summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSalim Afiune <afiune@chef.io>2017-03-02 17:36:14 -0500
committerSalim Afiune <afiune@chef.io>2017-03-02 17:36:14 -0500
commited8de07a2c601b46d65cee3d9a44f76a676fc71d (patch)
treeafba0a66a472378d5d13c428e25b721313953f37
parent46d19a502fb8824fa3fccf4535fcfa226c4e9473 (diff)
downloadchef-ed8de07a2c601b46d65cee3d9a44f76a676fc71d.tar.gz
Verify data bag exists before trying to create it
[ZD-12613] There are users who want to customize permissions to prevent a group of users from creating new data bags but want to allow the group of users to create data bag items within an existing data bag. If the user doesn't have permission to create data bags then the current API request sequence will prevent the user from creating a data bag item even if the data bag already exists. This commit fixes the above problem by verifying (not trying to create) if the data bag exist through a GET request, if it doesn't the it tries to generate it, then it proceeds to create the data bag item. Signed-off-by: Salim Afiune <afiune@chef.io>
-rw-r--r--lib/chef/knife/data_bag_create.rb10
1 files changed, 6 insertions, 4 deletions
diff --git a/lib/chef/knife/data_bag_create.rb b/lib/chef/knife/data_bag_create.rb
index 196278bb80..563e931dca 100644
--- a/lib/chef/knife/data_bag_create.rb
+++ b/lib/chef/knife/data_bag_create.rb
@@ -49,13 +49,15 @@ class Chef
exit(1)
end
- # create the data bag
+ # Verify if the data bag exists
begin
+ rest.get("data/#{@data_bag_name}")
+ ui.info("Data bag #{@data_bag_name} already exists")
+ rescue Net::HTTPServerException => e
+ raise unless e.to_s =~ /^404/
+ # if it doesn't exists, try to create it
rest.post("data", { "name" => @data_bag_name })
ui.info("Created data_bag[#{@data_bag_name}]")
- rescue Net::HTTPServerException => e
- raise unless e.to_s =~ /^409/
- ui.info("Data bag #{@data_bag_name} already exists")
end
# if an item is specified, create it, as well