diff options
author | Daniel Silverstone <dsilvers@digital-scurf.org> | 2012-05-13 14:45:27 +0100 |
---|---|---|
committer | Daniel Silverstone <dsilvers@digital-scurf.org> | 2012-05-13 14:45:27 +0100 |
commit | 3a3b114e2f2d7895af6baa026b41f163c1ebba8f (patch) | |
tree | 32956590fe5bec88fe8947c51d631a4c23ea7156 /README | |
download | lace-3a3b114e2f2d7895af6baa026b41f163c1ebba8f.tar.gz |
Initial bits of lace
Diffstat (limited to 'README')
-rw-r--r-- | README | 29 |
1 files changed, 29 insertions, 0 deletions
@@ -0,0 +1,29 @@ +Lua Access Control Engine - Lace +================================ + +Lace is a simple access control engine modelled on Squid's acl syntax. +It provides a parser of rulesets and an engine to execute the parsed +rulesets. It relies on the calling application to provide access +control types and then Lace runs the boolean logic and returns an +allow/deny result along with the location of the decision and any +description provided by it. Lace also handles errors in the control +callbacks to always return gracefully in the form: + +local result, reason = engine:run(context) + +if result == nil then + report_error(reason) +elseif result == false then + handle_deny(reason) +else + handle_allow(reason) +end + +Lace is designed to allow a ruleset loaded into an engine to be run +multiple times with different contexts, each time unaffected by the +last. Of course, this relies on various idempotency requirements +being placed on the control type callbacks, but that is covered in the +usage documentation. + +For some examples of using Lace, please see the examples/ tree. + |