class Conjur::Policy::Executor::Revoke

Public Instance Methods

execute() click to toggle source
# File lib/conjur/policy/executor/revoke.rb, line 3
def execute
  if statement.role.is_a?(Conjur::Policy::Types::Layer) && statement.member.is_a?(Conjur::Policy::Types::Host)
    remove_host_from_layer
  else
    revoke_role_from_member
  end
end
remove_host_from_layer() click to toggle source
# File lib/conjur/policy/executor/revoke.rb, line 11
def remove_host_from_layer
  action({
    'method' => 'delete',
    'path' => "layers/#{fully_escape statement.role.id}/hosts/#{fully_escape statement.member.roleid}",
    'parameters' => {}
  })
end
revoke_role_from_member() click to toggle source
# File lib/conjur/policy/executor/revoke.rb, line 19
def revoke_role_from_member
  action({
    'method' => 'delete',
    'path' => "#{role_path(statement.role)}?members",
    'parameters' => { "member" => statement.member.roleid }
  })
end