Class: Conjur::Policy::Executor::Permit

Inherits:

Base

• Object
• Base
• Conjur::Policy::Executor::Permit

Defined in:

lib/conjur/policy/executor/permit.rb

Overview

Permit a privilege with a POST request to the permit url of the resource, with the privilege and role as parameters. grant_option is also provided if it is explicitly stated on the Permit record.

Instance Attribute Summary

Attributes inherited from Base

#actions, #api, #statement

Instance Method Summary

• #execute ⇒ Object

Methods inherited from Base

#action, #initialize, #resource_path, #role_path

Methods included from Logger

included

Constructor Details

This class inherits a constructor from Conjur::Policy::Executor::Base

Instance Method Details

#execute ⇒ Object

# File 'lib/conjur/policy/executor/permit.rb', line 6

def execute
  parameters = { "privilege" => statement.privilege, "role" => statement.role.role.roleid }
  parameters['grant_option'] = statement.role.admin unless statement.role.admin.nil?
  action({
    'method' => 'post',
    'path' => "#{resource_path(statement.resource)}?permit",
    'parameters' => parameters
  })
end