Class: ManageIQ::API::Common::RBAC::Access
- Inherits:
-
Object
- Object
- ManageIQ::API::Common::RBAC::Access
- Defined in:
- lib/manageiq/api/common/rbac/access.rb
Constant Summary collapse
- DEFAULT_LIMIT =
500
Instance Attribute Summary collapse
-
#acl ⇒ Object
readonly
Returns the value of attribute acl.
Class Method Summary collapse
Instance Method Summary collapse
- #accessible? ⇒ Boolean
- #id_list ⇒ Object
-
#initialize(resource, verb) ⇒ Access
constructor
A new instance of Access.
- #owner_scoped? ⇒ Boolean
- #process ⇒ Object
Constructor Details
#initialize(resource, verb) ⇒ Access
Returns a new instance of Access.
8 9 10 11 12 13 |
# File 'lib/manageiq/api/common/rbac/access.rb', line 8 def initialize(resource, verb) @resource = resource @verb = verb @regexp = Regexp.new(":(#{Regexp.escape(@resource)}|\\*):(#{Regexp.escape(@verb)}|\\*)") @app_name = ENV["APP_NAME"] end |
Instance Attribute Details
#acl ⇒ Object (readonly)
Returns the value of attribute acl.
6 7 8 |
# File 'lib/manageiq/api/common/rbac/access.rb', line 6 def acl @acl end |
Class Method Details
.enabled? ⇒ Boolean
36 37 38 |
# File 'lib/manageiq/api/common/rbac/access.rb', line 36 def self.enabled? ENV['BYPASS_RBAC'].blank? end |
Instance Method Details
#accessible? ⇒ Boolean
24 25 26 |
# File 'lib/manageiq/api/common/rbac/access.rb', line 24 def accessible? @acl.any? end |
#id_list ⇒ Object
28 29 30 |
# File 'lib/manageiq/api/common/rbac/access.rb', line 28 def id_list ids.include?('*') ? [] : ids end |
#owner_scoped? ⇒ Boolean
32 33 34 |
# File 'lib/manageiq/api/common/rbac/access.rb', line 32 def owner_scoped? ids.include?('*') ? false : owner_scope_filter? end |
#process ⇒ Object
15 16 17 18 19 20 21 22 |
# File 'lib/manageiq/api/common/rbac/access.rb', line 15 def process Service.call(RBACApiClient::AccessApi) do |api| @acl ||= Service.paginate(api, :get_principal_access, {:limit => DEFAULT_LIMIT}, @app_name).select do |item| @regexp.match?(item.) end end self end |