cheffish 4.0.0 → 4.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (63) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +8 -8
  3. data/Rakefile +24 -12
  4. data/cheffish.gemspec +15 -15
  5. data/lib/chef/resource/chef_acl.rb +63 -63
  6. data/lib/chef/resource/chef_client.rb +9 -9
  7. data/lib/chef/resource/chef_container.rb +9 -9
  8. data/lib/chef/resource/chef_data_bag.rb +9 -9
  9. data/lib/chef/resource/chef_data_bag_item.rb +27 -27
  10. data/lib/chef/resource/chef_environment.rb +21 -22
  11. data/lib/chef/resource/chef_group.rb +19 -19
  12. data/lib/chef/resource/chef_mirror.rb +32 -17
  13. data/lib/chef/resource/chef_node.rb +14 -14
  14. data/lib/chef/resource/chef_organization.rb +29 -30
  15. data/lib/chef/resource/chef_resolved_cookbooks.rb +7 -7
  16. data/lib/chef/resource/chef_role.rb +25 -22
  17. data/lib/chef/resource/chef_user.rb +13 -14
  18. data/lib/chef/resource/private_key.rb +24 -25
  19. data/lib/chef/resource/public_key.rb +6 -7
  20. data/lib/cheffish.rb +17 -17
  21. data/lib/cheffish/array_property.rb +2 -2
  22. data/lib/cheffish/base_properties.rb +3 -3
  23. data/lib/cheffish/base_resource.rb +8 -8
  24. data/lib/cheffish/basic_chef_client.rb +17 -17
  25. data/lib/cheffish/chef_actor_base.rb +8 -8
  26. data/lib/cheffish/chef_run.rb +7 -2
  27. data/lib/cheffish/chef_run_data.rb +2 -2
  28. data/lib/cheffish/chef_run_listener.rb +1 -1
  29. data/lib/cheffish/key_formatter.rb +16 -18
  30. data/lib/cheffish/merged_config.rb +5 -3
  31. data/lib/cheffish/node_properties.rb +11 -7
  32. data/lib/cheffish/recipe_dsl.rb +33 -34
  33. data/lib/cheffish/rspec.rb +3 -3
  34. data/lib/cheffish/rspec/chef_run_support.rb +13 -13
  35. data/lib/cheffish/rspec/matchers.rb +4 -4
  36. data/lib/cheffish/rspec/matchers/be_idempotent.rb +3 -3
  37. data/lib/cheffish/rspec/matchers/emit_no_warnings_or_errors.rb +3 -3
  38. data/lib/cheffish/rspec/matchers/have_updated.rb +3 -3
  39. data/lib/cheffish/rspec/recipe_run_wrapper.rb +8 -7
  40. data/lib/cheffish/rspec/repository_support.rb +6 -6
  41. data/lib/cheffish/server_api.rb +11 -11
  42. data/lib/cheffish/version.rb +1 -1
  43. data/spec/functional/fingerprint_spec.rb +12 -12
  44. data/spec/functional/merged_config_spec.rb +46 -6
  45. data/spec/functional/server_api_spec.rb +3 -3
  46. data/spec/integration/chef_acl_spec.rb +489 -489
  47. data/spec/integration/chef_client_spec.rb +39 -39
  48. data/spec/integration/chef_container_spec.rb +14 -14
  49. data/spec/integration/chef_data_bag_item_spec.rb +9 -9
  50. data/spec/integration/chef_group_spec.rb +219 -219
  51. data/spec/integration/chef_mirror_spec.rb +228 -228
  52. data/spec/integration/chef_node_spec.rb +511 -511
  53. data/spec/integration/chef_organization_spec.rb +126 -126
  54. data/spec/integration/chef_role_spec.rb +33 -33
  55. data/spec/integration/chef_user_spec.rb +37 -37
  56. data/spec/integration/private_key_spec.rb +154 -154
  57. data/spec/integration/recipe_dsl_spec.rb +10 -10
  58. data/spec/integration/rspec/converge_spec.rb +49 -49
  59. data/spec/support/key_support.rb +6 -6
  60. data/spec/support/spec_support.rb +3 -3
  61. data/spec/unit/get_private_key_spec.rb +19 -19
  62. data/spec/unit/recipe_run_wrapper_spec.rb +4 -4
  63. metadata +3 -3
@@ -16,15 +16,15 @@
16
16
  # limitations under the License.
17
17
  #
18
18
 
19
- require 'chef/version'
20
- require 'chef/http'
21
- require 'chef/http/authenticator'
22
- require 'chef/http/cookie_manager'
23
- require 'chef/http/decompressor'
24
- require 'chef/http/json_input'
25
- require 'chef/http/json_output'
26
- if Gem::Version.new(Chef::VERSION) >= Gem::Version.new('11.12')
27
- require 'chef/http/remote_request_id'
19
+ require "chef/version"
20
+ require "chef/http"
21
+ require "chef/http/authenticator"
22
+ require "chef/http/cookie_manager"
23
+ require "chef/http/decompressor"
24
+ require "chef/http/json_input"
25
+ require "chef/http/json_output"
26
+ if Gem::Version.new(Chef::VERSION) >= Gem::Version.new("11.12")
27
+ require "chef/http/remote_request_id"
28
28
  end
29
29
 
30
30
  module Cheffish
@@ -34,7 +34,7 @@ module Cheffish
34
34
  def initialize(url, options = {})
35
35
  super(url, options)
36
36
  root_url = URI.parse(url)
37
- root_url.path = ''
37
+ root_url.path = ""
38
38
  @root_url = root_url.to_s
39
39
  end
40
40
 
@@ -45,7 +45,7 @@ module Cheffish
45
45
  use Chef::HTTP::CookieManager
46
46
  use Chef::HTTP::Decompressor
47
47
  use Chef::HTTP::Authenticator
48
- if Gem::Version.new(Chef::VERSION) >= Gem::Version.new('11.12')
48
+ if Gem::Version.new(Chef::VERSION) >= Gem::Version.new("11.12")
49
49
  use Chef::HTTP::RemoteRequestID
50
50
  end
51
51
  end
@@ -1,3 +1,3 @@
1
1
  module Cheffish
2
- VERSION = '4.0.0'
2
+ VERSION = "4.1.0"
3
3
  end
@@ -1,7 +1,7 @@
1
- require 'cheffish/key_formatter'
2
- require 'support/key_support'
1
+ require "cheffish/key_formatter"
2
+ require "support/key_support"
3
3
 
4
- describe 'Cheffish fingerprint key formatter' do
4
+ describe "Cheffish fingerprint key formatter" do
5
5
 
6
6
  # Sample key: 0x9a6fa4c43b328c3d04c1fbc0498539218b6728e41cd35f6d27d491ef705f0b2083dc1ac977da19f54ba82b044773f20667e9627c543abb3b41b6eb9e4318ca3c68f487bbd0f1c9eea9a3101b7d1d180983c5440ac4183e78e9e256fa687d8aac63b21617a4b02b35bf5e307a3b76961a16cd8493e923536b34cc2b2da8d45220d57ef2243b081b555b84f1da0ade0e896c2aa96911b41430b59eaf75dbffb7eaa7c5b3a686f2d47a24e3b7f1acb0844f84a2fedc63660ae366b800cd9448093d6b1d96503ebb7807b48257e16c3d8a7c9a8cc5dd63116aa673bd9e09754de09358486e743e34c6a3642eeb64b2208efc96df39151572557a75638bd059c21a55 = 0xd6e92677d4e1d2aa6d14f87b5f49ee6916c6b92411536254fae4a21e82eebb0a40600247c701c1c938b21ca9f25b7b330c35fded57b4de3a951e83329a80bdbf2ba138fe2f190bffce43967b5fa93b179367bcd15cb1db7f9e3ab62caca95dc9489b62bc0a10b53841b932455a43409f96eed90dc80abc8cce5593ead8f0a26d * 0xb7f68cd427045788d5e315375f71d3a416784ec2597776a60ed77c821294d9bd66e96658bdcb43072cee0c849d297bd9f94991738f1a0df313ceb51b093a9372f12a61987f40e7a03d773911deb270916a574962ae8ff4f2d8bfcedee1c885e9c3e54212471636a6330b05b78c3a7ddf96b013be389a08ab7971db2f68fb2689
7
7
 
@@ -34,27 +34,27 @@ EOF
34
34
 
35
35
  def key_to_format(key, format)
36
36
  keyobj, f = Cheffish::KeyFormatter.decode(key)
37
- Cheffish::KeyFormatter.encode(keyobj, {:format => format})
37
+ Cheffish::KeyFormatter.encode(keyobj, { :format => format })
38
38
  end
39
39
 
40
- context 'when computing key fingperprints' do
40
+ context "when computing key fingperprints" do
41
41
 
42
- it 'computes the PKCS#8 SHA1 private key fingerprint correctly', :pending => (RUBY_VERSION.to_f >= 2.0) do
42
+ it "computes the PKCS#8 SHA1 private key fingerprint correctly", :pending => (RUBY_VERSION.to_f >= 2.0) do
43
43
  expect(key_to_format(sample_private_key, :pkcs8sha1fingerprint)).to eq(
44
- '88:7e:3a:bd:26:9f:b5:c5:d8:ae:52:f9:df:0b:64:a4:5c:17:0a:87')
44
+ "88:7e:3a:bd:26:9f:b5:c5:d8:ae:52:f9:df:0b:64:a4:5c:17:0a:87")
45
45
  end
46
46
 
47
- it 'computes the PKCS#1 MD5 public key fingerprint correctly' do
47
+ it "computes the PKCS#1 MD5 public key fingerprint correctly" do
48
48
  expect(key_to_format(sample_public_key, :pkcs1md5fingerprint)).to eq(
49
- '1f:e8:da:c1:16:c3:72:7d:90:e2:b7:64:c4:b4:55:20')
49
+ "1f:e8:da:c1:16:c3:72:7d:90:e2:b7:64:c4:b4:55:20")
50
50
  end
51
51
 
52
- it 'computes the RFC4716 MD5 public key fingerprint correctly' do
52
+ it "computes the RFC4716 MD5 public key fingerprint correctly" do
53
53
  expect(key_to_format(sample_public_key, :rfc4716md5fingerprint)).to eq(
54
- 'b0:13:4f:da:cf:8c:dc:a7:4a:1f:d2:3a:51:92:cf:6b')
54
+ "b0:13:4f:da:cf:8c:dc:a7:4a:1f:d2:3a:51:92:cf:6b")
55
55
  end
56
56
 
57
- it 'defaults to the PKCS#1 MD5 public key fingerprint' do
57
+ it "defaults to the PKCS#1 MD5 public key fingerprint" do
58
58
  expect(key_to_format(sample_public_key, :fingerprint)).to eq(
59
59
  key_to_format(sample_public_key, :pkcs1md5fingerprint))
60
60
  end
@@ -1,20 +1,60 @@
1
- require 'cheffish/merged_config'
1
+ require "cheffish/merged_config"
2
2
 
3
3
  describe "merged_config" do
4
4
 
5
5
  let(:config) do
6
- Cheffish::MergedConfig.new({:test=>'val'})
6
+ Cheffish::MergedConfig.new({ :test => "val" })
7
+ end
8
+
9
+ let(:collision) do
10
+ c1 = { :test1 => "c1.1", "test2" => "c1.2" }
11
+ c2 = { "test1" => "c2.1", "test3" => "c2.3" }
12
+ Cheffish::MergedConfig.new(c1, c2)
13
+ end
14
+
15
+ let(:config_mismatch) do
16
+ c1 = { :test => { :test => "val" } }
17
+ c2 = { :test => [2, 3, 4] }
18
+ Cheffish::MergedConfig.new(c1, c2)
19
+ end
20
+
21
+ let(:config_hashes) do
22
+ c1 = { :test => { :test => "val" } }
23
+ c2 = { :test => { :test2 => "val2" } }
24
+ Cheffish::MergedConfig.new(c1, c2)
7
25
  end
8
26
 
9
27
  it "returns value in config" do
10
- expect(config.test).to eq('val')
28
+ expect(config.test).to eq("val")
11
29
  end
12
30
 
13
31
  it "raises a NoMethodError if calling an unknown method with arguments" do
14
- expect{config.merge({:some => 'hash'})}.to raise_error(NoMethodError)
32
+ expect { config.merge({ :some => "hash" }) }.to raise_error(NoMethodError)
15
33
  end
16
34
 
17
35
  it "has an informative string representation" do
18
- expect("#{config}").to eq("{:test=>\"val\"}")
36
+ expect("#{config}").to eq("{\"test\"=>\"val\"}")
37
+ end
38
+
39
+ it "has indifferent str/sym access" do
40
+ expect(config["test"]).to eq("val")
41
+ end
42
+
43
+ it "respects precedence between the different configs" do
44
+ expect(collision["test1"]).to eq("c1.1")
45
+ expect(collision[:test1]).to eq("c1.1")
46
+ end
47
+
48
+ it "merges the configs" do
49
+ expect(collision[:test2]).to eq("c1.2")
50
+ expect(collision[:test3]).to eq("c2.3")
51
+ end
52
+
53
+ it "handle merged value type mismatch" do
54
+ expect(config_mismatch[:test]).to eq("test" => "val")
55
+ end
56
+
57
+ it "merges values when they're hashes" do
58
+ expect(config_hashes[:test].keys).to eq(%w{test test2})
19
59
  end
20
- end
60
+ end
@@ -1,13 +1,13 @@
1
- require 'cheffish'
1
+ require "cheffish"
2
2
 
3
3
  describe "api version" do
4
4
 
5
5
  let(:server_api) do
6
- Cheffish.chef_server_api({:chef_server_url => "my.chef.server"})
6
+ Cheffish.chef_server_api({ :chef_server_url => "my.chef.server" })
7
7
  end
8
8
 
9
9
  it "is pinned to 0" do
10
- expect(Cheffish::ServerAPI).to receive(:new).with("my.chef.server", {api_version: "0"})
10
+ expect(Cheffish::ServerAPI).to receive(:new).with("my.chef.server", { api_version: "0" })
11
11
  server_api
12
12
  end
13
13
  end
@@ -1,889 +1,889 @@
1
- require 'support/spec_support'
2
- require 'cheffish/rspec/chef_run_support'
3
- require 'chef_zero/version'
4
- require 'uri'
1
+ require "support/spec_support"
2
+ require "cheffish/rspec/chef_run_support"
3
+ require "chef_zero/version"
4
+ require "uri"
5
5
 
6
- if Gem::Version.new(ChefZero::VERSION) >= Gem::Version.new('3.1')
6
+ if Gem::Version.new(ChefZero::VERSION) >= Gem::Version.new("3.1")
7
7
  describe Chef::Resource::ChefAcl do
8
8
  extend Cheffish::RSpec::ChefRunSupport
9
9
 
10
10
  # let(:chef_config) { super().merge(log_level: :debug, stdout: STDOUT, stderr: STDERR, log_location: STDOUT) }
11
11
 
12
12
  context "Rights attributes" do
13
- when_the_chef_server 'has a node named x', :osc_compat => false do
14
- node 'x', {}
13
+ when_the_chef_server "has a node named x", :osc_compat => false do
14
+ node "x", {}
15
15
 
16
16
  it 'Converging chef_acl "nodes/x" changes nothing' do
17
- expect_recipe {
18
- chef_acl 'nodes/x'
19
- }.to be_up_to_date
20
- expect(get('nodes/x/_acl')).to partially_match({})
17
+ expect_recipe do
18
+ chef_acl "nodes/x"
19
+ end.to be_up_to_date
20
+ expect(get("nodes/x/_acl")).to partially_match({})
21
21
  end
22
22
 
23
23
  it 'Converging chef_acl "nodes/x" with "complete true" and no rights raises an error' do
24
- expect_converge {
25
- chef_acl 'nodes/x' do
24
+ expect_converge do
25
+ chef_acl "nodes/x" do
26
26
  complete true
27
27
  end
28
- }.to raise_error(RuntimeError)
28
+ end.to raise_error(RuntimeError)
29
29
  end
30
30
 
31
- it 'Removing all :grant rights from a node raises an error' do
32
- expect_converge {
33
- chef_acl 'nodes/x' do
34
- remove_rights :grant, users: %w(pivotal), groups: %w(admins users clients)
31
+ it "Removing all :grant rights from a node raises an error" do
32
+ expect_converge do
33
+ chef_acl "nodes/x" do
34
+ remove_rights :grant, users: %w{pivotal}, groups: %w{admins users clients}
35
35
  end
36
- }.to raise_error(RuntimeError)
36
+ end.to raise_error(RuntimeError)
37
37
  end
38
38
 
39
39
  context 'and a user "blarghle"' do
40
- user 'blarghle', {}
40
+ user "blarghle", {}
41
41
 
42
42
  it 'Converging chef_acl "nodes/x" with user "blarghle" adds the user' do
43
- expect_recipe {
44
- chef_acl 'nodes/x' do
45
- rights :read, users: %w(blarghle)
43
+ expect_recipe do
44
+ chef_acl "nodes/x" do
45
+ rights :read, users: %w{blarghle}
46
46
  end
47
- }.to be_updated
48
- expect(get('nodes/x/_acl')).to partially_match('read' => { 'actors' => %w(blarghle) })
47
+ end.to be_updated
48
+ expect(get("nodes/x/_acl")).to partially_match("read" => { "actors" => %w{blarghle} })
49
49
  end
50
50
 
51
51
  it 'Converging chef_acl "nodes/x" with "complete true" removes all ACLs except those specified' do
52
- expect_recipe {
53
- chef_acl 'nodes/x' do
54
- rights :grant, users: %w(blarghle)
52
+ expect_recipe do
53
+ chef_acl "nodes/x" do
54
+ rights :grant, users: %w{blarghle}
55
55
  complete true
56
56
  end
57
- }.to be_updated
58
- expect(get('nodes/x/_acl')).to eq(
59
- "create"=>{"actors"=>[], "groups"=>[]},
60
- "read" =>{"actors"=>[], "groups"=>[]},
61
- "update"=>{"actors"=>[], "groups"=>[]},
62
- "delete"=>{"actors"=>[], "groups"=>[]},
63
- "grant" =>{"actors"=>["blarghle"], "groups"=>[]}
57
+ end.to be_updated
58
+ expect(get("nodes/x/_acl")).to eq(
59
+ "create" => { "actors" => [], "groups" => [] },
60
+ "read" => { "actors" => [], "groups" => [] },
61
+ "update" => { "actors" => [], "groups" => [] },
62
+ "delete" => { "actors" => [], "groups" => [] },
63
+ "grant" => { "actors" => ["blarghle"], "groups" => [] }
64
64
  )
65
65
  end
66
66
  end
67
67
 
68
68
  it 'Converging chef_acl "nodes/x" with "complete true" removes all ACLs except those specified in :all' do
69
- expect_recipe {
70
- chef_acl 'nodes/x' do
71
- rights :all, users: %w(blarghle)
69
+ expect_recipe do
70
+ chef_acl "nodes/x" do
71
+ rights :all, users: %w{blarghle}
72
72
  complete true
73
73
  end
74
- }.to be_updated
75
- expect(get('nodes/x/_acl')).to eq(
76
- "create"=>{"actors"=>["blarghle"], "groups"=>[]},
77
- "read" =>{"actors"=>["blarghle"], "groups"=>[]},
78
- "update"=>{"actors"=>["blarghle"], "groups"=>[]},
79
- "delete"=>{"actors"=>["blarghle"], "groups"=>[]},
80
- "grant" =>{"actors"=>["blarghle"], "groups"=>[]}
74
+ end.to be_updated
75
+ expect(get("nodes/x/_acl")).to eq(
76
+ "create" => { "actors" => ["blarghle"], "groups" => [] },
77
+ "read" => { "actors" => ["blarghle"], "groups" => [] },
78
+ "update" => { "actors" => ["blarghle"], "groups" => [] },
79
+ "delete" => { "actors" => ["blarghle"], "groups" => [] },
80
+ "grant" => { "actors" => ["blarghle"], "groups" => [] }
81
81
  )
82
82
  end
83
83
 
84
84
  context 'and a client "blarghle"' do
85
- user 'blarghle', {}
85
+ user "blarghle", {}
86
86
 
87
87
  it 'Converging chef_acl "nodes/x" with client "blarghle" adds the client' do
88
- expect_recipe {
89
- chef_acl 'nodes/x' do
90
- rights :read, clients: %w(blarghle)
88
+ expect_recipe do
89
+ chef_acl "nodes/x" do
90
+ rights :read, clients: %w{blarghle}
91
91
  end
92
- }.to be_updated
93
- expect(get('nodes/x/_acl')).to partially_match('read' => { 'actors' => %w(blarghle) })
92
+ end.to be_updated
93
+ expect(get("nodes/x/_acl")).to partially_match("read" => { "actors" => %w{blarghle} })
94
94
  end
95
95
  end
96
96
 
97
97
  context 'and a group "blarghle"' do
98
- group 'blarghle', {}
98
+ group "blarghle", {}
99
99
 
100
100
  it 'Converging chef_acl "nodes/x" with group "blarghle" adds the group' do
101
- expect_recipe {
102
- chef_acl 'nodes/x' do
103
- rights :read, groups: %w(blarghle)
101
+ expect_recipe do
102
+ chef_acl "nodes/x" do
103
+ rights :read, groups: %w{blarghle}
104
104
  end
105
- }.to be_updated
106
- expect(get('nodes/x/_acl')).to partially_match('read' => { 'groups' => %w(blarghle) })
107
- end
108
- end
109
-
110
- context 'and multiple users and groups' do
111
- user 'u1', {}
112
- user 'u2', {}
113
- user 'u3', {}
114
- client 'c1', {}
115
- client 'c2', {}
116
- client 'c3', {}
117
- group 'g1', {}
118
- group 'g2', {}
119
- group 'g3', {}
120
-
121
- it 'Converging chef_acls should ignore order of the values in the acls' do
122
- expect_recipe {
123
- chef_acl 'nodes/x' do
124
- rights :create, users: [ 'u1', 'u2', 'u3' ], clients: [ 'c1', 'c2', 'c3' ], groups: [ 'g1', 'g2', 'g3' ]
105
+ end.to be_updated
106
+ expect(get("nodes/x/_acl")).to partially_match("read" => { "groups" => %w{blarghle} })
107
+ end
108
+ end
109
+
110
+ context "and multiple users and groups" do
111
+ user "u1", {}
112
+ user "u2", {}
113
+ user "u3", {}
114
+ client "c1", {}
115
+ client "c2", {}
116
+ client "c3", {}
117
+ group "g1", {}
118
+ group "g2", {}
119
+ group "g3", {}
120
+
121
+ it "Converging chef_acls should ignore order of the values in the acls" do
122
+ expect_recipe do
123
+ chef_acl "nodes/x" do
124
+ rights :create, users: %w{u1 u2 u3}, clients: %w{c1 c2 c3}, groups: %w{g1 g2 g3}
125
125
  end
126
- }.to be_updated
127
- expect_recipe {
128
- chef_acl 'nodes/x' do
129
- rights :create, users: [ 'u2', 'u3', 'u1' ], clients: [ 'c3', 'c2', 'c1' ], groups: [ 'g1', 'g2', 'g3' ]
126
+ end.to be_updated
127
+ expect_recipe do
128
+ chef_acl "nodes/x" do
129
+ rights :create, users: %w{u2 u3 u1}, clients: %w{c3 c2 c1}, groups: %w{g1 g2 g3}
130
130
  end
131
- }.to be_up_to_date
131
+ end.to be_up_to_date
132
132
  end
133
133
 
134
134
  it 'Converging chef_acl "nodes/x" with multiple groups, users and clients in an acl makes the appropriate changes' do
135
- expect_recipe {
136
- chef_acl 'nodes/x' do
137
- rights :create, users: [ 'u1', 'u2', 'u3' ], clients: [ 'c1', 'c2', 'c3' ], groups: [ 'g1', 'g2', 'g3' ]
135
+ expect_recipe do
136
+ chef_acl "nodes/x" do
137
+ rights :create, users: %w{u1 u2 u3}, clients: %w{c1 c2 c3}, groups: %w{g1 g2 g3}
138
138
  end
139
- }.to be_updated
140
- expect(get('nodes/x/_acl')).to partially_match(
141
- 'create' => { 'groups' => %w(g1 g2 g3), 'actors' => %w(u1 u2 u3 c1 c2 c3) }
139
+ end.to be_updated
140
+ expect(get("nodes/x/_acl")).to partially_match(
141
+ "create" => { "groups" => %w{g1 g2 g3}, "actors" => %w{u1 u2 u3 c1 c2 c3} }
142
142
  )
143
143
  end
144
144
 
145
145
  it 'Converging chef_acl "nodes/x" with multiple groups, users and clients across multiple "rights" groups makes the appropriate changes' do
146
- expect_recipe {
147
- chef_acl 'nodes/x' do
148
- rights :create, users: %w(u1), clients: %w(c1), groups: %w(g1)
149
- rights :create, users: %w(u2 u3), clients: %w(c2 c3), groups: %w(g2)
150
- rights :read, users: %w(u1)
151
- rights :read, groups: %w(g1)
146
+ expect_recipe do
147
+ chef_acl "nodes/x" do
148
+ rights :create, users: %w{u1}, clients: %w{c1}, groups: %w{g1}
149
+ rights :create, users: %w{u2 u3}, clients: %w{c2 c3}, groups: %w{g2}
150
+ rights :read, users: %w{u1}
151
+ rights :read, groups: %w{g1}
152
152
  end
153
- }.to be_updated
154
- expect(get('nodes/x/_acl')).to partially_match(
155
- 'create' => { 'groups' => %w(g1 g2), 'actors' => %w(u1 u2 u3 c1 c2 c3) },
156
- 'read' => { 'groups' => %w(g1), 'actors' => %w(u1) }
153
+ end.to be_updated
154
+ expect(get("nodes/x/_acl")).to partially_match(
155
+ "create" => { "groups" => %w{g1 g2}, "actors" => %w{u1 u2 u3 c1 c2 c3} },
156
+ "read" => { "groups" => %w{g1}, "actors" => %w{u1} }
157
157
  )
158
158
  end
159
159
 
160
160
  it 'Converging chef_acl "nodes/x" with rights [ :read, :create, :update, :delete, :grant ] modifies all rights' do
161
- expect_recipe {
162
- chef_acl 'nodes/x' do
163
- rights [ :create, :read, :update, :delete, :grant ], users: %w(u1 u2), clients: %w(c1), groups: %w(g1)
161
+ expect_recipe do
162
+ chef_acl "nodes/x" do
163
+ rights [ :create, :read, :update, :delete, :grant ], users: %w{u1 u2}, clients: %w{c1}, groups: %w{g1}
164
164
  end
165
- }.to be_updated
166
- expect(get('nodes/x/_acl')).to partially_match(
167
- 'create' => { 'groups' => %w(g1), 'actors' => %w(u1 u2 c1) },
168
- 'read' => { 'groups' => %w(g1), 'actors' => %w(u1 u2 c1) },
169
- 'update' => { 'groups' => %w(g1), 'actors' => %w(u1 u2 c1) },
170
- 'delete' => { 'groups' => %w(g1), 'actors' => %w(u1 u2 c1) },
171
- 'grant' => { 'groups' => %w(g1), 'actors' => %w(u1 u2 c1) },
165
+ end.to be_updated
166
+ expect(get("nodes/x/_acl")).to partially_match(
167
+ "create" => { "groups" => %w{g1}, "actors" => %w{u1 u2 c1} },
168
+ "read" => { "groups" => %w{g1}, "actors" => %w{u1 u2 c1} },
169
+ "update" => { "groups" => %w{g1}, "actors" => %w{u1 u2 c1} },
170
+ "delete" => { "groups" => %w{g1}, "actors" => %w{u1 u2 c1} },
171
+ "grant" => { "groups" => %w{g1}, "actors" => %w{u1 u2 c1} }
172
172
  )
173
173
  end
174
174
 
175
175
  it 'Converging chef_acl "nodes/x" with rights :all modifies all rights' do
176
- expect_recipe {
177
- chef_acl 'nodes/x' do
178
- rights :all, users: %w(u1 u2), clients: %w(c1), groups: %w(g1)
176
+ expect_recipe do
177
+ chef_acl "nodes/x" do
178
+ rights :all, users: %w{u1 u2}, clients: %w{c1}, groups: %w{g1}
179
179
  end
180
- }.to be_updated
181
- expect(get('nodes/x/_acl')).to partially_match(
182
- 'create' => { 'groups' => %w(g1), 'actors' => %w(u1 u2 c1) },
183
- 'read' => { 'groups' => %w(g1), 'actors' => %w(u1 u2 c1) },
184
- 'update' => { 'groups' => %w(g1), 'actors' => %w(u1 u2 c1) },
185
- 'delete' => { 'groups' => %w(g1), 'actors' => %w(u1 u2 c1) },
186
- 'grant' => { 'groups' => %w(g1), 'actors' => %w(u1 u2 c1) },
180
+ end.to be_updated
181
+ expect(get("nodes/x/_acl")).to partially_match(
182
+ "create" => { "groups" => %w{g1}, "actors" => %w{u1 u2 c1} },
183
+ "read" => { "groups" => %w{g1}, "actors" => %w{u1 u2 c1} },
184
+ "update" => { "groups" => %w{g1}, "actors" => %w{u1 u2 c1} },
185
+ "delete" => { "groups" => %w{g1}, "actors" => %w{u1 u2 c1} },
186
+ "grant" => { "groups" => %w{g1}, "actors" => %w{u1 u2 c1} }
187
187
  )
188
188
  end
189
189
  end
190
190
 
191
191
  it 'Converging chef_acl "nodes/y" throws a 404' do
192
- expect_converge {
193
- chef_acl 'nodes/y'
194
- }.to raise_error(Net::HTTPServerException)
192
+ expect_converge do
193
+ chef_acl "nodes/y"
194
+ end.to raise_error(Net::HTTPServerException)
195
195
  end
196
196
  end
197
197
 
198
- when_the_chef_server 'has a node named x with user blarghle in its acl', :osc_compat => false do
199
- user 'blarghle', {}
200
- node 'x', {} do
201
- acl 'read' => { 'actors' => %w(blarghle) }
198
+ when_the_chef_server "has a node named x with user blarghle in its acl", :osc_compat => false do
199
+ user "blarghle", {}
200
+ node "x", {} do
201
+ acl "read" => { "actors" => %w{blarghle} }
202
202
  end
203
203
 
204
204
  it 'Converging chef_acl "nodes/x" with that user changes nothing' do
205
- expect_recipe {
206
- chef_acl 'nodes/x' do
207
- rights :read, users: %w(blarghle)
205
+ expect_recipe do
206
+ chef_acl "nodes/x" do
207
+ rights :read, users: %w{blarghle}
208
208
  end
209
- }.to be_up_to_date
210
- expect(get('nodes/x/_acl')).to partially_match({})
209
+ end.to be_up_to_date
210
+ expect(get("nodes/x/_acl")).to partially_match({})
211
211
  end
212
212
  end
213
213
 
214
- when_the_chef_server 'has a node named x with users foo and bar in all its acls', :osc_compat => false do
215
- user 'foo', {}
216
- user 'bar', {}
217
- node 'x', {} do
218
- acl 'create' => { 'actors' => %w(foo bar) },
219
- 'read' => { 'actors' => %w(foo bar) },
220
- 'update' => { 'actors' => %w(foo bar) },
221
- 'delete' => { 'actors' => %w(foo bar) },
222
- 'grant' => { 'actors' => %w(foo bar) }
214
+ when_the_chef_server "has a node named x with users foo and bar in all its acls", :osc_compat => false do
215
+ user "foo", {}
216
+ user "bar", {}
217
+ node "x", {} do
218
+ acl "create" => { "actors" => %w{foo bar} },
219
+ "read" => { "actors" => %w{foo bar} },
220
+ "update" => { "actors" => %w{foo bar} },
221
+ "delete" => { "actors" => %w{foo bar} },
222
+ "grant" => { "actors" => %w{foo bar} }
223
223
  end
224
224
 
225
225
  it 'Converging chef_acl "nodes/x" with remove_rights :all removes foo from everything' do
226
- expect_recipe {
227
- chef_acl 'nodes/x' do
228
- remove_rights :all, users: %w(foo)
229
- end
230
- }.to be_updated
231
- expect(get('nodes/x/_acl')).to partially_match(
232
- 'create' => { 'actors' => exclude('foo') },
233
- 'read' => { 'actors' => exclude('foo') },
234
- 'update' => { 'actors' => exclude('foo') },
235
- 'delete' => { 'actors' => exclude('foo') },
236
- 'grant' => { 'actors' => exclude('foo') },
226
+ expect_recipe do
227
+ chef_acl "nodes/x" do
228
+ remove_rights :all, users: %w{foo}
229
+ end
230
+ end.to be_updated
231
+ expect(get("nodes/x/_acl")).to partially_match(
232
+ "create" => { "actors" => exclude("foo") },
233
+ "read" => { "actors" => exclude("foo") },
234
+ "update" => { "actors" => exclude("foo") },
235
+ "delete" => { "actors" => exclude("foo") },
236
+ "grant" => { "actors" => exclude("foo") }
237
237
  )
238
238
  end
239
239
  end
240
240
 
241
241
  ::RSpec::Matchers.define_negated_matcher :exclude, :include
242
242
 
243
- context 'recursive' do
244
- when_the_chef_server 'has a nodes container with user blarghle in its acl', :osc_compat => false do
245
- user 'blarghle', {}
246
- acl_for 'containers/nodes', 'read' => { 'actors' => %w(blarghle) }
247
- node 'x', {} do
248
- acl 'read' => { 'actors' => [] }
243
+ context "recursive" do
244
+ when_the_chef_server "has a nodes container with user blarghle in its acl", :osc_compat => false do
245
+ user "blarghle", {}
246
+ acl_for "containers/nodes", "read" => { "actors" => %w{blarghle} }
247
+ node "x", {} do
248
+ acl "read" => { "actors" => [] }
249
249
  end
250
250
 
251
251
  it 'Converging chef_acl "nodes" makes no changes' do
252
- expect {
253
- expect_recipe {
254
- chef_acl 'nodes' do
255
- rights :read, users: %w(blarghle)
252
+ expect do
253
+ expect_recipe do
254
+ chef_acl "nodes" do
255
+ rights :read, users: %w{blarghle}
256
256
  end
257
- }.to be_up_to_date
258
- }.to not_change { get('containers/nodes/_acl') }.
259
- and not_change { get('nodes/x/_acl') }
257
+ end.to be_up_to_date
258
+ end.to not_change { get("containers/nodes/_acl") }.
259
+ and not_change { get("nodes/x/_acl") }
260
260
  end
261
261
 
262
262
  RSpec::Matchers.define_negated_matcher :not_change, :change
263
263
 
264
264
  it 'Converging chef_acl "nodes" with recursive :on_change makes no changes' do
265
- expect {
266
- expect_recipe {
267
- chef_acl 'nodes' do
268
- rights :read, users: %w(blarghle)
265
+ expect do
266
+ expect_recipe do
267
+ chef_acl "nodes" do
268
+ rights :read, users: %w{blarghle}
269
269
  recursive :on_change
270
270
  end
271
- }.to be_up_to_date
272
- }.to not_change { get('containers/nodes/_acl') }.
273
- and not_change { get('nodes/x/_acl') }
271
+ end.to be_up_to_date
272
+ end.to not_change { get("containers/nodes/_acl") }.
273
+ and not_change { get("nodes/x/_acl") }
274
274
  end
275
275
 
276
276
  it 'Converging chef_acl "nodes" with recursive true changes nodes/x\'s acls' do
277
- expect_recipe {
278
- chef_acl 'nodes' do
279
- rights :read, users: %w(blarghle)
277
+ expect_recipe do
278
+ chef_acl "nodes" do
279
+ rights :read, users: %w{blarghle}
280
280
  recursive true
281
281
  end
282
- }.to be_updated
283
- expect(get('nodes/x/_acl')).to partially_match('read' => { 'actors' => %w(blarghle) })
282
+ end.to be_updated
283
+ expect(get("nodes/x/_acl")).to partially_match("read" => { "actors" => %w{blarghle} })
284
284
  end
285
285
 
286
286
  it 'Converging chef_acl "" with recursive false does not change nodes/x\'s acls' do
287
- expect_recipe {
288
- chef_acl '' do
289
- rights :read, users: %w(blarghle)
287
+ expect_recipe do
288
+ chef_acl "" do
289
+ rights :read, users: %w{blarghle}
290
290
  recursive false
291
291
  end
292
- }.to be_updated
293
- expect(get('containers/nodes/_acl')).to partially_match({})
294
- expect(get('nodes/x/_acl')).to partially_match({})
292
+ end.to be_updated
293
+ expect(get("containers/nodes/_acl")).to partially_match({})
294
+ expect(get("nodes/x/_acl")).to partially_match({})
295
295
  end
296
296
 
297
297
  it 'Converging chef_acl "" with recursive :on_change does not change nodes/x\'s acls' do
298
- expect_recipe {
299
- chef_acl '' do
300
- rights :read, users: %w(blarghle)
298
+ expect_recipe do
299
+ chef_acl "" do
300
+ rights :read, users: %w{blarghle}
301
301
  recursive :on_change
302
302
  end
303
- }.to be_updated
304
- expect(get('containers/nodes/_acl')).to partially_match({})
305
- expect(get('nodes/x/_acl')).to partially_match({})
303
+ end.to be_updated
304
+ expect(get("containers/nodes/_acl")).to partially_match({})
305
+ expect(get("nodes/x/_acl")).to partially_match({})
306
306
  end
307
307
 
308
308
  it 'Converging chef_acl "" with recursive true changes nodes/x\'s acls' do
309
- expect_recipe {
310
- chef_acl '' do
311
- rights :read, users: %w(blarghle)
309
+ expect_recipe do
310
+ chef_acl "" do
311
+ rights :read, users: %w{blarghle}
312
312
  recursive true
313
313
  end
314
- }.to be_updated
315
- expect(get('/organizations/_acl')).to partially_match('read' => { 'actors' => %w(blarghle) })
316
- expect(get('nodes/x/_acl')).to partially_match('read' => { 'actors' => %w(blarghle) })
314
+ end.to be_updated
315
+ expect(get("/organizations/_acl")).to partially_match("read" => { "actors" => %w{blarghle} })
316
+ expect(get("nodes/x/_acl")).to partially_match("read" => { "actors" => %w{blarghle} })
317
317
  end
318
318
  end
319
319
  end
320
320
  end
321
321
 
322
- context 'ACLs on each type of thing' do
323
- when_the_chef_server 'has an organization named foo', :osc_compat => false, :single_org => false do
324
- organization 'foo' do
325
- user 'u', {}
326
- client 'x', {}
327
- container 'x', {}
328
- cookbook 'x', '1.0.0', {}
329
- data_bag 'x', { 'y' => {} }
330
- environment 'x', {}
331
- group 'x', {}
332
- node 'x', {}
333
- role 'x', {}
334
- sandbox 'x', {}
335
- user 'x', {}
322
+ context "ACLs on each type of thing" do
323
+ when_the_chef_server "has an organization named foo", :osc_compat => false, :single_org => false do
324
+ organization "foo" do
325
+ user "u", {}
326
+ client "x", {}
327
+ container "x", {}
328
+ cookbook "x", "1.0.0", {}
329
+ data_bag "x", { "y" => {} }
330
+ environment "x", {}
331
+ group "x", {}
332
+ node "x", {}
333
+ role "x", {}
334
+ sandbox "x", {}
335
+ user "x", {}
336
336
  end
337
337
 
338
- organization 'bar' do
339
- user 'u', {}
340
- node 'x', {}
338
+ organization "bar" do
339
+ user "u", {}
340
+ node "x", {}
341
341
  end
342
342
 
343
- context 'and the chef server URL points at /organizations/foo' do
343
+ context "and the chef server URL points at /organizations/foo" do
344
344
  before :each do
345
- Chef::Config.chef_server_url = URI.join(Chef::Config.chef_server_url, '/organizations/foo').to_s
345
+ Chef::Config.chef_server_url = URI.join(Chef::Config.chef_server_url, "/organizations/foo").to_s
346
346
  end
347
347
 
348
- context 'relative paths' do
348
+ context "relative paths" do
349
349
  it "chef_acl 'nodes/x' changes the acls" do
350
- expect_recipe {
350
+ expect_recipe do
351
351
  chef_acl "nodes/x" do
352
- rights :read, users: %w(u)
352
+ rights :read, users: %w{u}
353
353
  end
354
- }.to be_updated
355
- expect(get("nodes/x/_acl")).to partially_match('read' => { 'actors' => %w(u) })
354
+ end.to be_updated
355
+ expect(get("nodes/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
356
356
  end
357
357
 
358
358
  it "chef_acl '*/*' changes the acls" do
359
- expect_recipe {
359
+ expect_recipe do
360
360
  chef_acl "*/*" do
361
- rights :read, users: %w(u)
361
+ rights :read, users: %w{u}
362
362
  end
363
- }.to be_updated
364
- %w(clients containers cookbooks data environments groups nodes roles).each do |type|
363
+ end.to be_updated
364
+ %w{clients containers cookbooks data environments groups nodes roles}.each do |type|
365
365
  expect(get("/organizations/foo/#{type}/x/_acl")).to partially_match(
366
- 'read' => { 'actors' => %w(u) })
366
+ "read" => { "actors" => %w{u} })
367
367
  end
368
368
  end
369
369
  end
370
370
 
371
- context 'absolute paths' do
372
- %w(clients containers cookbooks data environments groups nodes roles sandboxes).each do |type|
371
+ context "absolute paths" do
372
+ %w{clients containers cookbooks data environments groups nodes roles sandboxes}.each do |type|
373
373
  it "chef_acl '/organizations/foo/#{type}/x' changes the acl" do
374
- expect_recipe {
374
+ expect_recipe do
375
375
  chef_acl "/organizations/foo/#{type}/x" do
376
- rights :read, users: %w(u)
376
+ rights :read, users: %w{u}
377
377
  end
378
- }.to be_updated
379
- expect(get("/organizations/foo/#{type}/x/_acl")).to partially_match('read' => { 'actors' => %w(u) })
378
+ end.to be_updated
379
+ expect(get("/organizations/foo/#{type}/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
380
380
  end
381
381
  end
382
382
 
383
- %w(clients containers cookbooks data environments groups nodes roles sandboxes).each do |type|
383
+ %w{clients containers cookbooks data environments groups nodes roles sandboxes}.each do |type|
384
384
  it "chef_acl '/organizations/foo/#{type}/x' changes the acl" do
385
- expect_recipe {
385
+ expect_recipe do
386
386
  chef_acl "/organizations/foo/#{type}/x" do
387
- rights :read, users: %w(u)
387
+ rights :read, users: %w{u}
388
388
  end
389
- }.to be_updated
390
- expect(get("/organizations/foo/#{type}/x/_acl")).to partially_match('read' => { 'actors' => %w(u) })
389
+ end.to be_updated
390
+ expect(get("/organizations/foo/#{type}/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
391
391
  end
392
392
  end
393
393
 
394
- %w(clients containers cookbooks data environments groups nodes roles).each do |type|
394
+ %w{clients containers cookbooks data environments groups nodes roles}.each do |type|
395
395
  it "chef_acl '/*/*/#{type}/*' changes the acl" do
396
- expect_recipe {
396
+ expect_recipe do
397
397
  chef_acl "/*/*/#{type}/*" do
398
- rights :read, users: %w(u)
398
+ rights :read, users: %w{u}
399
399
  end
400
- }.to be_updated
401
- expect(get("/organizations/foo/#{type}/x/_acl")).to partially_match('read' => { 'actors' => %w(u) })
400
+ end.to be_updated
401
+ expect(get("/organizations/foo/#{type}/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
402
402
  end
403
403
  end
404
404
 
405
405
  it "chef_acl '/*/*/*/x' changes the acls" do
406
- expect_recipe {
406
+ expect_recipe do
407
407
  chef_acl "/*/*/*/x" do
408
- rights :read, users: %w(u)
408
+ rights :read, users: %w{u}
409
409
  end
410
- }.to be_updated
411
- %w(clients containers cookbooks data environments groups nodes roles sandboxes).each do |type|
410
+ end.to be_updated
411
+ %w{clients containers cookbooks data environments groups nodes roles sandboxes}.each do |type|
412
412
  expect(get("/organizations/foo/#{type}/x/_acl")).to partially_match(
413
- 'read' => { 'actors' => %w(u) })
413
+ "read" => { "actors" => %w{u} })
414
414
  end
415
415
  end
416
416
 
417
417
  it "chef_acl '/*/*/*/*' changes the acls" do
418
- expect_recipe {
418
+ expect_recipe do
419
419
  chef_acl "/*/*/*/*" do
420
- rights :read, users: %w(u)
420
+ rights :read, users: %w{u}
421
421
  end
422
- }.to be_updated
423
- %w(clients containers cookbooks data environments groups nodes roles).each do |type|
422
+ end.to be_updated
423
+ %w{clients containers cookbooks data environments groups nodes roles}.each do |type|
424
424
  expect(get("/organizations/foo/#{type}/x/_acl")).to partially_match(
425
- 'read' => { 'actors' => %w(u) })
425
+ "read" => { "actors" => %w{u} })
426
426
  end
427
427
  end
428
428
 
429
429
  it 'chef_acl "/organizations/foo/data_bags/x" changes the acl' do
430
- expect_recipe {
431
- chef_acl '/organizations/foo/data_bags/x' do
432
- rights :read, users: %w(u)
430
+ expect_recipe do
431
+ chef_acl "/organizations/foo/data_bags/x" do
432
+ rights :read, users: %w{u}
433
433
  end
434
- }.to be_updated
435
- expect(get('/organizations/foo/data/x/_acl')).to partially_match('read' => { 'actors' => %w(u) })
434
+ end.to be_updated
435
+ expect(get("/organizations/foo/data/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
436
436
  end
437
437
 
438
438
  it 'chef_acl "/*/*/data_bags/*" changes the acl' do
439
- expect_recipe {
440
- chef_acl '/*/*/data_bags/*' do
441
- rights :read, users: %w(u)
439
+ expect_recipe do
440
+ chef_acl "/*/*/data_bags/*" do
441
+ rights :read, users: %w{u}
442
442
  end
443
- }.to be_updated
444
- expect(get('/organizations/foo/data/x/_acl')).to partially_match('read' => { 'actors' => %w(u) })
443
+ end.to be_updated
444
+ expect(get("/organizations/foo/data/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
445
445
  end
446
446
 
447
447
  it "chef_acl '/organizations/foo/cookbooks/x/1.0.0' raises an error" do
448
- expect_converge {
448
+ expect_converge do
449
449
  chef_acl "/organizations/foo/cookbooks/x/1.0.0" do
450
- rights :read, users: %w(u)
450
+ rights :read, users: %w{u}
451
451
  end
452
- }.to raise_error(/ACLs cannot be set on children of \/organizations\/foo\/cookbooks\/x/)
452
+ end.to raise_error(/ACLs cannot be set on children of \/organizations\/foo\/cookbooks\/x/)
453
453
  end
454
454
 
455
455
  it "chef_acl '/organizations/foo/cookbooks/*/*' raises an error" do
456
456
  pending
457
- expect_converge {
457
+ expect_converge do
458
458
  chef_acl "/organizations/foo/cookbooks/*/*" do
459
- rights :read, users: %w(u)
459
+ rights :read, users: %w{u}
460
460
  end
461
- }.to raise_error(/ACLs cannot be set on children of \/organizations\/foo\/cookbooks\/*/)
461
+ end.to raise_error(/ACLs cannot be set on children of \/organizations\/foo\/cookbooks\/*/)
462
462
  end
463
463
 
464
464
  it 'chef_acl "/organizations/foo/data/x/y" raises an error' do
465
- expect_converge {
466
- chef_acl '/organizations/foo/data/x/y' do
467
- rights :read, users: %w(u)
465
+ expect_converge do
466
+ chef_acl "/organizations/foo/data/x/y" do
467
+ rights :read, users: %w{u}
468
468
  end
469
- }.to raise_error(/ACLs cannot be set on children of \/organizations\/foo\/data\/x/)
469
+ end.to raise_error(/ACLs cannot be set on children of \/organizations\/foo\/data\/x/)
470
470
  end
471
471
 
472
472
  it 'chef_acl "/organizations/foo/data/*/*" raises an error' do
473
473
  pending
474
- expect_converge {
475
- chef_acl '/organizations/foo/data/*/*' do
476
- rights :read, users: %w(u)
474
+ expect_converge do
475
+ chef_acl "/organizations/foo/data/*/*" do
476
+ rights :read, users: %w{u}
477
477
  end
478
- }.to raise_error(/ACLs cannot be set on children of \/organizations\/foo\/data\/*/)
478
+ end.to raise_error(/ACLs cannot be set on children of \/organizations\/foo\/data\/*/)
479
479
  end
480
480
 
481
481
  it 'chef_acl "/organizations/foo" changes the acl' do
482
- expect_recipe {
483
- chef_acl '/organizations/foo' do
484
- rights :read, users: %w(u)
482
+ expect_recipe do
483
+ chef_acl "/organizations/foo" do
484
+ rights :read, users: %w{u}
485
485
  end
486
- }.to be_updated
487
- expect(get('/organizations/foo/organizations/_acl')).to partially_match('read' => { 'actors' => %w(u) })
488
- expect(get('/organizations/foo/nodes/x/_acl')).to partially_match('read' => { 'actors' => %w(u) })
486
+ end.to be_updated
487
+ expect(get("/organizations/foo/organizations/_acl")).to partially_match("read" => { "actors" => %w{u} })
488
+ expect(get("/organizations/foo/nodes/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
489
489
  end
490
490
 
491
491
  it 'chef_acl "/organizations/*" changes the acl' do
492
- expect_recipe {
493
- chef_acl '/organizations/*' do
494
- rights :read, users: %w(u)
492
+ expect_recipe do
493
+ chef_acl "/organizations/*" do
494
+ rights :read, users: %w{u}
495
495
  end
496
- }.to be_updated
497
- expect(get('/organizations/foo/organizations/_acl')).to partially_match('read' => { 'actors' => %w(u) })
498
- expect(get('/organizations/foo/nodes/x/_acl')).to partially_match('read' => { 'actors' => %w(u) })
496
+ end.to be_updated
497
+ expect(get("/organizations/foo/organizations/_acl")).to partially_match("read" => { "actors" => %w{u} })
498
+ expect(get("/organizations/foo/nodes/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
499
499
  end
500
500
 
501
501
  it 'chef_acl "/users/x" changes the acl' do
502
- expect_recipe {
503
- chef_acl '/users/x' do
504
- rights :read, users: %w(u)
502
+ expect_recipe do
503
+ chef_acl "/users/x" do
504
+ rights :read, users: %w{u}
505
505
  end
506
- }.to be_updated
507
- expect(get('/users/x/_acl')).to partially_match('read' => { 'actors' => %w(u) })
506
+ end.to be_updated
507
+ expect(get("/users/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
508
508
  end
509
509
 
510
510
  it 'chef_acl "/users/*" changes the acl' do
511
- expect_recipe {
512
- chef_acl '/users/*' do
513
- rights :read, users: %w(u)
511
+ expect_recipe do
512
+ chef_acl "/users/*" do
513
+ rights :read, users: %w{u}
514
514
  end
515
- }.to be_updated
516
- expect(get('/users/x/_acl')).to partially_match('read' => { 'actors' => %w(u) })
515
+ end.to be_updated
516
+ expect(get("/users/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
517
517
  end
518
518
 
519
519
  it 'chef_acl "/*/x" changes the acl' do
520
- expect_recipe {
521
- chef_acl '/*/x' do
522
- rights :read, users: %w(u)
520
+ expect_recipe do
521
+ chef_acl "/*/x" do
522
+ rights :read, users: %w{u}
523
523
  end
524
- }.to be_updated
525
- expect(get('/users/x/_acl')).to partially_match('read' => { 'actors' => %w(u) })
524
+ end.to be_updated
525
+ expect(get("/users/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
526
526
  end
527
527
 
528
528
  it 'chef_acl "/*/*" changes the acl' do
529
- expect_recipe {
530
- chef_acl '/*/*' do
531
- rights :read, users: %w(u)
529
+ expect_recipe do
530
+ chef_acl "/*/*" do
531
+ rights :read, users: %w{u}
532
532
  end
533
- }.to be_updated
534
- expect(get('/organizations/foo/organizations/_acl')).to partially_match('read' => { 'actors' => %w(u) })
535
- expect(get('/users/x/_acl')).to partially_match('read' => { 'actors' => %w(u) })
533
+ end.to be_updated
534
+ expect(get("/organizations/foo/organizations/_acl")).to partially_match("read" => { "actors" => %w{u} })
535
+ expect(get("/users/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
536
536
  end
537
537
  end
538
538
  end
539
539
 
540
- context 'and the chef server URL points at /organizations/bar' do
540
+ context "and the chef server URL points at /organizations/bar" do
541
541
  before :each do
542
- Chef::Config.chef_server_url = URI.join(Chef::Config.chef_server_url.to_s, '/organizations/bar').to_s
542
+ Chef::Config.chef_server_url = URI.join(Chef::Config.chef_server_url.to_s, "/organizations/bar").to_s
543
543
  end
544
544
 
545
545
  it "chef_acl '/organizations/foo/nodes/*' changes the acl" do
546
- expect_recipe {
546
+ expect_recipe do
547
547
  chef_acl "/organizations/foo/nodes/*" do
548
- rights :read, users: %w(u)
548
+ rights :read, users: %w{u}
549
549
  end
550
- }.to be_updated
551
- expect(get("/organizations/foo/nodes/x/_acl")).to partially_match('read' => { 'actors' => %w(u) })
550
+ end.to be_updated
551
+ expect(get("/organizations/foo/nodes/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
552
552
  end
553
553
  end
554
554
 
555
- context 'and the chef server URL points at /' do
555
+ context "and the chef server URL points at /" do
556
556
  before :each do
557
- Chef::Config.chef_server_url = URI.join(Chef::Config.chef_server_url.to_s, '/').to_s
557
+ Chef::Config.chef_server_url = URI.join(Chef::Config.chef_server_url.to_s, "/").to_s
558
558
  end
559
559
 
560
560
  it "chef_acl '/organizations/foo/nodes/*' changes the acl" do
561
- expect_recipe {
561
+ expect_recipe do
562
562
  chef_acl "/organizations/foo/nodes/*" do
563
- rights :read, users: %w(u)
563
+ rights :read, users: %w{u}
564
564
  end
565
- }.to be_updated
566
- expect(get("/organizations/foo/nodes/x/_acl")).to partially_match('read' => { 'actors' => %w(u) })
565
+ end.to be_updated
566
+ expect(get("/organizations/foo/nodes/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
567
567
  end
568
568
  end
569
569
  end
570
570
 
571
571
  when_the_chef_server 'has a user "u" in single org mode', :osc_compat => false do
572
- user 'u', {}
573
- client 'x', {}
574
- container 'x', {}
575
- cookbook 'x', '1.0.0', {}
576
- data_bag 'x', { 'y' => {} }
577
- environment 'x', {}
578
- group 'x', {}
579
- node 'x', {}
580
- role 'x', {}
581
- sandbox 'x', {}
582
- user 'x', {}
583
-
584
- %w(clients containers cookbooks data environments groups nodes roles sandboxes).each do |type|
572
+ user "u", {}
573
+ client "x", {}
574
+ container "x", {}
575
+ cookbook "x", "1.0.0", {}
576
+ data_bag "x", { "y" => {} }
577
+ environment "x", {}
578
+ group "x", {}
579
+ node "x", {}
580
+ role "x", {}
581
+ sandbox "x", {}
582
+ user "x", {}
583
+
584
+ %w{clients containers cookbooks data environments groups nodes roles sandboxes}.each do |type|
585
585
  it "chef_acl #{type}/x' changes the acl" do
586
- expect_recipe {
586
+ expect_recipe do
587
587
  chef_acl "#{type}/x" do
588
- rights :read, users: %w(u)
588
+ rights :read, users: %w{u}
589
589
  end
590
- }.to be_updated
591
- expect(get("#{type}/x/_acl")).to partially_match('read' => { 'actors' => %w(u) })
590
+ end.to be_updated
591
+ expect(get("#{type}/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
592
592
  end
593
593
  end
594
594
 
595
- %w(clients containers cookbooks data environments groups nodes roles).each do |type|
595
+ %w{clients containers cookbooks data environments groups nodes roles}.each do |type|
596
596
  it "chef_acl '#{type}/*' changes the acl" do
597
- expect_recipe {
597
+ expect_recipe do
598
598
  chef_acl "#{type}/*" do
599
- rights :read, users: %w(u)
599
+ rights :read, users: %w{u}
600
600
  end
601
- }.to be_updated
602
- expect(get("#{type}/x/_acl")).to partially_match('read' => { 'actors' => %w(u) })
601
+ end.to be_updated
602
+ expect(get("#{type}/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
603
603
  end
604
604
  end
605
605
 
606
606
  it "chef_acl '*/x' changes the acls" do
607
- expect_recipe {
607
+ expect_recipe do
608
608
  chef_acl "*/x" do
609
- rights :read, users: %w(u)
609
+ rights :read, users: %w{u}
610
610
  end
611
- }.to be_updated
612
- %w(clients containers cookbooks data environments groups nodes roles sandboxes).each do |type|
611
+ end.to be_updated
612
+ %w{clients containers cookbooks data environments groups nodes roles sandboxes}.each do |type|
613
613
  expect(get("#{type}/x/_acl")).to partially_match(
614
- 'read' => { 'actors' => %w(u) })
614
+ "read" => { "actors" => %w{u} })
615
615
  end
616
616
  end
617
617
 
618
618
  it "chef_acl '*/*' changes the acls" do
619
- expect_recipe {
619
+ expect_recipe do
620
620
  chef_acl "*/*" do
621
- rights :read, users: %w(u)
621
+ rights :read, users: %w{u}
622
622
  end
623
- }.to be_updated
624
- %w(clients containers cookbooks data environments groups nodes roles).each do |type|
623
+ end.to be_updated
624
+ %w{clients containers cookbooks data environments groups nodes roles}.each do |type|
625
625
  expect(get("#{type}/x/_acl")).to partially_match(
626
- 'read' => { 'actors' => %w(u) })
626
+ "read" => { "actors" => %w{u} })
627
627
  end
628
628
  end
629
629
 
630
630
  it "chef_acl 'groups/*' changes the acl" do
631
- expect_recipe {
631
+ expect_recipe do
632
632
  chef_acl "groups/*" do
633
- rights :read, users: %w(u)
633
+ rights :read, users: %w{u}
634
634
  end
635
- }.to be_updated
636
- %w(admins billing-admins clients users x).each do |n|
635
+ end.to be_updated
636
+ %w{admins billing-admins clients users x}.each do |n|
637
637
  expect(get("groups/#{n}/_acl")).to partially_match(
638
- 'read' => { 'actors' => %w(u) })
638
+ "read" => { "actors" => %w{u} })
639
639
  end
640
640
  end
641
641
 
642
642
  it 'chef_acl "data_bags/x" changes the acl' do
643
- expect_recipe {
644
- chef_acl 'data_bags/x' do
645
- rights :read, users: %w(u)
643
+ expect_recipe do
644
+ chef_acl "data_bags/x" do
645
+ rights :read, users: %w{u}
646
646
  end
647
- }.to be_updated
648
- expect(get('data/x/_acl')).to partially_match('read' => { 'actors' => %w(u) })
647
+ end.to be_updated
648
+ expect(get("data/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
649
649
  end
650
650
 
651
651
  it 'chef_acl "data_bags/*" changes the acl' do
652
- expect_recipe {
653
- chef_acl 'data_bags/*' do
654
- rights :read, users: %w(u)
652
+ expect_recipe do
653
+ chef_acl "data_bags/*" do
654
+ rights :read, users: %w{u}
655
655
  end
656
- }.to be_updated
657
- expect(get('data/x/_acl')).to partially_match('read' => { 'actors' => %w(u) })
656
+ end.to be_updated
657
+ expect(get("data/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
658
658
  end
659
659
 
660
660
  it 'chef_acl "" changes the organization acl' do
661
- expect_recipe {
662
- chef_acl '' do
663
- rights :read, users: %w(u)
661
+ expect_recipe do
662
+ chef_acl "" do
663
+ rights :read, users: %w{u}
664
664
  end
665
- }.to be_updated
666
- expect(get('/organizations/_acl')).to partially_match('read' => { 'actors' => %w(u) })
667
- expect(get('nodes/x/_acl')).to partially_match('read' => { 'actors' => %w(u) })
665
+ end.to be_updated
666
+ expect(get("/organizations/_acl")).to partially_match("read" => { "actors" => %w{u} })
667
+ expect(get("nodes/x/_acl")).to partially_match("read" => { "actors" => %w{u} })
668
668
  end
669
669
  end
670
670
  end
671
671
 
672
- context 'ACLs on each container type' do
673
- when_the_chef_server 'has an organization named foo', :osc_compat => false, :single_org => false do
674
- organization 'foo' do
675
- user 'u', {}
676
- client 'x', {}
677
- container 'x', {}
678
- cookbook 'x', '1.0.0', {}
679
- data_bag 'x', { 'y' => {} }
680
- environment 'x', {}
681
- group 'x', {}
682
- node 'x', {}
683
- role 'x', {}
684
- sandbox 'x', {}
685
- user 'x', {}
686
- end
687
-
688
- %w(clients containers cookbooks data environments groups nodes roles sandboxes).each do |type|
672
+ context "ACLs on each container type" do
673
+ when_the_chef_server "has an organization named foo", :osc_compat => false, :single_org => false do
674
+ organization "foo" do
675
+ user "u", {}
676
+ client "x", {}
677
+ container "x", {}
678
+ cookbook "x", "1.0.0", {}
679
+ data_bag "x", { "y" => {} }
680
+ environment "x", {}
681
+ group "x", {}
682
+ node "x", {}
683
+ role "x", {}
684
+ sandbox "x", {}
685
+ user "x", {}
686
+ end
687
+
688
+ %w{clients containers cookbooks data environments groups nodes roles sandboxes}.each do |type|
689
689
  it "chef_acl '/organizations/foo/#{type}' changes the acl" do
690
- expect_recipe {
690
+ expect_recipe do
691
691
  chef_acl "/organizations/foo/#{type}" do
692
- rights :read, users: %w(u)
692
+ rights :read, users: %w{u}
693
693
  end
694
- }.to be_updated
695
- expect(get("/organizations/foo/containers/#{type}/_acl")).to partially_match('read' => { 'actors' => %w(u) })
694
+ end.to be_updated
695
+ expect(get("/organizations/foo/containers/#{type}/_acl")).to partially_match("read" => { "actors" => %w{u} })
696
696
  end
697
697
  end
698
698
 
699
- %w(clients containers cookbooks data environments groups nodes roles).each do |type|
699
+ %w{clients containers cookbooks data environments groups nodes roles}.each do |type|
700
700
  it "chef_acl '/*/*/#{type}' changes the acl" do
701
- expect_recipe {
701
+ expect_recipe do
702
702
  chef_acl "/*/*/#{type}" do
703
- rights :read, users: %w(u)
703
+ rights :read, users: %w{u}
704
704
  end
705
- }.to be_updated
706
- expect(get("/organizations/foo/containers/#{type}/_acl")).to partially_match('read' => { 'actors' => %w(u) })
705
+ end.to be_updated
706
+ expect(get("/organizations/foo/containers/#{type}/_acl")).to partially_match("read" => { "actors" => %w{u} })
707
707
  end
708
708
  end
709
709
 
710
710
  it "chef_acl '/*/*/*' changes the acls" do
711
- expect_recipe {
711
+ expect_recipe do
712
712
  chef_acl "/*/*/*" do
713
- rights :read, users: %w(u)
713
+ rights :read, users: %w{u}
714
714
  end
715
- }.to be_updated
716
- %w(clients containers cookbooks data environments groups nodes roles sandboxes).each do |type|
715
+ end.to be_updated
716
+ %w{clients containers cookbooks data environments groups nodes roles sandboxes}.each do |type|
717
717
  expect(get("/organizations/foo/containers/#{type}/_acl")).to partially_match(
718
- 'read' => { 'actors' => %w(u) })
718
+ "read" => { "actors" => %w{u} })
719
719
  end
720
720
  end
721
721
 
722
722
  it 'chef_acl "/organizations/foo/data_bags" changes the acl' do
723
- expect_recipe {
724
- chef_acl '/organizations/foo/data_bags' do
725
- rights :read, users: %w(u)
723
+ expect_recipe do
724
+ chef_acl "/organizations/foo/data_bags" do
725
+ rights :read, users: %w{u}
726
726
  end
727
- }.to be_updated
728
- expect(get('/organizations/foo/containers/data/_acl')).to partially_match('read' => { 'actors' => %w(u) })
727
+ end.to be_updated
728
+ expect(get("/organizations/foo/containers/data/_acl")).to partially_match("read" => { "actors" => %w{u} })
729
729
  end
730
730
 
731
731
  it 'chef_acl "/*/*/data_bags" changes the acl' do
732
- expect_recipe {
733
- chef_acl '/*/*/data_bags' do
734
- rights :read, users: %w(u)
732
+ expect_recipe do
733
+ chef_acl "/*/*/data_bags" do
734
+ rights :read, users: %w{u}
735
735
  end
736
- }.to be_updated
737
- expect(get('/organizations/foo/containers/data/_acl')).to partially_match('read' => { 'actors' => %w(u) })
736
+ end.to be_updated
737
+ expect(get("/organizations/foo/containers/data/_acl")).to partially_match("read" => { "actors" => %w{u} })
738
738
  end
739
739
  end
740
740
 
741
741
  when_the_chef_server 'has a user "u" in single org mode', :osc_compat => false do
742
- user 'u', {}
743
- client 'x', {}
744
- container 'x', {}
745
- cookbook 'x', '1.0.0', {}
746
- data_bag 'x', { 'y' => {} }
747
- environment 'x', {}
748
- group 'x', {}
749
- node 'x', {}
750
- role 'x', {}
751
- sandbox 'x', {}
752
- user 'x', {}
753
-
754
- %w(clients containers cookbooks data environments groups nodes roles sandboxes).each do |type|
742
+ user "u", {}
743
+ client "x", {}
744
+ container "x", {}
745
+ cookbook "x", "1.0.0", {}
746
+ data_bag "x", { "y" => {} }
747
+ environment "x", {}
748
+ group "x", {}
749
+ node "x", {}
750
+ role "x", {}
751
+ sandbox "x", {}
752
+ user "x", {}
753
+
754
+ %w{clients containers cookbooks data environments groups nodes roles sandboxes}.each do |type|
755
755
  it "chef_acl #{type}' changes the acl" do
756
- expect_recipe {
756
+ expect_recipe do
757
757
  chef_acl "#{type}" do
758
- rights :read, users: %w(u)
758
+ rights :read, users: %w{u}
759
759
  end
760
- }.to be_updated
761
- expect(get("containers/#{type}/_acl")).to partially_match('read' => { 'actors' => %w(u) })
760
+ end.to be_updated
761
+ expect(get("containers/#{type}/_acl")).to partially_match("read" => { "actors" => %w{u} })
762
762
  end
763
763
  end
764
764
 
765
765
  it "chef_acl '*' changes the acls" do
766
- expect_recipe {
766
+ expect_recipe do
767
767
  chef_acl "*" do
768
- rights :read, users: %w(u)
768
+ rights :read, users: %w{u}
769
769
  end
770
- }.to be_updated
771
- %w(clients containers cookbooks data environments groups nodes roles sandboxes).each do |type|
770
+ end.to be_updated
771
+ %w{clients containers cookbooks data environments groups nodes roles sandboxes}.each do |type|
772
772
  expect(get("containers/#{type}/_acl")).to partially_match(
773
- 'read' => { 'actors' => %w(u) })
773
+ "read" => { "actors" => %w{u} })
774
774
  end
775
775
  end
776
776
  end
777
777
  end
778
778
 
779
- context 'remove_rights' do
779
+ context "remove_rights" do
780
780
  when_the_chef_server 'has a node "x" with "u", "c" and "g" in its acl', :osc_compat => false do
781
- user 'u', {}
782
- user 'u2', {}
783
- client 'c', {}
784
- client 'c2', {}
785
- group 'g', {}
786
- group 'g2', {}
787
- node 'x', {} do
788
- acl 'create' => { 'actors' => [ 'u', 'c' ], 'groups' => [ 'g' ] },
789
- 'read' => { 'actors' => [ 'u', 'c' ], 'groups' => [ 'g' ] },
790
- 'update' => { 'actors' => [ 'u', 'c' ], 'groups' => [ 'g' ] }
781
+ user "u", {}
782
+ user "u2", {}
783
+ client "c", {}
784
+ client "c2", {}
785
+ group "g", {}
786
+ group "g2", {}
787
+ node "x", {} do
788
+ acl "create" => { "actors" => %w{u c}, "groups" => [ "g" ] },
789
+ "read" => { "actors" => %w{u c}, "groups" => [ "g" ] },
790
+ "update" => { "actors" => %w{u c}, "groups" => [ "g" ] }
791
791
  end
792
792
 
793
793
  it 'chef_acl with remove_rights "u" removes the user\'s rights' do
794
- expect_recipe {
794
+ expect_recipe do
795
795
  chef_acl "nodes/x" do
796
- remove_rights :read, users: %w(u)
796
+ remove_rights :read, users: %w{u}
797
797
  end
798
- }.to be_updated
799
- expect(get("nodes/x/_acl")).to partially_match('read' => { 'actors' => exclude('u') })
798
+ end.to be_updated
799
+ expect(get("nodes/x/_acl")).to partially_match("read" => { "actors" => exclude("u") })
800
800
  end
801
801
 
802
802
  it 'chef_acl with remove_rights "c" removes the client\'s rights' do
803
- expect_recipe {
803
+ expect_recipe do
804
804
  chef_acl "nodes/x" do
805
- remove_rights :read, clients: %w(c)
805
+ remove_rights :read, clients: %w{c}
806
806
  end
807
- }.to be_updated
808
- expect(get("nodes/x/_acl")).to partially_match('read' => { 'actors' => exclude('c') })
807
+ end.to be_updated
808
+ expect(get("nodes/x/_acl")).to partially_match("read" => { "actors" => exclude("c") })
809
809
  end
810
810
 
811
811
  it 'chef_acl with remove_rights "g" removes the group\'s rights' do
812
- expect_recipe {
812
+ expect_recipe do
813
813
  chef_acl "nodes/x" do
814
- remove_rights :read, groups: %w(g)
814
+ remove_rights :read, groups: %w{g}
815
815
  end
816
- }.to be_updated
816
+ end.to be_updated
817
817
  expect(get("nodes/x/_acl")).to partially_match(
818
- 'read' => { 'groups' => exclude('g') }
818
+ "read" => { "groups" => exclude("g") }
819
819
  )
820
820
  end
821
821
 
822
822
  it 'chef_acl with remove_rights [ :create, :read ], "u", "c", "g" removes all three' do
823
- expect_recipe {
823
+ expect_recipe do
824
824
  chef_acl "nodes/x" do
825
- remove_rights [ :create, :read ], users: %w(u), clients: %w(c), groups: %w(g)
825
+ remove_rights [ :create, :read ], users: %w{u}, clients: %w{c}, groups: %w{g}
826
826
  end
827
- }.to be_updated
827
+ end.to be_updated
828
828
  expect(get("nodes/x/_acl")).to partially_match(
829
- 'create' => { 'actors' => exclude('u').and(exclude('c')), 'groups' => exclude('g') },
830
- 'read' => { 'actors' => exclude('u').and(exclude('c')), 'groups' => exclude('g') }
829
+ "create" => { "actors" => exclude("u").and(exclude("c")), "groups" => exclude("g") },
830
+ "read" => { "actors" => exclude("u").and(exclude("c")), "groups" => exclude("g") }
831
831
  )
832
832
  end
833
833
 
834
834
  it 'chef_acl with remove_rights "u2", "c2", "g2" has no effect' do
835
- expect {
836
- expect_recipe {
835
+ expect do
836
+ expect_recipe do
837
837
  chef_acl "nodes/x" do
838
- remove_rights :read, users: %w(u2), clients: %w(c2), groups: %w(g2)
838
+ remove_rights :read, users: %w{u2}, clients: %w{c2}, groups: %w{g2}
839
839
  end
840
- }.to be_up_to_date
841
- }.not_to change { get("nodes/x/_acl") }
840
+ end.to be_up_to_date
841
+ end.not_to change { get("nodes/x/_acl") }
842
842
  end
843
843
  end
844
844
  end
845
845
 
846
- when_the_chef_server 'has a node named data_bags', :osc_compat => false do
847
- user 'blarghle', {}
848
- node 'data_bags', {}
846
+ when_the_chef_server "has a node named data_bags", :osc_compat => false do
847
+ user "blarghle", {}
848
+ node "data_bags", {}
849
849
 
850
850
  it 'Converging chef_acl "nodes/data_bags" with user "blarghle" adds the user' do
851
- expect_recipe {
852
- chef_acl 'nodes/data_bags' do
853
- rights :read, users: %w(blarghle)
851
+ expect_recipe do
852
+ chef_acl "nodes/data_bags" do
853
+ rights :read, users: %w{blarghle}
854
854
  end
855
- }.to be_updated
856
- expect(get('nodes/data_bags/_acl')).to partially_match('read' => { 'actors' => %w(blarghle) })
855
+ end.to be_updated
856
+ expect(get("nodes/data_bags/_acl")).to partially_match("read" => { "actors" => %w{blarghle} })
857
857
  end
858
858
  end
859
859
 
860
- when_the_chef_server 'has a node named data_bags in multi-org mode', :osc_compat => false, :single_org => false do
861
- user 'blarghle', {}
862
- organization 'foo' do
863
- node 'data_bags', {}
860
+ when_the_chef_server "has a node named data_bags in multi-org mode", :osc_compat => false, :single_org => false do
861
+ user "blarghle", {}
862
+ organization "foo" do
863
+ node "data_bags", {}
864
864
  end
865
865
 
866
866
  it 'Converging chef_acl "/organizations/foo/nodes/data_bags" with user "blarghle" adds the user' do
867
- expect_recipe {
868
- chef_acl '/organizations/foo/nodes/data_bags' do
869
- rights :read, users: %w(blarghle)
867
+ expect_recipe do
868
+ chef_acl "/organizations/foo/nodes/data_bags" do
869
+ rights :read, users: %w{blarghle}
870
870
  end
871
- }.to be_updated
872
- expect(get('/organizations/foo/nodes/data_bags/_acl')).to partially_match('read' => { 'actors' => %w(blarghle) })
871
+ end.to be_updated
872
+ expect(get("/organizations/foo/nodes/data_bags/_acl")).to partially_match("read" => { "actors" => %w{blarghle} })
873
873
  end
874
874
  end
875
875
 
876
- when_the_chef_server 'has a user named data_bags in multi-org mode', :osc_compat => false, :single_org => false do
877
- user 'data_bags', {}
878
- user 'blarghle', {}
876
+ when_the_chef_server "has a user named data_bags in multi-org mode", :osc_compat => false, :single_org => false do
877
+ user "data_bags", {}
878
+ user "blarghle", {}
879
879
 
880
880
  it 'Converging chef_acl "/users/data_bags" with user "blarghle" adds the user' do
881
- expect_recipe {
882
- chef_acl '/users/data_bags' do
883
- rights :read, users: %w(blarghle)
881
+ expect_recipe do
882
+ chef_acl "/users/data_bags" do
883
+ rights :read, users: %w{blarghle}
884
884
  end
885
- }.to be_updated
886
- expect(get('/users/data_bags/_acl')).to partially_match('read' => { 'actors' => %w(blarghle) })
885
+ end.to be_updated
886
+ expect(get("/users/data_bags/_acl")).to partially_match("read" => { "actors" => %w{blarghle} })
887
887
  end
888
888
  end
889
889
  end