New property :excluded_members for group resource and required common code around it.

author: sersut <serdar@opscode.com> 2013-11-11 11:28:38 -0800
committer: sersut <serdar@opscode.com> 2013-11-11 11:28:38 -0800
commit: c062ed00c21a46ea3733b112ca79d6b86446eb7f (patch)
tree: 29b53d742074d2605a628aea7687246aed247f48 /lib/chef
parent: 1db8f468a15632eb129b30367babd001ee2d0ace (diff)
download: chef-c062ed00c21a46ea3733b112ca79d6b86446eb7f.tar.gz
3 files changed, 41 insertions, 11 deletions
diff --git a/lib/chef/exceptions.rb b/lib/chef/exceptions.rb
index 99054eb254..1c952318f1 100644
--- a/lib/chef/exceptions.rb
+++ b/lib/chef/exceptions.rb
@@ -77,6 +77,7 @@ class Chef
     class DsclCommandFailed < RuntimeError; end
     class UserIDNotFound < ArgumentError; end
     class GroupIDNotFound < ArgumentError; end
+    class ConflictingMembersInGroup < ArgumentError; end
     class InvalidResourceReference < RuntimeError; end
     class ResourceNotFound < RuntimeError; end
     class InvalidResourceSpecification < ArgumentError; end
diff --git a/lib/chef/provider/group.rb b/lib/chef/provider/group.rb
index eacb033492..f453c3b7c7 100644
--- a/lib/chef/provider/group.rb
+++ b/lib/chef/provider/group.rb
@@ -63,6 +63,17 @@ class Chef
           a.failure_message(Chef::Exceptions::Group, "Cannot modify #{@new_resource} - group does not exist!")
           a.whyrun("Group #{@new_resource} does not exist. Unless it would have been created earlier in this run, this attempt to modify it would fail.")
         end
+
+        requirements.assert(:all_actions) do |a|
+          # Make sure that the resource doesn't contain any common
+          # user names in the members and exclude_members properties.
+          if !@new_resource.members.nil? && !@new_resource.excluded_members.nil?
+            common_members = @new_resource.members & @new_resource.excluded_members
+            a.assertion { common_members.empty? }
+            a.failure_message(Chef::Exceptions::ConflictingMembersInGroup, "Group resource has conflicting users: '#{common_members.join(', ')}'")
+            # No why-run alternative
+          end
+        end
       end
 
       # Check to see if a group needs any changes. Populate
@@ -72,10 +83,9 @@ class Chef
       # <true>:: If a change is required
       # <false>:: If a change is not required
       def compare_group
-        @change_desc = nil
+        @change_desc = [ ]
         if @new_resource.gid != @current_resource.gid
-          @change_desc = "change gid #{@current_resource.gid} to #{@new_resource.gid}"
-          return true
+          @change_desc << "change gid #{@current_resource.gid} to #{@new_resource.gid}"
         end
 
         if(@new_resource.append)
@@ -85,16 +95,25 @@ class Chef
             missing_members << member
           end
           if missing_members.length > 0
-            @change_desc = "add missing member(s): #{missing_members.join(", ")}"
-            return true
+            @change_desc << "add missing member(s): #{missing_members.join(", ")}"
+          end
+
+          members_to_be_removed = []
+          @new_resource.excluded_members.each do |member|
+            if @current_resource.members.include?(member)
+              members_to_be_removed << member
+            end
+          end
+          if members_to_be_removed.length > 0
+            @change_desc << "remove existing member(s): #{members_to_be_removed.join(", ")}"
           end
         else
           if @new_resource.members != @current_resource.members
-            @change_desc = "replace group members with new list of members"
-            return true
+            @change_desc << "replace group members with new list of members"
           end
         end
-        return false
+
+        !@change_desc.empty?
       end
 
       def action_create
@@ -106,7 +125,7 @@ class Chef
           end
         else
           if compare_group
-            converge_by(["alter group #{@new_resource}", @change_desc ]) do
+            converge_by(["alter group #{@new_resource}"] + @change_desc) do
               manage_group
               Chef::Log.info("#{@new_resource} altered")
             end
@@ -125,7 +144,7 @@ class Chef
 
       def action_manage
         if @group_exists && compare_group
-          converge_by(["manage group #{@new_resource}", @change_desc]) do
+          converge_by(["manage group #{@new_resource}"] + @change_desc) do
             manage_group
             Chef::Log.info("#{@new_resource} managed")
           end
@@ -134,7 +153,7 @@ class Chef
 
       def action_modify
         if compare_group
-          converge_by(["modify group #{@new_resource}", @change_desc]) do
+          converge_by(["modify group #{@new_resource}"] + @change_desc) do
             manage_group
             Chef::Log.info("#{@new_resource} modified")
           end
diff --git a/lib/chef/resource/group.rb b/lib/chef/resource/group.rb
index 17f14c8387..707def9e39 100644
--- a/lib/chef/resource/group.rb
+++ b/lib/chef/resource/group.rb
@@ -64,6 +64,16 @@ class Chef
 
       alias_method :users, :members
 
+      def excluded_members(arg=nil)
+        converted_members = arg.is_a?(String) ? [].push(arg) : arg
+        set_or_return(
+          :excluded_members,
+          converted_members,
+          :kind_of => [ Array ]
+        )
+      end
+
+
       def append(arg=nil)
         set_or_return(
           :append,
author	sersut <serdar@opscode.com>	2013-11-11 11:28:38 -0800
committer	sersut <serdar@opscode.com>	2013-11-11 11:28:38 -0800
commit	c062ed00c21a46ea3733b112ca79d6b86446eb7f (patch)
tree	29b53d742074d2605a628aea7687246aed247f48 /lib/chef
parent	1db8f468a15632eb129b30367babd001ee2d0ace (diff)
download	chef-c062ed00c21a46ea3733b112ca79d6b86446eb7f.tar.gz