Sha256: c1dbd06a8e344588bfb184cf817dbc808fbd4b0fe37c561038eae959685b82fd
Contents?: true
Size: 1.67 KB
Versions: 1
Compression:
Stored size: 1.67 KB
Contents
module Heirloom
class Authorizer
include Heirloom::Utils::Email
def initialize(args)
@config = args[:config]
@name = args[:name]
@id = args[:id]
@logger = @config.logger
end
def authorize(args)
@accounts = args[:accounts]
regions = args[:regions]
return false unless validate_format_of_accounts
@logger.info "Authorizing #{@accounts.join(', ')}."
@key_name = reader.key_name
regions.each do |region|
@bucket = reader.get_bucket :region => region
return false unless grant_read_access region
end
@logger.info "Authorization complete."
true
end
private
def grant_read_access(region)
s3_acl = ACL::S3.new :config => @config,
:region => region
s3_acl.allow_read_access_from_accounts :key_name => @key_name,
:key_folder => @name,
:accounts => @accounts,
:bucket => @bucket
end
def validate_format_of_accounts
status = true
@accounts.each do |account|
if valid_account?(account)
@logger.info "Using #{account} for authorization"
else
@logger.error "#{account} is not a valid account type"
status = false
end
end
status
end
def valid_account?(account)
valid_email?(account) || account.length == 64
end
def reader
@reader ||= Reader.new :config => @config,
:name => @name,
:id => @id
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| heirloom-0.12.7 | lib/heirloom/archive/authorizer.rb |