RubygemsResearch

Sha256: 46b9e8e237483b4a96501b599dc711c672b44a6ec38e4510ca876ea8a567b0d3

Contents?: true

Size: 816 Bytes

Versions: 10

Compression:

Stored size: 816 Bytes

class S3Secure::Policy::Document
  class ForceSSLOnlyAccess < Base
    def policy_document
      if @bucket_policy.blank?
        full_policy_document
      else
        updated_policy_document
      end
    end

    def updated_policy_document
      policy = JSON.load(@bucket_policy)
      policy["Statement"] << ssl_enforce_statement unless checker.has?("ForceSSLOnlyAccess")
      policy
    end

    def full_policy_document
      {"Version"=>"2012-10-17",
       "Statement"=>[ssl_enforce_statement]}
    end

    def ssl_enforce_statement
      {
        "Sid"=>"ForceSSLOnlyAccess",
        "Effect"=>"Deny",
        "Principal"=>"*",
        "Action"=>"s3:GetObject",
        "Resource"=>"arn:aws:s3:::#{@bucket}/*",
        "Condition"=>{"Bool"=>{"aws:SecureTransport"=>"false"}}
      }
    end
  end
end

Version data entries

10 entries across 10 versions & 1 rubygems

Version	Path
s3-secure-0.7.0	lib/s3_secure/policy/document/force_ssl_only_access.rb
s3-secure-0.6.1	lib/s3_secure/policy/document/force_ssl_only_access.rb
s3-secure-0.5.1	lib/s3_secure/policy/document/force_ssl_only_access.rb
s3-secure-0.5.0	lib/s3_secure/policy/document/force_ssl_only_access.rb
s3-secure-0.4.2	lib/s3_secure/policy/document/force_ssl_only_access.rb
s3-secure-0.4.1	lib/s3_secure/policy/document/force_ssl_only_access.rb
s3-secure-0.4.0	lib/s3_secure/policy/document/force_ssl_only_access.rb
s3-secure-0.3.0	lib/s3_secure/policy/document/force_ssl_only_access.rb
s3-secure-0.2.0	lib/s3_secure/policy/document/force_ssl_only_access.rb
s3-secure-0.1.0	lib/s3_secure/policy/document/force_ssl_only_access.rb