diff options
| author | Ryan Cragun <ryan@chef.io> | 2019-07-24 17:12:57 -0600 |
|---|---|---|
| committer | Ryan Cragun <ryan@chef.io> | 2019-07-24 17:18:53 -0600 |
| commit | fae44333ff79f116c266507cd2377c211c4d1f8e (patch) | |
| tree | 1b0f20addb8cf24dc3b60ed223135b6ccc8e5933 /spec | |
| parent | 6bbf42b0ff11eabdb72067e78e4101ad93820b71 (diff) | |
| download | chef-fae44333ff79f116c266507cd2377c211c4d1f8e.tar.gz | |
Add mac_user resource that is compatible with macOS >= 10.14
Provide a user resource that is compatible with default TCC restrictions
that were introduced in macOS 10.14.
Changes:
* This resource and the corresponding provider have been modified to
work with default macOS TCC policies. Direct access to user binary
plists are no longer permitted by default, thus we've chosen to use
use newer methods of creating, modifying and removing users.
* Due to the tooling required by the provider this provider is only
suitable for use on macOS >= 10.14. Support for older platforms has
been removed.
New Features:
* Primary group management is now included.
* 'admin' is now a boolean property that configures a user to an admin.
* 'admin_username' and 'admin_password' are new properties that define the
admin user credentials required for toggling SecureToken for an
exiting user.
The 'admin_username' must correspond to a system admin with SecureToken
enabled in order to toggle SecureToken.
* 'secure_token' is a boolean property that sets the desired state
for SecureToken. SecureToken token is required for FileVault full
disk encryption.
Signed-off-by: Ryan Cragun <ryan@chef.io>
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/unit/provider/user/dscl_spec.rb | 1 | ||||
| -rw-r--r-- | spec/unit/provider/user/mac_spec.rb | 38 |
2 files changed, 39 insertions, 0 deletions
diff --git a/spec/unit/provider/user/dscl_spec.rb b/spec/unit/provider/user/dscl_spec.rb index b12ea78977..e20873dc92 100644 --- a/spec/unit/provider/user/dscl_spec.rb +++ b/spec/unit/provider/user/dscl_spec.rb @@ -35,6 +35,7 @@ describe Chef::Provider::User::Dscl do let(:node) do Chef::Node.new.tap do |node| node.automatic["os"] = "darwin" + node.automatic["platform_version"] = "10.13.0" end end diff --git a/spec/unit/provider/user/mac_spec.rb b/spec/unit/provider/user/mac_spec.rb new file mode 100644 index 0000000000..f7024f45c1 --- /dev/null +++ b/spec/unit/provider/user/mac_spec.rb @@ -0,0 +1,38 @@ +# +# Author:: Ryan Cragun (<ryan@chef.io>) +# Copyright:: Copyright (c) 2019 Chef Software, Inc. +# License:: Apache License, Version 2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +require "spec_helper" + +describe Chef::Provider::User::MacUser do + before do + allow(ChefConfig).to receive(:windows?) { false } + end + + let(:new_resource) { Chef::Resource::User::MacUser.new("jane") } + + let(:provider) do + node = Chef::Node.new + events = Chef::EventDispatch::Dispatcher.new + run_context = Chef::RunContext.new(node, {}, events) + described_class.new(new_resource, run_context) + end + + it "responds to load_current_resource" do + expect(provider).to respond_to(:load_current_resource) + end +end |