class Conjur::Command::Policy

Constants

Policy

policy isn't a rolsource (yet), but we can pretend

Public Class Methods

execute(api, records, options = {}) click to toggle source
# File lib/conjur/command/policy.rb, line 53
def self.execute api, records, options = {}
  actions = []
  records.each do |record|
    executor_class = Conjur::Policy::Executor.class_for(record)
    executor = executor_class.new(api, record, actions)
    executor.execute
  end
  Conjur::Policy::HTTPExecutor.new(api).execute actions
end
load(filename) click to toggle source
# File lib/conjur/command/policy.rb, line 24
def self.load filename
  script = script_from_filename filename
  loader.load script, filename
end
loader() click to toggle source
# File lib/conjur/command/policy.rb, line 48
def self.loader
  mod = Conjur::Policy.const_get 'YAML'
  mod.const_get "Loader"
end
save_context_to_file(context, path) click to toggle source
# File lib/conjur/command/policy.rb, line 64
def self.save_context_to_file context, path

  existing = if File.file?(path)
    JSON.load(File.read(path))
  else
    {}
  end

  File.write(path, existing.merge(context).to_json)
rescue => ex
  # It would suck to lose all your API keys by fat-fingering the filename -- write it to the stdout if
  # anything goes wrong.
  $stderr.puts "Error saving context to #{path}: #{ex}.  Context will be written to the stdout"
  $stderr.puts ex.backtrace.join("\n\t") if ENV['DEBUG']
  puts context.to_json
end
script_from_filename(filename) click to toggle source
# File lib/conjur/command/policy.rb, line 29
def self.script_from_filename filename
  if filename
    if File.exists?(filename)
      File.read(filename)
    else
      require 'open-uri'
      uri = URI.parse(filename)
      raise "Unable to read this kind of URL : #{filename}" unless uri.respond_to?(:read)
      begin
        uri.read
      rescue OpenURI::HTTPError
        raise "Unable to read URI #{filename} : #{$!.message}"
      end
    end
  else
    STDIN.read
  end
end