chef_fixie 0.4.0 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +4 -5
- data/bin/chef_fixie +1 -1
- data/doc/BulkFixup.md +1 -1
- data/lib/chef_fixie/authz_mapper.rb +26 -28
- data/lib/chef_fixie/authz_objects.rb +44 -41
- data/lib/chef_fixie/bulk_edit_permissions.rb +24 -20
- data/lib/chef_fixie/check_org_associations.rb +40 -39
- data/lib/chef_fixie/config.rb +20 -19
- data/lib/chef_fixie/console.rb +9 -9
- data/lib/chef_fixie/context.rb +2 -4
- data/lib/chef_fixie/sql.rb +12 -12
- data/lib/chef_fixie/sql_objects.rb +44 -37
- data/lib/chef_fixie/utility_helpers.rb +13 -9
- data/lib/chef_fixie/version.rb +1 -1
- data/lib/chef_fixie.rb +7 -7
- data/spec/chef_fixie/acl_spec.rb +23 -25
- data/spec/chef_fixie/assoc_invite_spec.rb +5 -8
- data/spec/chef_fixie/check_org_associations_spec.rb +14 -17
- data/spec/chef_fixie/groups_spec.rb +7 -11
- data/spec/chef_fixie/org_spec.rb +4 -5
- data/spec/chef_fixie/orgs_spec.rb +6 -9
- data/spec/spec_helper.rb +5 -6
- metadata +19 -62
@@ -17,12 +17,12 @@
|
|
17
17
|
# Author: Mark Anderson <mark@chef.io>
|
18
18
|
#
|
19
19
|
|
20
|
-
require
|
21
|
-
require
|
20
|
+
require "pp"
|
21
|
+
require "sequel"
|
22
22
|
|
23
|
-
require_relative
|
24
|
-
require_relative
|
25
|
-
require_relative
|
23
|
+
require_relative "config"
|
24
|
+
require_relative "authz_objects"
|
25
|
+
require_relative "authz_mapper"
|
26
26
|
|
27
27
|
Sequel.extension :inflector
|
28
28
|
|
@@ -51,25 +51,28 @@ module ChefFixie
|
|
51
51
|
else
|
52
52
|
class_or_name.class.to_s
|
53
53
|
end
|
54
|
-
name.split(
|
54
|
+
name.split("::")[-1]
|
55
55
|
end
|
56
56
|
|
57
57
|
# The class for the table, e.g. Orgs
|
58
58
|
def self.table_class(name)
|
59
|
-
name =
|
59
|
+
name = to_name(name)
|
60
60
|
(base + name.to_s.pluralize.camelize).constantize
|
61
61
|
end
|
62
|
+
|
62
63
|
# The class for one instance of the object, e.g. Org
|
63
64
|
def self.object_class(name)
|
64
|
-
name =
|
65
|
+
name = to_name(name)
|
65
66
|
(base + name.to_s.singularize.camelize).constantize
|
66
67
|
end
|
68
|
+
|
67
69
|
def self.singular(name)
|
68
|
-
name =
|
70
|
+
name = to_name(name)
|
69
71
|
name.to_s.singularize
|
70
72
|
end
|
73
|
+
|
71
74
|
def self.plural(name)
|
72
|
-
name =
|
75
|
+
name = to_name(name)
|
73
76
|
name.to_s.pluralize
|
74
77
|
end
|
75
78
|
end
|
@@ -79,9 +82,11 @@ module ChefFixie
|
|
79
82
|
def initialize(data)
|
80
83
|
@data = data
|
81
84
|
end
|
85
|
+
|
82
86
|
def data
|
83
87
|
@data
|
84
88
|
end
|
89
|
+
|
85
90
|
def table
|
86
91
|
Relationships.table_class(self).new
|
87
92
|
end
|
@@ -90,26 +95,27 @@ module ChefFixie
|
|
90
95
|
def self.ro_access(*args)
|
91
96
|
args.each do |field|
|
92
97
|
fundef = "def #{field}; @data.#{field}; end"
|
93
|
-
|
98
|
+
class_eval(fundef)
|
94
99
|
end
|
95
100
|
end
|
96
101
|
# TODO figure out model for write access
|
97
102
|
|
98
103
|
def self.name_field(field)
|
99
104
|
fundef = "def name; @data.#{field}; end"
|
100
|
-
|
105
|
+
class_eval(fundef)
|
101
106
|
end
|
102
107
|
|
103
108
|
def self.std_timestamp
|
104
109
|
[:created_at, :updated_at].each do |i|
|
105
|
-
|
110
|
+
ro_access(i)
|
106
111
|
end
|
107
112
|
end
|
113
|
+
|
108
114
|
# Pretty much any object with an authz id has these fields
|
109
115
|
def self.std_authz
|
110
|
-
|
116
|
+
std_timestamp
|
111
117
|
[:authz_id, :last_updated_by].each do |i|
|
112
|
-
|
118
|
+
ro_access(i)
|
113
119
|
end
|
114
120
|
end
|
115
121
|
|
@@ -117,7 +123,7 @@ module ChefFixie
|
|
117
123
|
rows = table.by_id(id)
|
118
124
|
raise "id #{id} matches more than one object" if rows.all.count != 1
|
119
125
|
rows.inner.delete
|
120
|
-
if
|
126
|
+
if respond_to?(:authz_delete)
|
121
127
|
authz_delete
|
122
128
|
end
|
123
129
|
end
|
@@ -131,13 +137,14 @@ module ChefFixie
|
|
131
137
|
funname = Relationships.plural(object)
|
132
138
|
# defer evaluation of mapper to make sure we have a chance for everyone to initialize
|
133
139
|
fundef = "def #{funname}; Relationships.table_class(:#{object}).new.by_org_id(org_id); end"
|
134
|
-
|
140
|
+
class_eval(fundef)
|
135
141
|
end
|
136
142
|
end
|
137
143
|
|
138
144
|
def initialize(data)
|
139
145
|
super(data)
|
140
146
|
end
|
147
|
+
|
141
148
|
def org_id
|
142
149
|
data[:id]
|
143
150
|
end
|
@@ -158,7 +165,7 @@ module ChefFixie
|
|
158
165
|
# TODO Write some tests to validate that this stuff
|
159
166
|
# works, since it depends on a lot of name magic...
|
160
167
|
|
161
|
-
NAME_FIXUP = {"data" => "data_bags", "sandboxes" => nil}
|
168
|
+
NAME_FIXUP = { "data" => "data_bags", "sandboxes" => nil }
|
162
169
|
def objects_by_container_type(container)
|
163
170
|
name = NAME_FIXUP.has_key?(container) ? NAME_FIXUP[container] : container
|
164
171
|
return [] if name.nil?
|
@@ -176,7 +183,7 @@ module ChefFixie
|
|
176
183
|
yield objects
|
177
184
|
end
|
178
185
|
end
|
179
|
-
|
186
|
+
nil
|
180
187
|
end
|
181
188
|
|
182
189
|
def each_authz_object
|
@@ -185,7 +192,7 @@ module ChefFixie
|
|
185
192
|
yield object
|
186
193
|
end
|
187
194
|
end
|
188
|
-
|
195
|
+
nil
|
189
196
|
end
|
190
197
|
|
191
198
|
scoped_type :container, :group, :client,
|
@@ -257,7 +264,6 @@ module ChefFixie
|
|
257
264
|
# org_migration_state_id_seq policy_revisions
|
258
265
|
# policy_revisions_policy_groups_association sandboxed_checksums
|
259
266
|
|
260
|
-
|
261
267
|
class CookbookArtifact < SqlObject
|
262
268
|
include AuthzObjectMixin
|
263
269
|
def initialize(data)
|
@@ -342,31 +348,33 @@ module ChefFixie
|
|
342
348
|
def get_table
|
343
349
|
:unknown_table
|
344
350
|
end
|
351
|
+
|
345
352
|
def mk_element(x)
|
346
353
|
x
|
347
354
|
end
|
348
355
|
|
349
356
|
def initialize(tablespec = nil)
|
350
357
|
ChefFixie::Sql.default_connection
|
351
|
-
@inner = tablespec || Sequel::Model(
|
358
|
+
@inner = tablespec || Sequel::Model(get_table)
|
352
359
|
end
|
360
|
+
|
353
361
|
def inner
|
354
362
|
# Make sure we have init
|
355
363
|
@inner
|
356
364
|
end
|
357
365
|
|
358
366
|
def filter_core(field, exp)
|
359
|
-
self.class.new(inner.filter(field=>exp))
|
367
|
+
self.class.new(inner.filter(field => exp))
|
360
368
|
end
|
361
369
|
|
362
|
-
def all(max_count
|
370
|
+
def all(max_count = :default)
|
363
371
|
if max_count == :default
|
364
372
|
max_count = ChefFixie::Sql::SqlTable.max_count_default
|
365
373
|
end
|
366
374
|
if max_count != :all
|
367
|
-
return :too_many_results if
|
375
|
+
return :too_many_results if inner.count > max_count
|
368
376
|
end
|
369
|
-
elements = inner.all.map {|org| mk_element(org) }
|
377
|
+
elements = inner.all.map { |org| mk_element(org) }
|
370
378
|
end
|
371
379
|
|
372
380
|
#
|
@@ -375,7 +383,7 @@ module ChefFixie
|
|
375
383
|
# https://stackoverflow.com/questions/9658724/ruby-metaprogramming-class-eval/9658775#9658775
|
376
384
|
def self.primary(arg)
|
377
385
|
name = :"by_#{arg}"
|
378
|
-
|
386
|
+
class_eval("def [](arg); #{name}(arg).all(1).first; end")
|
379
387
|
|
380
388
|
listfun = <<EOLF
|
381
389
|
def list(max_count=:default)
|
@@ -387,26 +395,27 @@ def list(max_count=:default)
|
|
387
395
|
end
|
388
396
|
end
|
389
397
|
EOLF
|
390
|
-
|
398
|
+
class_eval(listfun)
|
391
399
|
end
|
392
400
|
|
393
401
|
def self.filter_by(*args)
|
394
402
|
args.each do |field|
|
395
403
|
name = "by_#{field}"
|
396
404
|
fundef = "def #{name}(exp); filter_core(:#{field},exp); end"
|
397
|
-
|
405
|
+
class_eval(fundef)
|
398
406
|
end
|
399
407
|
end
|
400
408
|
|
401
409
|
def self.table(name)
|
402
410
|
fundef = "def get_table; :#{name}; end"
|
403
|
-
|
411
|
+
class_eval(fundef)
|
404
412
|
end
|
413
|
+
|
405
414
|
# doesn't work yet
|
406
415
|
# element Org in class Orgs will fail because it can't find Org (undefined)
|
407
416
|
def self.element(name)
|
408
417
|
fundef = "ElementType = name; def mk_element(x); #{name}.new(x); end"
|
409
|
-
|
418
|
+
class_eval(fundef)
|
410
419
|
end
|
411
420
|
end
|
412
421
|
|
@@ -418,7 +427,7 @@ EOLF
|
|
418
427
|
primary :name
|
419
428
|
filter_by :name, :id, :full_name, :authz_id
|
420
429
|
|
421
|
-
GlobalOrg = "0"*32
|
430
|
+
GlobalOrg = "0" * 32
|
422
431
|
|
423
432
|
def self.org_guid_to_name(guid)
|
424
433
|
"global" if guid == GlobalOrg
|
@@ -439,7 +448,7 @@ EOLF
|
|
439
448
|
|
440
449
|
def by_org_id_user_id(org_id, user_id)
|
441
450
|
# db table constraint guarantees that this is unique
|
442
|
-
inner.filter(:org_id=>org_id, :user_id=>user_id).all.first
|
451
|
+
inner.filter(:org_id => org_id, :user_id => user_id).all.first
|
443
452
|
end
|
444
453
|
|
445
454
|
end
|
@@ -449,7 +458,7 @@ EOLF
|
|
449
458
|
|
450
459
|
def by_org_id_user_id(org_id, user_id)
|
451
460
|
# db table constraint guarantees that this is unique
|
452
|
-
inner.filter(:org_id=>org_id, :user_id=>user_id).all.first
|
461
|
+
inner.filter(:org_id => org_id, :user_id => user_id).all.first
|
453
462
|
end
|
454
463
|
end
|
455
464
|
class Users < SqlTable
|
@@ -551,7 +560,7 @@ EOLF
|
|
551
560
|
filter_by :name, :id, :org_id, :authz_id
|
552
561
|
end
|
553
562
|
|
554
|
-
class Roles
|
563
|
+
class Roles < SqlTable
|
555
564
|
table :roles
|
556
565
|
element Sql::Role
|
557
566
|
register_authz :role, :object
|
@@ -560,7 +569,5 @@ EOLF
|
|
560
569
|
filter_by :name, :id, :org_id, :authz_id, :last_updated_by
|
561
570
|
end
|
562
571
|
|
563
|
-
|
564
|
-
|
565
572
|
end
|
566
573
|
end
|
@@ -18,42 +18,46 @@
|
|
18
18
|
# Author: Mark Anderson <mark@chef.io>
|
19
19
|
#
|
20
20
|
|
21
|
-
require_relative
|
22
|
-
require_relative
|
23
|
-
require_relative
|
21
|
+
require_relative "config"
|
22
|
+
require_relative "authz_objects"
|
23
|
+
require_relative "authz_mapper"
|
24
24
|
|
25
25
|
module ChefFixie
|
26
26
|
module UtilityHelpers
|
27
27
|
def self.orgs
|
28
28
|
@orgs ||= ChefFixie::Sql::Orgs.new
|
29
29
|
end
|
30
|
+
|
30
31
|
def self.users
|
31
32
|
@users ||= ChefFixie::Sql::Users.new
|
32
33
|
end
|
34
|
+
|
33
35
|
def self.assocs
|
34
36
|
@assocs ||= ChefFixie::Sql::Associations.new
|
35
37
|
end
|
38
|
+
|
36
39
|
def self.invites
|
37
40
|
invites ||= ChefFixie::Sql::Invites.new
|
38
41
|
end
|
39
42
|
|
40
43
|
def self.make_user(user)
|
41
44
|
if user.is_a?(String)
|
42
|
-
|
45
|
+
users[user]
|
43
46
|
elsif user.is_a?(ChefFixie::Sql::User)
|
44
|
-
|
47
|
+
user
|
45
48
|
else
|
46
49
|
raise Exception "Expected a user, got a #{user.class}"
|
47
50
|
end
|
48
|
-
end
|
51
|
+
end
|
52
|
+
|
49
53
|
def self.make_org(org)
|
50
54
|
if org.is_a?(String)
|
51
|
-
|
55
|
+
orgs[org]
|
52
56
|
elsif org.is_a?(ChefFixie::Sql::Org)
|
53
|
-
|
57
|
+
org
|
54
58
|
else
|
55
59
|
raise Exception "Expected an org, got a #{org.class}"
|
56
60
|
end
|
57
|
-
end
|
61
|
+
end
|
58
62
|
end
|
59
63
|
end
|
data/lib/chef_fixie/version.rb
CHANGED
data/lib/chef_fixie.rb
CHANGED
@@ -1,5 +1,5 @@
|
|
1
1
|
#
|
2
|
-
# Copyright (c) 2014-2015 Chef Software Inc.
|
2
|
+
# Copyright (c) 2014-2015 Chef Software Inc.
|
3
3
|
# License :: Apache License, Version 2.0
|
4
4
|
#
|
5
5
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
@@ -16,13 +16,13 @@
|
|
16
16
|
#
|
17
17
|
# Author: Mark Anderson <mark@chef.io>
|
18
18
|
|
19
|
-
require
|
20
|
-
require_relative
|
21
|
-
require_relative
|
22
|
-
require_relative
|
19
|
+
require "sequel"
|
20
|
+
require_relative "chef_fixie/config"
|
21
|
+
require_relative "chef_fixie/sql"
|
22
|
+
require_relative "chef_fixie/sql_objects"
|
23
23
|
|
24
24
|
# This doesn't work because of initialization order, figure it out.
|
25
|
-
require_relative
|
26
|
-
require_relative
|
25
|
+
require_relative "chef_fixie/check_org_associations"
|
26
|
+
require_relative "chef_fixie/bulk_edit_permissions"
|
27
27
|
|
28
28
|
Sequel.extension :inflector
|
data/spec/chef_fixie/acl_spec.rb
CHANGED
@@ -1,46 +1,45 @@
|
|
1
1
|
|
2
|
-
require
|
2
|
+
require "rspec"
|
3
3
|
require "spec_helper"
|
4
|
-
require
|
5
|
-
require
|
4
|
+
require "chef_fixie"
|
5
|
+
require "chef_fixie/config"
|
6
6
|
|
7
7
|
RSpec.describe ChefFixie::Sql::Orgs, "ACL access" do
|
8
|
-
let (:test_org_name) { "ponyville"}
|
8
|
+
let (:test_org_name) { "ponyville" }
|
9
9
|
let (:orgs) { ChefFixie::Sql::Orgs.new }
|
10
10
|
let (:users) { ChefFixie::Sql::Users.new }
|
11
11
|
let (:test_org) { orgs[test_org_name] }
|
12
12
|
|
13
13
|
# TODO this should use a freshly created object and purge it afterwords.
|
14
14
|
# But we need to write the create object feature still
|
15
|
-
|
15
|
+
|
16
16
|
context "Fetch acl for actor (client)" do
|
17
17
|
let (:testclient) { test_org.clients.all.first }
|
18
|
-
let (:testuser) { users[
|
19
|
-
let (:pivotal) { users[
|
18
|
+
let (:testuser) { users["spitfire"] }
|
19
|
+
let (:pivotal) { users["pivotal"] }
|
20
20
|
let (:client_container) { test_org.containers["clients"] }
|
21
|
-
|
21
|
+
|
22
22
|
it "We can fetch the acl" do
|
23
23
|
acl = testclient.acl
|
24
|
-
expect(acl.keys).to include(* %w
|
24
|
+
expect(acl.keys).to include(* %w{create read update delete grant})
|
25
25
|
end
|
26
26
|
|
27
27
|
it "we can add a user to an ace" do
|
28
|
-
# This requires either a temp object or good cleanup
|
28
|
+
# This requires either a temp object or good cleanup
|
29
29
|
# acl = testclient.acl
|
30
30
|
# expect(acl["read"]["actors"].not_to include("wonderbolts")
|
31
|
-
|
31
|
+
|
32
32
|
testclient.ace_add(:read, testuser)
|
33
33
|
|
34
34
|
acl = testclient.acl
|
35
35
|
expect(acl["read"]["actors"]).to include([:global, testuser.name])
|
36
36
|
end
|
37
|
-
|
37
|
+
|
38
38
|
it "we can add then delete a user from an ace" do
|
39
39
|
testclient.ace_add(:read, testuser)
|
40
40
|
acl = testclient.acl
|
41
41
|
expect(acl["read"]["actors"]).to include([:global, testuser.name])
|
42
42
|
|
43
|
-
|
44
43
|
testclient.ace_delete(:read, testuser)
|
45
44
|
|
46
45
|
acl = testclient.acl
|
@@ -49,26 +48,26 @@ RSpec.describe ChefFixie::Sql::Orgs, "ACL access" do
|
|
49
48
|
|
50
49
|
it "we can copy users from another acl" do
|
51
50
|
testclient.ace_delete(:all, pivotal)
|
52
|
-
|
51
|
+
|
53
52
|
testclient.acl_add_from_object(client_container)
|
54
53
|
|
55
54
|
acl = testclient.acl
|
56
|
-
%w
|
55
|
+
%w{create read update delete grant}.each do |action|
|
57
56
|
expect(acl[action]["actors"]).to include([:global, pivotal.name])
|
58
57
|
end
|
59
58
|
end
|
60
|
-
|
59
|
+
|
61
60
|
end
|
62
61
|
|
63
62
|
context "ACE Membership" do
|
64
|
-
|
65
|
-
let (:admingroup) { test_org.groups[
|
66
|
-
let (:testobject) { test_org.groups[
|
67
|
-
let (:notadmingroup) { test_org.groups[
|
68
|
-
let (:adminuser) { users[
|
69
|
-
let (:notadminuser) { users[
|
70
|
-
let (:pivotal) { users[
|
71
|
-
|
63
|
+
|
64
|
+
let (:admingroup) { test_org.groups["admins"] }
|
65
|
+
let (:testobject) { test_org.groups["admins"] }
|
66
|
+
let (:notadmingroup) { test_org.groups["clients"] }
|
67
|
+
let (:adminuser) { users["rainbowdash"] }
|
68
|
+
let (:notadminuser) { users["mary"] }
|
69
|
+
let (:pivotal) { users["pivotal"] }
|
70
|
+
|
72
71
|
it "Privileged users and groups are part of the read ACE" do
|
73
72
|
expect(testobject.ace_member?(:read, admingroup)).to be true
|
74
73
|
expect(testobject.ace_member?(:read, pivotal)).to be true
|
@@ -79,5 +78,4 @@ RSpec.describe ChefFixie::Sql::Orgs, "ACL access" do
|
|
79
78
|
end
|
80
79
|
end
|
81
80
|
|
82
|
-
|
83
81
|
end
|
@@ -1,18 +1,17 @@
|
|
1
1
|
|
2
|
-
require
|
2
|
+
require "rspec"
|
3
3
|
require "spec_helper"
|
4
|
-
require
|
5
|
-
require
|
4
|
+
require "chef_fixie"
|
5
|
+
require "chef_fixie/config"
|
6
6
|
|
7
7
|
RSpec.describe ChefFixie::Sql::Associations, "Associations tests" do
|
8
8
|
let (:test_org_name) { "ponyville" }
|
9
9
|
let (:orgs) { ChefFixie::Sql::Orgs.new }
|
10
|
-
let (:test_org) { orgs[test_org_name]}
|
10
|
+
let (:test_org) { orgs[test_org_name] }
|
11
11
|
|
12
12
|
let (:users) { ChefFixie::Sql::Users.new }
|
13
13
|
let (:assocs) { ChefFixie::Sql::Associations.new }
|
14
14
|
|
15
|
-
|
16
15
|
context "Basic functionality of association spec" do
|
17
16
|
let ("test_user_name") { "fluttershy" }
|
18
17
|
let ("test_user") { users[test_user_name] }
|
@@ -37,11 +36,9 @@ RSpec.describe ChefFixie::Sql::Associations, "Associations tests" do
|
|
37
36
|
expect(assoc_item.org_id).to eq(test_org.id)
|
38
37
|
|
39
38
|
# test user not in org
|
40
|
-
expect(assocs.by_org_id_user_id(test_org.id, users[
|
39
|
+
expect(assocs.by_org_id_user_id(test_org.id, users["mary"].id)).to be_nil
|
41
40
|
end
|
42
41
|
|
43
|
-
|
44
42
|
end
|
45
43
|
|
46
|
-
|
47
44
|
end
|
@@ -1,17 +1,17 @@
|
|
1
1
|
# -*- indent-tabs-mode: nil; fill-column: 110 -*-
|
2
|
-
require
|
2
|
+
require "rspec"
|
3
3
|
require "spec_helper"
|
4
|
-
require
|
5
|
-
require
|
4
|
+
require "chef_fixie"
|
5
|
+
require "chef_fixie/config"
|
6
6
|
|
7
7
|
RSpec.describe ChefFixie::CheckOrgAssociations, "Association checker" do
|
8
|
-
let (:test_org_name) { "ponyville"}
|
8
|
+
let (:test_org_name) { "ponyville" }
|
9
9
|
let (:orgs) { ChefFixie::Sql::Orgs.new }
|
10
10
|
let (:test_org) { orgs[test_org_name] }
|
11
11
|
|
12
12
|
let (:users) { ChefFixie::Sql::Users.new }
|
13
|
-
let (:adminuser) { users[
|
14
|
-
let (:notorguser) { users[
|
13
|
+
let (:adminuser) { users["rainbowdash"] }
|
14
|
+
let (:notorguser) { users["mary"] }
|
15
15
|
|
16
16
|
# TODO this should use a freshly created object and purge it afterwords.
|
17
17
|
# But we need to write the create object feature still
|
@@ -29,10 +29,10 @@ RSpec.describe ChefFixie::CheckOrgAssociations, "Association checker" do
|
|
29
29
|
end
|
30
30
|
|
31
31
|
after :each do
|
32
|
-
usag =
|
32
|
+
usag = test_org.groups[adminuser.id]
|
33
33
|
|
34
34
|
usag.group_add(adminuser)
|
35
|
-
test_org.groups[
|
35
|
+
test_org.groups["users"].group_add(usag)
|
36
36
|
|
37
37
|
adminuser.ace_add(:read, test_org.global_admins)
|
38
38
|
|
@@ -47,7 +47,7 @@ RSpec.describe ChefFixie::CheckOrgAssociations, "Association checker" do
|
|
47
47
|
|
48
48
|
it "Detects user missing from usag" do
|
49
49
|
# break it
|
50
|
-
usag =
|
50
|
+
usag = test_org.groups[adminuser.id]
|
51
51
|
usag.group_delete(adminuser)
|
52
52
|
|
53
53
|
expect(ChefFixie::CheckOrgAssociations.check_association(test_org, adminuser)).to be :user_not_in_usag
|
@@ -55,8 +55,8 @@ RSpec.describe ChefFixie::CheckOrgAssociations, "Association checker" do
|
|
55
55
|
|
56
56
|
it "Detects usag missing from users group" do
|
57
57
|
# break it
|
58
|
-
usag =
|
59
|
-
test_org.groups[
|
58
|
+
usag = test_org.groups[adminuser.id]
|
59
|
+
test_org.groups["users"].group_delete(usag)
|
60
60
|
|
61
61
|
expect(ChefFixie::CheckOrgAssociations.check_association(test_org, adminuser)).to be :usag_not_in_users
|
62
62
|
end
|
@@ -78,10 +78,10 @@ RSpec.describe ChefFixie::CheckOrgAssociations, "Association checker" do
|
|
78
78
|
end
|
79
79
|
|
80
80
|
after :each do
|
81
|
-
usag =
|
81
|
+
usag = test_org.groups[adminuser.id]
|
82
82
|
|
83
83
|
usag.group_add(adminuser)
|
84
|
-
test_org.groups[
|
84
|
+
test_org.groups["users"].group_add(usag)
|
85
85
|
|
86
86
|
adminuser.ace_add(:read, test_org.global_admins)
|
87
87
|
|
@@ -106,7 +106,7 @@ RSpec.describe ChefFixie::CheckOrgAssociations, "Association checker" do
|
|
106
106
|
it "Fixes usag missing from users group" do
|
107
107
|
# break it
|
108
108
|
usag = test_org.groups[adminuser.id]
|
109
|
-
test_org.groups[
|
109
|
+
test_org.groups["users"].group_delete(usag)
|
110
110
|
|
111
111
|
expect(ChefFixie::CheckOrgAssociations.fix_association(test_org, adminuser)).to be true
|
112
112
|
expect(ChefFixie::CheckOrgAssociations.check_association(test_org, adminuser)).to be true
|
@@ -124,7 +124,6 @@ RSpec.describe ChefFixie::CheckOrgAssociations, "Association checker" do
|
|
124
124
|
|
125
125
|
end
|
126
126
|
|
127
|
-
|
128
127
|
# TODO Break the org and check it!
|
129
128
|
context "Global org check" do
|
130
129
|
|
@@ -135,6 +134,4 @@ RSpec.describe ChefFixie::CheckOrgAssociations, "Association checker" do
|
|
135
134
|
|
136
135
|
end
|
137
136
|
|
138
|
-
|
139
|
-
|
140
137
|
end
|
@@ -1,11 +1,11 @@
|
|
1
1
|
# -*- indent-tabs-mode: nil; fill-column: 110 -*-
|
2
|
-
require
|
2
|
+
require "rspec"
|
3
3
|
require "spec_helper"
|
4
|
-
require
|
5
|
-
require
|
4
|
+
require "chef_fixie"
|
5
|
+
require "chef_fixie/config"
|
6
6
|
|
7
7
|
RSpec.describe ChefFixie::Sql::Groups, "Group access" do
|
8
|
-
let (:test_org_name) { "ponyville"}
|
8
|
+
let (:test_org_name) { "ponyville" }
|
9
9
|
let (:orgs) { ChefFixie::Sql::Orgs.new }
|
10
10
|
let (:users) { ChefFixie::Sql::Users.new }
|
11
11
|
let (:test_org) { orgs[test_org_name] }
|
@@ -14,9 +14,9 @@ RSpec.describe ChefFixie::Sql::Groups, "Group access" do
|
|
14
14
|
# But we need to write the create object feature still
|
15
15
|
|
16
16
|
context "Groups" do
|
17
|
-
let (:testgroup) { test_org.groups[
|
18
|
-
let (:adminuser) { users[
|
19
|
-
let (:notadminuser) { users[
|
17
|
+
let (:testgroup) { test_org.groups["admins"] }
|
18
|
+
let (:adminuser) { users["rainbowdash"] }
|
19
|
+
let (:notadminuser) { users["mary"] }
|
20
20
|
|
21
21
|
it "Members are part of the group" do
|
22
22
|
expect(testgroup.member?(adminuser)).to be true
|
@@ -25,10 +25,6 @@ RSpec.describe ChefFixie::Sql::Groups, "Group access" do
|
|
25
25
|
expect(testgroup.member?(notadminuser)).to be false
|
26
26
|
end
|
27
27
|
|
28
|
-
|
29
28
|
end
|
30
29
|
|
31
|
-
|
32
|
-
|
33
|
-
|
34
30
|
end
|
data/spec/chef_fixie/org_spec.rb
CHANGED
@@ -1,13 +1,13 @@
|
|
1
1
|
|
2
|
-
require
|
2
|
+
require "rspec"
|
3
3
|
require "spec_helper"
|
4
|
-
require
|
5
|
-
require
|
4
|
+
require "chef_fixie"
|
5
|
+
require "chef_fixie/config"
|
6
6
|
|
7
7
|
RSpec.describe ChefFixie::Sql::Orgs, "Organizations access" do
|
8
8
|
let (:test_org_name) { "ponyville" }
|
9
9
|
let (:orgs) { ChefFixie::Sql::Orgs.new }
|
10
|
-
let (:test_org) { orgs[test_org_name]}
|
10
|
+
let (:test_org) { orgs[test_org_name] }
|
11
11
|
|
12
12
|
context "Basic functionality of org accessor" do
|
13
13
|
|
@@ -22,5 +22,4 @@ RSpec.describe ChefFixie::Sql::Orgs, "Organizations access" do
|
|
22
22
|
|
23
23
|
end
|
24
24
|
|
25
|
-
|
26
25
|
end
|