Class: Statement

Inherits:
Object
  • Object
show all
Defined in:
lib/cfn-model/model/statement.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initializeStatement

Returns a new instance of Statement.



12
13
14
15
16
17
 
# File 'lib/cfn-model/model/statement.rb', line 12

def initialize
  @actions = []
  @not_actions = []
  @resources = []
  @not_resources = []
end

Instance Attribute Details

#actionsObject

Returns the value of attribute actions.



8
9
10
 
# File 'lib/cfn-model/model/statement.rb', line 8

def actions
  @actions
end

#conditionObject

Returns the value of attribute condition.



7
8
9
 
# File 'lib/cfn-model/model/statement.rb', line 7

def condition
  @condition
end

#effectObject

Returns the value of attribute effect.



7
8
9
 
# File 'lib/cfn-model/model/statement.rb', line 7

def effect
  @effect
end

#not_actionsObject

Returns the value of attribute not_actions.



8
9
10
 
# File 'lib/cfn-model/model/statement.rb', line 8

def not_actions
  @not_actions
end

#not_principalObject

Returns the value of attribute not_principal.



10
11
12
 
# File 'lib/cfn-model/model/statement.rb', line 10

def not_principal
  @not_principal
end

#not_resourcesObject

Returns the value of attribute not_resources.



9
10
11
 
# File 'lib/cfn-model/model/statement.rb', line 9

def not_resources
  @not_resources
end

#principalObject

Returns the value of attribute principal.



10
11
12
 
# File 'lib/cfn-model/model/statement.rb', line 10

def principal
  @principal
end

#resourcesObject

Returns the value of attribute resources.



9
10
11
 
# File 'lib/cfn-model/model/statement.rb', line 9

def resources
  @resources
end

#sidObject

Returns the value of attribute sid.



7
8
9
 
# File 'lib/cfn-model/model/statement.rb', line 7

def sid
  @sid
end

Instance Method Details

#==(another_statement) ⇒ Object 



50
51
52
53
54
55
56
57
58
59
 
# File 'lib/cfn-model/model/statement.rb', line 50

def ==(another_statement)
  @effect == another_statement.effect &&
    @actions == another_statement.actions &&
    @not_actions == another_statement.not_actions &&
    @resources == another_statement.resources &&
    @not_resources == another_statement.not_resources &&
    @principal == another_statement.principal &&
    @not_principal == another_statement.not_principal &&
    @condition == another_statement.condition
end

#allows_action?(action, wildcard = true) ⇒ Boolean

allows_action?

Checks if policy document allows the given action

arg action (str): Action string to check
arg wildcard (bool): Whether to apply 'wildcard_patterns' to action

return: boolean

Returns:

  • (Boolean) 


38
39
40
41
42
43
44
45
46
47
48
 
# File 'lib/cfn-model/model/statement.rb', line 38

def allows_action?(action, wildcard=true)
  if wildcard
    patterns = wildcard_patterns(action.split(':')[1]).map! { |x| action.split(':')[0] + ':' + x } + ['*']
  else
    patterns = [action]
  end

  matching_actions = @actions.select { |statement_action| patterns.include? statement_action }

  !matching_actions.empty? && @effect == 'Allow'
end

#wildcard_actionsObject 



19
20
21
 
# File 'lib/cfn-model/model/statement.rb', line 19

def wildcard_actions
  @actions.select { |action| action.to_s == '*' || action.to_s =~ /^.+:\*$/ }
end

#wildcard_principal?Boolean

Returns:

  • (Boolean) 


23
24
25
 
# File 'lib/cfn-model/model/statement.rb', line 23

def wildcard_principal?
  Principal.wildcard? @principal
end

#wildcard_resourcesObject 



27
28
29
 
# File 'lib/cfn-model/model/statement.rb', line 27

def wildcard_resources
  @resources.select { |resource| resource.to_s == '*' }
end