Sha256: 687e0705c8f89c8852e93e5b58b0b43a9a786ad33b4d7b5345980483d89fe217

Contents?: true

Size: 942 Bytes

Versions: 3

Compression:

Stored size: 942 Bytes

Contents

module Conjur::Policy::Executor
  class Grant < Base
    def execute
      if statement.role.is_a?(Conjur::Policy::Types::Layer) && statement.member.role.is_a?(Conjur::Policy::Types::Host)
        add_host_to_layer
      else
        grant_role_to_member
      end
    end
    
    def add_host_to_layer
      parameters = { "hostid" => statement.member.role.roleid }
      action({
        'method' => 'post',
        'path' => "layers/#{fully_escape statement.role.id}/hosts",
        'parameters' => parameters
      })
    end
    
    def grant_role_to_member
      parameters = { "member" => statement.member.role.roleid }
      parameters['admin_option'] = statement.member.admin unless statement.member.admin.nil?
      action({
        'method' => 'put',
        'path' => "authz/#{statement.role.account}/roles/#{statement.role.role_kind}/#{statement.role.id}?members",
        'parameters' => parameters
      })
    end
  end
end

Version data entries

3 entries across 3 versions & 1 rubygems

Version Path
conjur-asset-policy-0.13.0 lib/conjur/policy/executor/grant.rb
conjur-asset-policy-0.12.0 lib/conjur/policy/executor/grant.rb
conjur-asset-policy-0.11.0 lib/conjur/policy/executor/grant.rb