverstone <dsilvers@digital-scurf.org>
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the above copyright
+   notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+   notice, this list of conditions and the following disclaimer in the
+   documentation and/or other materials provided with the distribution.
+3. Neither the name of the author nor the names of their contributors
+   may be used to endorse or promote products derived from this software
+   without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
diff --git a/README b/README
new file mode 100644
index 0000000..a006a01
--- /dev/null
+++ b/README
@@ -0,0 +1,29 @@
+Lua Access Control Engine - Lace
+================================
+
+Lace is a simple access control engine modelled on Squid's acl syntax.
+It provides a parser of rulesets and an engine to execute the parsed
+rulesets.  It relies on the calling application to provide access
+control types and then Lace runs the boolean logic and returns an
+allow/deny result along with the location of the decision and any
+description provided by it.  Lace also handles errors in the control
+callbacks to always return gracefully in the form:
+
+local result, reason = engine:run(context)
+
+if result == nil then
+   report_error(reason)
+elseif result == false then
+   handle_deny(reason)
+else
+   handle_allow(reason)
+end
+
+Lace is designed to allow a ruleset loaded into an engine to be run
+multiple times with different contexts, each time unaffected by the
+last.  Of course, this relies on various idempotency requirements
+being placed on the control type callbacks, but that is covered in the
+usage documentation.
+
+For some examples of using Lace, please see the examples/ tree.
+