lib/conjur/acts_as_resource.rb in conjur-api-5.0.0 vs lib/conjur/acts_as_resource.rb in conjur-api-5.1.0
- old
+ new
@@ -59,11 +59,11 @@
# end
#
# @return [Boolean] does it exist?
def exists?
begin
- rbac_resource_resource.head
+ url_for(:resources_resource, credentials, id).head
true
rescue RestClient::Forbidden
true
rescue RestClient::ResourceNotFound
false
@@ -86,14 +86,11 @@
# resource.permitted_roles 'execute' # => ['conjur:user:admin', 'conjur:user:jon']
#
# @param privilege [String] the privilege
# @return [Array<String>] the ids of roles that have `privilege` on this resource.
def permitted_roles privilege
- options = {}
- options[:permitted_roles] = true
- options[:privilege] = privilege
- result = JSON.parse rbac_resource_resource[options_querystring options].get
+ result = JSON.parse url_for(:resources_permitted_roles, credentials, id, privilege).get
if result.is_a?(Hash) && ( count = result['count'] )
count
else
result
end
@@ -113,25 +110,14 @@
# @param privilege [String] the privilege to check
# @param role [String,nil] :role check whether the role given by this full role id is permitted
# instead of checking +api.current_role+.
# @return [Boolean]
def permitted? privilege, role: nil
- options = {}
- options[:check] = true
- options[:privilege] = privilege
- options[:role] = cast_to_id(role) if role
- rbac_resource_resource[options_querystring options].get
+ url_for(:resources_check, credentials, id, privilege, role)
true
rescue RestClient::Forbidden
false
rescue RestClient::ResourceNotFound
false
- end
-
- private
-
- # RestClient::Resource for RBAC resource operations.
- def rbac_resource_resource
- RestClient::Resource.new(Conjur.configuration.core_url, credentials)['resources'][id.to_url_path]
end
end
end