summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authornimisha <nimisha.sharad@msystechnologies.com>2017-08-21 19:30:20 +0530
committerBryan McLellan <btm@loftninjas.org>2017-09-05 20:09:30 -0400
commitca3763eddfc59416110fc81463a4d8116ffcec40 (patch)
treed17a0188291663b92b88453014958827cb268e57
parent1ee8b15ae338cc5eadb278f949c2e2eaca5daea0 (diff)
downloadchef-ca3763eddfc59416110fc81463a4d8116ffcec40.tar.gz
Fixing specs for LOGON32_LOGON_NEW_CREDENTIALS
Signed-off-by: nimisha <nimisha.sharad@msystechnologies.com>
-rw-r--r--spec/functional/mixin/user_context_spec.rb10
-rw-r--r--spec/functional/resource/remote_file_spec.rb16
2 files changed, 17 insertions, 9 deletions
diff --git a/spec/functional/mixin/user_context_spec.rb b/spec/functional/mixin/user_context_spec.rb
index 28e22b767d..802b1db9f1 100644
--- a/spec/functional/mixin/user_context_spec.rb
+++ b/spec/functional/mixin/user_context_spec.rb
@@ -68,9 +68,9 @@ describe Chef::Mixin::UserContext, windows_only: true do
end
shared_examples_for "method that executes the block while impersonating the alternate user" do
- it "sets the current thread token to that of the alternate user when the correct password is specified" do
+ it "uses different credentials for other network connections" do
allow_any_instance_of(Chef::Util::Windows::LogonSession).to receive(:validate_session_open!).and_return(true)
- expect(username_while_impersonating.downcase).to eq(username_to_impersonate.downcase)
+ expect(username_while_impersonating.downcase).not_to eq(username_to_impersonate.downcase)
end
end
@@ -92,13 +92,13 @@ describe Chef::Mixin::UserContext, windows_only: true do
let(:username_to_impersonate_password) { test_password }
context "when an explicit domain is given with a valid password" do
let(:domain_to_impersonate) { test_domain }
- it "sets the current thread token to that of the alternate user when the correct password is specified" do
- expect(username_while_impersonating.downcase).to eq(username_to_impersonate.downcase)
+ it "uses different credentials for other network connections" do
+ expect(username_while_impersonating.downcase).not_to eq(username_to_impersonate.downcase)
end
end
context "when a valid password and a non-qualified user is given and no domain is specified" do
- let(:domain_to_impersonate) { nil }
+ let(:domain_to_impersonate) { "." }
it_behaves_like "method that executes the block while impersonating the alternate user"
end
diff --git a/spec/functional/resource/remote_file_spec.rb b/spec/functional/resource/remote_file_spec.rb
index c6be36df6a..94c42a73ba 100644
--- a/spec/functional/resource/remote_file_spec.rb
+++ b/spec/functional/resource/remote_file_spec.rb
@@ -192,7 +192,7 @@ describe Chef::Resource::RemoteFile do
end
end
- context "when the the file is accessible to non-admin users only as the current identity" do
+ context "when the file is accessible to non-admin users only as the current identity" do
before do
shell_out!("icacls #{smb_file_local_path} /grant:r \"authenticated users:(W)\" /grant \"#{windows_current_user_qualified}:(R)\" /inheritance:r")
end
@@ -229,8 +229,12 @@ describe Chef::Resource::RemoteFile do
let (:windows_nonadmin_user_password) { "j82ajfxK3;2Xe1" }
include_context "a non-admin Windows user"
+ before do
+ shell_out!("icacls #{smb_file_local_path} /grant:r \"authenticated users:(W)\" /deny \"#{windows_current_user_qualified}:(R)\" /inheritance:r")
+ end
+
let(:remote_user) { windows_nonadmin_user }
- let(:remote_domain) { nil }
+ let(:remote_domain) { windows_nonadmin_user_domain }
let(:remote_password) { windows_nonadmin_user_password }
it_behaves_like "a remote_file resource accessing a remote file to which the specified user does not have access"
@@ -243,12 +247,12 @@ describe Chef::Resource::RemoteFile do
include_context "a non-admin Windows user"
before do
- shell_out!("icacls #{smb_file_local_path} /grant:r \"authenticated users:(W)\" /grant \"#{windows_nonadmin_user_qualified}:(R)\" /deny #{windows_current_user_qualified}:(R) /inheritance:r")
+ shell_out!("icacls #{smb_file_local_path} /grant:r \"authenticated users:(W)\" /grant \"#{windows_current_user_qualified}:(R)\" /inheritance:r")
end
context "when the resource is accessed using the specific non-qualified alternate user identity with access" do
let(:remote_user) { windows_nonadmin_user }
- let(:remote_domain) { nil }
+ let(:remote_domain) { "." }
let(:remote_password) { windows_nonadmin_user_password }
it_behaves_like "a remote_file resource accessing a remote file to which the specified user has access"
@@ -263,6 +267,10 @@ describe Chef::Resource::RemoteFile do
end
context "when the resource is accessed using the current user's identity" do
+ before do
+ shell_out!("icacls #{smb_file_local_path} /grant:r \"authenticated users:(W)\" /grant \"#{windows_nonadmin_user_qualified}:(R)\" /deny #{windows_current_user_qualified}:(R) /inheritance:r")
+ end
+
it_behaves_like "a remote_file resource accessing a remote file to which the specified user does not have access"
end