inspec 0.30.0 → 0.31.0

data/test/unit/resources/file_test.rb

@@ -1,202 +0,0 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-require 'helper'
-require 'inspec/resource'
-
-def shared_file_permission_tests(method_under_test)
-  it 'returns false if the file does not exist' do
-    resource.stubs(:exist?).returns(false)
-    resource.send(method_under_test, nil, nil).must_equal(false)
-  end
-
-  it 'returns the value of #file_permission_granted?' do
-    resource.stubs(:exist?).returns(true)
-    resource.stubs(:file_permission_granted?).returns('test_result')
-    resource.send(method_under_test, nil, nil).must_equal('test_result')
-  end
-end
-
-describe Inspec::Resources::FileResource do
-  let(:resource) { load_resource('file', '/fakepath/fakefile') }
-
-  describe '#readable?' do
-    shared_file_permission_tests(:readable?)
-  end
-
-  describe '#writable?' do
-    shared_file_permission_tests(:writable?)
-  end
-
-  describe '#executable?' do
-    shared_file_permission_tests(:executable?)
-  end
-
-  describe '#basename' do
-    it 'returns the basename' do
-      resource.stubs(:basename).returns('fakefile')
-      resource.basename.must_equal('fakefile')
-    end
-  end
-
-  describe '#to_s' do
-    it 'returns a properly formatted string' do
-      resource.to_s.must_equal('File /fakepath/fakefile')
-    end
-  end
-
-  describe '#file_permission_granted?' do
-    describe 'when not on a unix OS' do
-      it 'raises an exception' do
-        MockLoader.mock_os(resource, :windows)
-        proc { resource.send(:file_permission_granted?, 'flag', nil, nil) }.must_raise(RuntimeError)
-      end
-    end
-
-    describe 'when on a unix OS' do
-      before do
-        MockLoader.mock_os(resource, :centos7)
-      end
-
-      describe 'when no user is provided' do
-        it 'checks file permission by mask' do
-          resource.expects(:check_file_permission_by_mask).with('usergroup', 'flag')
-          resource.send(:file_permission_granted?, 'flag', 'usergroup', nil)
-        end
-      end
-
-      describe 'when a user is provided' do
-        it 'checks file permission by user' do
-          resource.expects(:check_file_permission_by_user).with('user', 'flag')
-          resource.send(:file_permission_granted?, 'flag', nil, 'user')
-        end
-      end
-    end
-  end
-
-  describe '#check_file_permission_by_mask' do
-    describe 'when no mask is returned' do
-      let(:file) { stub(unix_mode_mask: nil) }
-
-      it 'raises an exception' do
-        file = stub(unix_mode_mask: nil)
-        resource.stubs(:file).returns(file)
-        proc { resource.send(:check_file_permission_by_mask, 'usergroup', 'flag') }.must_raise(RuntimeError)
-      end
-    end
-
-    describe 'when a mask is returned' do
-      describe 'when the bitwise AND returns a non-zero' do
-        let(:file) { stub(unix_mode_mask: 292, mode: 420) }
-        it 'returns true' do
-          resource.stubs(:file).returns(file)
-          resource.send(:check_file_permission_by_mask, 'usergroup', 'flag').must_equal(true)
-        end
-      end
-
-      describe 'when the bitwise AND returns zero' do
-        let(:file) { stub(unix_mode_mask: 73, mode: 420) }
-        it 'returns false' do
-          resource.stubs(:file).returns(file)
-          resource.send(:check_file_permission_by_mask, 'usergroup', 'flag').must_equal(false)
-        end
-      end
-    end
-  end
-
-  describe 'check_file_permission_by_user' do
-    describe 'when on linux' do
-      before do
-        MockLoader.mock_os(resource, :centos7)
-      end
-
-      it 'executes a properly formatted command' do
-        MockLoader.mock_command(resource,
-          'su -s /bin/sh -c "test -flag /fakepath/fakefile" user',
-          exit_status: 0)
-        resource.send(:check_file_permission_by_user, 'user', 'flag')
-      end
-
-      it 'returns true when the cmd exits 0' do
-        MockLoader.mock_command(resource, 'su -s /bin/sh -c "test -flag /fakepath/fakefile" user', exit_status: 0)
-        resource.send(:check_file_permission_by_user, 'user', 'flag').must_equal(true)
-      end
-
-      it 'returns false when the cmd exits non-zero' do
-        MockLoader.mock_command(resource, 'su -s /bin/sh -c "test -flag /fakepath/fakefile" user', exit_status: 1)
-        resource.send(:check_file_permission_by_user, 'user', 'flag').must_equal(false)
-      end
-    end
-
-    describe 'when on freebsd' do
-      before do
-        MockLoader.mock_os(resource, :freebsd10)
-      end
-
-      it 'executes a properly formatted command' do
-        MockLoader.mock_command(resource, 'sudo -u user test -flag /fakepath/fakefile', exit_status: 0)
-        resource.send(:check_file_permission_by_user, 'user', 'flag')
-      end
-
-      it 'returns true when the cmd exits 0' do
-        MockLoader.mock_command(resource, 'sudo -u user test -flag /fakepath/fakefile', exit_status: 0)
-        resource.send(:check_file_permission_by_user, 'user', 'flag').must_equal(true)
-      end
-
-      it 'returns false when the cmd exits non-zero' do
-        MockLoader.mock_command(resource, 'sudo -u user test -flag /fakepath/fakefile', exit_status: 1)
-        resource.send(:check_file_permission_by_user, 'user', 'flag').must_equal(false)
-      end
-    end
-
-    describe 'when on hpux' do
-      before do
-        MockLoader.mock_os(resource, :hpux)
-      end
-
-      it 'executes a properly formatted command' do
-        MockLoader.mock_command(resource, "su user -c \"test -flag /fakepath/fakefile\"", exit_status: 0)
-        resource.send(:check_file_permission_by_user, 'user', 'flag')
-      end
-
-      it 'returns true when the cmd exits 0' do
-        MockLoader.mock_command(resource, "su user -c \"test -flag /fakepath/fakefile\"", exit_status: 0)
-        resource.send(:check_file_permission_by_user, 'user', 'flag').must_equal(true)
-      end
-
-      it 'returns false when the cmd exits non-zero' do
-        MockLoader.mock_command(resource, "su user -c \"test -flag /fakepath/fakefile\"", exit_status: 1)
-        resource.send(:check_file_permission_by_user, 'user', 'flag').must_equal(false)
-      end
-    end
-
-    describe 'when not on linux or freebsd' do
-      before do
-        MockLoader.mock_os(resource, :undefined)
-      end
-
-      it 'returns an error string' do
-        resource.send(:check_file_permission_by_user, 'user', 'flag').must_equal('The `file` resource does not support `by_user` on your OS.')
-      end
-    end
-  end
-
-  describe '#usergroup_for' do
-    it 'returns "other" if "others" is provided' do
-      resource.send(:usergroup_for, 'others', nil).must_equal('other')
-    end
-
-    it 'returns "all" if no usergroup or user is specified' do
-      resource.send(:usergroup_for, nil, nil).must_equal('all')
-    end
-
-    it 'returns nil if the usergroup is nil and a user is specified' do
-      resource.send(:usergroup_for, nil, 'user').must_equal(nil)
-    end
-
-    it 'returns the passed-in usergroup if usergroup is not nil and user is nil' do
-      resource.send(:usergroup_for, 'mygroup', nil).must_equal('mygroup')
-    end
-  end
-end

data/test/unit/resources/gem_test.rb

@@ -1,20 +0,0 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-require 'helper'
-require 'inspec/resource'
-
-describe 'Inspec::Resources::Gem' do
-  it 'verify gem package detail parsing' do
-    resource = load_resource('gem', 'rubocop')
-    pkg = {
-      name: 'rubocop',
-      version: '0.33.0',
-      type: 'gem',
-      installed: true,
-    }
-    _(resource.installed?).must_equal true
-    _(resource.info).must_equal pkg
-  end
-end

data/test/unit/resources/group_test.rb

@@ -1,96 +0,0 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-require 'helper'
-require 'inspec/resource'
-
-describe 'Inspec::Resources::Group' do
-
-  # ubuntu 14.04
-  it 'verify group on ubuntu' do
-    resource = MockLoader.new(:ubuntu1404).load_resource('group', 'root')
-    _(resource.exists?).must_equal true
-    _(resource.gid).must_equal 0
-    _(resource.has_gid?(0)).must_equal true
-  end
-
-  it 'verify group on ubuntu with UPPER CASE' do
-    resource = MockLoader.new(:ubuntu1404).load_resource('group', 'ROOT')
-    _(resource.exists?).must_equal true
-    _(resource.gid).must_equal 0
-    _(resource.has_gid?(0)).must_equal true
-  end
-
-  # ubuntu with non-existent group
-  it 'verify group on ubuntu' do
-    resource = MockLoader.new(:ubuntu1404).load_resource('group', 'nogroup')
-    _(resource.exists?).must_equal false
-    _(resource.gid).must_equal nil
-    _(resource.has_gid?(0)).must_equal false
-  end
-
-  # mac
-  it 'verify group on mac' do
-    resource = MockLoader.new(:osx104).load_resource('group', 'root')
-    _(resource.exists?).must_equal true
-    _(resource.gid).must_equal 0
-    _(resource.has_gid?(0)).must_equal true
-  end
-
-  # freebsd
-  it 'verify group on freebsd' do
-    resource = MockLoader.new(:freebsd10).load_resource('group', 'root')
-    _(resource.exists?).must_equal true
-    _(resource.gid).must_equal 0
-    _(resource.has_gid?(0)).must_equal true
-  end
-
-  # windows with local group
-  it 'verify group on windows' do
-    resource = MockLoader.new(:windows).load_resource('group', 'Administrators')
-    _(resource.exists?).must_equal true
-    _(resource.gid).must_equal nil
-    _(resource.has_gid?(0)).must_equal false
-  end
-
-  it 'verify group on windows' do
-    resource = MockLoader.new(:windows).load_resource('group', 'Administrators', 'WIN-K0AKLED332V')
-    _(resource.exists?).must_equal true
-    _(resource.gid).must_equal nil
-    _(resource.has_gid?(0)).must_equal false
-  end
-
-  # windows with domain group
-  it 'verify domain group on windows' do
-    resource = MockLoader.new(:windows).load_resource('group', 'Domain Admins', 'EXAMPLE')
-    _(resource.exists?).must_equal true
-    _(resource.gid).must_equal nil
-    _(resource.has_gid?(0)).must_equal false
-  end
-
-  # windows with domain group
-  it 'verify domain group on windows wiht lower case' do
-    resource = MockLoader.new(:windows).load_resource('group', 'domain admins', 'example')
-    _(resource.exists?).must_equal true
-    _(resource.gid).must_equal nil
-    _(resource.has_gid?(0)).must_equal false
-  end
-
-  # windows non-existent group
-  it 'verify non-existing group on windows' do
-    resource = MockLoader.new(:windows).load_resource('group', 'dhcp')
-    _(resource.exists?).must_equal false
-    _(resource.gid).must_equal nil
-    _(resource.has_gid?(0)).must_equal false
-  end
-
-  # undefined
-  it 'verify package handling on unsupported os' do
-    resource = MockLoader.new(:undefined).load_resource('group', 'root')
-    _(resource.exists?).must_equal false
-    _(resource.gid).must_equal nil
-    _(resource.has_gid?(0)).must_equal false
-  end
-
-end

data/test/unit/resources/grub_conf_test.rb

@@ -1,29 +0,0 @@
-# encoding: utf-8
-# author: Thomas Cate
-
-require 'helper'
-require 'inspec/resource'
-
-describe 'Inspec::Resources::GrubConfig' do
-
-  it 'verify kernel include' do
-    resource = MockLoader.new(:centos6).load_resource('grub_conf')
-    _(resource.kernel).must_be_kind_of Array
-  end
-
-  it 'verify initrd include' do
-    resource = MockLoader.new(:centos6).load_resource('grub_conf')
-    _(resource.initrd).must_be_kind_of String
-  end
-
-  it 'verify default' do
-    resource = MockLoader.new(:centos6).load_resource('grub_conf')
-    _(resource.default).must_equal '0'
-  end
-
-  it 'verify timeout' do
-    resource = MockLoader.new(:centos6).load_resource('grub_conf')
-    _(resource.timeout).must_equal '5'
-  end
-
-end

data/test/unit/resources/host_test.rb

@@ -1,38 +0,0 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-require 'helper'
-require 'inspec/resource'
-
-describe 'Inspec::Resources::Host' do
-
-  it 'check host on ubuntu' do
-    resource = MockLoader.new(:ubuntu1404).load_resource('host', 'example.com')
-    _(resource.resolvable?).must_equal true
-    _(resource.reachable?).must_equal true
-    _(resource.ipaddress).must_equal ['2606:2800:220:1:248:1893:25c8:1946']
-  end
-
-  it 'check host on centos 7' do
-    resource = MockLoader.new(:centos7).load_resource('host', 'example.com')
-    _(resource.resolvable?).must_equal true
-    _(resource.reachable?).must_equal true
-    _(resource.ipaddress).must_equal ['2606:2800:220:1:248:1893:25c8:1946']
-  end
-
-  it 'check host on windows' do
-    resource = MockLoader.new(:windows).load_resource('host', 'microsoft.com')
-    _(resource.resolvable?).must_equal true
-    _(resource.reachable?).must_equal false
-    _(resource.ipaddress).must_equal ['134.170.185.46', '134.170.188.221']
-  end
-
-  it 'check host on unsupported os' do
-    resource = MockLoader.new(:undefined).load_resource('host', 'example.com')
-    _(resource.resolvable?).must_equal false
-    _(resource.reachable?).must_equal false
-    _(resource.ipaddress).must_equal nil
-  end
-
-end

data/test/unit/resources/inetd_conf_test.rb

@@ -1,15 +0,0 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-require 'helper'
-require 'inspec/resource'
-
-describe 'Inspec::Resources::InetdConf' do
-  it 'verify limits.conf config parsing' do
-    resource = load_resource('inetd_conf')
-    _(resource.send('shell')).must_equal nil
-    _(resource.send('login')).must_equal nil
-    _(resource.send('ftp')).must_equal %w{stream tcp nowait root /usr/sbin/in.ftpd in.ftpd}
-  end
-end

data/test/unit/resources/ini_test.rb

@@ -1,16 +0,0 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-require 'helper'
-require 'inspec/resource'
-
-describe 'Inspec::Resources::Ini' do
-
-  it 'check ini parsing on ubuntu' do
-    resource = MockLoader.new(:ubuntu1404).load_resource('ini', 'rootwrap.conf')
-    result = {"DEFAULT"=>{"filters_path"=>"/etc/cinder/rootwrap.d,/usr/share/cinder/rootwrap", "exec_dirs"=>"/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin"}}
-    _(resource.params).must_equal result
-    _(resource.value(['DEFAULT','exec_dirs'])).must_equal '/sbin,/usr/sbin,/bin,/usr/bin,/usr/local/bin,/usr/local/sbin'
-  end
-end

data/test/unit/resources/interface_test.rb

@@ -1,54 +0,0 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-require 'helper'
-require 'inspec/resource'
-
-describe 'Inspec::Resources::Interface' do
-
-  # ubuntu 14.04
-  it 'verify interface on ubuntu' do
-    resource = MockLoader.new(:ubuntu1404).load_resource('interface', 'eth0')
-    _(resource.exists?).must_equal true
-    _(resource.up?).must_equal true
-    _(resource.speed).must_equal 10000
-  end
-
-  it 'verify invalid interface on ubuntu' do
-    resource = MockLoader.new(:ubuntu1404).load_resource('interface', 'eth1')
-    _(resource.exists?).must_equal false
-    _(resource.up?).must_equal false
-    _(resource.speed).must_equal nil
-  end
-
-  it 'verify interface on windows' do
-    resource = MockLoader.new(:windows).load_resource('interface', 'ethernet0')
-    _(resource.exists?).must_equal true
-    _(resource.up?).must_equal false
-    _(resource.speed).must_equal 0
-  end
-
-  it 'verify interface on windows' do
-    resource = MockLoader.new(:windows).load_resource('interface', 'vEthernet (Intel(R) PRO 1000 MT Network Connection - Virtual Switch)')
-    _(resource.exists?).must_equal true
-    _(resource.up?).must_equal true
-    _(resource.speed).must_equal 10000000
-  end
-
-  it 'verify invalid interface on windows' do
-    resource = MockLoader.new(:windows).load_resource('interface', 'eth1')
-    _(resource.exists?).must_equal false
-    _(resource.up?).must_equal false
-    _(resource.speed).must_equal nil
-  end
-
-  # undefined
-  it 'verify interface on unsupported os' do
-    resource = MockLoader.new(:undefined).load_resource('interface', 'eth0')
-    _(resource.exists?).must_equal false
-    _(resource.up?).must_equal false
-    _(resource.speed).must_equal nil
-  end
-
-end

data/test/unit/resources/iptables_test.rb

@@ -1,35 +0,0 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-require 'helper'
-require 'inspec/resource'
-
-describe 'Inspec::Resources::Iptables' do
-
-  # ubuntu 14.04
-  it 'verify iptables on ubuntu' do
-    resource = MockLoader.new(:ubuntu1404).load_resource('iptables')
-    _(resource.has_rule?('-P OUTPUT ACCEPT')).must_equal true
-    _(resource.has_rule?('-P OUTPUT DROP')).must_equal false
-  end
-
-  it 'verify iptables with comments on ubuntu' do
-    resource = MockLoader.new(:ubuntu1404).load_resource('iptables')
-    _(resource.has_rule?('-A INPUT -i eth0 -p tcp -m tcp --dport 80 -m state --state NEW -m comment --comment "http like its 1990" -j ACCEPT')).must_equal true
-  end
-
-  it 'verify iptables on windows' do
-    resource = MockLoader.new(:windows).load_resource('iptables')
-    _(resource.has_rule?('-P OUTPUT ACCEPT')).must_equal false
-    _(resource.has_rule?('-P OUTPUT DROP')).must_equal false
-  end
-
-  # undefined
-  it 'verify iptables on unsupported os' do
-    resource = MockLoader.new(:undefined).load_resource('iptables')
-    _(resource.has_rule?('-P OUTPUT ACCEPT')).must_equal false
-    _(resource.has_rule?('-P OUTPUT DROP')).must_equal false
-  end
-
-end

data/test/unit/resources/json_test.rb

@@ -1,36 +0,0 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-require 'helper'
-require 'inspec/resource'
-
-describe 'Inspec::Resources::JSON' do
-  describe 'when loading a valid json' do
-    let (:resource) { load_resource('json', 'policyfile.lock.json') }
-
-    it 'gets params as a hashmap' do
-      _(resource.params).must_be_kind_of Hash
-    end
-
-    it 'retrieves nil if a param is missing' do
-      _(resource.params['missing']).must_be_nil
-    end
-
-    it 'retrieves params by name' do
-      _(resource.send('name')).must_equal 'demo'
-    end
-
-    it 'retrieves an array by name' do
-      _(resource.send('run_list')).must_equal %w{a b}
-    end
-
-    it 'doesnt resolve dot-notation names' do
-      _(resource.send('x.y.z')).must_be_nil
-    end
-
-    it 'doesnt resolve symbol-notation names' do
-      _(resource.send(:'x.y.z')).must_be_nil
-    end
-  end
-end

data/test/unit/resources/kernel_module_test.rb

@@ -1,23 +0,0 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-require 'helper'
-require 'inspec/resource'
-
-describe 'Inspec::Resources::KernelModule' do
-  it 'verify kernel_module parsing' do
-    resource = load_resource('kernel_module', 'bridge')
-    _(resource.loaded?).must_equal true
-  end
-
-  it 'verify kernel_module parsing' do
-    resource = load_resource('kernel_module', 'bridges')
-    _(resource.loaded?).must_equal false
-  end
-
-  it 'verify kernel_module parsing' do
-    resource = load_resource('kernel_module', 'dhcp')
-    _(resource.loaded?).must_equal false
-  end
-end

data/test/unit/resources/kernel_parameter_test.rb

@@ -1,13 +0,0 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-require 'helper'
-require 'inspec/resource'
-
-describe 'Inspec::Resources::KernelParameter' do
-  it 'verify kernel_parameter parsing' do
-    resource = load_resource('kernel_parameter', 'net.ipv4.conf.all.forwarding')
-    _(resource.value).must_equal 1
-  end
-end

data/test/unit/resources/limits_conf_test.rb

@@ -1,14 +0,0 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-require 'helper'
-require 'inspec/resource'
-
-describe 'Inspec::Resources::LimitsConf' do
-  it 'verify limits.conf config parsing' do
-    resource = load_resource('limits_conf')
-    _(resource.send('*')).must_equal [['soft', 'core', '0'], ['hard', 'rss', '10000']]
-    _(resource.send('ftp')).must_equal [["hard", "nproc", "0"]]
-  end
-end

data/test/unit/resources/login_def_test.rb

@@ -1,16 +0,0 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-require 'helper'
-require 'inspec/resource'
-
-describe 'Inspec::Resources::LoginDef' do
-  it 'verify login.def config parsing' do
-    resource = load_resource('login_defs')
-    _(resource.UMASK).must_equal '022'
-    _(resource.PASS_MIN_DAYS).must_equal '0'
-    _(resource.PASS_WARN_AGE).must_equal '7'
-    _(resource.USERDEL_CMD).must_equal nil
-  end
-end

data/test/unit/resources/mount_test.rb

@@ -1,26 +0,0 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-require 'helper'
-require 'inspec/resource'
-
-describe Inspec::Resources::FileResource do
-  let(:root_resource) { load_resource('mount', '/') }
-
-  it 'parses the mount data properly' do
-    root_resource.send(:device).must_equal('/dev/xvda1')
-    root_resource.send(:type).must_equal('ext4')
-    root_resource.send(:options).must_equal(['rw','discard'])
-    root_resource.send(:count).must_equal(1)
-  end
-
-  let(:iso_resource) { load_resource('mount', '/mnt/iso-disk') }
-
-  it 'parses the mount data properly' do
-    iso_resource.send(:device).must_equal('/root/alpine-3.3.0-x86_64_2.iso')
-    iso_resource.send(:type).must_equal('iso9660')
-    iso_resource.send(:options).must_equal(['ro'])
-    iso_resource.send(:count).must_equal(2)
-  end
-end

data/test/unit/resources/mysql_conf_test.rb

@@ -1,14 +0,0 @@
-# encoding: utf-8
-# author: Christoph Hartmann
-# author: Dominik Richter
-
-require 'helper'
-
-describe 'Inspec::Resources::MysqlConf' do
-  it 'verify mysql.conf config parsing' do
-    resource = load_resource('mysql_conf', '/etc/mysql/my.cnf')
-    _(resource.client['port']).must_equal '3306'
-    _(resource.mysqld['user']).must_equal 'mysql'
-    _(resource.mysqld['key_buffer_size']).must_equal '16M'
-  end
-end