3 files changed, 130 insertions, 21 deletions

diff --git a/lib/chef/client.rb b/lib/chef/client.rb
index 30892d9886..b2a97ae366 100644
--- a/lib/chef/client.rb
+++ b/lib/chef/client.rb
@@ -410,6 +410,25 @@ class Chef
       raise
     end
 
+    def do_windows_admin_check
+      if !Chef::Config[:solo] && Chef::Platform.windows?
+        Chef::Log.debug("Checking for administrator privilages....")
+
+        if !has_admin_privilages?
+          message = "chef-client doesn't have administrator privilages on node #{node_name}."
+          if Chef::Config[:fatal_windows_admin_check]
+            Chef::Log.fatal(message)
+            Chef::Log.fatal("fatal_windows_admin_check is set to TRUE.")
+            raise Chef::Exceptions::WindowsNotAdmin, message
+          else
+            Chef::Log.warn("#{message} This might cause unexpected resource failures.")
+          end
+        else
+          Chef::Log.debug("chef-client has administrator privilages on node #{node_name}.")
+        end
+      end
+    end
+
     private
 
     # Do a full run for this Chef::Client.  Calls:
@@ -443,9 +462,7 @@ class Chef
         Chef::Log.info("Starting Chef Run for #{node.name}")
         run_started
 
-        if Chef::Platform.windows?
-          do_windows_admin_check
-        end
+        do_windows_admin_check
 
         run_context = setup_run_context
 
@@ -523,26 +540,12 @@ class Chef
 
     end
 
-    def do_windows_admin_check
-      unless Chef::Config[:solo]
-        require 'chef/win32/security'
+    def has_admin_privilages?
+      require 'chef/win32/security'
 
-        Chef::Log.debug("Checking for administrator privilages....")
-
-        if !Chef::ReservedNames::Win32::Security.has_admin_privilages?
-          message = "chef-client doesn't have administrator privilages on node #{node_name}."
-          if Chef::Config[:fatal_windows_admin_check]
-            Chef::Log.fatal(message)
-            Chef::Log.fatal("fatal_windows_admin_check is set to TRUE.")
-            raise Chef::Exceptions::WindowsNotAdmin, message
-          else
-            Chef::Log.warn("#{message} This might cause unexpected resource failures.")
-          end
-        else
-          Chef::Log.debug("chef-client has administrator privilages on node #{node_name}.")
-        end
-      end
+      Chef::ReservedNames::Win32::Security.has_admin_privilages?
     end
+
   end
 end
 
diff --git a/spec/functional/win32/security_spec.rb b/spec/functional/win32/security_spec.rb
new file mode 100644
index 0000000000..e1fc7590f3
--- /dev/null
+++ b/spec/functional/win32/security_spec.rb
@@ -0,0 +1,28 @@
+#
+# Author:: Serdar Sutay (<serdar@opscode.com>)
+# Copyright:: Copyright (c) 2012 Opscode, Inc.
+# License:: Apache License, Version 2.0
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+require 'spec_helper'
+if Chef::Platform.windows?
+  require 'chef/win32/security'
+end
+
+describe 'Chef::Win32::Security', :windows_only do
+  it "has_admin_privilages? returns true when running as admin" do
+    Chef::ReservedNames::Win32::Security.has_admin_privilages?.should == true
+  end
+end
diff --git a/spec/unit/client_spec.rb b/spec/unit/client_spec.rb
index 1cd4e5f0a4..e4f6caf12a 100644
--- a/spec/unit/client_spec.rb
+++ b/spec/unit/client_spec.rb
@@ -335,6 +335,84 @@ shared_examples_for Chef::Client do
     end
   end
 
+  describe "windows_admin_check" do
+    before do
+      @client = Chef::Client.new
+    end
+
+    context "during a solo run" do
+      before do
+        @original_solo = Chef::Config[:solo]
+        Chef::Config[:solo] = true
+      end
+
+      after do
+        Chef::Config[:solo] = @original_solo
+      end
+
+      it "shouldn't be called" do
+        @client.should_not_receive(:has_admin_privilages?)
+        @client.do_windows_admin_check
+      end
+    end
+
+    context "platform is not windows" do
+      before do
+        Chef::Platform.stub(:windows?).and_return(false)
+      end
+
+      it "shouldn't be called" do
+        @client.should_not_receive(:has_admin_privilages?)
+        @client.do_windows_admin_check
+      end
+    end
+
+    context "platform is windows" do
+      before do
+        Chef::Platform.stub(:windows?).and_return(true)
+      end
+
+      it "should be called" do
+        @client.should_receive(:has_admin_privilages?)
+        @client.do_windows_admin_check
+      end
+
+      context "admin privilages exist" do
+        before do
+          @client.should_receive(:has_admin_privilages?).and_return(true)
+        end
+
+        it "should not log a warning message" do
+          Chef::Log.should_not_receive(:warn)
+          @client.do_windows_admin_check
+        end
+
+        context "fatal admin check is configured" do
+          it "should not raise an exception" do
+            @client.do_windows_admin_check.should_not raise_error(Chef::Exceptions::WindowsNotAdmin)
+          end
+        end
+      end
+
+      context "admin privilages doesn't exist" do
+        before do
+          @client.should_receive(:has_admin_privilages?).and_return(false)
+        end
+
+        it "should log a warning message" do
+          Chef::Log.should_receive(:warn)
+          @client.do_windows_admin_check
+        end
+
+        context "fatal admin check is configured" do
+          it "should raise an exception" do
+            @client.do_windows_admin_check.should_not raise_error(Chef::Exceptions::WindowsNotAdmin)
+          end
+        end
+      end
+    end
+  end
+
   describe "when a run list override is provided" do
     before do
       @node = Chef::Node.new