RubygemsResearch

Sha256: 6d0490e1282dcf71ea70ac16e42e07a0ee6964d1e2703e12bc6269d7b665d9c5

Contents?: true

Size: 787 Bytes

Versions: 4

Compression:

Stored size: 787 Bytes

module Conjur::Policy::Types
  class Deny < Base

    self.description = %(
Deny privilege(s) on a [Resource](#reference/resource) to a role.
Once a privilege is denied, permission checks performed by the role
will return `false`.

If the role does not hold the privilege, this statement is a nop.

See also: [Revoke](#reference/revoke) for [Roles](#reference/role)
)

    self.example = %(
- !variable secret
- !user rando
- !deny
    role: !user rando
    privilege: read
    resource: !variable secret
)

    attribute :role, kind: :role, dsl_accessor: true
    attribute :privilege, kind: :string, dsl_accessor: true
    attribute :resource, dsl_accessor: true
        
    include ResourceMemberDSL

    def to_s
      "Deny #{role} to '#{privilege}' #{resource}"
    end
  end
end

Version data entries

4 entries across 4 versions & 2 rubygems

Version	Path
conjur-policy-parser-0.12.0	lib/conjur/policy/types/deny.rb
conjur-asset-policy-0.13.0	lib/conjur/policy/types/deny.rb
conjur-asset-policy-0.12.0	lib/conjur/policy/types/deny.rb
conjur-asset-policy-0.11.0	lib/conjur/policy/types/deny.rb