diff options
| -rw-r--r-- | lib/puppet/type/sudoers.rb | 34 | ||||
| -rw-r--r-- | spec/lib/helpers.rb | 54 | ||||
| -rw-r--r-- | spec/unit/provider/sudoers/parsed_spec.rb | 72 | ||||
| -rw-r--r-- | spec/unit/provider/sudoers/sudoers.spec | 55 | ||||
| -rw-r--r-- | spec/unit/puppet/provider/ec2/ec2.rb | 40 | ||||
| -rw-r--r-- | spec/unit/puppet/type/ec2.rb | 125 | ||||
| -rw-r--r-- | spec/unit/puppet/util/ec2.rb | 34 | ||||
| -rw-r--r-- | spec/unit/type/sudoers.rb | 218 | ||||
| -rw-r--r-- | tests/sudoers/sudoers-fakenamevar.pp | 13 | ||||
| -rw-r--r-- | tests/sudoers/test2.pp | 5 |
10 files changed, 292 insertions, 358 deletions
diff --git a/lib/puppet/type/sudoers.rb b/lib/puppet/type/sudoers.rb index 2bcba92..73810e9 100644 --- a/lib/puppet/type/sudoers.rb +++ b/lib/puppet/type/sudoers.rb @@ -78,7 +78,6 @@ Defaults@host x=y,one=1,two=2 newparam(:name, :namevar => true) do desc "Either the name of the alias, default, or arbitrary unique string for user specifications" munge do |value| - #puts "params \n#{resource.original_parameters.to_yaml}\n" value end # this fails for existing resources, just dont use fake_namevar stuff! @@ -140,7 +139,7 @@ Defaults@host x=y,one=1,two=2 newproperty(:users, :array_matching => :all) do desc "list of users for user spec" validate do |value| - if value =~ /^\s*Defaults/ + if value == 'Defaults' raise Puppet::Error, 'Cannot specify user named Defaults in sudoers' end end @@ -150,6 +149,7 @@ Defaults@host x=y,one=1,two=2 desc "list of hosts for user spec" end + # maybe I should do more validation for commands newproperty(:commands, :array_matching => :all) do desc "commands to run" end @@ -192,6 +192,8 @@ Defaults@host x=y,one=1,two=2 elsif ! self[:type] # this is only during purging (self.instances) raise Puppet::Error, 'attribute type must be set for sudoers type' + else + raise Puppet::Error, "type value #{self[:type]} is not valid" end else # this occurs with self.instances @@ -208,33 +210,5 @@ Defaults@host x=y,one=1,two=2 end end end -# if self[:sudo_alias] -# self[:type] = 'alias' -# checkprops(SUDOERS_DEFAULT, SUDOERS_SPEC) -# elsif self[:parameters] -# self[:type] = 'default' -# checkprops(SUDOERS_ALIAS, SUDOERS_SPEC) -# elsif self[:users] -# self[:type] = 'user_spec' -# checkprops(SUDOERS_ALIAS, SUDOERS_DEFAULT) -# else -# # these are parsed records, do nothing -# end - #puts self.should('sudo_alias') - #puts self.to_yaml - #puts self.eachproperty do |x| puts x end -# end - -# private - - # check that we dont have any conflicting attributes -# def checkprops(array_one, array_two) -# combined = Array.new.concat(array_one).concat(array_two) -# combined.each do |item| -# if self[item.to_sym] -# raise Puppet::Error, "Unexpected attribute #{item} for sudo record type #{self[:type]}" -# end -# end -# end end diff --git a/spec/lib/helpers.rb b/spec/lib/helpers.rb index 55a18ae..bb2fecf 100644 --- a/spec/lib/helpers.rb +++ b/spec/lib/helpers.rb @@ -7,7 +7,48 @@ module Helpers } def self.included(obj) - obj.instance_eval { attr_reader :valid_params } + obj.instance_eval { attr_accessor :valid_params } + end + # self is available at the describe level + def restricted_params(key, params, opts={}, invalid='invalid') + params.each do |param| + #let(:param) {param} + #let(:key) {key} + with(valid_params_with({key => param}))[key].should == param + end + lambda {with(valid_params_with({key => invalid}))}.should raise_error + end + + # test that a list of attributes are required + def should_require(*keys) + keys.each do |k| + lambda { with(valid_params_without(k)) }.should raise_error Puppet::Error + end + end + # tests that an attribute should accept a value + def should_accept(attr, value) + k=attr.to_sym + with(valid_params_with({k => value}))[k].should == value + end + # tests that an attribute should not accept a value + def should_not_accept(attr, value) + k=attr.to_sym + lambda {with(valid_params_with({k => value}))}.should raise_error Puppet::Error + end + + + # tests that an attribute accepts an array + # - single element array, multiple element array + # - string is converted into an array + def should_accept_array(attr, value=['one', 'two']) + should_accept(attr, value) + should_accept(attr, value.first.to_a ) + with(valid_params_with({attr => value.first}))[attr].should == value.first.to_a + end + + # test that an attribute defaults to a value + def should_default_to(attr, defaultto) + with(valid_params_without(attr.to_sym))[:comment].should == defaultto end # Creates a new resource of +type+ @@ -49,11 +90,11 @@ module Helpers end # Stub the default provider to get around confines for testing - def stub_default_provider! + def stub_default_provider!(name) unless defined?(@type) raise ArgumentError, "@type must be set" end - provider = @type.provider(:ec2) + provider = @type.provider(name.to_sym) @type.stubs(:defaultprovider => provider) end @@ -62,3 +103,10 @@ module Helpers end end +#Spec::Example::ExampleGroupFactory.register(:provider, ProviderExampleGroup) +# +# Outside wrapper to lookup a provider and start the spec using ProviderExampleGroup +#def describe_provider(type_name, provider_name, options = {}, &block) +# provider_class = Puppet::Type.type(type_name).provider(provider_name) +# describe(provider_class, options.merge(:type => :provider), &block) +#end diff --git a/spec/unit/provider/sudoers/parsed_spec.rb b/spec/unit/provider/sudoers/parsed_spec.rb new file mode 100644 index 0000000..3cf001c --- /dev/null +++ b/spec/unit/provider/sudoers/parsed_spec.rb @@ -0,0 +1,72 @@ +require 'pathname'; Pathname.new(__FILE__).realpath.ascend { |x| begin; require (x + 'spec_helper.rb'); break; rescue LoadError; end } + +#describe_provider :sudoers, :parsed, :resource => {:path => '/tmp/vcsrepo'} do +describe Puppet::Type.type(:sudoers).provider(:parsed) do + before(:each) do + @provider = Puppet::Type.type(:sudoers).provider(:parsed) + end + it 'should not be null' do + @provider.should_not be_nil + end + + describe 'setup' do + it 'should fail if visudo is not in path' do + ENV['PATH']='' + @provider = Puppet::Type.type(:sudoers).provider(:parsed) + end + it 'should work if visudo is in path' do + end + end + +# context "parsing lines" do +# context "should ignore empty lines" do +# +# end +# context "should ignore comment lines" do +# +# end +# context "parsing invalid lines" do +# +# end +# context "parsing alias lines" do +# +# end +# context "parsing user spec lines" do +# context "prefetch comment NAMEVAR lines for user spec" +# end +# end +# context "parsing defaults lines" do +# +# end +# end +# +# context "dissallow type changes" do +# # not sure if this requires a type +# end +# +# +# context "Writing lines" do +# context "write comment lines" do +# +# end +# context "write blank lines" do +# +# end +# context "write user alias lines" do +# +# end +# context "write user spec lines" do +# +# end +# context "write defaults lines" do +# +# end +# context "fail for invalid types" do +# +# end +# context "fail for invalid lines" do +# +# end +# end +end + diff --git a/spec/unit/provider/sudoers/sudoers.spec b/spec/unit/provider/sudoers/sudoers.spec deleted file mode 100644 index 1d94c8e..0000000 --- a/spec/unit/provider/sudoers/sudoers.spec +++ /dev/null @@ -1,55 +0,0 @@ -describe_provider :vcsrepo, :git, :resource => {:path => '/tmp/vcsrepo'} do - - context "parsing lines" do - context "should ignore empty lines" do - - end - context "should ignore comment lines" do - - end - context "parsing invalid lines" do - - end - context "parsing alias lines" do - - end - context "parsing user spec lines" do - context "prefetch comment NAMEVAR lines for user spec" - end - end - context "parsing defaults lines" - - end - end - - context "dissallow type changes" do - # not sure if this requires a type - end - - - context "Writing lines" do - context "write comment lines" do - - end - context "write blank lines" do - - end - context "write user alias lines" do - - end - context "write user spec lines" do - - end - context "write defaults lines" do - - end - context "fail for invalid types" do - - end - context "fail for invalid lines" do - - end - end - -end - diff --git a/spec/unit/puppet/provider/ec2/ec2.rb b/spec/unit/puppet/provider/ec2/ec2.rb deleted file mode 100644 index 1846147..0000000 --- a/spec/unit/puppet/provider/ec2/ec2.rb +++ /dev/null @@ -1,40 +0,0 @@ -Dir.chdir(File.dirname(__FILE__)) { (s = lambda { |f| File.exist?(f) ? require(f) : Dir.chdir("..") { s.call(f) } }).call("spec/spec_helper.rb") } - -provider_class = Puppet::Type.type(:ec2).provider(:ec2) - -describe provider_class do - before do - @resource = stub("resource") - @provider = provider_class.new(@resource) - end - -# it "should not be suitable if the 'aws' libraries are missing" do -# Puppet.features.expects(:aws?).returns false -# provider_class.should_not be_suitable -# end - -# it "should be suitable if the 'aws' libraries are present" do -# Puppet.features.expects(:aws?).returns true -# provider_class.should be_suitable -# end - -# it "should be present if provided an 'ensure' value of 'present'" do -# provider_class.new(:ensure => :present).should be_exists -# end -# -# it "should be absent if provided an 'ensure' value of 'absent'" do -# provider_class.new(:ensure => :absent).should_not be_exists -# end -# -# it "should be absent if not provided an 'ensure' value" do -# provider_class.new({}).should_not be_exists -# end -# -# it "should be absent if provided with a resource rather than an 'ensure' value" do -# provider_class.new(@resource).should_not be_exists -# end - -# it "should accept an instance_id at initialization" do -# provider_class.new(:instance_id => 50).instance_id.should == 50 -# end -end diff --git a/spec/unit/puppet/type/ec2.rb b/spec/unit/puppet/type/ec2.rb deleted file mode 100644 index ce3d51c..0000000 --- a/spec/unit/puppet/type/ec2.rb +++ /dev/null @@ -1,125 +0,0 @@ -Dir.chdir(File.dirname(__FILE__)) { (s = lambda { |f| File.exist?(f) ? require(f) : Dir.chdir("..") { s.call(f) } }).call("spec/spec_helper.rb") } - -describe Puppet::Type.type(:ec2) do - before do - @type = Puppet::Type.type(:ec2) - stub_default_provider! - @valid_types = [ - 'm1.small', 'm1.large', 'm1.xlarge', - 'm2.xlarge', 'm2.2xlarge', 'm2.4xlarge', - 'c1.medium', 'c1.xlarge' - ] - @valid_params = { - :name => :name, - :ensure => :present, - :user => 'user', - :password => 'password', - :image => 'image', - :desc => 'description' - - } - end - - it "should exist" do - @type.should_not be_nil - end - - describe "the name parameter" do - it "should exist" do - @type.attrclass(:name).should_not be_nil - end - it 'values should be prefixed with PUPPET_' do - with(valid_params)[:name].should == "PUPPET_#{valid_params[:name]}" - end - it 'should be required' do - specifying(valid_params_without(:name)).should raise_error(Puppet::Error) - end - end - - describe "the user parameter" do - it "should exist" do - @type.attrclass(:user).should_not be_nil - end - it 'should support setting a value' do - with(valid_params)[:user].should == valid_params[:user] - end - # I think isrequired is broken - it 'should be required' do - specifying(valid_params_without(:user)).should raise_error(Puppet::Error) - end - end - - describe "the password parameter" do - it "should exist" do - @type.attrclass(:password).should_not be_nil - end - it 'should support setting a value' do - with(valid_params)[:password].should == valid_params[:password] - end - it 'should be required' do - specifying(valid_params_without(:password)).should raise_error(Puppet::Error) - end - end - - describe "the image parameter" do - it "should exist" do - @type.attrclass(:image).should_not be_nil - end - it 'should be required' do - specifying(valid_params_without(:image)).should raise_error(Puppet::Error) - end - it 'should support setting a value' do - with(valid_params)[:image].should == valid_params[:image] - end - end - - describe "the desc parameter" do - it "should exist" do - @type.attrclass(:desc).should_not be_nil - end - it 'should not be required' do - specifying(valid_params_without(:desc)).should_not raise_error(Puppet::Error) - end - it 'should accept a value' do - with(valid_params)[:desc].should == 'description' - end - end - - describe 'the type parameter' do - it 'should exist' do - @type.attrclass(:type).should_not be_nil - end - it 'should accept valid ec2 types' do - @valid_types.each do |t| - with(valid_params_with({:type => t}))[:type].should == t - end - end - it 'should not accept invalid types' do - specifying(:type => 'm1.freakin-huge').should raise_error(Puppet::Error) - end - it 'should default to m1.small' do - with(valid_params_without(:type)) do |resource| - resource[:type].should == 'm1.small' - end - end - end - describe "when specifying the 'ensure' parameter" do - it "should exist" do - @type.attrclass(:ensure).should_not be_nil - end - it "should support 'present' as a value" do - with(valid_params_with({:ensure => :present}))[:ensure].should == :present - end - it "should support 'absent' as a value" do - with(valid_params.merge(:ensure => :absent)) do |resource| - resource[:ensure].should == :absent - end - end - it "should not support other values" do - specifying(valid_params.merge(:ensure => :foobar)).should raise_error(Puppet::Error) - end - it 'should not be required' do - specifying(valid_params_without(:ensure)).should_not raise_error(Puppet::Error) - end - end -end diff --git a/spec/unit/puppet/util/ec2.rb b/spec/unit/puppet/util/ec2.rb deleted file mode 100644 index c8757ee..0000000 --- a/spec/unit/puppet/util/ec2.rb +++ /dev/null @@ -1,34 +0,0 @@ -Dir.chdir(File.dirname(__FILE__)) { (s = lambda { |f| File.exist?(f) ? require(f) : Dir.chdir("..") { s.call(f) } }).call("spec/spec_helper.rb") } - -require 'puppet/util/ec2' - -class Ec2Helper - include Puppet::Util::Ec2 -end - -# LAK: This way the constants exist, but I expect we'll regret this -unless Puppet.features.aws? - class AWS - class EC2 - class Base - end - end - end -end - -describe Puppet::Util::Ec2 do - before do - @helper = Ec2Helper.new - end - - it "should use AWS::Base to create an EC2 connection" do - AWS::EC2::Base.expects(:new).with(:access_key_id => "myuser", :secret_access_key => "mypass") - @helper.ec2_connection("myuser", "mypass") - end - - it "should call foo and bar when calling baz" do - @helper.stubs(:foo).returns "yay" - @helper.expects(:bar).with("yay").returns "yip" - @helper.baz.should == "yip" - end -end diff --git a/spec/unit/type/sudoers.rb b/spec/unit/type/sudoers.rb index 4e3df0c..c2e1068 100644 --- a/spec/unit/type/sudoers.rb +++ b/spec/unit/type/sudoers.rb @@ -1,64 +1,172 @@ Dir.chdir(File.dirname(__FILE__)) { (s = lambda { |f| File.exist?(f) ? require(f) : Dir.chdir("..") { s.call(f) } }).call("spec/spec_helper.rb") } describe Puppet::Type.type(:sudoers) do - before do + before(:each) do @type = Puppet::Type.type(:sudoers) - stub_default_provider! + stub_default_provider!(:parsed) + # these are the initial params used for testing @init_params = { :ensure => :present, :name => :name, - :comment => :mycomment + :comment => :mycomment, + :type => 'default', + :parameters => ['1'] # :target => '/etc/sudoers' } - # user spec setup - @spec_params = default_params.merge({ - :type => 'user_spec', - :users => 'danbode', - :hosts => 'coolmachine@awesomeocorp.org', - :commands => '/bin/true', - }) - # sudo alias setup - @vaild_aliases = [ - :Cmnd_Alias, :Host_Alias, :User_Alias, :Runas_Alias + # these are all of the attributes that exist + @attributes=[ + :ensure, :name, :comment, :target, :type, + :sudo_alias, :items, + :parameters, + :users, :hosts, :commands ] - @valid_aliases_short = [ - :Cmnd, :Host, :User, :Runas - ] - @alias_params = default_params.merge({ - :type => 'alias', - :sudo_alias => 'Cmnd_Alias', - :items => 'item1' - }) - # defaults setup - @default_params = default_params.merge({ - :type => 'defaults', - :parameters => 'params' - }) + @valid_params = @init_params end it "should exist" do - puts @type - putes @init_params @type.should_not be_nil end + it "should not have valid attributes that are nil" do + @attributes.each do |attr| + @type.attrclass(attr).should_not be_nil + end + end + + describe 'shared attributes' do + describe 'ensure' do + it 'should only accept absent/present' do + restricted_params(:ensure, [:absent, :present], @valid_params) + end + end + describe 'comment attribute' do + it 'should accept a value' do + should_accept(:comment, 'foo') + end + it 'should default to empty string' do + should_default_to(:comment, '') + end + end + describe 'name attribute' do + it 'should accept a value' do + should_accept(:name, 'foo') + end + it 'should be required' do + should_require(:name) + end + end + end - describe "the name parameter" do - puts @type - puts @init_params - @valid_params = @init_params.merge(@alias_params) - it "should exist" do - @type.attrclass(:name).should_not be_nil + describe "the user alias" do + before(:each) do + @alias_params = @init_params.merge({ + :type => 'alias', + :sudo_alias => 'Cmnd_Alias', + :items => 'item1' + }) + # set what your valid params are + @valid_params = @alias_params end - it 'should be required' do - specifying(valid_params_without(:name)).should raise_error(Puppet::Error) + describe 'require attributes' do + #self.should_require([:sudo_alias, :items]) + end + describe "sudo_alias" do + it "should only accept certain aliases" do + valid= [ + :Cmnd_Alias, :Host_Alias, :User_Alias, :Runas_Alias, + :Cmnd, :Host, :User, :Runas + ] + restricted_params(:sudo_alias, valid, @valid_params) + end + end + describe 'items' do + it 'should be required' do + should_require(:items) + end + it 'should take a single element' do + with(valid_params_with({:items => 'one'}))[:items] .should == ['one'] + end + it 'should take a single element array' do + should_accept(:items, ['one']) + end + it 'should take an array' do + should_accept(:items, ['one', 'two']) + end + end + describe 'type' do + it 'should not accept other type' do + lambda { with(valid_params_with({:type => 'bad_type'}))}.should raise_error + end + it 'should not accept other type' do + lambda { with(valid_params_with({:type => 'user_spec'}))}.should raise_error + end + end + end + + describe 'sudo defaults' do + before do + @default_params = @init_params.merge({ + :type => 'default', + :parameters => 'params' + }) + # set what your valid params are + @valid_params = @default_params + end + describe 'parameters' do + it 'should take a single element' do + with(valid_params_with({:parameters => 'one'}))[:parameters].should == ['one'] + end + it 'should take a single element array' do + should_accept(:parameters, ['one']) + end + it 'should take an array' do + should_accept(:parameters, ['one', 'two']) + end + it 'should require a parameter' do + should_require(:parameters) + end end - # valid values depend on type. end + describe 'user specs' do + before do + # user spec setup + @spec_params = @init_params.merge({ + :type => 'user_spec', + :users => 'danbode', + :hosts => 'coolmachine@awesomeocorp.org', + :commands => '/bin/true', + }) + @valid_params = @spec_params + end + describe 'users' do + it 'should accept an array' do + should_accept_array(:users, ['alice', 'bob']) + end + it 'should not accept Defaults' do + should_not_accept(:usrs, 'Defaults') + end + it 'should be required' do + should_require(:users) + end + end + describe 'hosts' do + it 'should accept an array' do + should_accept_array(:hosts, ['alice', 'bob']) + end + it 'should be required' do + should_require(:hosts) + end + end + describe 'commands' do + it 'should accept an array' do + should_accept_array(:commands, ['alice', 'bob']) + end + it 'should be required' do + should_require(:commands) + end + end + end # describe "the user parameter" do -# it "should exist" do -# @type.attrclass(:user).should_not be_nil -# end # it 'should support setting a value' do # with(valid_params)[:user].should == valid_params[:user] # end @@ -69,9 +177,6 @@ describe Puppet::Type.type(:sudoers) do # end # # describe "the password parameter" do -# it "should exist" do -# @type.attrclass(:password).should_not be_nil -# end # it 'should support setting a value' do # with(valid_params)[:password].should == valid_params[:password] # end @@ -81,9 +186,6 @@ describe Puppet::Type.type(:sudoers) do # end # # describe "the image parameter" do -# it "should exist" do -# @type.attrclass(:image).should_not be_nil -# end # it 'should be required' do # specifying(valid_params_without(:image)).should raise_error(Puppet::Error) # end @@ -93,9 +195,6 @@ describe Puppet::Type.type(:sudoers) do # end # # describe "the desc parameter" do -# it "should exist" do -# @type.attrclass(:desc).should_not be_nil -# end # it 'should not be required' do # specifying(valid_params_without(:desc)).should_not raise_error(Puppet::Error) # end @@ -105,9 +204,6 @@ describe Puppet::Type.type(:sudoers) do # end # # describe 'the type parameter' do -# it 'should exist' do -# @type.attrclass(:type).should_not be_nil -# end # it 'should accept valid ec2 types' do # @valid_types.each do |t| # with(valid_params_with({:type => t}))[:type].should == t @@ -122,23 +218,5 @@ describe Puppet::Type.type(:sudoers) do # end # end # end -# describe "when specifying the 'ensure' parameter" do -# it "should exist" do -# @type.attrclass(:ensure).should_not be_nil -# end -# it "should support 'present' as a value" do -# with(valid_params_with({:ensure => :present}))[:ensure].should == :present -# end -# it "should support 'absent' as a value" do -# with(valid_params.merge(:ensure => :absent)) do |resource| -# resource[:ensure].should == :absent -# end -# end -# it "should not support other values" do -# specifying(valid_params.merge(:ensure => :foobar)).should raise_error(Puppet::Error) -# end -# it 'should not be required' do -# specifying(valid_params_without(:ensure)).should_not raise_error(Puppet::Error) -# end # end end diff --git a/tests/sudoers/sudoers-fakenamevar.pp b/tests/sudoers/sudoers-fakenamevar.pp new file mode 100644 index 0000000..6208a17 --- /dev/null +++ b/tests/sudoers/sudoers-fakenamevar.pp @@ -0,0 +1,13 @@ +resources { 'sudoers': + purge => true, +} +sudoers{'fake_namevar_23': + ensure => present, + users => ['dan1', 'dan2'], + hosts => 'ALL', + commands => [ + '(root) /usr/bin/su - easapp', + '(easapp)/usr/local/eas-ts/bin/appctl', + ], + type => 'user_spec', +} diff --git a/tests/sudoers/test2.pp b/tests/sudoers/test2.pp index 63c6714..6a095c5 100644 --- a/tests/sudoers/test2.pp +++ b/tests/sudoers/test2.pp @@ -7,14 +7,17 @@ sudoers{'NAME': '(easapp)/usr/local/eas-ts/bin/appctl', ], type => 'user_spec', + target => '/tmp/sudoers.test', } sudoers{'ALIAS_NAME': ensure => present, sudo_alias => 'Cmnd', items => ['/bin/true', '/usr/bin/su - bob'], type => 'alias', + target => '/tmp/sudoers.test', } sudoers{'Defaults@host': parameters => ['x=y', 'one=1', 'two=2'], type => 'default', - } + target => '/tmp/sudoers.test', +} |