X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=3rdparty%2Fmodules%2Frabbitmq%2Fspec%2Funit%2Fpuppet%2Fprovider%2Frabbitmq_user%2Frabbitmqctl_spec.rb;h=0fd7d9c852c4040a5ce433ede1f017da9a3e21ae;hb=94a8783f522bbf2996cb8a59b977dea583e8b0c7;hp=ed828ea9424aa98143a07381d6d59647727ab685;hpb=e107504bce7d9b21cc301124fc7c39fdb0762374;p=mirror%2Fdsa-puppet.git diff --git a/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_user/rabbitmqctl_spec.rb b/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_user/rabbitmqctl_spec.rb index ed828ea94..0fd7d9c85 100644 --- a/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_user/rabbitmqctl_spec.rb +++ b/3rdparty/modules/rabbitmq/spec/unit/puppet/provider/rabbitmq_user/rabbitmqctl_spec.rb @@ -1,215 +1,176 @@ -require 'puppet' -require 'mocha' -RSpec.configure do |config| - config.mock_with :mocha -end +require 'spec_helper' + provider_class = Puppet::Type.type(:rabbitmq_user).provider(:rabbitmqctl) describe provider_class do - before :each do - @resource = Puppet::Type::Rabbitmq_user.new( - {:name => 'foo', :password => 'bar'} + let(:resource) do + Puppet::Type.type(:rabbitmq_user).new( + ensure: :present, + name: 'rmq_x', + password: 'secret', + provider: described_class.name ) - @provider = provider_class.new(@resource) - end - it 'should match user names' do - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -foo -EOT - @provider.exists?.should == 'foo' - end - it 'should match user names with 2.4.1 syntax' do - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -foo bar -EOT - @provider.exists?.should == 'foo bar' - end - it 'should not match if no users on system' do - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -EOT - @provider.exists?.should be_nil - end - it 'should not match if no matching users on system' do - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -fooey -EOT - @provider.exists?.should be_nil - end - it 'should match user names from list' do - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -one -two three -foo -bar -EOT - @provider.exists?.should == 'foo' - end - it 'should create user and set password' do - @resource[:password] = 'bar' - @provider.expects(:rabbitmqctl).with('add_user', 'foo', 'bar') - @provider.create - end - it 'should create user, set password and set to admin' do - @resource[:password] = 'bar' - @resource[:admin] = 'true' - @provider.expects(:rabbitmqctl).with('add_user', 'foo', 'bar') - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -foo [] -icinga [monitoring] -kitchen [] -kitchen2 [abc, def, ghi] -EOT - @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ['administrator']) - @provider.create - end - it 'should call rabbitmqctl to delete' do - @provider.expects(:rabbitmqctl).with('delete_user', 'foo') - @provider.destroy - end - it 'should be able to retrieve admin value' do - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -foo [administrator] -EOT - @provider.admin.should == :true - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -one [administrator] -foo [] -EOT - @provider.admin.should == :false - end - it 'should fail if admin value is invalid' do - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -foo fail -EOT - expect { @provider.admin }.to raise_error(Puppet::Error, /Could not match line/) - end - it 'should be able to set admin value' do - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -foo [] -icinga [monitoring] -kitchen [] -kitchen2 [abc, def, ghi] -EOT - @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ['administrator']) - @provider.admin=:true - end - it 'should not interfere with existing tags on the user when setting admin value' do - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -foo [bar, baz] -icinga [monitoring] -kitchen [] -kitchen2 [abc, def, ghi] -EOT - @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ['bar','baz', 'administrator'].sort) - @provider.admin=:true - end - it 'should be able to unset admin value' do - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -foo [administrator] -guest [administrator] -icinga [] -EOT - @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', []) - @provider.admin=:false - end - it 'should not interfere with existing tags on the user when unsetting admin value' do - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -foo [administrator, bar, baz] -icinga [monitoring] -kitchen [] -kitchen2 [abc, def, ghi] -EOT - @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ['bar','baz'].sort) - @provider.admin=:false end + let(:provider) { provider_class.new(resource) } + let(:instance) { provider.class.instances.first } - it 'should clear all tags on existing user' do - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -one [administrator] -foo [tag1,tag2] -icinga [monitoring] -kitchen [] -kitchen2 [abc, def, ghi] -EOT - @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', []) - @provider.tags=[] + before do + provider.class.stubs(:rabbitmqctl).with('-q', 'list_users').returns( + "rmq_x [disk, storage]\nrmq_y [network, cpu, administrator]\nrmq_z []\n" + ) end - it 'should set multiple tags' do - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -one [administrator] -foo [] -icinga [monitoring] -kitchen [] -kitchen2 [abc, def, ghi] -EOT - @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ['tag1','tag2']) - @provider.tags=['tag1','tag2'] + describe '#self.instances' do + it { expect(provider.class.instances.size).to eq(3) } + it 'returns an array of users' do + users = provider.class.instances.map(&:name) + expect(users).to match_array(%w[rmq_x rmq_y rmq_z]) + end + it 'returns the expected tags' do + tags = provider.class.instances.first.get(:tags) + expect(tags).to match_array(%w[disk storage]) + end end - it 'should clear tags while keep admin tag' do - @resource[:admin] = true - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -one [administrator] -foo [administrator, tag1, tag2] -icinga [monitoring] -kitchen [] -kitchen2 [abc, def, ghi] -EOT - @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ["administrator"]) - @provider.tags=[] + describe '#exists?' do + it { expect(instance.exists?).to be true } end - it 'should change tags while keep admin tag' do - @resource[:admin] = true - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -one [administrator] -foo [administrator, tag1, tag2] -icinga [monitoring] -kitchen [] -kitchen2 [abc, def, ghi] -EOT - @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ["administrator","tag1","tag3","tag7"]) - @provider.tags=['tag1','tag7','tag3'] + describe '#create' do + it 'adds a user' do + provider.expects(:rabbitmqctl).with('add_user', 'rmq_x', 'secret') + provider.create + end + context 'no password supplied' do + let(:resource) do + Puppet::Type.type(:rabbitmq_user).new( + ensure: :present, + name: 'rmq_x' + ) + end + + it 'raises an error' do + expect do + provider.create + end.to raise_error(Puppet::Error, 'Password is a required parameter for rabbitmq_user (user: rmq_x)') + end + end end - it 'should create user with tags and without admin' do - @resource[:tags] = [ "tag1", "tag2" ] - @provider.expects(:rabbitmqctl).with('add_user', 'foo', 'bar') - @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ["tag1","tag2"]) - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -foo [] -EOT - @provider.create + describe '#destroy' do + it 'removes a user' do + provider.expects(:rabbitmqctl).with('delete_user', 'rmq_x') + provider.destroy + end end - it 'should create user with tags and with admin' do - @resource[:tags] = [ "tag1", "tag2" ] - @resource[:admin] = true - @provider.expects(:rabbitmqctl).with('add_user', 'foo', 'bar') - @provider.expects(:rabbitmqctl).with('-q', 'list_users').twice.returns <<-EOT -foo [] -EOT - @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ["administrator"]) - @provider.expects(:rabbitmqctl).with('set_user_tags', 'foo', ["administrator","tag1","tag2"]) - @provider.create + describe '#check_password' do + context 'correct password' do + before do + provider.class.stubs(:rabbitmqctl).with( + 'eval', + 'rabbit_access_control:check_user_pass_login(list_to_binary("rmq_x"), list_to_binary("secret")).' + ).returns <<-EOT +{ok,{user,<<"rmq_x">>,[],rabbit_auth_backend_internal, + {internal_user,<<"rmq_x">>, + <<193,81,62,182,129,135,196,89,148,87,227,48,86,2,154, + 192,52,119,214,177>>, + []}}} +EOT + end + + it do + provider.check_password('secret') + end + end + + context 'incorrect password' do + before do + provider.class.stubs(:rabbitmqctl).with( + 'eval', + 'rabbit_access_control:check_user_pass_login(list_to_binary("rmq_x"), list_to_binary("nottherightone")).' + ).returns <<-EOT +{refused,"user '~s' - invalid credentials",[<<"rmq_x">>]} +...done. +EOT + end + + it do + provider.check_password('nottherightone') + end + end end - it 'should not return the administrator tag in tags for admins' do - @resource[:tags] = [] - @resource[:admin] = true - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -foo [administrator] -EOT - @provider.tags.should == [] + describe '#tags=' do + it 'clears all tags on existing user' do + provider.set(tags: %w[tag1 tag2 tag3]) + provider.expects(:rabbitmqctl).with('set_user_tags', 'rmq_x', []) + provider.tags = [] + provider.flush + end + + it 'sets multiple tags' do + provider.set(tags: []) + provider.expects(:rabbitmqctl).with('set_user_tags', 'rmq_x', %w[tag1 tag2]) + provider.tags = %w[tag1 tag2] + provider.flush + end + + it 'clears tags while keeping admin tag' do + provider.set(tags: %w[administrator tag1 tag2]) + resource[:admin] = true + provider.expects(:rabbitmqctl).with('set_user_tags', 'rmq_x', ['administrator']) + provider.tags = [] + provider.flush + end + + it 'changes tags while keeping admin tag' do + provider.set(tags: %w[administrator tag1 tag2]) + resource[:admin] = true + provider.expects(:rabbitmqctl).with('set_user_tags', 'rmq_x', %w[tag1 tag7 tag3 administrator]) + provider.tags = %w[tag1 tag7 tag3] + provider.flush + end end - it 'should return the administrator tag for non-admins' do - # this should not happen though. - @resource[:tags] = [] - @resource[:admin] = :false - @provider.expects(:rabbitmqctl).with('-q', 'list_users').returns <<-EOT -foo [administrator] -EOT - @provider.tags.should == ["administrator"] + describe '#admin=' do + it 'gets admin value properly' do + provider.set(tags: %w[administrator tag1 tag2]) + expect(provider.admin).to be :true + end + + it 'gets false admin value' do + provider.set(tags: %w[tag1 tag2]) + expect(provider.admin).to be :false + end + + it 'sets admin value' do + provider.expects(:rabbitmqctl).with('set_user_tags', 'rmq_x', ['administrator']) + resource[:admin] = true + provider.admin = resource[:admin] + provider.flush + end + + it 'adds admin value to existing tags of the user' do + resource[:tags] = %w[tag1 tag2] + provider.expects(:rabbitmqctl).with('set_user_tags', 'rmq_x', %w[tag1 tag2 administrator]) + resource[:admin] = true + provider.admin = resource[:admin] + provider.flush + end + + it 'unsets admin value' do + provider.set(tags: ['administrator']) + provider.expects(:rabbitmqctl).with('set_user_tags', 'rmq_x', []) + provider.admin = :false + provider.flush + end + + it 'does not interfere with existing tags on the user when unsetting admin value' do + provider.set(tags: %w[administrator tag1 tag2]) + resource[:tags] = %w[tag1 tag2] + provider.expects(:rabbitmqctl).with('set_user_tags', 'rmq_x', %w[tag1 tag2]) + provider.admin = :false + provider.flush + end end end