Module: Conjur::ActsAsResource
- Included in:
- ActsAsAsset, Deputy
- Defined in:
- lib/conjur/acts_as_resource.rb
Overview
This module is included in asset classes that have an associated resource.
Instance Method Summary collapse
-
#deny(privilege, role)
Deny
role
permission to perform actions corresponding toprivilege
on the underlying resource. -
#permit(privilege, role, options = {})
Permit
role
to performprivilege
on this resource. -
#resource ⇒ Conjur::Resource
Return the Resource associated with this asset.
-
#resource_kind ⇒ String
The kind of resource underlying the asset.
-
#resourceid ⇒ String
Return the qualified id of the resource associated with this asset.
Instance Method Details
#deny(privilege, role)
This method returns an undefined value.
Deny role
permission to perform actions corresponding to privilege
on the underlying resource.
103 104 105 |
# File 'lib/conjur/acts_as_resource.rb', line 103 def deny(privilege, role) resource.deny privilege, role end |
#permit(privilege, role, options = {})
This method returns an undefined value.
Permit role
to perform privilege
on this resource. A
permission represents an ability
to perform certain (application defined) actions on this resource.
This method is equivalent to calling resource.permit
.
90 91 92 |
# File 'lib/conjur/acts_as_resource.rb', line 90 def permit(privilege, role, = {}) resource.permit privilege, role, end |
#resource ⇒ Conjur::Resource
Return the Resource associated with this asset.
32 33 34 35 36 |
# File 'lib/conjur/acts_as_resource.rb', line 32 def resource require 'conjur/resource' # NOTE: should we use specific class to build sub-url below? Conjur::Resource.new(Conjur::Authz::API.host, self.)[[ core_conjur_account, 'resources', path_escape(resource_kind), path_escape(resource_id) ].join('/')] end |
#resource_kind ⇒ String
The kind of resource underlying the asset. The kind is the second token in
a Conjur id like "account:kind:id"
.
50 51 52 |
# File 'lib/conjur/acts_as_resource.rb', line 50 def resource_kind self.class.name.split("::")[-1].underscore.split('/').join('-') end |
#resourceid ⇒ String
Return the qualified id of the resource associated with this asset.
41 42 43 |
# File 'lib/conjur/acts_as_resource.rb', line 41 def resourceid [ core_conjur_account, resource_kind, resource_id ].join(':') end |