Module: PeRbac::Role

Defined in:

lib/pe_rbac/role.rb

Class Method Summary

• .create_role(display_name, description = display_name, permissions = [], user_ids = [], group_ids = []) ⇒ Object

  docs.puppet.com/pe/latest/rbac_roles_v1.html#post-roles.

• .ensure_role(display_name, description, permissions = [], user_ids = []) ⇒ Object

  CREATE.

• .get_role(id) ⇒ Object
• .get_role_id(display_name) ⇒ Object
• .get_roles ⇒ Object

  role.

• .update_role(display_name, description = nil, permissions = nil, user_ids = nil, group_ids = nil) ⇒ Object

Class Method Details

.create_role(display_name, description = display_name, permissions = [], user_ids = [], group_ids = []) ⇒ Object

docs.puppet.com/pe/latest/rbac_roles_v1.html#post-roles

# File 'lib/pe_rbac/role.rb', line 56

def self.create_role(display_name, description=display_name, permissions=[], user_ids=[], group_ids=[])
  safe_perms = Permission::safe_permissions(permissions)

  role = {
    "permissions"   => safe_perms,
    "user_ids"      => Array(user_ids),
    "group_ids"     => Array(group_ids),
    "display_name"  => display_name,
    "description"   => description,
  }
  PeRbac::Core::request(:post, '/roles', role) ? true : false
end

.ensure_role(display_name, description, permissions = [], user_ids = []) ⇒ Object

CREATE

# File 'lib/pe_rbac/role.rb', line 47

def self.ensure_role(display_name, description, permissions=[], user_ids=[])
  if get_role_id(display_name)
    update_role(display_name, description, permissions, user_ids)
  else
    create_role(display_name, description, permissions, user_ids)
  end
end

.get_role(id) ⇒ Object

# File 'lib/pe_rbac/role.rb', line 28

def self.get_role(id)
  resp = PeRbac::Core::request(:get, "/roles/#{id}")
  resp ? JSON.parse(resp.body) : false
end

.get_role_id(display_name) ⇒ Object

# File 'lib/pe_rbac/role.rb', line 33

def self.get_role_id(display_name)
  i=0
  found=false
  roles = get_roles()
  while !found and i < roles.length do
    if roles[i]['display_name'] == display_name
      found = roles[i]['id']
    end
    i+=1
  end
  found
end

.get_roles ⇒ Object

role

# File 'lib/pe_rbac/role.rb', line 24

def self.get_roles
  JSON.parse(PeRbac::Core::request(:get, "/roles").body)
end

.update_role(display_name, description = nil, permissions = nil, user_ids = nil, group_ids = nil) ⇒ Object

# File 'lib/pe_rbac/role.rb', line 69

def self.update_role(display_name, description=nil, permissions=nil, user_ids=nil, group_ids=nil)
  role_id = get_role_id(display_name)
  safe_perms = Permission::safe_permissions(permissions)
  status = false
  if role_id
    role = get_role(role_id)
    role['display_name']  = display_name ? display_name : role['display_name']
    role['description']   = description ? display_name : role['description']
    role['permissions']   = safe_perms ? safe_perms : role['permissions']
    role['user_ids']      = user_ids ? Array(user_ids) : role['user_ids']
    role['group_ids']     = group_ids ? Array(group_ids) : role['group_ids']

    PeRbac::Core::request(:put, "/roles/#{role_id}", role)
    status = true
  end
  status
end