3rdparty/modules/rabbitmq/lib/puppet/provider/rabbitmq_user_permissions/rabbitmqctl.rb

   1 require File.expand_path(File.join(File.dirname(__FILE__), '..', 'rabbitmqctl'))
   2 Puppet::Type.type(:rabbitmq_user_permissions).provide(:rabbitmqctl, parent: Puppet::Provider::Rabbitmqctl) do
   3   if Puppet::PUPPETVERSION.to_f < 3
   4     commands rabbitmqctl: 'rabbitmqctl'
   5   else
   6     has_command(:rabbitmqctl, 'rabbitmqctl') do
   7       environment HOME: '/tmp'
   8     end
   9   end
  10
  11   confine feature: :posix
  12
  13   # cache users permissions
  14   def self.users(name, vhost)
  15     @users = {} unless @users
  16     unless @users[name]
  17       @users[name] = {}
  18       user_permission_list = run_with_retries do
  19         rabbitmqctl('-q', 'list_user_permissions', name)
  20       end
  21       user_permission_list.split(%r{\n}).each do |line|
  22         line = strip_backslashes(line)
  23         raise Puppet::Error, "cannot parse line from list_user_permissions:#{line}" unless line =~ %r{^(\S+)\s+(\S*)\s+(\S*)\s+(\S*)$}
  24         @users[name][Regexp.last_match(1)] =
  25           { configure: Regexp.last_match(2), read: Regexp.last_match(4), write: Regexp.last_match(3) }
  26       end
  27     end
  28     @users[name][vhost]
  29   end
  30
  31   def users(name, vhost)
  32     self.class.users(name, vhost)
  33   end
  34
  35   def should_user
  36     if @should_user
  37       @should_user
  38     else
  39       @should_user = resource[:name].split('@')[0]
  40     end
  41   end
  42
  43   def should_vhost
  44     if @should_vhost
  45       @should_vhost
  46     else
  47       @should_vhost = resource[:name].split('@')[1]
  48     end
  49   end
  50
  51   def create
  52     resource[:configure_permission] ||= "''"
  53     resource[:read_permission]      ||= "''"
  54     resource[:write_permission]     ||= "''"
  55     rabbitmqctl('set_permissions', '-p', should_vhost, should_user, resource[:configure_permission], resource[:write_permission], resource[:read_permission])
  56   end
  57
  58   def destroy
  59     rabbitmqctl('clear_permissions', '-p', should_vhost, should_user)
  60   end
  61
  62   # I am implementing prefetching in exists b/c I need to be sure
  63   # that the rabbitmq package is installed before I make this call.
  64   def exists?
  65     users(should_user, should_vhost)
  66   end
  67
  68   def configure_permission
  69     users(should_user, should_vhost)[:configure]
  70   end
  71
  72   def configure_permission=(_perm)
  73     set_permissions
  74   end
  75
  76   def read_permission
  77     users(should_user, should_vhost)[:read]
  78   end
  79
  80   def read_permission=(_perm)
  81     set_permissions
  82   end
  83
  84   def write_permission
  85     users(should_user, should_vhost)[:write]
  86   end
  87
  88   def write_permission=(_perm)
  89     set_permissions
  90   end
  91
  92   # implement memoization so that we only call set_permissions once
  93   def set_permissions
  94     return if @permissions_set
  95
  96     @permissions_set = true
  97     resource[:configure_permission] ||= configure_permission
  98     resource[:read_permission]      ||= read_permission
  99     resource[:write_permission]     ||= write_permission
 100     rabbitmqctl(
 101       'set_permissions',
 102       '-p', should_vhost,
 103       should_user,
 104       resource[:configure_permission],
 105       resource[:write_permission],
 106       resource[:read_permission]
 107     )
 108   end
 109
 110   def self.strip_backslashes(string)
 111     # See: https://github.com/rabbitmq/rabbitmq-server/blob/v1_7/docs/rabbitmqctl.1.pod#output-escaping
 112     string.gsub(%r{\\\\}, '\\')
 113   end
 114 end