Class: Conjur::Policy::Resolver
Direct Known Subclasses
AccountResolver, CompactOutputResolver, DuplicateResolver, FlattenResolver, OwnerResolver, SubstitutionResolver
Instance Attribute Summary collapse
-
#account ⇒ Object
readonly
Returns the value of attribute account.
-
#namespace ⇒ Object
readonly
Returns the value of attribute namespace.
-
#ownerid ⇒ Object
readonly
Returns the value of attribute ownerid.
Class Method Summary collapse
-
.resolve(records, account, ownerid, namespace = nil) ⇒ Object
Resolve records to the specified owner id and namespace.
Instance Method Summary collapse
-
#initialize(account, ownerid, namespace = nil) ⇒ Resolver
constructor
account
is required.
Constructor Details
#initialize(account, ownerid, namespace = nil) ⇒ Resolver
account
is required. It’s the default account whenever no account is specified. ownerid
is required. Any records without an owner will be assigned this owner. The exception is records defined in a policy, which are always owned by the policy role unless an explicit owner is indicated (which would be rare). namespace
is optional. It’s prepended to the id of every record, except for ids which begin with a ‘/’ character.
24 25 26 27 28 29 30 31 32 |
# File 'lib/conjur/policy/resolver.rb', line 24 def initialize account, ownerid, namespace = nil @account = account @ownerid = ownerid @namespace = namespace raise "account is required" unless account raise "ownerid is required" unless ownerid raise "ownerid must be fully qualified" unless ownerid.split(":", 3).length == 3 end |
Instance Attribute Details
#account ⇒ Object (readonly)
Returns the value of attribute account.
4 5 6 |
# File 'lib/conjur/policy/resolver.rb', line 4 def account @account end |
#namespace ⇒ Object (readonly)
Returns the value of attribute namespace.
4 5 6 |
# File 'lib/conjur/policy/resolver.rb', line 4 def namespace @namespace end |
#ownerid ⇒ Object (readonly)
Returns the value of attribute ownerid.
4 5 6 |
# File 'lib/conjur/policy/resolver.rb', line 4 def ownerid @ownerid end |
Class Method Details
.resolve(records, account, ownerid, namespace = nil) ⇒ Object
Resolve records to the specified owner id and namespace.
8 9 10 11 12 13 14 15 |
# File 'lib/conjur/policy/resolver.rb', line 8 def resolve records, account, ownerid, namespace = nil resolver_classes = [ AccountResolver, IdSubstitutionResolver, AnnotationSubstitutionResolver, OwnerResolver, FlattenResolver, DuplicateResolver ] resolver_classes.each do |cls| resolver = cls.new account, ownerid, namespace records = resolver.resolve records end records end |