In Files
- drb/acl.rb
Class/Module Index
![[+]](./images/find.png "show/hide quicksearch")
- ACL
- ACL::ACLEntry
- ACL::ACLList
- DRb
- DRb::DRbArray
- DRb::DRbBadScheme
- DRb::DRbBadURI
- DRb::DRbConn
- DRb::DRbConnError
- DRb::DRbError
- DRb::DRbIdConv
- DRb::DRbIdConv
- DRb::DRbMessage
- DRb::DRbObject
- DRb::DRbObject
- DRb::DRbObservable
- DRb::DRbProtocol
- DRb::DRbRemoteError
- DRb::DRbSSLSocket
- DRb::DRbSSLSocket::SSLConfig
- DRb::DRbServer
- DRb::DRbServer::InvokeMethod18Mixin
- DRb::DRbServerNotFound
- DRb::DRbTCPSocket
- DRb::DRbUNIXSocket
- DRb::DRbUndumped
- DRb::DRbUndumped
- DRb::DRbUnknown
- DRb::DRbUnknownError
- DRb::ExtServ
- DRb::ExtServManager
- DRb::GW
- DRb::GWIdConv
- DRb::TimerIdConv
- DRb::TimerIdConv::TimerHolder2
- DRb::TimerIdConv::TimerHolder2::InvalidIndexError
- Foo
- Object
ACL
Simple Access Control Lists.
Access control lists are composed of “allow” and “deny” halves to control access. Use “all” or “*” to match any address. To match a specific address use any address or address mask that IPAddr can understand.
Example:
list = %w[ deny all allow 192.168.1.1 allow ::ffff:192.168.1.2 allow 192.168.1.3 ] # From Socket#peeraddr, see also ACL#allow_socket? addr = ["AF_INET", 10, "lc630", "192.168.1.3"] acl = ACL.new p acl.allow_addr?(addr) # => true acl = ACL.new(list, ACL::DENY_ALLOW) p acl.allow_addr?(addr) # => true
Constants
- ALLOW_DENY
Default to allow
- DENY_ALLOW
Default to deny
- VERSION
The current version of ACL
Public Class Methods
Creates a new ACL from list with an
evaluation order of DENY_ALLOW or ALLOW_DENY.
An ACL list is an Array of “allow” or
“deny” and an address or address mask or “all” or “*” to match any address:
%w[
deny all
allow 192.0.2.2
allow 192.0.2.128/26
]
# File drb/acl.rb, line 172
def initialize(list=nil, order = DENY_ALLOW)
@order = order
@deny = ACLList.new
@allow = ACLList.new
install_list(list) if list
end
Public Instance Methods
Allow connections from addrinfo addr? It must be formatted
like Socket#peeraddr:
["AF_INET", 10, "lc630", "192.0.2.1"]
# File drb/acl.rb, line 196
def allow_addr?(addr)
case @order
when DENY_ALLOW
return true if @allow.match(addr)
return false if @deny.match(addr)
return true
when ALLOW_DENY
return false if @deny.match(addr)
return true if @allow.match(addr)
return false
else
false
end
end
Allow connections from Socket soc?
# File drb/acl.rb, line 184
def allow_socket?(soc)
allow_addr?(soc.peeraddr)
end
Adds list of ACL entries to this ACL.
# File drb/acl.rb, line 216
def install_list(list)
i = 0
while i < list.size
permission, domain = list.slice(i,2)
case permission.downcase
when 'allow'
@allow.add(domain)
when 'deny'
@deny.add(domain)
else
raise "Invalid ACL entry #{list.to_s}"
end
i += 2
end
end
Commenting is here to help enhance the documentation. For example, code samples, or clarification of the documentation.
If you have questions about Ruby or the documentation, please post to one of the Ruby mailing lists. You will get better, faster, help that way.
If you wish to post a correction of the docs, please do so, but also file bug report so that it can be corrected for the next release. Thank you.
If you want to help improve the Ruby documentation, please visit Documenting-ruby.org.