Module: Kessel::Console

Extended by:

Console

Includes:

RBAC::V2

Included in:

Console

Defined in:

lib/kessel/console.rb

Constant Summary

DEFAULT_DOMAIN =

'redhat'

IDENTITY_TYPE_FIELDS =

{
  'User' => 'user',
  'ServiceAccount' => 'service_account'
}.freeze

Constants included from RBAC::V2

RBAC::V2::DEFAULT_PAGE_LIMIT, RBAC::V2::WORKSPACE_ENDPOINT

Constants included from Inventory::V1beta2

Inventory::V1beta2::Allowed, Inventory::V1beta2::CheckBulkRequest, Inventory::V1beta2::CheckBulkRequestItem, Inventory::V1beta2::CheckBulkResponse, Inventory::V1beta2::CheckBulkResponseItem, Inventory::V1beta2::CheckBulkResponsePair, Inventory::V1beta2::CheckForUpdateBulkRequest, Inventory::V1beta2::CheckForUpdateBulkResponse, Inventory::V1beta2::CheckForUpdateBulkResponseItem, Inventory::V1beta2::CheckForUpdateBulkResponsePair, Inventory::V1beta2::CheckForUpdateRequest, Inventory::V1beta2::CheckForUpdateResponse, Inventory::V1beta2::CheckRequest, Inventory::V1beta2::CheckResponse, Inventory::V1beta2::CheckSelfBulkRequest, Inventory::V1beta2::CheckSelfBulkRequestItem, Inventory::V1beta2::CheckSelfBulkResponse, Inventory::V1beta2::CheckSelfBulkResponseItem, Inventory::V1beta2::CheckSelfBulkResponsePair, Inventory::V1beta2::CheckSelfRequest, Inventory::V1beta2::CheckSelfResponse, Inventory::V1beta2::Consistency, Inventory::V1beta2::ConsistencyToken, Inventory::V1beta2::DeleteResourceRequest, Inventory::V1beta2::DeleteResourceResponse, Inventory::V1beta2::ReportResourceRequest, Inventory::V1beta2::ReportResourceResponse, Inventory::V1beta2::ReporterReference, Inventory::V1beta2::RepresentationMetadata, Inventory::V1beta2::RepresentationType, Inventory::V1beta2::RequestPagination, Inventory::V1beta2::ResourceReference, Inventory::V1beta2::ResourceRepresentations, Inventory::V1beta2::ResponsePagination, Inventory::V1beta2::StreamedListObjectsRequest, Inventory::V1beta2::StreamedListObjectsResponse, Inventory::V1beta2::StreamedListSubjectsRequest, Inventory::V1beta2::StreamedListSubjectsResponse, Inventory::V1beta2::SubjectReference, Inventory::V1beta2::WriteVisibility

Instance Method Summary

• #principal_from_rh_identity(identity, domain: DEFAULT_DOMAIN) ⇒ Object
• #principal_from_rh_identity_header(header, domain: DEFAULT_DOMAIN) ⇒ Object

Methods included from RBAC::V2

#fetch_default_workspace, #fetch_root_workspace, #list_workspaces, #principal_resource, #principal_subject, #role_resource, #role_type, #subject, #workspace_resource, #workspace_type

Instance Method Details

#principal_from_rh_identity(identity, domain: DEFAULT_DOMAIN) ⇒ Object

# File 'lib/kessel/console.rb', line 19

def principal_from_rh_identity(identity, domain: DEFAULT_DOMAIN)
  user_id = extract_user_id(identity)
  principal_subject(user_id, domain)
end

#principal_from_rh_identity_header(header, domain: DEFAULT_DOMAIN) ⇒ Object

# File 'lib/kessel/console.rb', line 24

def principal_from_rh_identity_header(header, domain: DEFAULT_DOMAIN)
  decoded = JSON.parse(Base64.decode64(header))
rescue StandardError => e
  raise ArgumentError, "Failed to decode identity header: #{e.message}"
else
  raise ArgumentError, 'Identity header did not decode to a JSON object' unless decoded.is_a?(Hash)

  identity = decoded['identity']
  raise ArgumentError, "Identity header is missing the 'identity' envelope key" if identity.nil?

  principal_from_rh_identity(identity, domain: domain)
end