diff options
-rw-r--r-- | Gemfile | 7 | ||||
-rw-r--r-- | lib/chef_zero/chef_data/acl_path.rb | 3 | ||||
-rw-r--r-- | lib/chef_zero/chef_data/data_normalizer.rb | 2 | ||||
-rw-r--r-- | lib/chef_zero/chef_data/default_creator.rb | 7 | ||||
-rw-r--r-- | lib/chef_zero/data_store/default_facade.rb | 2 | ||||
-rw-r--r-- | lib/chef_zero/endpoints/containers_endpoint.rb | 3 | ||||
-rw-r--r-- | lib/chef_zero/endpoints/policy_group_policy_endpoint.rb | 2 | ||||
-rw-r--r-- | spec/run_oc_pedant.rb | 5 |
8 files changed, 14 insertions, 17 deletions
@@ -3,12 +3,9 @@ gemspec gem 'rest-client', :github => 'chef/rest-client' -gem 'oc-chef-pedant', :github => 'chef/chef-server' - -# gem 'oc-chef-pedant', :path => "../chef-server" +gem 'oc-chef-pedant', :github => 'chef/chef-server', :branch => "jk/authorization-tags" # bundler resolve failure on "rspec_junit_formatter" # gem 'chef-pedant', :github => 'opscode/chef-pedant', :ref => "server-cli-option" -gem 'chef', :github => 'chef/chef' -# gem 'chef', :path => "../chef" +gem 'chef', :github => 'chef/chef', :branch => 'jk/policies-acls' diff --git a/lib/chef_zero/chef_data/acl_path.rb b/lib/chef_zero/chef_data/acl_path.rb index c783a1a..52b43d4 100644 --- a/lib/chef_zero/chef_data/acl_path.rb +++ b/lib/chef_zero/chef_data/acl_path.rb @@ -13,7 +13,8 @@ module ChefZero # specified on X, they are not inherited from X's parent # - stop adding pivotal to acls (he already has access to what he needs) module AclPath - ORG_DATA_TYPES = %w(clients cookbooks containers data environments groups nodes roles sandboxes) + ORG_DATA_TYPES = %w(clients cookbook_artifacts cookbooks containers data environments groups + nodes policies policy_groups roles sandboxes) TOP_DATA_TYPES = %w(containers organizations users) # ACL data paths for a partition are: diff --git a/lib/chef_zero/chef_data/data_normalizer.rb b/lib/chef_zero/chef_data/data_normalizer.rb index 9a6d1ae..95f3daa 100644 --- a/lib/chef_zero/chef_data/data_normalizer.rb +++ b/lib/chef_zero/chef_data/data_normalizer.rb @@ -8,7 +8,7 @@ module ChefZero def self.normalize_acls(acls) ChefData::DefaultCreator::PERMISSIONS.each do |perm| acls[perm] ||= {} - acls[perm]['actors'] ||= [] + (acls[perm]['actors'] ||= []).uniq! # this gets doubled sometimes, for reasons. acls[perm]['groups'] ||= [] end acls diff --git a/lib/chef_zero/chef_data/default_creator.rb b/lib/chef_zero/chef_data/default_creator.rb index b066a25..957018c 100644 --- a/lib/chef_zero/chef_data/default_creator.rb +++ b/lib/chef_zero/chef_data/default_creator.rb @@ -148,6 +148,7 @@ module ChefZero DEFAULT_ORG_SPINE = { 'clients' => {}, + 'cookbook_artifacts' => {}, 'cookbooks' => {}, 'data' => {}, 'environments' => %w(_default), @@ -281,7 +282,7 @@ module ChefZero 'delete' => { 'groups' => %w(admins) }, 'grant' => { 'groups' => %w(admins) }, } - when 'containers/cookbooks', 'containers/environments', 'containers/roles' + when 'containers/environments', 'containers/roles', 'containers/policy_groups', 'containers/policies' { 'create' => { 'groups' => %w(admins users) }, 'read' => { 'groups' => %w(admins users clients) }, @@ -289,7 +290,7 @@ module ChefZero 'delete' => { 'groups' => %w(admins users) }, 'grant' => { 'groups' => %w(admins) }, } - when 'containers/cookbooks', 'containers/data' + when 'containers/cookbooks', 'containers/cookbook_artifacts', 'containers/data' { 'create' => { 'groups' => %w(admins users clients) }, 'read' => { 'groups' => %w(admins users clients) }, @@ -439,7 +440,7 @@ module ChefZero when 4 return path[0] == 'organizations' && ( (path[2] == 'acls' && path[1] != 'root') || - %w(cookbooks data).include?(path[2])) + %w(cookbooks cookbook_artifacts data policies policy_groups).include?(path[2])) else return false end diff --git a/lib/chef_zero/data_store/default_facade.rb b/lib/chef_zero/data_store/default_facade.rb index 0d4cf34..c941322 100644 --- a/lib/chef_zero/data_store/default_facade.rb +++ b/lib/chef_zero/data_store/default_facade.rb @@ -62,7 +62,7 @@ module ChefZero end options_hash = options.last.is_a?(Hash) ? options.last : {} - default_creator.created(path + [ name ], options_hash[:requestor], options.include?(:recursive)) + default_creator.created(path + [ name ], options_hash[:requestor], options.include?(:create_dir)) end def get(path, request=nil) diff --git a/lib/chef_zero/endpoints/containers_endpoint.rb b/lib/chef_zero/endpoints/containers_endpoint.rb index 931fe6c..8a4220f 100644 --- a/lib/chef_zero/endpoints/containers_endpoint.rb +++ b/lib/chef_zero/endpoints/containers_endpoint.rb @@ -16,8 +16,7 @@ module ChefZero # if they don't match, id wins. container_name = data["id"] || data["containername"] container_path_suffix = data["containerpath"].split("/").reject { |o| o.empty? } - container_data_path = request.rest_path + container_path_suffix - create_data(request, container_data_path, container_name, to_json({}), :create_dir) + create_data(request, request.rest_path, container_name, to_json({}), :create_dir) json_response(201, { uri: build_uri(request.base_uri, request.rest_path + container_path_suffix + [container_name]) }) end diff --git a/lib/chef_zero/endpoints/policy_group_policy_endpoint.rb b/lib/chef_zero/endpoints/policy_group_policy_endpoint.rb index 5d32aac..d227905 100644 --- a/lib/chef_zero/endpoints/policy_group_policy_endpoint.rb +++ b/lib/chef_zero/endpoints/policy_group_policy_endpoint.rb @@ -56,7 +56,7 @@ module ChefZero # group. # Storage: /organizations/ORG/policies/POLICY/revisions/REVISION response_code = exists_data?(request) ? 200 : 201 - set_data(request, nil, to_json(revision_id), :create_dir) + set_data(request, nil, to_json(revision_id), :create, :create_dir) already_json_response(response_code, request.body) end diff --git a/spec/run_oc_pedant.rb b/spec/run_oc_pedant.rb index cb24122..47d878b 100644 --- a/spec/run_oc_pedant.rb +++ b/spec/run_oc_pedant.rb @@ -101,7 +101,6 @@ begin # # ...but we're not there yet '--skip-keys', - '--skip-acl', # Chef Zero does not intend to support validation the way erchef does. '--skip-validation', @@ -142,8 +141,8 @@ begin Pedant.setup(pedant_args) - fail_fast = [] - # fail_fast = ["--fail-fast"] + fail_fast = %w()#--fail-fast) + #fail_fast = ["--fail-fast"] result = RSpec::Core::Runner.run(Pedant.config.rspec_args + fail_fast) |