Class: Conjur::Policy::IdSubstitutionResolver

Inherits:

SubstitutionResolver

• Object
• Resolver
• SubstitutionResolver
• Conjur::Policy::IdSubstitutionResolver

Defined in:

lib/conjur/policy/resolver.rb

Overview

Makes all ids absolute, by prepending the namespace (if any) and the enclosing policy (if any).

Constant Summary

Constants inherited from SubstitutionResolver

SubstitutionResolver::SUBSTITUTIONS

Instance Attribute Summary

Attributes inherited from Resolver

#account, #namespace, #ownerid

Instance Method Summary

• #resolve_field(record, visited) ⇒ Object

Methods inherited from SubstitutionResolver

#resolve

Methods inherited from Resolver

#initialize, resolve

Constructor Details

This class inherits a constructor from Conjur::Policy::Resolver

Instance Method Details

#resolve_field(record, visited) ⇒ Object

# File 'lib/conjur/policy/resolver.rb', line 98

def resolve_field record, visited
  if record.respond_to?(:id) && record.respond_to?(:id=)
    id = record.id
    if id.blank?
      raise "#{record.class.simple_name} has no id" unless namespace
      id = namespace
    elsif id[0] == '/'
      id = id[1..-1]
    else
      if record.respond_to?(:resource_kind) && record.resource_kind == "user"
        id = [ id, user_namespace ].compact.join('@')
      else
        id = [ namespace, id ].compact.join('/')
      end
    end

    substitute! id
    
    record.id = id
  end
  
  traverse record.referenced_records, visited, method(:resolve_field), method(:on_resolve_policy)
end