Class: Conjur::Policy::OwnerResolver

Inherits:

Resolver

Object
Resolver
Conjur::Policy::OwnerResolver

show all

Defined in:: lib/conjur/policy/resolver.rb

Overview

Sets the owner field for any records which support it, and don’t have an owner specified. Within a policy, the default owner is the policy role. For global records, the default owner is the ownerid specified in the constructor.

Instance Attribute Summary

Attributes inherited from Resolver

#account, #namespace, #ownerid

Instance Method Summary collapse

Methods inherited from Resolver

#initialize, resolve

Constructor Details

This class inherits a constructor from Conjur::Policy::Resolver

Instance Method Details

#on_resolve_policy(policy, visited) ⇒ `Object`

# File 'lib/conjur/policy/resolver.rb', line 155

def on_resolve_policy policy, visited
  saved_ownerid = @ownerid
  @ownerid = [ policy.account, "policy", policy.id ].join(":")
  traverse policy.body, visited, method(:resolve_owner), method(:on_resolve_policy)
ensure
  @ownerid = saved_ownerid
end

#resolve(records) ⇒ `Object`



145
146
147

# File 'lib/conjur/policy/resolver.rb', line 145

def resolve records
  traverse records, Set.new, method(:resolve_owner), method(:on_resolve_policy)
end

#resolve_owner(record, visited) ⇒ `Object`

# File 'lib/conjur/policy/resolver.rb', line 149

def resolve_owner record, visited
  if record.respond_to?(:owner) && record.owner.nil?
    record.owner = Types::Role.new(@ownerid)
  end
end