Class: Conjur::Policy::Executor::Base

Inherits:

Object

• Object
• Conjur::Policy::Executor::Base

Includes:

Escape, Logger

Defined in:

lib/conjur/policy/executor/base.rb

Overview

Builds a list of execution actions for a statement. The statement is an object from Conjur::Policy::Types. Each execution action is an HTTP method, a request path, and request parameters.

Direct Known Subclasses

Create, Deny, Give, Grant, Permit, Retire, Revoke, Update

Instance Attribute Summary

• #actions ⇒ Object readonly

  Returns the value of attribute actions.

• #api ⇒ Object readonly

  Returns the value of attribute api.

• #statement ⇒ Object readonly

  Returns the value of attribute statement.

Instance Method Summary

• #action(obj) ⇒ Object
• #execute ⇒ Object
• #initialize(api, statement, actions) ⇒ Base constructor

  A new instance of Base.

• #resource_path(record = nil) ⇒ Object
• #role_path(record = nil) ⇒ Object

Methods included from Logger

included

Constructor Details

#initialize(api, statement, actions) ⇒ Base

Returns a new instance of Base.

# File 'lib/conjur/policy/executor/base.rb', line 14

def initialize api, statement, actions
  @api = api
  @statement = statement
  @actions = actions
end

Instance Attribute Details

#actions ⇒ Object (readonly)

Returns the value of attribute actions.

# File 'lib/conjur/policy/executor/base.rb', line 12

def actions
  @actions
end

#api ⇒ Object (readonly)

Returns the value of attribute api.

# File 'lib/conjur/policy/executor/base.rb', line 12

def api
  @api
end

#statement ⇒ Object (readonly)

Returns the value of attribute statement.

# File 'lib/conjur/policy/executor/base.rb', line 12

def statement
  @statement
end

Instance Method Details

#action(obj) ⇒ Object

# File 'lib/conjur/policy/executor/base.rb', line 20

def action obj
  @actions.push obj
end

#execute ⇒ Object

# File 'lib/conjur/policy/executor/base.rb', line 24

def execute
  raise "execute not implemented in #{self.class.name}"
end

#resource_path(record = nil) ⇒ Object

# File 'lib/conjur/policy/executor/base.rb', line 28

def resource_path record = nil
  record ||= self.statement
  [ "authz", record.account, "resources", record.resource_kind, path_escape(record.id) ].join('/')
end

#role_path(record = nil) ⇒ Object

# File 'lib/conjur/policy/executor/base.rb', line 33

def role_path record = nil
  record ||= self.statement
  [ "authz", record.account, "roles", record.role_kind, path_escape(record.id) ].join('/')
end