Class: Conjur::Command::Policy

Inherits:

DSLCommand

• Object
• DSLCommand
• Conjur::Command::Policy

Defined in:

lib/conjur/command/policy.rb

Class Method Summary

• .execute(api, records, options = {}) ⇒ Object
• .load(filename) ⇒ Object
• .loader ⇒ Object
• .save_context_to_file(context, path) ⇒ Object
• .script_from_filename(filename) ⇒ Object

Class Method Details

.execute(api, records, options = {}) ⇒ Object

# File 'lib/conjur/command/policy.rb', line 53

def self.execute api, records, options = {}
  actions = []
  records.each do |record|
    executor_class = Conjur::Policy::Executor.class_for(record)
    executor = executor_class.new(api, record, actions)
    executor.execute
  end
  Conjur::Policy::HTTPExecutor.new(api).execute actions
end

.load(filename) ⇒ Object

# File 'lib/conjur/command/policy.rb', line 24

def self.load filename
  script = script_from_filename filename
  loader.load script, filename
end

.loader ⇒ Object

# File 'lib/conjur/command/policy.rb', line 48

def self.loader
  mod = Conjur::Policy.const_get 'YAML'
  mod.const_get "Loader"
end

.save_context_to_file(context, path) ⇒ Object

# File 'lib/conjur/command/policy.rb', line 64

def self.save_context_to_file context, path

  existing = if File.file?(path)
    JSON.load(File.read(path))
  else
    {}
  end

  File.write(path, existing.merge(context).to_json)
rescue => ex
  # It would suck to lose all your API keys by fat-fingering the filename -- write it to the stdout if
  # anything goes wrong.
  $stderr.puts "Error saving context to #{path}: #{ex}.  Context will be written to the stdout"
  $stderr.puts ex.backtrace.join("\n\t") if ENV['DEBUG']
  puts context.to_json
end

.script_from_filename(filename) ⇒ Object

# File 'lib/conjur/command/policy.rb', line 29

def self.script_from_filename filename
  if filename
    if File.exists?(filename)
      File.read(filename)
    else
      require 'open-uri'
      uri = URI.parse(filename)
      raise "Unable to read this kind of URL : #{filename}" unless uri.respond_to?(:read)
      begin
        uri.read
      rescue OpenURI::HTTPError
        raise "Unable to read URI #{filename} : #{$!.message}"
      end
    end
  else
    STDIN.read
  end
end