Class: Puppet::Network::AuthStore
- Includes:
- Util::Logging
- Defined in:
- lib/puppet/network/authstore.rb
Direct Known Subclasses
Defined Under Namespace
Classes: Declaration
Constant Summary
Constants included from Util::Logging
Util::Logging::FILE_AND_LINE, Util::Logging::FILE_NO_LINE, Util::Logging::MM, Util::Logging::NO_FILE_LINE, Util::Logging::SUPPRESS_FILE_LINE
Instance Method Summary collapse
-
#allow(pattern) ⇒ Object
Mark a given pattern as allowed.
- #allow_ip(pattern) ⇒ Object
-
#allowed?(name, ip) ⇒ Boolean
Is a given combination of name and ip address allowed? If either input is non-nil, then both inputs must be provided.
-
#deny(pattern) ⇒ Object
Deny a given pattern.
- #deny_ip(pattern) ⇒ Object
-
#empty? ⇒ Boolean
does this auth store has any rules?.
-
#globalallow? ⇒ Boolean
Is global allow enabled?.
-
#initialize ⇒ AuthStore
constructor
A new instance of AuthStore.
- #interpolate(match) ⇒ Object
- #reset_interpolation ⇒ Object
- #to_s ⇒ Object
Methods included from Util::Logging
#clear_deprecation_warnings, #debug, #deprecation_warning, #format_exception, #get_deprecation_offender, #log_and_raise, #log_deprecations_to_file, #log_exception, #puppet_deprecation_warning, #send_log, setup_facter_logging!, #warn_once
Constructor Details
#initialize ⇒ AuthStore
Returns a new instance of AuthStore.
75 76 77 78 |
# File 'lib/puppet/network/authstore.rb', line 75 def initialize @globalallow = nil @declarations = [] end |
Instance Method Details
#allow(pattern) ⇒ Object
Mark a given pattern as allowed.
41 42 43 44 45 46 47 48 49 50 |
# File 'lib/puppet/network/authstore.rb', line 41 def allow(pattern) # a simple way to allow anyone at all to connect if pattern == "*" @globalallow = true else store(:allow, pattern) end nil end |
#allow_ip(pattern) ⇒ Object
52 53 54 |
# File 'lib/puppet/network/authstore.rb', line 52 def allow_ip(pattern) store(:allow_ip, pattern) end |
#allowed?(name, ip) ⇒ Boolean
Is a given combination of name and ip address allowed? If either input is non-nil, then both inputs must be provided. If neither input is provided, then the authstore is considered local and defaults to “true”.
17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
# File 'lib/puppet/network/authstore.rb', line 17 def allowed?(name, ip) if name or ip # This is probably unnecessary, and can cause some weirdnesses in # cases where we're operating over localhost but don't have a real # IP defined. raise Puppet::DevError, "Name and IP must be passed to 'allowed?'" unless name and ip # else, we're networked and such else # we're local return true end # yay insecure overrides return true if globalallow? if decl = declarations.find { |d| d.match?(name, ip) } return decl.result end info _("defaulting to no access for %{name}") % { name: name } false end |
#deny(pattern) ⇒ Object
Deny a given pattern.
57 58 59 |
# File 'lib/puppet/network/authstore.rb', line 57 def deny(pattern) store(:deny, pattern) end |
#deny_ip(pattern) ⇒ Object
61 62 63 |
# File 'lib/puppet/network/authstore.rb', line 61 def deny_ip(pattern) store(:deny_ip, pattern) end |
#empty? ⇒ Boolean
does this auth store has any rules?
71 72 73 |
# File 'lib/puppet/network/authstore.rb', line 71 def empty? @globalallow.nil? && @declarations.size == 0 end |
#globalallow? ⇒ Boolean
Is global allow enabled?
66 67 68 |
# File 'lib/puppet/network/authstore.rb', line 66 def globalallow? @globalallow end |
#interpolate(match) ⇒ Object
84 85 86 |
# File 'lib/puppet/network/authstore.rb', line 84 def interpolate(match) @modified_declarations = @declarations.collect { |ace| ace.interpolate(match) }.sort end |
#reset_interpolation ⇒ Object
88 89 90 |
# File 'lib/puppet/network/authstore.rb', line 88 def reset_interpolation @modified_declarations = nil end |
#to_s ⇒ Object
80 81 82 |
# File 'lib/puppet/network/authstore.rb', line 80 def to_s "authstore" end |