diff options
-rw-r--r-- | lib/chef/client.rb | 45 | ||||
-rw-r--r-- | spec/functional/win32/security_spec.rb | 28 | ||||
-rw-r--r-- | spec/unit/client_spec.rb | 78 |
3 files changed, 130 insertions, 21 deletions
diff --git a/lib/chef/client.rb b/lib/chef/client.rb index 30892d9886..b2a97ae366 100644 --- a/lib/chef/client.rb +++ b/lib/chef/client.rb @@ -410,6 +410,25 @@ class Chef raise end + def do_windows_admin_check + if !Chef::Config[:solo] && Chef::Platform.windows? + Chef::Log.debug("Checking for administrator privilages....") + + if !has_admin_privilages? + message = "chef-client doesn't have administrator privilages on node #{node_name}." + if Chef::Config[:fatal_windows_admin_check] + Chef::Log.fatal(message) + Chef::Log.fatal("fatal_windows_admin_check is set to TRUE.") + raise Chef::Exceptions::WindowsNotAdmin, message + else + Chef::Log.warn("#{message} This might cause unexpected resource failures.") + end + else + Chef::Log.debug("chef-client has administrator privilages on node #{node_name}.") + end + end + end + private # Do a full run for this Chef::Client. Calls: @@ -443,9 +462,7 @@ class Chef Chef::Log.info("Starting Chef Run for #{node.name}") run_started - if Chef::Platform.windows? - do_windows_admin_check - end + do_windows_admin_check run_context = setup_run_context @@ -523,26 +540,12 @@ class Chef end - def do_windows_admin_check - unless Chef::Config[:solo] - require 'chef/win32/security' + def has_admin_privilages? + require 'chef/win32/security' - Chef::Log.debug("Checking for administrator privilages....") - - if !Chef::ReservedNames::Win32::Security.has_admin_privilages? - message = "chef-client doesn't have administrator privilages on node #{node_name}." - if Chef::Config[:fatal_windows_admin_check] - Chef::Log.fatal(message) - Chef::Log.fatal("fatal_windows_admin_check is set to TRUE.") - raise Chef::Exceptions::WindowsNotAdmin, message - else - Chef::Log.warn("#{message} This might cause unexpected resource failures.") - end - else - Chef::Log.debug("chef-client has administrator privilages on node #{node_name}.") - end - end + Chef::ReservedNames::Win32::Security.has_admin_privilages? end + end end diff --git a/spec/functional/win32/security_spec.rb b/spec/functional/win32/security_spec.rb new file mode 100644 index 0000000000..e1fc7590f3 --- /dev/null +++ b/spec/functional/win32/security_spec.rb @@ -0,0 +1,28 @@ +# +# Author:: Serdar Sutay (<serdar@opscode.com>) +# Copyright:: Copyright (c) 2012 Opscode, Inc. +# License:: Apache License, Version 2.0 +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +require 'spec_helper' +if Chef::Platform.windows? + require 'chef/win32/security' +end + +describe 'Chef::Win32::Security', :windows_only do + it "has_admin_privilages? returns true when running as admin" do + Chef::ReservedNames::Win32::Security.has_admin_privilages?.should == true + end +end diff --git a/spec/unit/client_spec.rb b/spec/unit/client_spec.rb index 1cd4e5f0a4..e4f6caf12a 100644 --- a/spec/unit/client_spec.rb +++ b/spec/unit/client_spec.rb @@ -335,6 +335,84 @@ shared_examples_for Chef::Client do end end + describe "windows_admin_check" do + before do + @client = Chef::Client.new + end + + context "during a solo run" do + before do + @original_solo = Chef::Config[:solo] + Chef::Config[:solo] = true + end + + after do + Chef::Config[:solo] = @original_solo + end + + it "shouldn't be called" do + @client.should_not_receive(:has_admin_privilages?) + @client.do_windows_admin_check + end + end + + context "platform is not windows" do + before do + Chef::Platform.stub(:windows?).and_return(false) + end + + it "shouldn't be called" do + @client.should_not_receive(:has_admin_privilages?) + @client.do_windows_admin_check + end + end + + context "platform is windows" do + before do + Chef::Platform.stub(:windows?).and_return(true) + end + + it "should be called" do + @client.should_receive(:has_admin_privilages?) + @client.do_windows_admin_check + end + + context "admin privilages exist" do + before do + @client.should_receive(:has_admin_privilages?).and_return(true) + end + + it "should not log a warning message" do + Chef::Log.should_not_receive(:warn) + @client.do_windows_admin_check + end + + context "fatal admin check is configured" do + it "should not raise an exception" do + @client.do_windows_admin_check.should_not raise_error(Chef::Exceptions::WindowsNotAdmin) + end + end + end + + context "admin privilages doesn't exist" do + before do + @client.should_receive(:has_admin_privilages?).and_return(false) + end + + it "should log a warning message" do + Chef::Log.should_receive(:warn) + @client.do_windows_admin_check + end + + context "fatal admin check is configured" do + it "should raise an exception" do + @client.do_windows_admin_check.should_not raise_error(Chef::Exceptions::WindowsNotAdmin) + end + end + end + end + end + describe "when a run list override is provided" do before do @node = Chef::Node.new |