Class: R509::Config::SubjectItemPolicy

Inherits:
Object
  • Object
show all
Defined in:
lib/r509/config.rb

Overview

returns information about the subject item policy for a profile

Instance Attribute Summary (collapse)

Instance Method Summary (collapse)

Constructor Details

- (SubjectItemPolicy) initialize(hash = {})

A new instance of SubjectItemPolicy

Examples:

sample hash

{"CN" => "required",
"O" => "required",
"OU" => "optional",
"ST" => "required",
"C" => "required",
"L" => "required",
"emailAddress" => "optional"}

Parameters:

  • hash (Hash) (defaults to: {})

    of required/optional subject items. These must be in OpenSSL shortname format.



47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
 
# File 'lib/r509/config.rb', line 47

def initialize(hash={})
    if not hash.kind_of?(Hash)
        raise ArgumentError, "Must supply a hash in form 'shortname'=>'required/optional'"
    end
    @required = []
    @optional = []
    if not hash.empty?
        hash.each_pair do |key,value|
            if value == "required"
                @required.push(key)
            elsif value == "optional"
                @optional.push(key)
            else
                raise ArgumentError, "Unknown subject item policy value. Allowed values are required and optional"
            end
        end
    end
end

Instance Attribute Details

- (Object) optional (readonly)

Returns the value of attribute optional



36
37
38
 
# File 'lib/r509/config.rb', line 36

def optional
  @optional
end

- (Object) required (readonly)

Returns the value of attribute required



36
37
38
 
# File 'lib/r509/config.rb', line 36

def required
  @required
end

Instance Method Details

- (R509::Subject) validate_subject(subject)

Validated version of the subject or error

Parameters:

Returns:



68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
 
# File 'lib/r509/config.rb', line 68

def validate_subject(subject)
    # convert the subject components into an array of component names that match
    # those that are on the required list
    supplied = subject.to_a.each do |item|
        @required.include?(item[0])
    end.map do |item|
        item[0]
    end
    # so we can make sure they gave us everything that's required
    diff = @required - supplied
    if not diff.empty?
        raise R509::R509Error, "This profile requires you supply "+@required.join(", ")
    end

    # the validated subject contains only those subject components that are either
    # required or optional
    R509::Subject.new(subject.to_a.select do |item|
        @required.include?(item[0]) or @optional.include?(item[0])
    end)
end