gratan 0.1.7 → 0.1.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a2ffc1ee18a760332c433a587564c73b3500ed99
-  data.tar.gz: b382285ace7c48e2baac1c77b6fd1e347555b833
+  metadata.gz: 3652b6032331534d479d99c2b543327ddc15f645
+  data.tar.gz: eb14f74f6d20959b8c1a74b65a8d63df3b13c891
 SHA512:
-  metadata.gz: 228587ae809aecae4a334fe5b9d00586815de1298159014564b776c26d900668384558e16d991899a0346a84e8455dd4e6d9472ab0a929fdf9741375e395c3b5
-  data.tar.gz: c0463a43066294d3072b7e824de9e8575700666208eb1510651c0d4a2e2432f175c584b6dec9e5e6f741eeca87019017790e89861e573fd1ac9b4c22103b9fa0
+  metadata.gz: 8564bed70a26a922920c115dd4db0dbffeea38c0e54a73b9ebf3931fee3521e95195f5cc93ab92d2c0e0347ae49d5281e6637380f2524f7fb8b9bfa9d1a00769
+  data.tar.gz: f6c014b19e44f3bfd11a0c93bbaa2bb70822d23042a4beaa86e3641b32d6680bcb5501d9f00e60c27622644ddf57fb4eb1f5ef13b1650e1d5eb21690b4b85fc9

data/README.md

@@ -69,7 +69,7 @@ user "scott", "%" do
     grant "USAGE"
   end
 
-  on "test.*" do
+  on "test.*", expired: '2014/10/08' do
     grant "SELECT"
     grant "INSERT"
   end

data/lib/gratan/dsl/context.rb

@@ -52,7 +52,7 @@ class Gratan::DSL::Context
       end
 
       @result[[name, host]] = {
-        :objects => Gratan::DSL::Context::User.new(name, host, &block).result,
+        :objects => Gratan::DSL::Context::User.new(name, host, @options, &block).result,
         :options => options,
       }
     end

data/lib/gratan/dsl/context/on.rb

@@ -3,8 +3,12 @@ class Gratan::DSL::Context::On
 
   attr_reader :result
 
-  def initialize(user, host, object, &block)
-    @error_identifier = "User `#{user}@#{host}` on `#{object}`"
+  def initialize(user, host, object, options, &block)
+    @object_identifier = "User `#{user}@#{host}` on `#{object}`"
+    @user = user
+    @host = host
+    @object = object
+    @options = options
     @result = []
     instance_eval(&block)
   end

data/lib/gratan/dsl/context/user.rb

@@ -1,12 +1,14 @@
 class Gratan::DSL::Context::User
   include Gratan::DSL::Validator
+  include Gratan::Logger::Helper
 
   attr_reader :result
 
-  def initialize(user, host, &block)
-    @error_identifier = "User `#{user}@#{host}`"
+  def initialize(user, host, options, &block)
+    @object_identifier = "User `#{user}@#{host}`"
     @user = user
     @host = host
+    @options = options
     @result = {}
     instance_eval(&block)
   end
@@ -18,7 +20,16 @@ class Gratan::DSL::Context::User
       not @result.has_key?(name)
     end
 
-    grant = {:privs => Gratan::DSL::Context::On.new(@user, @host, name, &block).result}
+    if @options[:enable_expired] and (expired = options.delete(:expired))
+      expired = Time.parse(expired)
+
+      if Time.new >= expired
+        log(:warn, "Object `#{name}` has expired", :color => :yellow)
+        return
+      end
+    end
+
+    grant = {:privs => Gratan::DSL::Context::On.new(@user, @host, name, @options, &block).result}
     grant[:with] = options[:with] if options[:with]
     @result[name] = grant
   end

data/lib/gratan/dsl/validator.rb

@@ -4,8 +4,8 @@ module Gratan::DSL::Validator
   end
 
   def __identify(errmsg)
-    if @error_identifier
-      errmsg = "#{@error_identifier}: #{errmsg}"
+    if @object_identifier
+      errmsg = "#{@object_identifier}: #{errmsg}"
     end
 
     return errmsg

data/lib/gratan/logger.rb

@@ -18,6 +18,7 @@ class Gratan::Logger < ::Logger
   module Helper
     def log(level, message, options = {})
       global_options = @options || {}
+      message = "#{@object_identifier}: #{message}" if @object_identifier
       message = "[#{level.to_s.upcase}] #{message}" unless level == :info
 
       if global_options[:dry_run] and options[:dry_run] != false

data/lib/gratan/version.rb

@@ -1,3 +1,3 @@
 module Gratan
-  VERSION = '0.1.7'
+  VERSION = '0.1.8'
 end

data/spec/change/change_grants_expired_spec.rb

@@ -0,0 +1,138 @@
+describe 'Gratan::Client#apply' do
+  before(:each) do
+    apply {
+      <<-RUBY
+user 'scott', 'localhost', identified: 'tiger', required: 'SSL' do
+  on '*.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+  end
+
+  on 'test.*' do
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'mysql.user' do
+    grant 'SELECT (user)'
+  end
+end
+      RUBY
+    }
+  end
+
+  context 'when object has expired' do
+    let(:logger) do
+      logger = Logger.new('/dev/null')
+      expect(logger).to receive(:warn).with('[WARN] User `scott@localhost`: Object `test.*` has expired')
+      logger
+    end
+
+    subject do
+      client(
+        enable_expired: true,
+        logger: logger
+      )
+    end
+
+    it do
+      dsl = <<-RUBY
+user 'scott', 'localhost', required: 'SSL' do
+  on '*.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+  end
+
+  on 'test.*', expired: '2014/10/06' do
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'mysql.user' do
+    grant 'SELECT (user)'
+  end
+end
+      RUBY
+
+      Timecop.freeze(Time.parse('2014/10/06')) do
+        apply(subject) { dsl }
+      end
+
+      expect(show_grants).to match_array [
+        "GRANT SELECT (user) ON `mysql`.`user` TO 'scott'@'localhost'",
+        "GRANT SELECT, INSERT ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40' REQUIRE SSL",
+      ]
+    end
+  end
+
+  context 'when object has not expired' do
+    subject { client(enable_expired: true) }
+
+    it do
+      dsl = <<-RUBY
+user 'scott', 'localhost', required: 'SSL' do
+  on '*.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+  end
+
+  on 'test.*', expired: '2014/10/06' do
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'mysql.user' do
+    grant 'SELECT (user)'
+  end
+end
+      RUBY
+
+      Timecop.freeze(Time.parse('2014/10/05 23:59:59')) do
+        result = apply(subject) { dsl }
+        expect(result).to be_falsey
+      end
+
+      expect(show_grants).to match_array [
+        "GRANT SELECT (user) ON `mysql`.`user` TO 'scott'@'localhost'",
+        "GRANT SELECT, INSERT ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40' REQUIRE SSL",
+        "GRANT UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
+      ]
+    end
+  end
+
+  context 'when enable_expired is false' do
+    subject { client(enable_expired: false) }
+
+    it do
+      dsl = <<-RUBY
+user 'scott', 'localhost', required: 'SSL' do
+  on '*.*' do
+    grant 'SELECT'
+    grant 'INSERT'
+  end
+
+  on 'test.*', expired: '2014/10/06' do
+    grant 'UPDATE'
+    grant 'DELETE'
+  end
+
+  on 'mysql.user' do
+    grant 'SELECT (user)'
+  end
+end
+      RUBY
+
+
+      Timecop.freeze(Time.parse('2014/10/10')) do
+        result = apply(subject) { dsl }
+        expect(result).to be_falsey
+      end
+
+      expect(show_grants).to match_array [
+        "GRANT SELECT (user) ON `mysql`.`user` TO 'scott'@'localhost'",
+        "GRANT SELECT, INSERT ON *.* TO 'scott'@'localhost' IDENTIFIED BY PASSWORD '*F2F68D0BB27A773C1D944270E5FAFED515A3FA40' REQUIRE SSL",
+        "GRANT UPDATE, DELETE ON `test`.* TO 'scott'@'localhost'",
+      ]
+    end
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gratan
 version: !ruby/object:Gem::Version
-  version: 0.1.7
+  version: 0.1.8
 platform: ruby
 authors:
 - Genki Sugawara
@@ -146,6 +146,7 @@ files:
 - spec/change/change_grants_2_spec.rb
 - spec/change/change_grants_3_spec.rb
 - spec/change/change_grants_4_spec.rb
+- spec/change/change_grants_expired_spec.rb
 - spec/change/change_grants_multi_hosts_spec.rb
 - spec/change/change_grants_regexp_spec.rb
 - spec/change/change_grants_spec.rb
@@ -189,6 +190,7 @@ test_files:
 - spec/change/change_grants_2_spec.rb
 - spec/change/change_grants_3_spec.rb
 - spec/change/change_grants_4_spec.rb
+- spec/change/change_grants_expired_spec.rb
 - spec/change/change_grants_multi_hosts_spec.rb
 - spec/change/change_grants_regexp_spec.rb
 - spec/change/change_grants_spec.rb