Class: Conjur::Layer
- Inherits:
-
RestClient::Resource
- Object
- RestClient::Resource
- Conjur::Layer
- Includes:
- ActsAsAsset, ActsAsRole
- Defined in:
- lib/conjur/layer.rb
Overview
A Conjur Layer represents a collection of Conjur Hosts with the ssame permissions on other Conjur resources.
Instance Method Summary collapse
-
#add_host(hostid)
Add a host to this layer.
-
#hosts ⇒ Array<Conjur::Host>
Return all hosts in the layer.
-
#hosts_members(role_name) ⇒ Conjur::RoleGrant
Lists the roles that have been granted access to the host's owned roles.
-
#remove_host(hostid)
Remove a host from this layer.
Methods included from ActsAsRole
#can, #cannot, #role, #role_kind, #roleid
Methods included from ActsAsAsset
Methods included from HasAttributes
#attributes, #invalidate, #refresh, #save, #to_json
Methods included from ActsAsResource
#deny, #permit, #resource, #resource_kind, #resourceid
Methods included from HasOwner
Methods included from Exists
Methods included from HasId
Instance Method Details
#add_host(hostid)
This method returns an undefined value.
Add a host to this layer. The host's role will become a member of the layer's role, and have all privileges of the layer.
35 36 37 38 39 40 41 42 43 |
# File 'lib/conjur/layer.rb', line 35 def add_host(hostid) hostid = cast(hostid, :roleid) log do |logger| logger << "Adding host #{hostid} to layer #{id}" end invalidate do RestClient::Resource.new(self['hosts'].url, ).post(hostid: hostid) end end |
#hosts ⇒ Array<Conjur::Host>
Return all hosts in the layer.
78 79 80 81 82 |
# File 'lib/conjur/layer.rb', line 78 def hosts self.attributes['hosts'].collect do |id| Conjur::Host.new(Conjur::API.core_asset_host, )["hosts/#{fully_escape id.split(':', 3)[-1]}"] end end |
#hosts_members(role_name) ⇒ Conjur::RoleGrant
Lists the roles that have been granted access to the host's owned roles.
role_name
can be either admin_host
or use_host
. This method corresponds
to ActsAsAsset#add_member in that members added with that method
will be returned by this method.
70 71 72 |
# File 'lib/conjur/layer.rb', line 70 def hosts_members(role_name) owned_role(role_name).members end |
#remove_host(hostid)
This method returns an undefined value.
Remove a host from this layer. The host will lose all privileges it had through this layer.
50 51 52 53 54 55 56 57 58 |
# File 'lib/conjur/layer.rb', line 50 def remove_host(hostid) hostid = cast(hostid, :roleid) log do |logger| logger << "Removing host #{hostid} from layer #{id}" end invalidate do RestClient::Resource.new(self["hosts/#{fully_escape hostid}"].url, ).delete end end |