Class: Conjur::DSL::Runner

Inherits:

Object

• Object
• Conjur::DSL::Runner

Includes:

IdentifierManipulation

Defined in:

lib/conjur/dsl/runner.rb

Overview

Entry point for the Conjur DSL.

Methods are available in two categories: name scoping and asset building.

Instance Attribute Summary

• #context ⇒ Object

  Returns the value of attribute context.

• #filename ⇒ Object readonly

  Returns the value of attribute filename.

• #policy_resource ⇒ Object readonly

  Returns the value of attribute policy_resource.

• #policy_role ⇒ Object readonly

  Returns the value of attribute policy_role.

• #script ⇒ Object readonly

  Returns the value of attribute script.

Instance Method Summary

• #api ⇒ Object
• #api_keys ⇒ Object
• #assets ⇒ Object

  Provides a hash to export various application specific asset ids (or anything else you want).

• #create_variable(id = nil, options = {}, &block) ⇒ Object

  purpose and existence of this method are unobvious for model designer just “variable” in DSL works fine through method_missing is this method OBSOLETED ? basecamp.com/1949725/projects/4268938-api-version-4-x/todos/84972543-low-variable.

• #current_object ⇒ Object
• #current_scope ⇒ Object

  Current scope, used as a path/delimited/prefix to a role or resource id.

• #current_user_scope ⇒ Object

  Current scope, used for user@scope.

• #execute ⇒ Object
• #initialize(script, filename = nil) ⇒ Runner constructor

  A new instance of Runner.

• #namespace(ns = nil, &block) ⇒ Object (also: #model)
• #owner=(owner) ⇒ Object
• #owns ⇒ Object
• #policy(id, &block) ⇒ Object
• #resource(kind, id = nil, options = {}, &block) ⇒ Object
• #role(kind, id = nil, options = {}, &block) ⇒ Object
• #scope(name = nil, &block) ⇒ Object

Methods included from IdentifierManipulation

#conjur_account, #full_resource_id, #get_kind_and_id_from_args

Constructor Details

#initialize(script, filename = nil) ⇒ Runner

Returns a new instance of Runner.

# File 'lib/conjur/dsl/runner.rb', line 14

def initialize(script, filename = nil)
  @context = {
    "account" => Conjur.account,
    "api_keys" => {}
  }
  
  @context['env']   = Conjur.env unless Conjur.env == 'production'
  @context['stack'] = Conjur.stack unless Conjur.stack == 'v4'
  @context['appliance_url']   = Conjur.configuration.appliance_url unless Conjur.configuration.appliance_url.nil?
  @context['ssl_certificate'] = File.read(Conjur.configuration.cert_file) unless Conjur.configuration.cert_file.nil?

  @script = script
  @filename = filename
  @api = nil
  @scopes = Array.new
  @owners = Array.new
  @objects = Array.new
end

Dynamic Method Handling

This class handles dynamic methods through the method_missing method

#method_missing(sym, *args, &block) ⇒ Object (protected)

# File 'lib/conjur/dsl/runner.rb', line 162

def method_missing(sym, *args, &block)
  if create_compatible_args?(args) && api.respond_to?(sym)
    id = args[0]
    id = qualify_id(id, sym)
    find_or_create sym, id, args[1] || {}, &block
  elsif current_object && current_object.respond_to?(sym)
    current_object.send(sym, *args, &block)
  else
    super
  end
end

Instance Attribute Details

#context ⇒ Object

Returns the value of attribute context.

# File 'lib/conjur/dsl/runner.rb', line 11

def context
  @context
end

#filename ⇒ Object (readonly)

Returns the value of attribute filename.

# File 'lib/conjur/dsl/runner.rb', line 11

def filename
  @filename
end

#policy_resource ⇒ Object (readonly)

Returns the value of attribute policy_resource.

# File 'lib/conjur/dsl/runner.rb', line 12

def policy_resource
  @policy_resource
end

#policy_role ⇒ Object (readonly)

Returns the value of attribute policy_role.

# File 'lib/conjur/dsl/runner.rb', line 12

def policy_role
  @policy_role
end

#script ⇒ Object (readonly)

Returns the value of attribute script.

# File 'lib/conjur/dsl/runner.rb', line 11

def script
  @script
end

Instance Method Details

#api ⇒ Object

# File 'lib/conjur/dsl/runner.rb', line 44

def api
  @api ||= connect
end

#api_keys ⇒ Object

# File 'lib/conjur/dsl/runner.rb', line 52

def api_keys
  @context["api_keys"]
end

#assets ⇒ Object

Provides a hash to export various application specific asset ids (or anything else you want)

# File 'lib/conjur/dsl/runner.rb', line 40

def assets
  @context['assets'] ||= {}
end

#create_variable(id = nil, options = {}, &block) ⇒ Object

purpose and existence of this method are unobvious for model designer just “variable” in DSL works fine through method_missing is this method OBSOLETED ?

https://basecamp.com/1949725/projects/4268938-api-version-4-x/todos/84972543-low-variable

# File 'lib/conjur/dsl/runner.rb', line 129

def create_variable id = nil, options = {}, &block
  options[:id] = id if id
  mime_type = options.delete(:mime_type) || 'text/plain'
  kind = options.delete(:kind) || 'secret'
  var = api.create_variable(mime_type, kind, options)
  do_object var, &block
end

#current_object ⇒ Object

# File 'lib/conjur/dsl/runner.rb', line 56

def current_object
  !@objects.empty? ? @objects.last : nil
end

#current_scope ⇒ Object

Current scope, used as a path/delimited/prefix to a role or resource id.

# File 'lib/conjur/dsl/runner.rb', line 61

def current_scope
  !@scopes.empty? ? @scopes.join('/') : nil
end

#current_user_scope ⇒ Object

Current scope, used for user@scope.

# File 'lib/conjur/dsl/runner.rb', line 66

def current_user_scope
  current_scope ? current_scope.gsub(/[^\w]/, '-') : nil
end

#execute ⇒ Object

# File 'lib/conjur/dsl/runner.rb', line 109

def execute
  args = [ script ]
  args << filename if filename
  instance_eval(*args)
end

#namespace(ns = nil, &block) ⇒ Object Also known as: model

# File 'lib/conjur/dsl/runner.rb', line 78

def namespace ns = nil, &block
  if block_given?
    ns ||= context["namespace"]
    if ns.nil?
      require 'conjur/api/variables'
      ns = context["namespace"] = api.create_variable("text/plain", "namespace").id
    end
    do_scope ns, &block
    context
  else
    @scopes[0]
  end
end

#owner=(owner) ⇒ Object

# File 'lib/conjur/dsl/runner.rb', line 33

def owner=(owner)
  raise "Owner should only be set once" unless @owners.empty?
  @owners.push owner
end

#owns ⇒ Object

# File 'lib/conjur/dsl/runner.rb', line 137

def owns
  @owners.push current_object
  begin
    yield
  ensure
    @owners.pop
  end
end

#policy(id, &block) ⇒ Object

# File 'lib/conjur/dsl/runner.rb', line 92

def policy id, &block
  self.role "policy", id do |role|
    @policy_role = role
    context["policy"] = role.identifier
    self.owns do
      self.resource "policy", id do |resource|
        @policy_resource = resource
        scope id do
          block.call if block_given?
        end
      end
    end
  end
end

#resource(kind, id = nil, options = {}, &block) ⇒ Object

# File 'lib/conjur/dsl/runner.rb', line 115

def resource kind, id = nil, options = {}, &block
  id = full_resource_id([kind, qualify_id(id, kind) ].join(':'))
  find_or_create :resource, id, options, &block
end

#role(kind, id = nil, options = {}, &block) ⇒ Object

# File 'lib/conjur/dsl/runner.rb', line 120

def role kind, id = nil, options = {}, &block
  id = full_resource_id([ kind, qualify_id(id, kind) ].join(':'))
  find_or_create :role, id, options, &block
end

#scope(name = nil, &block) ⇒ Object

# File 'lib/conjur/dsl/runner.rb', line 70

def scope name = nil, &block
  if name != nil
    do_scope name, &block
  else
    current_scope
  end
end