Implement RFC 027 File Verification

This implements usable-suppliable file content verification per RFC
027. Users can supplie a block, string, or symbol to the `verify`
resource attribute.  Blocks will be called, string will be executed as
shell commands (respecing the same options as not_if and only_if), and
symbols can be used to access built-in registered validations.

4 files changed, 141 insertions, 0 deletions

diff --git a/lib/chef/exceptions.rb b/lib/chef/exceptions.rb
index 38ba984ea7..ecd84c5ba5 100644
--- a/lib/chef/exceptions.rb
+++ b/lib/chef/exceptions.rb
@@ -90,6 +90,7 @@ class Chef
     class ConflictingMembersInGroup < ArgumentError; end
     class InvalidResourceReference < RuntimeError; end
     class ResourceNotFound < RuntimeError; end
+    class VerificationNotFound < RuntimeError; end
 
     # Can't find a Resource of this type that is valid on this platform.
     class NoSuchResourceType < NameError
diff --git a/lib/chef/provider/file.rb b/lib/chef/provider/file.rb
index a9390cc45c..c070d29458 100644
--- a/lib/chef/provider/file.rb
+++ b/lib/chef/provider/file.rb
@@ -345,6 +345,14 @@ class Chef
         if new_resource.checksum && tempfile && ( new_resource.checksum != tempfile_checksum )
           raise Chef::Exceptions::ChecksumMismatch.new(short_cksum(new_resource.checksum), short_cksum(tempfile_checksum))
         end
+
+        if tempfile
+          new_resource.verify.each do |v|
+            if ! v.verify(tempfile.path)
+              raise Chef::Exceptions::ValidationFailed.new "Proposed content for #{new_resource.path} failed verification #{v}"
+            end
+          end
+        end
       end
 
       def do_unlink
diff --git a/lib/chef/resource/file.rb b/lib/chef/resource/file.rb
index 16491f9bc8..7662731f44 100644
--- a/lib/chef/resource/file.rb
+++ b/lib/chef/resource/file.rb
@@ -20,6 +20,7 @@
 require 'chef/resource'
 require 'chef/platform/query_helpers'
 require 'chef/mixin/securable'
+require 'chef/resource/file/verification'
 
 class Chef
   class Resource
@@ -50,6 +51,7 @@ class Chef
         @force_unlink = false
         @manage_symlink_source = nil
         @diff = nil
+        @user_verifications = []
       end
 
       def content(arg=nil)
@@ -115,6 +117,18 @@ class Chef
           :kind_of => [ TrueClass, FalseClass ]
         )
       end
+
+      def verify(command=nil, opts={}, &block)
+        if ! (command.nil? || [String, Symbol].include?(command.class))
+          raise ArgumentError, "verify requires either a string, symbol, or a block"
+        end
+
+        if command || block_given?
+          @user_verifications << Verification.new(self, command, opts, &block)
+        else
+          @user_verifications
+        end
+      end
     end
   end
 end
diff --git a/lib/chef/resource/file/verification.rb b/lib/chef/resource/file/verification.rb
new file mode 100644
index 0000000000..5e75cbf6a7
--- /dev/null
+++ b/lib/chef/resource/file/verification.rb
@@ -0,0 +1,118 @@
+#
+# Author:: Steven Danna (<steve@chef.io>)
+# Copyright:: Copyright (c) 2014 Chef Software, Inc
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'chef/exceptions'
+
+class Chef
+  class Resource
+    class File < Chef::Resource
+
+      #
+      # See RFC 027 for a full specification
+      #
+      # File verifications allow user-supplied commands a means of
+      # preventing file reosurce content deploys.  Their intended use
+      # is to verify the contents of a temporary file before it is
+      # deployed onto the system.
+      #
+      # Similar to not_if and only_if, file verifications can take a
+      # ruby block, which will be called, or a string, which will be
+      # executed as a Shell command.
+      #
+      # Additonally, Chef or third-party verifications can ship
+      # "registered verifications" that the user can use by specifying
+      # a :symbol as the command name.
+      #
+      # To create a registered verification, create a class that
+      # inherits from Chef::Resource::File::Verification and use the
+      # register class method to give it name.  Registered
+      # verifications are expected to supply a verify instance method
+      # that takes 2 arguments.
+      #
+      # Example:
+      # class Chef
+      #  class Resource
+      #    class File::Verification::Foo < Chef::Resource::File::Verification
+      #      register :noop
+      #      def verify(path, opts)
+      #        #yolo
+      #        true
+      #      end
+      #    end
+      #  end
+      # end
+      #
+      #
+
+      class Verification
+        @@registered_verifications = {}
+
+        def self.register(name)
+          @@registered_verifications[name] = self.name
+        end
+
+        def self.lookup(name)
+          c = @@registered_verifications[name]
+          if c.nil?
+            raise Chef::Exceptions::VerificationNotFound.new "No file verification for #{name} found."
+          end
+          Object.const_get(c)
+        end
+
+        def initialize(parent_resource, command, opts, &block)
+          @command, @command_opts = command, opts
+          @block = block
+          @parent_resource = parent_resource
+        end
+
+        def verify(path, opts={})
+          Chef::Log.debug("Running verification[#{self}] on #{path}")
+          if @block
+            verify_block(path, opts)
+          elsif @command.is_a?(Symbol)
+            verify_registered_verification(path, opts)
+          elsif @command.is_a?(String)
+            verify_command(path, opts)
+          end
+        end
+
+        def verify_block(path, opts)
+          @block.call(path)
+        end
+
+        # We reuse Chef::GuardInterpreter in order to support
+        # the same set of options that the not_if/only_if blocks do
+        def verify_command(path, opts)
+          command = @command % {:file => path}
+          interpreter = if @parent_resource.guard_interpreter == :default
+                          Chef::GuardInterpreter::DefaultGuardInterpreter.new(command, @command_opts)
+                        else
+                          Chef::GuardInterpreter::ResourceGuardInterpreter.new(@parent_resource, command, @command_opts)
+                        end
+          interpreter.evaluate
+        end
+
+        def verify_registered_verification(path, opts)
+          verification_class = Chef::Resource::File::Verification.lookup(@command)
+          v = verification_class.new(@parent_resource, @command, @command_opts, &@block)
+          v.verify(path, opts)
+        end
+      end
+    end
+  end
+end