Class: Cerbos::Input::Principal

Inherits:
Object
  • Object
show all
Defined in:
lib/cerbos/input/principal.rb

Overview

A principal (often a user, but potentially another actor like a service account) to authorize.

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(id:, roles:, attr: {}, attributes: nil, policy_version: nil, scope: nil) ⇒ Principal

Specify a principal to authorize.

Parameters:

  • id (String)

    a unique identifier for the principal.

  • roles (Array<String>)

    the roles held by the principal.

  • attr (Attributes, Hash) (defaults to: {})

    application-specific attributes describing the principal.

  • attributes (Attributes, Hash) (defaults to: nil)

    deprecated (use attr instead).

  • policy_version (String, nil) (defaults to: nil)

    the policy version to use when authorizing the principal (nil to use the Cerbos policy decision point server's configured default version).

  • scope (String, nil) (defaults to: nil)

    the policy scope to use when authorizing the principal.



44
45
46
47
48
49
50
51
52
53
54
55
# File 'lib/cerbos/input/principal.rb', line 44

def initialize(id:, roles:, attr: {}, attributes: nil, policy_version: nil, scope: nil)
  unless attributes.nil?
    Cerbos.deprecation_warning "The `attributes` keyword argument is deprecated. Use `attr` instead."
    attr = attributes
  end

  @id = id
  @roles = roles
  @attr = Input.coerce_required(attr, Attributes)
  @policy_version = policy_version
  @scope = scope
end

Instance Attribute Details

#attrAttributes (readonly)

Application-specific attributes describing the principal.

Returns:



20
21
22
# File 'lib/cerbos/input/principal.rb', line 20

def attr
  @attr
end

#idString (readonly)

A unique identifier for the principal.

Returns:

  • (String)


10
11
12
# File 'lib/cerbos/input/principal.rb', line 10

def id
  @id
end

#policy_versionString? (readonly)

The policy version to use when authorizing the principal.

Returns:

  • (String)
  • (nil)

    if not provided (in which case the Cerbos policy decision point server's configured default version will be used).



26
27
28
# File 'lib/cerbos/input/principal.rb', line 26

def policy_version
  @policy_version
end

#rolesArray<String> (readonly)

The roles held by the principal.

Returns:

  • (Array<String>)


15
16
17
# File 'lib/cerbos/input/principal.rb', line 15

def roles
  @roles
end

#scopeString? (readonly)

The policy scope to use when authorizing the principal.

Returns:

  • (String)
  • (nil)

    if not provided.

See Also:



34
35
36
# File 'lib/cerbos/input/principal.rb', line 34

def scope
  @scope
end

Instance Method Details

#attributesAttributes

Deprecated.

Use #attr instead.

Application-specific attributes describing the principal.

Returns:



61
62
63
64
# File 'lib/cerbos/input/principal.rb', line 61

def attributes
  Cerbos.deprecation_warning "The `attributes` method is deprecated. Use `attr` instead."
  attr
end