diff options
| author | nimisha <nimisha.sharad@msystechnologies.com> | 2017-08-21 19:30:20 +0530 |
|---|---|---|
| committer | Bryan McLellan <btm@loftninjas.org> | 2017-09-05 20:09:30 -0400 |
| commit | ca3763eddfc59416110fc81463a4d8116ffcec40 (patch) | |
| tree | d17a0188291663b92b88453014958827cb268e57 | |
| parent | 1ee8b15ae338cc5eadb278f949c2e2eaca5daea0 (diff) | |
| download | chef-ca3763eddfc59416110fc81463a4d8116ffcec40.tar.gz | |
Fixing specs for LOGON32_LOGON_NEW_CREDENTIALS
Signed-off-by: nimisha <nimisha.sharad@msystechnologies.com>
| -rw-r--r-- | spec/functional/mixin/user_context_spec.rb | 10 | ||||
| -rw-r--r-- | spec/functional/resource/remote_file_spec.rb | 16 |
2 files changed, 17 insertions, 9 deletions
diff --git a/spec/functional/mixin/user_context_spec.rb b/spec/functional/mixin/user_context_spec.rb index 28e22b767d..802b1db9f1 100644 --- a/spec/functional/mixin/user_context_spec.rb +++ b/spec/functional/mixin/user_context_spec.rb @@ -68,9 +68,9 @@ describe Chef::Mixin::UserContext, windows_only: true do end shared_examples_for "method that executes the block while impersonating the alternate user" do - it "sets the current thread token to that of the alternate user when the correct password is specified" do + it "uses different credentials for other network connections" do allow_any_instance_of(Chef::Util::Windows::LogonSession).to receive(:validate_session_open!).and_return(true) - expect(username_while_impersonating.downcase).to eq(username_to_impersonate.downcase) + expect(username_while_impersonating.downcase).not_to eq(username_to_impersonate.downcase) end end @@ -92,13 +92,13 @@ describe Chef::Mixin::UserContext, windows_only: true do let(:username_to_impersonate_password) { test_password } context "when an explicit domain is given with a valid password" do let(:domain_to_impersonate) { test_domain } - it "sets the current thread token to that of the alternate user when the correct password is specified" do - expect(username_while_impersonating.downcase).to eq(username_to_impersonate.downcase) + it "uses different credentials for other network connections" do + expect(username_while_impersonating.downcase).not_to eq(username_to_impersonate.downcase) end end context "when a valid password and a non-qualified user is given and no domain is specified" do - let(:domain_to_impersonate) { nil } + let(:domain_to_impersonate) { "." } it_behaves_like "method that executes the block while impersonating the alternate user" end diff --git a/spec/functional/resource/remote_file_spec.rb b/spec/functional/resource/remote_file_spec.rb index c6be36df6a..94c42a73ba 100644 --- a/spec/functional/resource/remote_file_spec.rb +++ b/spec/functional/resource/remote_file_spec.rb @@ -192,7 +192,7 @@ describe Chef::Resource::RemoteFile do end end - context "when the the file is accessible to non-admin users only as the current identity" do + context "when the file is accessible to non-admin users only as the current identity" do before do shell_out!("icacls #{smb_file_local_path} /grant:r \"authenticated users:(W)\" /grant \"#{windows_current_user_qualified}:(R)\" /inheritance:r") end @@ -229,8 +229,12 @@ describe Chef::Resource::RemoteFile do let (:windows_nonadmin_user_password) { "j82ajfxK3;2Xe1" } include_context "a non-admin Windows user" + before do + shell_out!("icacls #{smb_file_local_path} /grant:r \"authenticated users:(W)\" /deny \"#{windows_current_user_qualified}:(R)\" /inheritance:r") + end + let(:remote_user) { windows_nonadmin_user } - let(:remote_domain) { nil } + let(:remote_domain) { windows_nonadmin_user_domain } let(:remote_password) { windows_nonadmin_user_password } it_behaves_like "a remote_file resource accessing a remote file to which the specified user does not have access" @@ -243,12 +247,12 @@ describe Chef::Resource::RemoteFile do include_context "a non-admin Windows user" before do - shell_out!("icacls #{smb_file_local_path} /grant:r \"authenticated users:(W)\" /grant \"#{windows_nonadmin_user_qualified}:(R)\" /deny #{windows_current_user_qualified}:(R) /inheritance:r") + shell_out!("icacls #{smb_file_local_path} /grant:r \"authenticated users:(W)\" /grant \"#{windows_current_user_qualified}:(R)\" /inheritance:r") end context "when the resource is accessed using the specific non-qualified alternate user identity with access" do let(:remote_user) { windows_nonadmin_user } - let(:remote_domain) { nil } + let(:remote_domain) { "." } let(:remote_password) { windows_nonadmin_user_password } it_behaves_like "a remote_file resource accessing a remote file to which the specified user has access" @@ -263,6 +267,10 @@ describe Chef::Resource::RemoteFile do end context "when the resource is accessed using the current user's identity" do + before do + shell_out!("icacls #{smb_file_local_path} /grant:r \"authenticated users:(W)\" /grant \"#{windows_nonadmin_user_qualified}:(R)\" /deny #{windows_current_user_qualified}:(R) /inheritance:r") + end + it_behaves_like "a remote_file resource accessing a remote file to which the specified user does not have access" end |