module Conjur::ActsAsUser

This module provides methods for things that are like users (specifically, those that have api keys).

Public Class Methods

included(base) click to toggle source

@api private

# File lib/conjur/acts_as_user.rb, line 26
def self.included(base)
  base.include ActsAsRolsource
end

Public Instance Methods

api() click to toggle source

Create an api logged in as this user-like thing.

@note As with {#api_key}, this method only works on newly created instances. @see api_key @return [Conjur::API] an api logged in as this user-like thing.

# File lib/conjur/acts_as_user.rb, line 46
def api
  Conjur::API.new_from_key login, api_key, account: account
end
api_key() click to toggle source

Returns a newly created user’s api_key.

@note The API key is not returned by {API#resource}. It is only available via {API#login}, when the object is newly created, and when the API key is rotated.

@return [String] the api key @raise [Exception] when the object isn’t newly created.

# File lib/conjur/acts_as_user.rb, line 37
def api_key
  attributes['api_key'] or raise "api_key is only available on a newly created #{kind}"
end
rotate_api_key() click to toggle source

Rotate this role’s API key. You must have ‘update` permission on the user to do so.

@note You will not be able to access the API key returned by this method later, so you should

probably hang onto it it.

@note You cannot rotate your own API key with this method. To do so, use ‘Conjur::API.rotate_api_key`.

@note This feature requires a Conjur appliance running version 4.6 or higher.

@return [String] the new API key for this user.

# File lib/conjur/acts_as_user.rb, line 60
def rotate_api_key
  if login == username
    raise 'You cannot rotate your own API key via this method. To do so, use `Conjur::API.rotate_api_key`'
  end

  url_for(:authn_rotate_api_key, credentials, account, id).put("").body
end