Class: Cerbos::Input::Principal

Inherits:
Object
  • Object
show all
Defined in:
lib/cerbos/input/principal.rb

Overview

A principal (often a user, but potentially another actor like a service account) to authorize.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(id:, roles:, attributes: {}, policy_version: nil, scope: nil) ⇒ Principal

Specify a principal to authorize.

Parameters:

  • id (String)

    a unique identifier for the principal.

  • roles (Array<String>)

    the roles held by the principal.

  • attributes (Attributes, Hash) (defaults to: {})

    application-specific attributes describing the principal.

  • policy_version (String, nil) (defaults to: nil)

    the policy version to use when authorizing the principal (nil to use the Cerbos policy decision point server’s configured default version).

  • scope (String, nil) (defaults to: nil)

    the policy scope to use when authorizing the principal.


43
44
45
46
47
48
49
# File 'lib/cerbos/input/principal.rb', line 43

def initialize(id:, roles:, attributes: {}, policy_version: nil, scope: nil)
  @id = id
  @roles = roles
  @attributes = Input.coerce_required(attributes, Attributes)
  @policy_version = policy_version
  @scope = scope
end

Instance Attribute Details

#attributesAttributes (readonly)

Application-specific attributes describing the principal.

Returns:


20
21
22
# File 'lib/cerbos/input/principal.rb', line 20

def attributes
  @attributes
end

#idString (readonly)

A unique identifier for the principal.

Returns:

  • (String)

10
11
12
# File 'lib/cerbos/input/principal.rb', line 10

def id
  @id
end

#policy_versionString? (readonly)

The policy version to use when authorizing the principal.

Returns:

  • (String)
  • (nil)

    if not provided (in which case the Cerbos policy decision point server’s configured default version will be used).


26
27
28
# File 'lib/cerbos/input/principal.rb', line 26

def policy_version
  @policy_version
end

#rolesArray<String> (readonly)

The roles held by the principal.

Returns:

  • (Array<String>)

15
16
17
# File 'lib/cerbos/input/principal.rb', line 15

def roles
  @roles
end

#scopeString? (readonly)

The policy scope to use when authorizing the principal.

Returns:

  • (String)
  • (nil)

    if not provided.

See Also:


34
35
36
# File 'lib/cerbos/input/principal.rb', line 34

def scope
  @scope
end