Class: Convection::Model::Mixin::Policy
- Inherits:
-
Object
- Object
- Convection::Model::Mixin::Policy
- Includes:
- DSL::Helpers
- Defined in:
- lib/convection/model/mixin/policy.rb
Overview
Add definition helpers for entities with policies
Defined Under Namespace
Classes: Statement
Constant Summary
- DEFAULT_VERSION =
'2012-10-17'.freeze
Instance Method Summary collapse
- #allow(sid = nil, &block) ⇒ Object
- #deny(sid = nil, &block) ⇒ Object
- #document ⇒ Object
-
#initialize(options = {}) ⇒ Policy
constructor
A new instance of Policy.
- #render(parent = {}) ⇒ Object
Methods included from DSL::Helpers
#camel_case, included, method_name, #screaming_snake_case, #snake_case
Methods included from DSL::IntrinsicFunctions
#base64, #find_in_map, #fn_and, #fn_equals, #fn_if, #fn_not, #fn_or, #fn_ref, #get_att, #get_azs, #join, #select
Constructor Details
#initialize(options = {}) ⇒ Policy
Returns a new instance of Policy
19 20 21 22 23 24 25 |
# File 'lib/convection/model/mixin/policy.rb', line 19 def initialize( = {}) @name = .fetch(:name) { SecureRandom.uuid } @version = DEFAULT_VERSION @statement = [] @template = [:template] end |
Instance Method Details
#allow(sid = nil, &block) ⇒ Object
27 28 29 30 31 32 33 |
# File 'lib/convection/model/mixin/policy.rb', line 27 def allow(sid = nil, &block) add_statement = Statement.new('Allow', @template) add_statement.sid = sid unless sid.nil? add_statement.instance_exec(&block) if block statement(add_statement) end |
#deny(sid = nil, &block) ⇒ Object
35 36 37 38 39 40 41 |
# File 'lib/convection/model/mixin/policy.rb', line 35 def deny(sid = nil, &block) add_statement = Statement.new('Deny', @template) add_statement.sid = sid unless sid.nil? add_statement.instance_exec(&block) if block statement(add_statement) end |
#document ⇒ Object
43 44 45 46 47 48 |
# File 'lib/convection/model/mixin/policy.rb', line 43 def document { 'Version' => version, 'Statement' => statement.map(&:render) } end |
#render(parent = {}) ⇒ Object
50 51 52 53 54 55 |
# File 'lib/convection/model/mixin/policy.rb', line 50 def render(parent = {}) parent.tap do |resource| resource['PolicyName'] = name unless name.is_a?(FalseClass) resource['PolicyDocument'] = document end end |