Class: Conjur::Policy::FlattenResolver

Inherits:
Resolver show all
Defined in:
lib/conjur/policy/resolver.rb

Overview

Flattens and sorts all records into a single list, including YAML lists and policy body.

Instance Attribute Summary

Attributes inherited from Resolver

#account, #namespace, #ownerid

Instance Method Summary collapse

Methods inherited from Resolver

#initialize, resolve

Constructor Details

This class inherits a constructor from Conjur::Policy::Resolver

Instance Method Details

#resolve(records) ⇒ Object 



166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
 
# File 'lib/conjur/policy/resolver.rb', line 166

def resolve records
  @result = []
  traverse records, Set.new, method(:resolve_record), method(:on_resolve_policy)

  # Sort record creation before anything else.
  # Sort record creation in dependency order (if A owns B, then A will be created before B).
  # Otherwise, preserve the existing order.

  @stable_index = {}
  @result.each_with_index do |obj, idx|
    @stable_index[obj] = idx
  end
  @referenced_record_index = {}
  @result.each_with_index do |obj, idx|
    @referenced_record_index[obj] = obj.referenced_records.select{|r| r.respond_to?(:roleid)}.map(&:roleid)
  end
  @result.flatten.sort do |a,b|
    score = sort_score(a) - sort_score(b)
    if score == 0
      if a.respond_to?(:roleid) && @referenced_record_index[b].member?(a.roleid) &&
        b.respond_to?(:roleid) && @referenced_record_index[a].member?(b.roleid)
        raise "Dependency cycle encountered between #{a} and #{b}"
      elsif a.respond_to?(:roleid) && @referenced_record_index[b].member?(a.roleid)
        score = -1
      elsif b.respond_to?(:roleid) && @referenced_record_index[a].member?(b.roleid)
        score = 1
      else
        score = @stable_index[a] - @stable_index[b]
      end
    end
    score
  end
end