Initial bits of lace

1 files changed, 29 insertions, 0 deletions

diff --git a/README b/README
new file mode 100644
index 0000000..a006a01
--- /dev/null
+++ b/README
@@ -0,0 +1,29 @@
+Lua Access Control Engine - Lace
+================================
+
+Lace is a simple access control engine modelled on Squid's acl syntax.
+It provides a parser of rulesets and an engine to execute the parsed
+rulesets.  It relies on the calling application to provide access
+control types and then Lace runs the boolean logic and returns an
+allow/deny result along with the location of the decision and any
+description provided by it.  Lace also handles errors in the control
+callbacks to always return gracefully in the form:
+
+local result, reason = engine:run(context)
+
+if result == nil then
+   report_error(reason)
+elseif result == false then
+   handle_deny(reason)
+else
+   handle_allow(reason)
+end
+
+Lace is designed to allow a ruleset loaded into an engine to be run
+multiple times with different contexts, each time unaffected by the
+last.  Of course, this relies on various idempotency requirements
+being placed on the control type callbacks, but that is covered in the
+usage documentation.
+
+For some examples of using Lace, please see the examples/ tree.
+