diff options
author | John Keiser <jkeiser@opscode.com> | 2014-08-21 15:40:30 -0700 |
---|---|---|
committer | John Keiser <jkeiser@opscode.com> | 2014-08-22 09:20:50 -0700 |
commit | c5db8bb9383b6e5b94776043985714fc35196c1e (patch) | |
tree | f936d7a377287c02ae809444c1f30a9cec67e204 /lib/chef_zero/chef_data/default_creator.rb | |
parent | c02c90532ddb6e7faa21b0642a200de2ec0f08d9 (diff) | |
download | chef-zero-c5db8bb9383b6e5b94776043985714fc35196c1e.tar.gz |
Fix cookbook ACLs (set can create directories)
Diffstat (limited to 'lib/chef_zero/chef_data/default_creator.rb')
-rw-r--r-- | lib/chef_zero/chef_data/default_creator.rb | 27 |
1 files changed, 16 insertions, 11 deletions
diff --git a/lib/chef_zero/chef_data/default_creator.rb b/lib/chef_zero/chef_data/default_creator.rb index b649cf1..a5fa3d6 100644 --- a/lib/chef_zero/chef_data/default_creator.rb +++ b/lib/chef_zero/chef_data/default_creator.rb @@ -50,9 +50,15 @@ module ChefZero false end - def created(path, creator) - @creators[path] = [ creator ] - @deleted.delete(path) if @deleted[path] + def created(path, creator, create_parents) + while !@creators[path] + @creators[path] = [ creator ] + @deleted.delete(path) if @deleted[path] + # Only do this once if create_parents is false + break if !create_parents || path.size == 0 + + path = path[0..-2] + end end def superusers @@ -365,7 +371,12 @@ module ChefZero owners |= @creators[path] if @creators[path] end - owners |= superusers + #ANGRY + # Non-default containers do not get superusers added to them, + # because reasons. + unless path.size == 4 && path[0] == 'organizations' && path[2] == 'containers' && !exists?(path) + owners |= superusers + end end owners.uniq @@ -378,19 +389,13 @@ module ChefZero acl[perm] ||= {} acl[perm]['actors'] ||= begin owners ||= get_owners(acl_path) - container_acl ||= get_container_acl(acl_path) || {} - if container_acl[perm] && container_acl[perm]['actors'] - owners | container_acl[perm]['actors'] - else - owners - end end acl[perm]['groups'] ||= begin # When we create containers, we don't merge groups (not sure why). if acl_path[0] == 'organizations' && acl_path[3] == 'containers' [] else - container_acl ||= get_container_acl(request, acl_path) || {} + container_acl ||= get_container_acl(acl_path) || {} (container_acl[perm] ? container_acl[perm]['groups'] : []) || [] end end |