diff options
| author | Adam Edwards <adamed@opscode.com> | 2015-12-12 23:08:24 -0800 |
|---|---|---|
| committer | nimisha <nimisha.sharad@msystechnologies.com> | 2017-02-02 18:00:23 +0530 |
| commit | 8a68a2a8bd043ae0c75d2c21c0b75259942039e4 (patch) | |
| tree | 50e747bb0934744c2d94e838bf954b031fea9d27 /spec/unit/provider/script_spec.rb | |
| parent | 8ed11241ca1236d16a14e5bb32ef1ff16fabfeb9 (diff) | |
| download | chef-8a68a2a8bd043ae0c75d2c21c0b75259942039e4.tar.gz | |
Windows alternate user support for execute resources
Diffstat (limited to 'spec/unit/provider/script_spec.rb')
| -rw-r--r-- | spec/unit/provider/script_spec.rb | 55 |
1 files changed, 49 insertions, 6 deletions
diff --git a/spec/unit/provider/script_spec.rb b/spec/unit/provider/script_spec.rb index 7e34a8f083..e7f09cf275 100644 --- a/spec/unit/provider/script_spec.rb +++ b/spec/unit/provider/script_spec.rb @@ -56,12 +56,55 @@ describe Chef::Provider::Script, "action_run" do end end - context "#set_owner_and_group" do - it "sets the owner and group for the script file" do - new_resource.user "toor" - new_resource.group "wheel" - expect(FileUtils).to receive(:chown).with("toor", "wheel", tempfile.path) - provider.set_owner_and_group + context "when configuring the script file's security" do + context 'when not running on Windows' do + before do + allow(::Chef::Platform).to receive(:windows?).and_return(false) + end + context "#set_owner_and_group" do + it "sets the owner and group for the script file" do + new_resource.user 'toor' + new_resource.group 'wheel' + expect(FileUtils).to receive(:chown).with('toor', 'wheel', tempfile.path) + provider.set_owner_and_group + end + end + end + + context 'when running on Windows' do + before do + allow(::Chef::Platform).to receive(:windows?).and_return(true) + expect(new_resource.user).to eq(nil) + stub_const('Chef::ReservedNames::Win32::API::Security::GENERIC_READ', 1) + stub_const('Chef::ReservedNames::Win32::API::Security::GENERIC_EXECUTE', 4) + stub_const('Chef::ReservedNames::Win32::Security', Class.new) + stub_const('Chef::ReservedNames::Win32::Security::SecurableObject', Class.new) + stub_const('Chef::ReservedNames::Win32::Security::SID', Class.new) + stub_const('Chef::ReservedNames::Win32::Security::ACE', Class.new) + stub_const('Chef::ReservedNames::Win32::Security::ACL', Class.new) + end + + context "when an alternate user is not specified" do + it "does not attempt to set the script file's security descriptor" do + expect(provider).to receive(:grant_alternate_user_read_access) + expect(Chef::ReservedNames::Win32::Security::SecurableObject).not_to receive(:new) + provider.set_owner_and_group + end + end + + context "when an alternate user is specified" do + let(:security_descriptor) { instance_double('Chef::ReservedNames::Win32::Security::SecurityDescriptor', :dacl => []) } + let(:securable_object) { instance_double('Chef::ReservedNames::Win32::Security::SecurableObject', :security_descriptor => security_descriptor, :dacl= => nil) } + it "sets the script file's security descriptor" do + new_resource.user('toor') + expect(Chef::ReservedNames::Win32::Security::SecurableObject).to receive(:new).and_return(securable_object) + expect(Chef::ReservedNames::Win32::Security::SID).to receive(:from_account).and_return(nil) + expect(Chef::ReservedNames::Win32::Security::ACE).to receive(:access_allowed).and_return(nil) + expect(Chef::ReservedNames::Win32::Security::ACL).to receive(:create).and_return(nil) + expect(securable_object).to receive(:dacl=) + provider.set_owner_and_group + end + end end end |