Fix cookbook ACLs (set can create directories)

author: John Keiser <jkeiser@opscode.com> 2014-08-21 15:40:30 -0700
committer: John Keiser <jkeiser@opscode.com> 2014-08-22 09:20:50 -0700
commit: c5db8bb9383b6e5b94776043985714fc35196c1e (patch)
tree: f936d7a377287c02ae809444c1f30a9cec67e204 /lib/chef_zero/chef_data/default_creator.rb
parent: c02c90532ddb6e7faa21b0642a200de2ec0f08d9 (diff)
download: chef-zero-c5db8bb9383b6e5b94776043985714fc35196c1e.tar.gz
1 files changed, 16 insertions, 11 deletions
diff --git a/lib/chef_zero/chef_data/default_creator.rb b/lib/chef_zero/chef_data/default_creator.rb
index b649cf1..a5fa3d6 100644
--- a/lib/chef_zero/chef_data/default_creator.rb
+++ b/lib/chef_zero/chef_data/default_creator.rb
@@ -50,9 +50,15 @@ module ChefZero
         false
       end
 
-      def created(path, creator)
-        @creators[path] = [ creator ]
-        @deleted.delete(path) if @deleted[path]
+      def created(path, creator, create_parents)
+        while !@creators[path]
+          @creators[path] = [ creator ]
+          @deleted.delete(path) if @deleted[path]
+          # Only do this once if create_parents is false
+          break if !create_parents || path.size == 0
+
+          path = path[0..-2]
+        end
       end
 
       def superusers
@@ -365,7 +371,12 @@ module ChefZero
             owners |= @creators[path] if @creators[path]
           end
 
-          owners |= superusers
+          #ANGRY
+          # Non-default containers do not get superusers added to them,
+          # because reasons.
+          unless path.size == 4 && path[0] == 'organizations' && path[2] == 'containers' && !exists?(path)
+            owners |= superusers
+          end
         end
 
         owners.uniq
@@ -378,19 +389,13 @@ module ChefZero
           acl[perm] ||= {}
           acl[perm]['actors'] ||= begin
             owners ||= get_owners(acl_path)
-            container_acl ||= get_container_acl(acl_path) || {}
-            if container_acl[perm] && container_acl[perm]['actors']
-              owners | container_acl[perm]['actors']
-            else
-              owners
-            end
           end
           acl[perm]['groups'] ||= begin
             # When we create containers, we don't merge groups (not sure why).
             if acl_path[0] == 'organizations' && acl_path[3] == 'containers'
               []
             else
-              container_acl ||= get_container_acl(request, acl_path) || {}
+              container_acl ||= get_container_acl(acl_path) || {}
               (container_acl[perm] ? container_acl[perm]['groups'] : []) || []
             end
           end
author	John Keiser <jkeiser@opscode.com>	2014-08-21 15:40:30 -0700
committer	John Keiser <jkeiser@opscode.com>	2014-08-22 09:20:50 -0700
commit	c5db8bb9383b6e5b94776043985714fc35196c1e (patch)
tree	f936d7a377287c02ae809444c1f30a9cec67e204 /lib/chef_zero/chef_data/default_creator.rb
parent	c02c90532ddb6e7faa21b0642a200de2ec0f08d9 (diff)
download	chef-zero-c5db8bb9383b6e5b94776043985714fc35196c1e.tar.gz