From beb4953af6cc5bec7104616af9f15b0dc3223dcb Mon Sep 17 00:00:00 2001 From: nimisha Date: Thu, 2 Feb 2017 15:47:36 +0530 Subject: Fixed specs Signed-off-by: nimisha --- lib/chef/resource/execute.rb | 8 ++ spec/unit/mixin/user_identity_spec.rb | 216 ---------------------------------- spec/unit/provider/execute_spec.rb | 93 --------------- spec/unit/resource/execute_spec.rb | 214 +++++++++++++++++++++++++++++++++ spec/unit/resource_reporter_spec.rb | 2 +- 5 files changed, 223 insertions(+), 310 deletions(-) delete mode 100644 spec/unit/mixin/user_identity_spec.rb diff --git a/lib/chef/resource/execute.rb b/lib/chef/resource/execute.rb index 3bf504cb26..677c4608b3 100644 --- a/lib/chef/resource/execute.rb +++ b/lib/chef/resource/execute.rb @@ -141,6 +141,14 @@ class Chef property :password, String, sensitive: true + def sensitive(args = nil) + if password + true + else + super + end + end + def self.set_guard_inherited_attributes(*inherited_attributes) @class_inherited_attributes = inherited_attributes end diff --git a/spec/unit/mixin/user_identity_spec.rb b/spec/unit/mixin/user_identity_spec.rb deleted file mode 100644 index 790e0a6ab9..0000000000 --- a/spec/unit/mixin/user_identity_spec.rb +++ /dev/null @@ -1,216 +0,0 @@ -# -# Author:: Adam Edwards () -# Copyright:: Copyright (c) 2015 Chef Software, Inc. -# License:: Apache License, Version 2.0 -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# - -require "spec_helper" -require "chef/mixin/user_identity" - -shared_examples_for "it received valid credentials" do - describe "the validation method" do - it "should not raise an error" do - expect { instance_with_identity.validate(username, password, domain) }.not_to raise_error - end - end - - describe "the name qualification method" do - it "should correctly translate the user and domain" do - identity = nil - expect { identity = instance_with_identity.qualify_name(username, domain) }.not_to raise_error - expect(identity[:domain]).to eq(domain) - expect(identity[:user]).to eq(username) - end - end -end - -shared_examples_for "it received invalid credentials" do - describe "the validation method" do - it "should raise an error" do - expect { instance_with_identity.validate(username, password, domain) }.to raise_error(ArgumentError) - end - end -end - -shared_examples_for "it received credentials that are not valid on the platform" do - describe "the validation method" do - it "should raise an error" do - expect { instance_with_identity.validate(username, password, domain) }.to raise_error(Chef::Exceptions::UnsupportedPlatform) - end - end -end - -shared_examples_for "a consumer of the ::Chef::Mixin::UserIdentity mixin" do - context "when running on Windows" do - before do - allow(::Chef::Platform).to receive(:windows?).and_return(true) - end - - context "when no user, domain, or password is specified" do - let(:username) { nil } - let(:domain) { nil } - let(:password) { nil } - it_behaves_like "it received valid credentials" - end - - context "when a valid username is specified" do - let(:username) { "starchild" } - context "when a valid domain is specified" do - let(:domain) { "mothership" } - - context "when the password is not specified" do - let(:password) { nil } - it_behaves_like "it received invalid credentials" - end - - context "when the password is specified" do - let(:password) { "we.funk!" } - it_behaves_like "it received valid credentials" - end - end - - context "when the domain is not specified" do - let(:domain) { nil } - - context "when the password is not specified" do - let(:password) { nil } - it_behaves_like "it received invalid credentials" - end - - context "when the password is specified" do - let(:password) { "we.funk!" } - it_behaves_like "it received valid credentials" - end - end - - context "when the domain is provided in both username and domain" do - let(:domain) { "some_domain" } - let(:password) { "we.funk!" } - - context "when username is in the form domain\\user" do - let(:username) { "mothership\\starchild" } - it_behaves_like "it received invalid credentials" - end - - context "when username is in the form user@domain" do - let(:username) { "starchild@mothership" } - it_behaves_like "it received invalid credentials" - end - end - end - - context "when the username is not specified" do - let(:username) { nil } - - context "when the password is specified and the domain is not" do - let(:password) { "we.funk!" } - let(:domain) { nil } - it_behaves_like "it received invalid credentials" - end - - context "when the domain is specified and the password is not" do - let(:domain) { "mothership" } - let(:password) { nil } - it_behaves_like "it received invalid credentials" - end - - context "when the domain and password are specified" do - let(:domain) { "mothership" } - let(:password) { "we.funk!" } - it_behaves_like "it received invalid credentials" - end - end - end - - context "when not running on Windows" do - before do - allow(::Chef::Platform).to receive(:windows?).and_return(false) - end - - context "when no user, domain, or password is specified" do - let(:username) { nil } - let(:domain) { nil } - let(:password) { nil } - it_behaves_like "it received valid credentials" - end - - context "when the user is specified and the domain and password are not" do - let(:username) { "starchild" } - let(:domain) { nil } - let(:password) { nil } - it_behaves_like "it received valid credentials" - - context "when the password is specified and the domain is not" do - let(:password) { "we.funk!" } - let(:domain) { nil } - it_behaves_like "it received credentials that are not valid on the platform" - end - - context "when the domain is specified and the password is not" do - let(:domain) { "mothership" } - let(:password) { nil } - it_behaves_like "it received credentials that are not valid on the platform" - end - - context "when the domain and password are specified" do - let(:domain) { "mothership" } - let(:password) { "we.funk!" } - it_behaves_like "it received credentials that are not valid on the platform" - end - end - - context "when the user is not specified" do - let(:username) { nil } - context "when the domain is specified" do - let(:domain) { "mothership" } - context "when the password is specified" do - let(:password) { "we.funk!" } - it_behaves_like "it received credentials that are not valid on the platform" - end - - context "when password is not specified" do - let(:password) { nil } - it_behaves_like "it received credentials that are not valid on the platform" - end - end - - context "when the domain is not specified" do - let(:domain) { nil } - context "when the password is specified" do - let(:password) { "we.funk!" } - it_behaves_like "it received credentials that are not valid on the platform" - end - end - end - end -end - -describe "a class that mixes in user_identity" do - let(:instance_with_identity) do - class IdentityClass - include ::Chef::Mixin::UserIdentity - def validate(*args) - validate_identity(*args) - end - - def qualify_name(*args) - qualify_user(*args) - end - end - IdentityClass.new - end - - it_behaves_like "a consumer of the ::Chef::Mixin::UserIdentity mixin" -end diff --git a/spec/unit/provider/execute_spec.rb b/spec/unit/provider/execute_spec.rb index a579b389df..1901e2ea03 100644 --- a/spec/unit/provider/execute_spec.rb +++ b/spec/unit/provider/execute_spec.rb @@ -238,98 +238,5 @@ describe Chef::Provider::Execute do end end - - describe "when an alternate user identity is specified" do - before do - allow(provider).to receive(:shell_out!).and_return(nil) - end - - context "when running on Windows" do - before do - allow(::Chef::Platform).to receive(:windows?).and_return(true) - end - - context "when the username is specified" do - before do - new_resource.user("starchild") - end - - context "when the domain is specified" do - before do - new_resource.domain("mydomain") - end - - it "should raise an error if the password is not specified" do - expect(new_resource).to receive(:password).at_least(1).times.and_return(nil) - expect { provider.run_action(:run) }.to raise_error(ArgumentError) - end - - it "should not raise an error if the password is specified" do - expect(new_resource).to receive(:password).at_least(1).times.and_return("we.funk!") - expect { provider.run_action(:run) }.not_to raise_error - end - end - - context "when the domain is not specified" do - before do - expect(new_resource).to receive(:domain).at_least(1).times.and_return(nil) - end - - it "should raise an error if the password is not specified" do - expect(new_resource).to receive(:password).at_least(1).times.and_return(nil) - expect { provider.run_action(:run) }.to raise_error(ArgumentError) - end - - it "should not raise an error if the password is specified" do - expect(new_resource).to receive(:password).at_least(1).times.and_return("we.funk!") - expect { provider.run_action(:run) }.not_to raise_error - - end - end - end - - context "when the username is not specified" do - before do - expect(new_resource).to receive(:user).at_least(1).times.and_return(nil) - end - - it "should raise an error if the password is specified" do - expect(new_resource).to receive(:password).at_least(1).times.and_return("we.funk!") - expect { provider.run_action(:run) }.to raise_error(ArgumentError) - end - - it "should raise an error if the domain is specified" do - expect(new_resource).to receive(:domain).at_least(1).times.and_return("mothership") - expect { provider.run_action(:run) }.to raise_error(ArgumentError) - end - - it "should raise an error if the domain and password are specified" do - expect(new_resource).to receive(:password).at_least(1).times.and_return("we.funk!") - expect(new_resource).to receive(:domain).at_least(1).times.and_return("mothership") - expect { provider.run_action(:run) }.to raise_error(ArgumentError) - end - end - end - - context "when not running on Windows" do - before do - allow(::Chef::Platform).to receive(:windows?).and_return(false) - end - - it "should not raise an error if the user is specified" do - new_resource.user("starchild") - end - - it "should raise an error if the password is specified" do - expect(new_resource).to receive(:password).and_return("we.funk!") - expect { provider.run_action(:run) }.to raise_error(Chef::Exceptions::UnsupportedPlatform) - end - - it "should raise an error if the domain is specified" do - expect(new_resource).to receive(:domain).and_return("we.funk!") - expect { provider.run_action(:run) }.to raise_error(Chef::Exceptions::UnsupportedPlatform) - end - end - end end end diff --git a/spec/unit/resource/execute_spec.rb b/spec/unit/resource/execute_spec.rb index 70824e9f5b..4c0ee694c3 100644 --- a/spec/unit/resource/execute_spec.rb +++ b/spec/unit/resource/execute_spec.rb @@ -32,4 +32,218 @@ describe Chef::Resource::Execute do expect(execute_resource.is_guard_interpreter).to eq(false) end + describe "#qualify_user" do + let(:password) { "password" } + let(:domain) { nil } + + context "when username is passed as user@domain" do + let(:username) { "user@domain" } + + it "correctly parses the user and domain" do + identity = execute_resource.qualify_user(username, password, domain) + expect(identity[:domain]).to eq("domain") + expect(identity[:user]).to eq("user") + end + end + + context "when username is passed as domain\\user" do + let(:username) { "domain\\user" } + + it "correctly parses the user and domain" do + identity = execute_resource.qualify_user(username, password, domain) + expect(identity[:domain]).to eq("domain") + expect(identity[:user]).to eq("user") + end + end + end + + shared_examples_for "it received valid credentials" do + describe "the validation method" do + it "should not raise an error" do + expect { execute_resource.validate_identity_platform(username, password, domain) }.not_to raise_error + end + end + + describe "the name qualification method" do + it "should correctly translate the user and domain" do + identity = nil + expect { identity = execute_resource.qualify_user(username, password, domain) }.not_to raise_error + expect(identity[:domain]).to eq(domain) + expect(identity[:user]).to eq(username) + end + end + end + + shared_examples_for "it received invalid credentials" do + describe "the validation method" do + it "should raise an error" do + expect { execute_resource.validate_identity_platform(username, password, domain) }.to raise_error(ArgumentError) + end + end + end + + shared_examples_for "it received invalid username and domain" do + describe "the validation method" do + it "should raise an error" do + expect { execute_resource.qualify_user(username, password, domain) }.to raise_error(ArgumentError) + end + end + end + + shared_examples_for "it received credentials that are not valid on the platform" do + describe "the validation method" do + it "should raise an error" do + expect { execute_resource.validate_identity_platform(username, password, domain) }.to raise_error(Chef::Exceptions::UnsupportedPlatform) + end + end + end + + shared_examples_for "a consumer of the Execute resource" do + context "when running on Windows" do + before do + allow(execute_resource).to receive(:node).and_return({ :platform_family => "windows" }) + end + + context "when no user, domain, or password is specified" do + let(:username) { nil } + let(:domain) { nil } + let(:password) { nil } + it_behaves_like "it received valid credentials" + end + + context "when a valid username is specified" do + let(:username) { "starchild" } + context "when a valid domain is specified" do + let(:domain) { "mothership" } + + context "when the password is not specified" do + let(:password) { nil } + it_behaves_like "it received invalid credentials" + end + + context "when the password is specified" do + let(:password) { "we.funk!" } + it_behaves_like "it received valid credentials" + end + end + + context "when the domain is not specified" do + let(:domain) { nil } + + context "when the password is not specified" do + let(:password) { nil } + it_behaves_like "it received invalid credentials" + end + + context "when the password is specified" do + let(:password) { "we.funk!" } + it_behaves_like "it received valid credentials" + end + end + + context "when username is not specified" do + let(:username) { nil } + + context "when domain is specified" do + let(:domain) { "mothership" } + let(:password) { nil } + it_behaves_like "it received invalid username and domain" + end + + context "when password is specified" do + let(:domain) { nil } + let(:password) { "we.funk!" } + it_behaves_like "it received invalid username and domain" + end + end + end + + context "when invalid username is specified" do + let(:username) { "user@domain@domain" } + let(:domain) { nil } + let(:password) { "we.funk!" } + it_behaves_like "it received invalid username and domain" + end + + context "when the domain is provided in both username and domain" do + let(:domain) { "some_domain" } + let(:password) { "we.funk!" } + + context "when username is in the form domain\\user" do + let(:username) { "mothership\\starchild" } + it_behaves_like "it received invalid username and domain" + end + + context "when username is in the form user@domain" do + let(:username) { "starchild@mothership" } + it_behaves_like "it received invalid username and domain" + end + end + end + + context "when not running on Windows" do + before do + allow(execute_resource).to receive(:node).and_return({ :platform_family => "ubuntu" }) + end + + context "when no user, domain, or password is specified" do + let(:username) { nil } + let(:domain) { nil } + let(:password) { nil } + it_behaves_like "it received valid credentials" + end + + context "when the user is specified and the domain and password are not" do + let(:username) { "starchild" } + let(:domain) { nil } + let(:password) { nil } + it_behaves_like "it received valid credentials" + + context "when the password is specified and the domain is not" do + let(:password) { "we.funk!" } + let(:domain) { nil } + it_behaves_like "it received credentials that are not valid on the platform" + end + + context "when the domain is specified and the password is not" do + let(:domain) { "mothership" } + let(:password) { nil } + it_behaves_like "it received credentials that are not valid on the platform" + end + + context "when the domain and password are specified" do + let(:domain) { "mothership" } + let(:password) { "we.funk!" } + it_behaves_like "it received credentials that are not valid on the platform" + end + end + + context "when the user is not specified" do + let(:username) { nil } + context "when the domain is specified" do + let(:domain) { "mothership" } + context "when the password is specified" do + let(:password) { "we.funk!" } + it_behaves_like "it received credentials that are not valid on the platform" + end + + context "when password is not specified" do + let(:password) { nil } + it_behaves_like "it received credentials that are not valid on the platform" + end + end + + context "when the domain is not specified" do + let(:domain) { nil } + context "when the password is specified" do + let(:password) { "we.funk!" } + it_behaves_like "it received credentials that are not valid on the platform" + end + end + end + end + end + + it_behaves_like "a consumer of the Execute resource" + end diff --git a/spec/unit/resource_reporter_spec.rb b/spec/unit/resource_reporter_spec.rb index ccd7087c0b..84cfb52418 100644 --- a/spec/unit/resource_reporter_spec.rb +++ b/spec/unit/resource_reporter_spec.rb @@ -285,7 +285,7 @@ describe Chef::ResourceReporter do end it "resource_command in prepared_run_data should be blank" do - expect(@first_update_report["after"]).to eq({ :command => "sensitive-resource" }) + expect(@first_update_report["after"]).to eq({ :command => "sensitive-resource", :user => nil }) end end -- cgit v1.2.1