module Conjur::Policy::Types::TypeChecking
Methods which type-check and transform attributes. Type-checking can be done by duck-typing, with is_a?
, or by a procedure.
Public Instance Methods
values
can be an instance of type
(as determined by the type-checking methods), or it must be an array of them.
# File lib/conjur/policy/types/base.rb, line 153 def expect_array name, kind, values # Hash gets converted to an array of key/value pairs by Array is_hash = values.kind_of?(Hash) values = [values] if is_hash result = Array(values).map do |v| send "expect_#{kind}", name, v end (values.is_a?(Array) and not is_hash) ? result : result[0] end
v
must be true
or false
.
# File lib/conjur/policy/types/base.rb, line 142 def expect_boolean name, v v = true if v == "true" v = false if v == "false" expect_type name, v, "boolean", lambda{ [ true, false ].member?(v) } end
value
can be a Hash, or an object which implements to_h
.
# File lib/conjur/policy/types/base.rb, line 133 def expect_hash name, value expect_type name, value, "hash", lambda{ value.is_a?(Hash)}, lambda{ value.to_h.stringify_keys if value.respond_to?(:to_h) } end
value
must be a Integer.
# File lib/conjur/policy/types/base.rb, line 125 def expect_integer name, value expect_type name, value, "integer", Integer end
If it's a Layer
# File lib/conjur/policy/types/base.rb, line 85 def expect_layer name, value expect_type name, value, "Layer", lambda{ value.is_a?(Layer) } end
value
may be a Member
; Roles can also be converted to Members.
# File lib/conjur/policy/types/base.rb, line 100 def expect_member name, value expect_type name, value, "Member", Member, lambda{ Member.new(value) if test_role(value) } end
value
must be a Permission.
# File lib/conjur/policy/types/base.rb, line 109 def expect_permission name, value expect_type name, value, "Permission", Permission end
If it's a Record
# File lib/conjur/policy/types/base.rb, line 80 def expect_record name, value expect_type name, value, "Record", lambda{ value.is_a?(Record) } end
If it looks like a resource.
# File lib/conjur/policy/types/base.rb, line 90 def expect_resource name, value expect_type name, value, "Resource", lambda{ test_resource value } end
If it looks like a role.
# File lib/conjur/policy/types/base.rb, line 95 def expect_role name, value expect_type name, value, "Role", lambda{ test_role value } end
value
must be a String.
# File lib/conjur/policy/types/base.rb, line 117 def expect_string name, value expect_type name, value, "string", String end
This is the primary function of the module.
value
an input value type_name
used only for error messages. test_function
a class or function which will determine if the value is already the correct type. converter
if the test_function
fails, the converter is called to coerce the type. It should return nil
if its unable to do so.
# File lib/conjur/policy/types/base.rb, line 54 def expect_type attr_name, value, type_name, test_function, converter = nil if test_function.is_a?(Class) cls = test_function test_function = lambda{ value.is_a?(cls) } end if test_function.call value elsif converter && ( v = converter.call ) v else name = value.class.respond_to?(:short_name) ? value.class.short_name : value.class.name raise "Expected a #{type_name} for field '#{attr_name}', got #{name}" end end
Duck-type resources.
# File lib/conjur/policy/types/base.rb, line 75 def test_resource r r.respond_to?(:resource?) && r.resource? end
Duck-type roles.
# File lib/conjur/policy/types/base.rb, line 70 def test_role r r.respond_to?(:role?) && r.role? end