2014-12-30 17:25:09 -05:00
|
|
|
require 'fog/aws/models/iam/policy'
|
2015-05-28 16:20:48 -04:00
|
|
|
require 'fog/aws/iam/paged_collection'
|
2014-12-30 17:25:09 -05:00
|
|
|
|
|
|
|
|
module Fog
|
|
|
|
|
module AWS
|
|
|
|
|
class IAM
|
2015-05-28 16:20:48 -04:00
|
|
|
class Policies < Fog::AWS::IAM::PagedCollection
|
|
|
|
|
|
2014-12-30 17:25:09 -05:00
|
|
|
model Fog::AWS::IAM::Policy
|
|
|
|
|
|
2015-05-19 16:44:56 -04:00
|
|
|
attribute :username
|
2015-05-21 12:30:27 -04:00
|
|
|
attribute :group_name
|
2014-12-30 17:25:09 -05:00
|
|
|
|
2015-05-28 16:20:48 -04:00
|
|
|
def all(options={})
|
2015-05-21 12:30:27 -04:00
|
|
|
requires_one :username, :group_name
|
|
|
|
|
|
|
|
|
|
policies = if self.username
|
2015-05-28 16:20:48 -04:00
|
|
|
all_by_user(self.username, options)
|
|
|
|
|
else self.group_name
|
|
|
|
|
all_by_group(self.group_name, options)
|
2015-05-21 12:30:27 -04:00
|
|
|
end
|
|
|
|
|
|
2014-12-30 17:25:09 -05:00
|
|
|
load(policies) # data is an array of attribute hashes
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def get(identity)
|
2015-05-21 12:30:27 -04:00
|
|
|
requires_one :username, :group_name
|
|
|
|
|
|
2015-05-28 16:20:48 -04:00
|
|
|
response = if self.username
|
|
|
|
|
service.get_user_policy(identity, self.username)
|
|
|
|
|
else self.group_name
|
|
|
|
|
service.get_group_policy(identity, self.group_name)
|
|
|
|
|
end
|
2015-05-19 16:44:56 -04:00
|
|
|
|
2015-05-28 16:20:48 -04:00
|
|
|
new(response.body['Policy'])
|
2014-12-30 17:25:09 -05:00
|
|
|
rescue Fog::AWS::IAM::NotFound
|
|
|
|
|
nil
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
def new(attributes = {})
|
2015-05-21 12:30:27 -04:00
|
|
|
super(self.attributes.merge(attributes))
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
|
|
# AWS method get_user_policy and list_group_policies only returns an array of policy names, this is kind of useless,
|
|
|
|
|
# that's why it has to loop through the list to get the details of each element. I don't like it because it makes this method slow
|
|
|
|
|
|
2015-05-28 16:20:48 -04:00
|
|
|
def all_by_group(group_name, options={})
|
|
|
|
|
response = service.list_group_policies(group_name, page_params(options))
|
|
|
|
|
merge_attributes(response.body)
|
2015-05-21 12:30:27 -04:00
|
|
|
|
|
|
|
|
response.body['PolicyNames'].map do |policy_name|
|
|
|
|
|
service.get_group_policy(policy_name, group_name).body['Policy']
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
|
2015-05-28 16:20:48 -04:00
|
|
|
def all_by_user(username, options={})
|
|
|
|
|
response = service.list_user_policies(username, page_params(options))
|
|
|
|
|
merge_attributes(response.body)
|
2015-05-21 12:30:27 -04:00
|
|
|
|
|
|
|
|
response.body['PolicyNames'].map do |policy_name|
|
|
|
|
|
service.get_user_policy(policy_name, username).body['Policy']
|
|
|
|
|
end
|
2014-12-30 17:25:09 -05:00
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
