Module: TreasureData::API::AccessControl

Included in:

TreasureData::API

Defined in:

lib/td/client/api/access_control.rb

Instance Method Summary

• #grant_access_control(subject, action, scope, grant_option) ⇒ true
• #list_access_controls ⇒ Array
• #revoke_access_control(subject, action, scope) ⇒ true
• #test_access_control(user, action, scope) ⇒ Array

Instance Method Details

#grant_access_control(subject, action, scope, grant_option) ⇒ true

Parameters:

• subject (String)
• action (String)
• scope (String)
• grant_option (Array)

Returns:

• (true)

# File 'lib/td/client/api/access_control.rb', line 13

def grant_access_control(subject, action, scope, grant_option)
  params = {'subject'=>subject, 'action'=>action, 'scope'=>scope, 'grant_option'=>grant_option.to_s}
  code, body, res = post("/v3/acl/grant", params)
  if code != "200"
    raise_error("Granting access control failed", res)
  end
  return true
end

#list_access_controls ⇒ Array

Returns:

• (Array)

# File 'lib/td/client/api/access_control.rb', line 57

def list_access_controls
  code, body, res = get("/v3/acl/list")
  if code != "200"
    raise_error("Listing access control failed", res)
  end
  js = checked_json(body, %w[access_controls])
  acl = js["access_controls"].map {|roleinfo|
    subject = roleinfo['subject']
    action = roleinfo['action']
    scope = roleinfo['scope']
    grant_option = roleinfo['grant_option']
    [subject, action, scope, grant_option]
  }
  return acl
end

#revoke_access_control(subject, action, scope) ⇒ true

Parameters:

• subject (String)
• action (String)
• scope (String)

Returns:

• (true)

# File 'lib/td/client/api/access_control.rb', line 26

def revoke_access_control(subject, action, scope)
  params = {'subject'=>subject, 'action'=>action, 'scope'=>scope}
  code, body, res = post("/v3/acl/revoke", params)
  if code != "200"
    raise_error("Revoking access control failed", res)
  end
  return true
end

#test_access_control(user, action, scope) ⇒ Array

Parameters:

• user (String)
• action (String)
• scope (String)

Returns:

• (Array)

# File 'lib/td/client/api/access_control.rb', line 39

def test_access_control(user, action, scope)
  params = {'user'=>user, 'action'=>action, 'scope'=>scope}
  code, body, res = get("/v3/acl/test", params)
  if code != "200"
    raise_error("Testing access control failed", res)
  end
  js = checked_json(body, %w[permission access_controls])
  perm = js["permission"]
  acl = js["access_controls"].map {|roleinfo|
    subject = roleinfo['subject']
    action = roleinfo['action']
    scope = roleinfo['scope']
    [name, action, scope]
  }
  return perm, acl
end