Sha256: b66149f054721ad2878d4e95ad66db4d356ef6c5dd5be6eedacade545355fda0

Contents?: true

Size: 566 Bytes

Versions: 4

Compression:

Stored size: 566 Bytes

Contents

require 'conjur/api'

class Conjur::Role
  # This role can admin the target +role+ if this role has a role which is an admin member of
  # +role+. This determination is made by expanding all roles of +self+, then doing the set 
  # intersection with the direct members of +role+, and looking for an overlapping member that
  # has +admin_option+.
  def can_admin_role? role
    return true if self.roleid == role.roleid
    
    memberships = self.memberships.map(&:roleid)
    role.members.any?{|m| memberships.include?(m.member.roleid) && m.admin_option}
  end
end

Version data entries

4 entries across 4 versions & 1 rubygems

Version Path
conjur-asset-policy-0.13.0 lib/conjur/api/patches/role.rb
conjur-asset-policy-0.12.0 lib/conjur/api/patches/role.rb
conjur-asset-policy-0.11.0 lib/conjur/api/patches/role.rb
conjur-asset-policy-0.8.3 lib/conjur/api/patches/role.rb