diff options
| author | Sandra Tiffin <sandi.tiffin@gmail.com> | 2017-10-04 03:29:35 -0700 |
|---|---|---|
| committer | Sandra Tiffin <sandi.tiffin@gmail.com> | 2017-10-04 03:32:46 -0700 |
| commit | 09aea0b2775a2fb640d5b9e726e1ce5868c1ffb5 (patch) | |
| tree | 8262058e94069921a12a57e66a18298a3b49d7bc /spec/unit/chef_fs | |
| parent | 4cc81ce45ea0e7b851c622d8a18b33e1177b85cb (diff) | |
| download | chef-09aea0b2775a2fb640d5b9e726e1ce5868c1ffb5.tar.gz | |
Don't allow creation of data bags named node, role, client or environment via 'knife upload'.
(Fixes the ChefFS code path for data bag creation, for https://github.com/chef/chef/issues/3058).
Signed-off-by: Sandra Tiffin <sandi.tiffin@gmail.com>
Diffstat (limited to 'spec/unit/chef_fs')
| -rw-r--r-- | spec/unit/chef_fs/data_handler/data_bag_item_data_handler.rb | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/spec/unit/chef_fs/data_handler/data_bag_item_data_handler.rb b/spec/unit/chef_fs/data_handler/data_bag_item_data_handler.rb new file mode 100644 index 0000000000..c90532c078 --- /dev/null +++ b/spec/unit/chef_fs/data_handler/data_bag_item_data_handler.rb @@ -0,0 +1,79 @@ +# +# Author:: Sandra Tiffin (<sandi.tiffin@gmail.com>) +# Copyright:: Copyright 2014-2016, Chef Software Inc. +# License:: Apache License, Version 2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +require "spec_helper" +require "lib/chef/chef_fs/data_handler/data_bag_item_data_handler.rb" + +class TestDataBag < Mash + attr_accessor :name + + def initialize(bag_name) + @name = bag_name + end +end + +class TestDataBagItem < Mash + attr_accessor :name, :parent + + def path_for_printing + "/some/path" + end + + def initialize(bag_name, item_name) + @name = "#{item_name}.json" + @parent = TestDataBag.new(bag_name) + end +end + +describe Chef::ChefFS::DataHandler::DataBagItemDataHandler do + let(:handler) { described_class.new } + + describe "#verify_integrity" do + context "json id does not match data bag item name" do + let(:entry) { TestDataBagItem.new("luggage", "bag") } + let(:object) do + { "raw_data" => { "id" => "duffel" } } + end + it "rejects the data bag item name" do + expect { |b| handler.verify_integrity(object, entry, &b) }.to yield_with_args + end + end + + context "using a reserved word for the data bag name" do + %w(node role environment client).each do |reserved_word| + let(:entry) { TestDataBagItem.new(reserved_word, "bag") } + let(:object) do + { "raw_data" => { "id" => "bag" } } + end + it "rejects the data bag name '#{reserved_word}'" do + expect { |b| handler.verify_integrity(object, entry, &b) }.to yield_with_args + end + end + end + + context "valid data" do + let(:entry) { TestDataBagItem.new("luggage", "bag") } + let(:object) do + { "raw_data" => { "id" => "bag" } } + end + it "validates the data bag item" do + expect(handler.verify_integrity(object, entry)).to be_nil + end + end + end +end |