diff options
author | Adam Edwards <adamed@opscode.com> | 2014-01-08 22:49:44 -0800 |
---|---|---|
committer | adamedx <adamed@opscode.com> | 2014-01-13 12:32:40 -0800 |
commit | 409d1c278bebaa238e8e428511cec8e847e1e893 (patch) | |
tree | 5f318fcc4b099ccd8209b1699ae0d09a80510cc6 | |
parent | 5b885dc4f4284f7c9444c2c47902e802ddbff2f1 (diff) | |
download | chef-409d1c278bebaa238e8e428511cec8e847e1e893.tar.gz |
Windows domain group resource examples
-rw-r--r-- | spec/functional/resource/group_spec.rb | 99 |
1 files changed, 84 insertions, 15 deletions
diff --git a/spec/functional/resource/group_spec.rb b/spec/functional/resource/group_spec.rb index 67fa204b9d..f30bcf7a89 100644 --- a/spec/functional/resource/group_spec.rb +++ b/spec/functional/resource/group_spec.rb @@ -68,6 +68,15 @@ describe Chef::Resource::Group, :requires_root_or_running_windows, :not_supporte sid.nil? ? nil : sid[1].to_s end + def windows_domain_user?(user_name) + domain, user = user_name.split('\\') + + if user && domain != '.' + computer_name = ENV['computername'] + domain.downcase != computer_name.downcase + end + end + def user(username) usr = Chef::Resource::User.new("#{username}", run_context) if ohai[:platform_family] == "windows" @@ -77,12 +86,12 @@ describe Chef::Resource::Group, :requires_root_or_running_windows, :not_supporte end def create_user(username) - user(username).run_action(:create) + user(username).run_action(:create) if ! windows_domain_user?(username) # TODO: User shouldn't exist end def remove_user(username) - user(username).run_action(:remove) + user(username).run_action(:remove) if ! windows_domain_user?(username) # TODO: User shouldn't exist end @@ -119,24 +128,24 @@ describe Chef::Resource::Group, :requires_root_or_running_windows, :not_supporte end describe "when append is not set" do - let(:included_members) { ["spec-Eric"] } + let(:included_members) { [spec_members[1]] } before do - create_user("spec-Eric") - create_user("spec-Gordon") - add_members_to_group(["spec-Gordon"]) + create_user(spec_members[1]) + create_user(spec_members[0]) + add_members_to_group([spec_members[0]]) end after do - remove_user("spec-Eric") - remove_user("spec-Gordon") + remove_user(spec_members[1]) + remove_user(spec_members[0]) end it "should remove the existing users and add the new users to the group" do group_resource.run_action(tested_action) - user_exist_in_group?("spec-Eric").should == true - user_exist_in_group?("spec-Gordon").should == false + user_exist_in_group?(spec_members[1]).should == true + user_exist_in_group?(spec_members[0]).should == false end end @@ -171,7 +180,7 @@ describe Chef::Resource::Group, :requires_root_or_running_windows, :not_supporte describe "when group contains some users" do before(:each) do - add_members_to_group([ "spec-Gordon", "spec-Anthony" ]) + add_members_to_group([ spec_members[0], spec_members[2] ]) end it "should add the included users and remove excluded users" do @@ -203,6 +212,42 @@ describe Chef::Resource::Group, :requires_root_or_running_windows, :not_supporte end end + shared_examples_for "an expected invalid domain error case" do + let(:invalid_domain_user_name) { "no space\\administrator" } + let(:nonexistent_domain_user_name) { "xxfakedom\\administrator" } + before(:each) do + group_resource.members [] + group_resource.excluded_members [] + group_resource.append(true) + group_resource.run_action(:create) + group_should_exist(group_name) + end + + describe "when updating membership" do + it "raises an error for a non well-formed domain name" do + group_resource.members [invalid_domain_user_name] + lambda { group_resource.run_action(tested_action) }.should raise_error Chef::Exceptions::Win32APIError + end + + it "raises an error for a nonexistent domain" do + group_resource.members [nonexistent_domain_user_name] + lambda { group_resource.run_action(tested_action) }.should raise_error Chef::Exceptions::Win32APIError + end + end + + describe "when removing members" do + it "raises an error for a non well-formed domain name" do + group_resource.excluded_members [invalid_domain_user_name] + lambda { group_resource.run_action(tested_action) }.should raise_error Chef::Exceptions::Win32APIError + end + + it "raises an error for a nonexistent domain" do + group_resource.excluded_members [nonexistent_domain_user_name] + lambda { group_resource.run_action(tested_action) }.should raise_error Chef::Exceptions::Win32APIError + end + end + end + let(:group_name) { "cheftest-#{SecureRandom.random_number(9999)}" } let(:included_members) { nil } let(:excluded_members) { nil } @@ -285,8 +330,9 @@ downthestreetalwayshadagoodsmileonhisfacetheoldmanwalkingdownthestreeQQQQQQ" } end describe "group modify action", :not_supported_on_solaris do - let(:included_members) { ["spec-Gordon", "spec-Eric"] } - let(:excluded_members) { ["spec-Anthony"] } + let(:spec_members){ ["spec-Gordon", "spec-Eric", "spec-Anthony"] } + let(:included_members) { [spec_members[0], spec_members[1]] } + let(:excluded_members) { [spec_members[2]] } let(:tested_action) { :modify } describe "when there is no group" do @@ -298,11 +344,23 @@ downthestreetalwayshadagoodsmileonhisfacetheoldmanwalkingdownthestreeQQQQQQ" } describe "when there is a group" do it_behaves_like "correct group management" end + + describe "when running on Windows", :windows_only do + describe "when members are Active Directory domain identities", :windows_domain_joined_only do + let(:computer_domain) { ohai[:kernel]['cs_info']['domain'].split('.')[0] } + let(:spec_members){ ["#{computer_domain}\\Domain Admins", "#{computer_domain}\\Domain Users", "#{computer_domain}\\Domain Computers"] } + + it_behaves_like "correct group management" + end + end + + it_behaves_like "an expected invalid domain error case" end describe "group manage action", :not_supported_on_solaris do - let(:included_members) { ["spec-Gordon", "spec-Eric"] } - let(:excluded_members) { ["spec-Anthony"] } + let(:spec_members){ ["spec-Gordon", "spec-Eric", "spec-Anthony"] } + let(:included_members) { [spec_members[0], spec_members[1]] } + let(:excluded_members) { [spec_members[2]] } let(:tested_action) { :manage } describe "when there is no group" do @@ -315,6 +373,17 @@ downthestreetalwayshadagoodsmileonhisfacetheoldmanwalkingdownthestreeQQQQQQ" } describe "when there is a group" do it_behaves_like "correct group management" end + + describe "running on windows", :windows_only do + describe "when members are Windows domain identities", :windows_domain_joined_only do + let(:computer_domain) { ohai[:kernel]['cs_info']['domain'].split('.')[0] } + let(:spec_members){ ["#{computer_domain}\\Domain Admins", "#{computer_domain}\\Domain Users", "#{computer_domain}\\Domain Computers"] } + + it_behaves_like "correct group management" + end + + it_behaves_like "an expected invalid domain error case" + end end describe "group resource with Usermod provider", :solaris_only do |