Class: Textus::Doctor::Check::HandlerPermit

Inherits:

Textus::Doctor::Check

Object
Textus::Doctor::Check
Textus::Doctor::Check::HandlerPermit

show all

Defined in:: lib/textus/doctor/check/handler_permit.rb

Overview

For every entry with a fetch handler, look up its handler_permit policy (if any) and verify the declared handler is permitted. Emits a failure when the handler is rejected by policy.

Instance Method Summary collapse

#call ⇒ Object

Methods inherited from Textus::Doctor::Check

#initialize, name_key

Constructor Details

This class inherits a constructor from Textus::Doctor::Check

Instance Method Details

#call ⇒ `Object`

# File 'lib/textus/doctor/check/handler_permit.rb', line 8

def call
  out = []
  manifest.data.entries.each do |mentry|
    next unless mentry.intake?

    handler = mentry.handler

    permit = manifest.rules.for(mentry.key).handler_permit
    next if permit.nil?
    next if permit.permits?(handler)

    out << {
      "code" => "policy.handler_not_permitted",
      "level" => "error",
      "subject" => mentry.key,
      "message" => "entry '#{mentry.key}' declares source.handler='#{handler}' but " \
                   "handler_permit allows only: #{permit.handlers.join(", ")}",
      "fix" => "change handler to one of [#{permit.handlers.join(", ")}] or " \
               "extend handler_permit in .textus/manifest.yaml",
    }
  end
  out
end