Module: Conjur::ActsAsAsset
- Includes:
- ActsAsResource, Exists, HasAttributes, HasId, HasOwner
- Included in:
- Group, HostFactory, Layer, User, Variable
- Defined in:
- lib/conjur/acts_as_asset.rb
Overview
Instance Method Summary collapse
-
#add_member(role_name, member, options = {})
Add an internal grant on this asset's resource.
-
#remove_member(role_name, member)
Remove a grant created with #add_member.
Methods included from HasAttributes
#attributes, #invalidate, #refresh, #save, #to_json
Methods included from ActsAsResource
#deny, #permit, #resource, #resource_kind, #resourceid
Methods included from HasOwner
Methods included from Exists
Methods included from HasId
Instance Method Details
#add_member(role_name, member, options = {})
This method returns an undefined value.
Add an internal grant on this asset's resource. This method allows you to grant permissions on all members of
a container asset (for example, all hosts in a layer) to the given role. Currently this method
is only useful for layer
assets, and corresponds to the
hosts permit
CLI
command. In particular, to permit 'update'
on all hosts in a layer, role_name
should be
'admin_host'
, and to permit 'execute'
it should be 'use_host'
.
60 61 62 |
# File 'lib/conjur/acts_as_asset.rb', line 60 def add_member(role_name, member, = {}) owned_role(role_name).grant_to member, end |
#remove_member(role_name, member)
This method returns an undefined value.
Remove a grant created with #add_member. When an internal grant has been created on this asset's resource with #add_member, you can remove it with this method.
71 72 73 |
# File 'lib/conjur/acts_as_asset.rb', line 71 def remove_member(role_name, member) owned_role(role_name).revoke_from member end |