class RsUserPolicy::Policy::JsonPolicy

Public Class Methods

new(options={}) click to toggle source

Initializes a new Policy

If more than one source is passed into options, the order of preference will be

:json, :json_str, :filename

@param [Hash] options A hash of inputs for the new JSONPolicy @option options [Hash] :json A hash containing the policy @option options [String] :json_str A JSON string containing the policy @option options [String] :filename Path and filename to a file containing the policy in JSON

@raise [ArgumentError] If neither a filename or json object were supplied @raise [Errno::ENOENT] If :filename was specified but the policy file does not exist @raise [JSON::ParseError] If the policy is not valid JSON

# File lib/rs_user_policy/policy/json_policy.rb, line 43
def initialize(options={})
  if ([:filename, :json, :json_str] & options.keys()).empty?
    raise ArgumentError, "You must supply either a filename, JSON string, or a JSON object"
  end

  if options.has_key?(:json)
    @policy = options[:json]
  elsif options.has_key?(:json_str)
    @policy = JSON.parse(options[:json_str])
  else
    @policy = JSON.parse(File.read(options[:filename]))
  end

  validate()
end

Public Instance Methods

get_permissions(roles, account_href) click to toggle source

Returns an array of permissions for a particular role in a particular RightScale account

@param [Array<String>] roles An array of role names for which permissions should be fetched @param [String] account_href A RightScale API 1.5 href for the RightScale account

@return [Array<String>] A list of permissions for the role and account pair requested. An empty array is returned if no policy exists for the requested pair

# File lib/rs_user_policy/policy/json_policy.rb, line 65
def get_permissions(roles, account_href)
  permissions = []
  roles.each do |role|
    if @policy.has_key?(role)
      permissions = permissions + (@policy[role][account_href] || @policy[role]['default'] || [])
    end
  end
  permissions.uniq
end

Private Instance Methods

validate() click to toggle source
# File lib/rs_user_policy/policy/json_policy.rb, line 77
def validate()
  # TODO: Also validate that the policy file is in the correct form.
  # I.E. {
  #   "policy-name": {
  #     "account-href-or-default": ["list", "of", "permissions"]
  #   }
  #}
end