hiera-file 1.0.0
Sign up to get free protection for your applications and to get access to all the features.
- data/lib/hiera/backend/file_backend.rb +44 -0
- data/spec/unit/file_backend_spec.rb +86 -0
- metadata +115 -0
@@ -0,0 +1,44 @@
|
|
1
|
+
class Hiera
|
2
|
+
module Backend
|
3
|
+
class File_backend
|
4
|
+
def initialize
|
5
|
+
Hiera.debug("Hiera File backend starting")
|
6
|
+
end
|
7
|
+
|
8
|
+
def lookup(key, scope, order_override, resolution_type)
|
9
|
+
answer = nil
|
10
|
+
|
11
|
+
Hiera.debug("Looking up #{key} in JSON backend")
|
12
|
+
|
13
|
+
Backend.datasources(scope, order_override) do |source|
|
14
|
+
Hiera.debug("Hiera File_backend: looking for data source '#{source}'")
|
15
|
+
|
16
|
+
datadir = Backend.datafile(:file, scope, source, "d") or next
|
17
|
+
|
18
|
+
# Expand the datadir and path, and ensure that the datadir contains
|
19
|
+
# the given key. If the expanded key is outside of the datadir then
|
20
|
+
# this is a directory traversal attack and should be aborted.
|
21
|
+
abs_datadir = File.expand_path(datadir)
|
22
|
+
abs_path = File.expand_path(File.join(abs_datadir, key))
|
23
|
+
unless abs_path.index(abs_datadir) == 0
|
24
|
+
raise Exception, "Hiera File backend: key lookup outside of datadir '#{key}'"
|
25
|
+
end
|
26
|
+
|
27
|
+
next unless File.exist?(abs_path)
|
28
|
+
data = File.read(abs_path)
|
29
|
+
|
30
|
+
case resolution_type
|
31
|
+
when :array
|
32
|
+
answer ||= []
|
33
|
+
answer << Backend.parse_answer(data, scope)
|
34
|
+
else
|
35
|
+
answer = Backend.parse_answer(data, scope)
|
36
|
+
break
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
answer
|
41
|
+
end
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
@@ -0,0 +1,86 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'hiera/backend/file_backend'
|
3
|
+
|
4
|
+
class Hiera
|
5
|
+
module Backend
|
6
|
+
describe File_backend do
|
7
|
+
before do
|
8
|
+
Hiera.stubs(:debug)
|
9
|
+
Hiera.stubs(:warn)
|
10
|
+
end
|
11
|
+
|
12
|
+
|
13
|
+
describe "#initialize" do
|
14
|
+
it "should announce its creation" do # because other specs checks this
|
15
|
+
Hiera.expects(:debug).with("Hiera File backend starting")
|
16
|
+
|
17
|
+
File_backend.new
|
18
|
+
end
|
19
|
+
end
|
20
|
+
|
21
|
+
describe "#lookup" do
|
22
|
+
before :each do
|
23
|
+
Backend.stubs(:datasources).multiple_yields(["one"], ["two"])
|
24
|
+
end
|
25
|
+
|
26
|
+
subject { File_backend.new }
|
27
|
+
|
28
|
+
it "should look for data in all sources" do
|
29
|
+
Backend.expects(:datafile).with(:file, {}, "one", "d")
|
30
|
+
Backend.expects(:datafile).with(:file, {}, "two", "d")
|
31
|
+
|
32
|
+
subject.lookup("key", {}, nil, :priority)
|
33
|
+
end
|
34
|
+
|
35
|
+
describe 'when searching' do
|
36
|
+
|
37
|
+
before :each do
|
38
|
+
Backend.stubs(:datafile).with(:file, {}, "one", "d").returns("/datadir/one.d")
|
39
|
+
Backend.stubs(:datafile).with(:file, {}, "two", "d").returns("/datadir/two.d")
|
40
|
+
end
|
41
|
+
|
42
|
+
it "should pick data earliest source that has it for priority searches" do
|
43
|
+
File.expects(:exist?).with("/datadir/one.d/key").returns true
|
44
|
+
File.expects(:read).with("/datadir/one.d/key").returns 'value'
|
45
|
+
|
46
|
+
File.expects(:exist?).with("/datadir/two.d/key").never
|
47
|
+
File.expects(:read).with("/datadir/two.d/key").never
|
48
|
+
|
49
|
+
subject.lookup("key", {}, nil, :priority).should == 'value'
|
50
|
+
end
|
51
|
+
|
52
|
+
it "should build an array of all data sources for array searches" do
|
53
|
+
File.expects(:exist?).with("/datadir/one.d/key").returns true
|
54
|
+
File.expects(:read).with("/datadir/one.d/key").returns 'value one'
|
55
|
+
|
56
|
+
File.expects(:exist?).with("/datadir/two.d/key").returns true
|
57
|
+
File.expects(:read).with("/datadir/two.d/key").returns 'value two'
|
58
|
+
|
59
|
+
subject.lookup("key", {}, nil, :array).should == ['value one', 'value two']
|
60
|
+
end
|
61
|
+
|
62
|
+
it "should parse the answer for scope variables" do
|
63
|
+
scope = {'scope_val' => 'v'}
|
64
|
+
|
65
|
+
Backend.expects(:datafile).with(:file, scope, "one", "d").returns("/datadir/one.d")
|
66
|
+
Backend.expects(:datafile).with(:file, scope, "two", "d").never
|
67
|
+
|
68
|
+
File.expects(:exist?).with("/datadir/one.d/key").returns true
|
69
|
+
File.expects(:read).with("/datadir/one.d/key").returns '%{scope_val}alue'
|
70
|
+
|
71
|
+
subject.lookup("key", scope, nil, :priority).should == 'value'
|
72
|
+
end
|
73
|
+
|
74
|
+
it "should prevent directory traversal attacks" do
|
75
|
+
File.expects(:exist?).never
|
76
|
+
File.expects(:read).never
|
77
|
+
|
78
|
+
expect do
|
79
|
+
subject.lookup("../../../../../etc/passwd", {}, nil, :priority)
|
80
|
+
end.to raise_error
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
metadata
ADDED
@@ -0,0 +1,115 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: hiera-file
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
hash: 23
|
5
|
+
prerelease:
|
6
|
+
segments:
|
7
|
+
- 1
|
8
|
+
- 0
|
9
|
+
- 0
|
10
|
+
version: 1.0.0
|
11
|
+
platform: ruby
|
12
|
+
authors:
|
13
|
+
- adrien@puppetlabs.com
|
14
|
+
autorequire:
|
15
|
+
bindir: bin
|
16
|
+
cert_chain: []
|
17
|
+
|
18
|
+
date: 2012-12-05 00:00:00 -08:00
|
19
|
+
default_executable:
|
20
|
+
dependencies:
|
21
|
+
- !ruby/object:Gem::Dependency
|
22
|
+
name: hiera
|
23
|
+
prerelease: false
|
24
|
+
requirement: &id001 !ruby/object:Gem::Requirement
|
25
|
+
none: false
|
26
|
+
requirements:
|
27
|
+
- - ">="
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
hash: 23
|
30
|
+
segments:
|
31
|
+
- 1
|
32
|
+
- 0
|
33
|
+
- 0
|
34
|
+
version: 1.0.0
|
35
|
+
type: :runtime
|
36
|
+
version_requirements: *id001
|
37
|
+
- !ruby/object:Gem::Dependency
|
38
|
+
name: rspec
|
39
|
+
prerelease: false
|
40
|
+
requirement: &id002 !ruby/object:Gem::Requirement
|
41
|
+
none: false
|
42
|
+
requirements:
|
43
|
+
- - ~>
|
44
|
+
- !ruby/object:Gem::Version
|
45
|
+
hash: 39
|
46
|
+
segments:
|
47
|
+
- 2
|
48
|
+
- 10
|
49
|
+
- 0
|
50
|
+
version: 2.10.0
|
51
|
+
type: :development
|
52
|
+
version_requirements: *id002
|
53
|
+
- !ruby/object:Gem::Dependency
|
54
|
+
name: mocha
|
55
|
+
prerelease: false
|
56
|
+
requirement: &id003 !ruby/object:Gem::Requirement
|
57
|
+
none: false
|
58
|
+
requirements:
|
59
|
+
- - ~>
|
60
|
+
- !ruby/object:Gem::Version
|
61
|
+
hash: 61
|
62
|
+
segments:
|
63
|
+
- 0
|
64
|
+
- 10
|
65
|
+
- 5
|
66
|
+
version: 0.10.5
|
67
|
+
type: :development
|
68
|
+
version_requirements: *id003
|
69
|
+
description: A data backend for Hiera that can return the content of whole files
|
70
|
+
email:
|
71
|
+
executables: []
|
72
|
+
|
73
|
+
extensions: []
|
74
|
+
|
75
|
+
extra_rdoc_files: []
|
76
|
+
|
77
|
+
files:
|
78
|
+
- lib/hiera/backend/file_backend.rb
|
79
|
+
- spec/unit/file_backend_spec.rb
|
80
|
+
has_rdoc: true
|
81
|
+
homepage: http://github.com/adrienthebo/hiera-file
|
82
|
+
licenses: []
|
83
|
+
|
84
|
+
post_install_message:
|
85
|
+
rdoc_options: []
|
86
|
+
|
87
|
+
require_paths:
|
88
|
+
- lib
|
89
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
90
|
+
none: false
|
91
|
+
requirements:
|
92
|
+
- - ">="
|
93
|
+
- !ruby/object:Gem::Version
|
94
|
+
hash: 3
|
95
|
+
segments:
|
96
|
+
- 0
|
97
|
+
version: "0"
|
98
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
99
|
+
none: false
|
100
|
+
requirements:
|
101
|
+
- - ">="
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
hash: 3
|
104
|
+
segments:
|
105
|
+
- 0
|
106
|
+
version: "0"
|
107
|
+
requirements: []
|
108
|
+
|
109
|
+
rubyforge_project:
|
110
|
+
rubygems_version: 1.6.2
|
111
|
+
signing_key:
|
112
|
+
specification_version: 3
|
113
|
+
summary: File backend for Hiera
|
114
|
+
test_files:
|
115
|
+
- spec/unit/file_backend_spec.rb
|