class CloudFoundry::Perm::V1::Client
Attributes
hostname[R]
port[R]
timeout[R]
trusted_cas[R]
url[R]
Public Class Methods
new(hostname:, port: 6283, trusted_cas:, timeout: 15)
click to toggle source
# File lib/perm/v1/client.rb, line 12 def initialize(hostname:, port: 6283, trusted_cas:, timeout: 15) raise ArgumentError, 'trusted_cas cannot be empty' if trusted_cas.empty? @hostname = hostname @port = port @url = "#{hostname}:#{port}" @trusted_cas = trusted_cas @timeout = timeout end
Public Instance Methods
assign_role(role_name:, actor_id:, namespace:)
click to toggle source
# File lib/perm/v1/client.rb, line 46 def assign_role(role_name:, actor_id:, namespace:) actor = Protos::Actor.new(id: actor_id, namespace: namespace) request = Protos::AssignRoleRequest.new(actor: actor, role_name: role_name) grpc_role_service.assign_role(request) nil rescue GRPC::BadStatus => e raise Errors.from_grpc_error(e) end
assign_role_to_group(role_name:, group_id:)
click to toggle source
# File lib/perm/v1/client.rb, line 68 def assign_role_to_group(role_name:, group_id:) group = Protos::Group.new(id: group_id) request = Protos::AssignRoleToGroupRequest.new(group: group, role_name: role_name) grpc_role_service.assign_role_to_group(request) nil rescue GRPC::BadStatus => e raise Errors.from_grpc_error(e) end
create_role(role_name:, permissions: [])
click to toggle source
# File lib/perm/v1/client.rb, line 22 def create_role(role_name:, permissions: []) permission_protos = permissions.map do |p| Protos::Permission.new(action: p.action, resource_pattern: p.resource_pattern) end request = Protos::CreateRoleRequest.new(name: role_name, permissions: permission_protos) response = grpc_role_service.create_role(request) role = response.role Models::Role.new(name: role.name) rescue GRPC::BadStatus => e raise Errors.from_grpc_error(e) end
delete_role(name)
click to toggle source
# File lib/perm/v1/client.rb, line 36 def delete_role(name) request = Protos::DeleteRoleRequest.new(name: name) grpc_role_service.delete_role(request) nil rescue GRPC::BadStatus => e raise Errors.from_grpc_error(e) end
has_permission?(actor_id:, namespace:, action:, resource:, group_ids: [])
click to toggle source
rubocop:disable Metrics/MethodLength
# File lib/perm/v1/client.rb, line 125 def has_permission?(actor_id:, namespace:, action:, resource:, group_ids: []) actor = Protos::Actor.new(id: actor_id, namespace: namespace) groups = [] group_ids.each do |group_id| groups.push(Protos::Group.new(id: group_id)) end request = Protos::HasPermissionRequest.new( actor: actor, action: action, resource: resource, groups: groups ) grpc_permission_service.has_permission(request).has_permission rescue GRPC::BadStatus => e raise Errors.from_grpc_error(e) end
has_role?(role_name:, actor_id:, namespace:)
click to toggle source
rubocop:disable Naming/PredicateName
# File lib/perm/v1/client.rb, line 91 def has_role?(role_name:, actor_id:, namespace:) actor = Protos::Actor.new(id: actor_id, namespace: namespace) request = Protos::HasRoleRequest.new(actor: actor, role_name: role_name) response = grpc_role_service.has_role(request) response.has_role rescue GRPC::BadStatus => e raise Errors.from_grpc_error(e) end
has_role_for_group?(role_name:, group_id:)
click to toggle source
# File lib/perm/v1/client.rb, line 101 def has_role_for_group?(role_name:, group_id:) group = Protos::Group.new(id: group_id) request = Protos::HasRoleForGroupRequest.new(group: group, role_name: role_name) response = grpc_role_service.has_role_for_group(request) response.has_role rescue GRPC::BadStatus => e raise Errors.from_grpc_error(e) end
list_resource_patterns(actor_id:, namespace:, action:, group_ids: [])
click to toggle source
# File lib/perm/v1/client.rb, line 142 def list_resource_patterns(actor_id:, namespace:, action:, group_ids: []) actor = Protos::Actor.new(id: actor_id, namespace: namespace) groups = [] group_ids.each do |group_id| groups.push(Protos::Group.new(id: group_id)) end request = Protos::ListResourcePatternsRequest.new( actor: actor, action: action, groups: groups ) response = grpc_permission_service.list_resource_patterns(request) response.resource_patterns rescue GRPC::BadStatus => e raise Errors.from_grpc_error(e) end
list_role_permissions(role_name:)
click to toggle source
# File lib/perm/v1/client.rb, line 111 def list_role_permissions(role_name:) request = Protos::ListRolePermissionsRequest.new(role_name: role_name) response = grpc_role_service.list_role_permissions(request) permissions = response.permissions permissions.map do |permission| Models::Permission.new(action: permission.action, resource_pattern: permission.resource_pattern) end rescue GRPC::BadStatus => e raise Errors.from_grpc_error(e) end
unassign_role(role_name:, actor_id:, namespace:)
click to toggle source
# File lib/perm/v1/client.rb, line 57 def unassign_role(role_name:, actor_id:, namespace:) actor = Protos::Actor.new(id: actor_id, namespace: namespace) request = Protos::UnassignRoleRequest.new(actor: actor, role_name: role_name) grpc_role_service.unassign_role(request) nil rescue GRPC::BadStatus => e raise Errors.from_grpc_error(e) end
unassign_role_from_group(role_name:, group_id:)
click to toggle source
# File lib/perm/v1/client.rb, line 79 def unassign_role_from_group(role_name:, group_id:) group = Protos::Group.new(id: group_id) request = Protos::UnassignRoleFromGroupRequest.new(group: group, role_name: role_name) grpc_role_service.unassign_role_from_group(request) nil rescue GRPC::BadStatus => e raise Errors.from_grpc_error(e) end
Private Instance Methods
grpc_permission_service()
click to toggle source
# File lib/perm/v1/client.rb, line 188 def grpc_permission_service @grpc_permission_service ||= Protos::PermissionService::Stub.new( url, tls_credentials, timeout: timeout, channel_override: shared_channel ) end
grpc_role_service()
click to toggle source
# File lib/perm/v1/client.rb, line 179 def grpc_role_service @grpc_role_service ||= Protos::RoleService::Stub.new( url, tls_credentials, timeout: timeout, channel_override: shared_channel ) end
tls_credentials()
click to toggle source
# File lib/perm/v1/client.rb, line 167 def tls_credentials @tls_credentials ||= GRPC::Core::ChannelCredentials.new(trusted_cas.join("\n")) end