Sha256: 798165e657fd97343ba6741b643c0ce7b930a73cdf93ed514a9667a670cd0553
Contents?: true
Size: 1.53 KB
Versions: 6
Compression:
Stored size: 1.53 KB
Contents
require 'conjur/authn'
require 'conjur/command'
class Conjur::Command::Resources < Conjur::Command
self.prefix = :permission
desc "Grants permission on a resource to a role"
arg_name "resource-kind"
arg_name "resource-id"
arg_name "role"
arg_name "privilege"
command :grant do |c|
c.desc "Whether to give the grant option"
c.switch :grant
c.action do |global_options,options,args|
kind = args.shift or raise "Missing parameter: resource-kind"
resource_id = args.shift or raise "Missing parameter: resource-id"
role = args.shift or raise "Missing parameter: role"
privilege = args.shift or raise "Missing parameter: privilege"
resource = api.resource(kind, resource_id)
options = {}
options[:grant_option] = true if options[:grant]
resource.permit privilege, role, options
end
end
desc "Check whether a role has a privilege on a resource"
arg_name "resource-kind"
arg_name "resource-id"
arg_name "role"
arg_name "privilege"
command :check do |c|
c.action do |global_options,options,args|
kind = args.shift or raise "Missing parameter: resource-kind"
resource_id = args.shift or raise "Missing parameter: resource-id"
role = args.shift or raise "Missing parameter: role"
privilege = args.shift or raise "Missing parameter: privilege"
role = api.role(role)
begin
role.permitted? kind, resource_id, privilege
puts "true"
rescue RestClient::ResourceNotFound
puts "false"
end
end
end
end
Version data entries
6 entries across 6 versions & 1 rubygems