Sha256: 15d182d88ab8b073d626fe950b7b53740978ce6a4fc8fe9179bb5c7cdb9a1733

Contents?: true

Size: 1.13 KB

Versions: 5

Compression:

Stored size: 1.13 KB

Contents

module Conjur::Policy::Types
  class Grant < Base
    attribute :role, dsl_accessor: true
    attribute :member
    attribute :replace, kind: :boolean, singular: true, dsl_accessor: true

    include RoleMemberDSL
    include ManagedRoleDSL

    self.description = %(
Grant one [Role](#reference/role) to another.
(compare: [Give](#reference/give) for [Resources](#reference/resource))

[More](/key_concepts/rbac.html) on role-based access control in Conjur.
)

    self.example = %(
- !user Link
- !user Navi

- !grant
    role: !user Navi
    member: !user Link
)

    def to_s
      role_str   = if role.kind_of?(Array)
                   then role.join(', ')
                   else role
                   end
      member_str = if member.kind_of?(Array)
                   then member.map(&:role).join(', ')
                   else member.role
                   end
      admin      = if member.kind_of?(Array)
                   then member.map(&:admin).all?
                   else member.admin
                   end
      "Grant #{role_str} to #{member_str}#{replace ? ' exclusively ' : ''}#{admin ? ' with admin option' : ''}"
    end
  end
end

Version data entries

5 entries across 5 versions & 1 rubygems

Version Path
conjur-asset-policy-0.8.3 lib/conjur/policy/types/grant.rb
conjur-asset-policy-0.8.2 lib/conjur/policy/types/grant.rb
conjur-asset-policy-0.8.1 lib/conjur/policy/types/grant.rb
conjur-asset-policy-0.8.0 lib/conjur/policy/types/grant.rb
conjur-asset-policy-0.7.1 lib/conjur/policy/types/grant.rb