Pass object type and name to external ACL verifiers

This requires changing the ACL verifier plumbing to pass object type and name all the way through when verifying ACLs. Hopefully I caught everything.
author: Russ Allbery <eagle@eyrie.org> 2016-01-16 15:34:22 -0800
committer: Russ Allbery <eagle@eyrie.org> 2016-01-16 15:35:49 -0800
commit: d2fde5b8330cab6bd6210ef99a628b1897676897 (patch)
tree: 3bdb4383a95efc5c36b7fabe07ca7df0cb50f719 /perl/lib/Wallet/ACL/Base.pm
parent: 44b98b0005effceb6fb5497b336fa86e05675e6f (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/perl/lib/Wallet/ACL/Base.pm b/perl/lib/Wallet/ACL/Base.pm
index 19ca612..3778c07 100644
--- a/perl/lib/Wallet/ACL/Base.pm
+++ b/perl/lib/Wallet/ACL/Base.pm
@@ -103,10 +103,12 @@ This method should be overridden by any child classes that want to
 implement validating the name of an ACL before creation.  The default
 implementation allows any name for an ACL.
 
-=item check(PRINCIPAL, ACL)
+=item check(PRINCIPAL, ACL, TYPE, NAME)
 
 This method should always be overridden by child classes.  The default
-implementation just declines all access.
+implementation just declines all access.  TYPE and NAME are the type and
+name of the object being accessed, which may be used by some ACL schemes
+or may be ignored.
 
 =item error([ERROR ...])
author	Russ Allbery <eagle@eyrie.org>	2016-01-16 15:34:22 -0800
committer	Russ Allbery <eagle@eyrie.org>	2016-01-16 15:35:49 -0800
commit	d2fde5b8330cab6bd6210ef99a628b1897676897 (patch)
tree	3bdb4383a95efc5c36b7fabe07ca7df0cb50f719 /perl/lib/Wallet/ACL/Base.pm
parent	44b98b0005effceb6fb5497b336fa86e05675e6f (diff)