Class: Cumulus::S3::GrantConfig

Inherits:

Object

• Object
• Cumulus::S3::GrantConfig

Defined in:

lib/s3/models/GrantConfig.rb

Constant Summary

@@all_permissions =

["list", "update", "view-permissions", "edit-permissions"].sort

Instance Attribute Summary

• #email ⇒ Object readonly

  Returns the value of attribute email.

• #name ⇒ Object readonly

  Returns the value of attribute name.

• #permissions ⇒ Object readonly

  Returns the value of attribute permissions.

Class Method Summary

• .to_aws_permission(cumulus_permission) ⇒ Object

  Public: A static method that will produce the AWS version of the permission.

• .to_cumulus_permission(aws_permission) ⇒ Object

  Public: A static method that will produce the Cumulus version of the permission so that the names we use in Cumulus are a little closer to the names in the AWS console.

Instance Method Summary

• #!=(other) ⇒ Object

  Public: Check if this GrantConfig is not equal to the other object.

• #==(other) ⇒ Object

  Public: Check GrantConfig equality with other objects.

• #add_permissions!(permissions) ⇒ Object

  Public: Add permissions to the permissions of this Grant.

• #diff(aws) ⇒ Object

  Public: Produce an array of differences between this local configuration and the configuration in AWS.

• #initialize(json = nil) ⇒ GrantConfig constructor

  Public: Constructor.

• #populate!(aws) ⇒ Object

  Public: Populate this GrantConfig from the avlues in an Aws::S3::Types::Grant.

• #to_aws ⇒ Object

  Public: Produce an AWS compatible array of hashes representing this GrantConfig.

• #to_h ⇒ Object

  Public: Converts this GrantConfig to a hash that matches Cumulus configuration.

Constructor Details

#initialize(json = nil) ⇒ GrantConfig

Public: Constructor

json - a hash representing the JSON configuration. Expects to be passed

an object from the "grants" array of S3 bucket configuration.

# File 'lib/s3/models/GrantConfig.rb', line 58

def initialize(json = nil)
  if json
    @name = json["name"]
    @email = json["email"]
    @id = json["id"]
    @permissions = json["permissions"].sort
    if @permissions.include?("all")
      @permissions = @@all_permissions
    end
  end
end

Instance Attribute Details

#email ⇒ Object (readonly)

Returns the value of attribute email.

# File 'lib/s3/models/GrantConfig.rb', line 8

def email
  @email
end

#name ⇒ Object (readonly)

Returns the value of attribute name.

# File 'lib/s3/models/GrantConfig.rb', line 9

def name
  @name
end

#permissions ⇒ Object (readonly)

Returns the value of attribute permissions.

# File 'lib/s3/models/GrantConfig.rb', line 10

def permissions
  @permissions
end

Class Method Details

.to_aws_permission(cumulus_permission) ⇒ Object

Public: A static method that will produce the AWS version of the permission.

cumulus_permission - the string permission to convert

Returns the converted permission string

# File 'lib/s3/models/GrantConfig.rb', line 41

def self.to_aws_permission(cumulus_permission)
  case cumulus_permission
  when "update"
    "WRITE"
  when "list"
    "READ"
  when "edit-permissions"
    "WRITE_ACP"
  when "view-permissions"
    "READ_ACP"
  end
end

.to_cumulus_permission(aws_permission) ⇒ Object

Public: A static method that will produce the Cumulus version of the permission so that the names we use in Cumulus are a little closer to the names in the AWS console.

aws_permission - the string permission to convert

Returns an array of the Cumulus version of the permission

# File 'lib/s3/models/GrantConfig.rb', line 20

def self.to_cumulus_permission(aws_permission)
  case aws_permission
  when "FULL_CONTROL"
    @@all_permissions
  when "WRITE"
    ["update"]
  when "READ"
    ["list"]
  when "WRITE_ACP"
    ["edit-permissions"]
  when "READ_ACP"
    ["view-permissions"]
  end
end

Instance Method Details

#!=(other) ⇒ Object

Public: Check if this GrantConfig is not equal to the other object

other - the other object to check

Returns whether this GrantConfig is not equal to ‘other`

# File 'lib/s3/models/GrantConfig.rb', line 184

def !=(other)
  !(self == other)
end

#==(other) ⇒ Object

Public: Check GrantConfig equality with other objects.

other - the other object to check

Returns whether this GrantConfig is equal to ‘other`

# File 'lib/s3/models/GrantConfig.rb', line 168

def ==(other)
  if !other.is_a? GrantConfig or
      @name != other.name or
      @email != other.email or
      @permissions.sort != other.permissions.sort
    false
  else
    true
  end
end

#add_permissions!(permissions) ⇒ Object

Public: Add permissions to the permissions of this Grant.

permissions - an Array of the permissions to add

# File 'lib/s3/models/GrantConfig.rb', line 159

def add_permissions!(permissions)
  @permissions = (@permissions + permissions).uniq.sort
end

#diff(aws) ⇒ Object

Public: Produce an array of differences between this local configuration and the configuration in AWS

aws - the AWS resource

Returns an array of the GrantDiffs that were found

# File 'lib/s3/models/GrantConfig.rb', line 146

def diff(aws)
  diffs = []

  if @permissions != aws.permissions
    diffs << GrantDiff.new(GrantChange::PERMISSIONS, aws, self)
  end

  diffs
end

#populate!(aws) ⇒ Object

Public: Populate this GrantConfig from the avlues in an Aws::S3::Types::Grant

aws - the aws object to populate from

# File 'lib/s3/models/GrantConfig.rb', line 74

def populate!(aws)
  @name = if aws.grantee.type == "CanonicalUser"
    aws.grantee.display_name
  else
    case aws.grantee.uri
    when "http://acs.amazonaws.com/groups/global/AuthenticatedUsers"
      "AuthenticatedUsers"
    when "http://acs.amazonaws.com/groups/global/AllUsers"
      "Everyone"
    when "http://acs.amazonaws.com/groups/s3/LogDelivery"
      "LogDelivery"
    end
  end
  @email = aws.grantee.email_address
  @permissions = GrantConfig.to_cumulus_permission(aws.permission)
  @id = aws.grantee.id
end

#to_aws ⇒ Object

Public: Produce an AWS compatible array of hashes representing this GrantConfig.

Returns the array of hashes.

# File 'lib/s3/models/GrantConfig.rb', line 96

def to_aws
  @permissions.map do |permission|
    if @name == "AuthenticatedUsers"
      type = "Group"
      uri = "http://acs.amazonaws.com/groups/global/AuthenticatedUsers"
    elsif @name == "Everyone"
      type = "Group"
      uri = "http://acs.amazonaws.com/groups/global/AllUsers"
    elsif @name == "LogDelivery"
      type = "Group"
      uri = "http://acs.amazonaws.com/groups/s3/LogDelivery"
    elsif @email
      type = "AmazonCustomerByEmail"
    else
      type = "CanonicalUser"
      display_name = @name
    end

    {
      grantee: {
        display_name: if !@email then @name end,
        email_address: if @email then @email end,
        id: if !@email then @id end,
        type: type,
        uri: uri,
      }.reject { |k, v| v.nil? },
      permission: GrantConfig.to_aws_permission(permission)
    }
  end
end

#to_h ⇒ Object

Public: Converts this GrantConfig to a hash that matches Cumulus configuration.

Returns the hash

# File 'lib/s3/models/GrantConfig.rb', line 131

def to_h
  {
    name: @name,
    id: @id,
    email: @email,
    permissions: if @permissions.sort == @@all_permissions then ["all"] else @permissions.sort end,
  }.reject { |k, v| v.nil? }
end