diff options
| -rw-r--r-- | lib/chef/resource/windows_firewall_rule.rb | 12 | ||||
| -rw-r--r-- | spec/unit/resource/windows_firewall_rule_spec.rb | 61 |
2 files changed, 67 insertions, 6 deletions
diff --git a/lib/chef/resource/windows_firewall_rule.rb b/lib/chef/resource/windows_firewall_rule.rb index 0ecdc22c6f..95cb39477b 100644 --- a/lib/chef/resource/windows_firewall_rule.rb +++ b/lib/chef/resource/windows_firewall_rule.rb @@ -99,9 +99,9 @@ class Chef description: "The protocol the firewall rule applies to." property :icmp_type, [String, Integer], - description: "Specifies the ICMP Type parameter for using a protocol starting with ICMP", - default: "Any", - introduced: "16.0" + description: "Specifies the ICMP Type parameter for using a protocol starting with ICMP", + default: "Any", + introduced: "16.0" property :firewall_action, [Symbol, String], default: :allow, equal_to: %i{allow block notconfigured}, @@ -174,8 +174,8 @@ class Chef unless is_set_properly?(new_resource.icmp_type, new_resource.protocol) error_msg = "Verification for \"#{new_resource.rule_name}\" failed.\n" + - "It's mostly a combination of protocol (#{new_resource.protocol}) and icmp_type (#{new_resource.icmp_type}) which are not allowed.\n" + - "Please refer to: https://docs.microsoft.com/en-us/powershell/module/netsecurity/new-netfirewallrule" + "It's mostly a combination of protocol (#{new_resource.protocol}) and icmp_type (#{new_resource.icmp_type}) which are not allowed.\n" + + "Please refer to: https://docs.microsoft.com/en-us/powershell/module/netsecurity/new-netfirewallrule" raise Chef::Exceptions::ValidationFailed, error_msg end @@ -257,7 +257,7 @@ class Chef end end - return true + return true # rubocop:disable Style/RedundantReturn: end end diff --git a/spec/unit/resource/windows_firewall_rule_spec.rb b/spec/unit/resource/windows_firewall_rule_spec.rb index f4dfea1e0a..9620daa76c 100644 --- a/spec/unit/resource/windows_firewall_rule_spec.rb +++ b/spec/unit/resource/windows_firewall_rule_spec.rb @@ -502,4 +502,65 @@ describe Chef::Resource::WindowsFirewallRule do end end end + describe "#is_set_properly?" do + context "#TCP" do + it "protocol is TCP and icmp_type is empty" do + expect(Chef::Resource::WindowsFirewallRule.is_set_properly?("", "TCP")).to be false + end + + it "protocol is TCP and icmp_type is 'Any'" do + expect(Chef::Resource::WindowsFirewallRule.is_set_properly?("Any", "TCP")).to be true + end + + it "protocol is TCP and icmp_type is 123 as String" do + expect(Chef::Resource::WindowsFirewallRule.is_set_properly?("123", "TCP")).to be false + end + + it "protocol is TCP and icmp_type is 123 as Integer" do + expect(Chef::Resource::WindowsFirewallRule.is_set_properly?(123, "TCP")).to be false + end + + it "protocol is TCP and icmp_type is '1:3' as code pair" do + expect(Chef::Resource::WindowsFirewallRule.is_set_properly?("1:3", "TCP")).to be false + end + + it "protocol is TCP and icmp_type is '123:456' as code pair out of range" do + expect(Chef::Resource::WindowsFirewallRule.is_set_properly?("123:456", "TCP")).to be false + end + + it "protocol is TCP and icmp_type is nil" do + expect(Chef::Resource::WindowsFirewallRule.is_set_properly?(nil, "TCP")).to be false + end + end + + context "#ICMPv6" do + it "protocol is ICMPv6 and icmp_type is empty" do + expect(Chef::Resource::WindowsFirewallRule.is_set_properly?("", "ICMPv6")).to be false + end + + it "protocol is ICMPv6 and icmp_type is 'Any'" do + expect(Chef::Resource::WindowsFirewallRule.is_set_properly?("Any", "ICMPv6")).to be true + end + + it "protocol is ICMPv6 and icmp_type is 123 as String" do + expect(Chef::Resource::WindowsFirewallRule.is_set_properly?("123", "ICMPv6")).to be true + end + + it "protocol is ICMPv6 and icmp_type is 123 as Integer" do + expect(Chef::Resource::WindowsFirewallRule.is_set_properly?(123, "ICMPv6")).to be true + end + + it "protocol is ICMPv6 and icmp_type is '1:3' as code pair" do + expect(Chef::Resource::WindowsFirewallRule.is_set_properly?("1:3", "ICMPv6")).to be true + end + + it "protocol is ICMPv6 and icmp_type is '123:456' as code pair out of range" do + expect(Chef::Resource::WindowsFirewallRule.is_set_properly?("123:456", "ICMPv6")).to be false + end + + it "protocol is ICMPv6 and icmp_type is nil" do + expect(Chef::Resource::WindowsFirewallRule.is_set_properly?(nil, "ICMPv6")).to be false + end + end + end end |