inspec 0.9.5 → 0.9.6

data/test/unit/resources/file_test.rb

@@ -0,0 +1,181 @@
+require 'helper'
+require 'inspec/resource'
+
+def shared_file_permission_tests(method_under_test)
+  it 'returns false if the file does not exist' do
+    resource.stubs(:exist?).returns(false)
+    resource.send(method_under_test, nil, nil).must_equal(false)
+  end
+
+  it 'returns the value of #file_permission_granted?' do
+    resource.stubs(:exist?).returns(true)
+    resource.stubs(:file_permission_granted?).returns('test_result')
+    resource.send(method_under_test, nil, nil).must_equal('test_result')
+  end
+end
+
+describe Inspec::Resources::File do
+  let(:resource) { load_resource('file', '/fakepath/fakefile') }
+  let(:os)       { stub(:[] => { 'family' => 'fakefamily' }) }
+  let(:inspec)   { stub(os: os) }
+
+  before { resource.stubs(:inspec).returns(inspec) }
+
+  describe '#readable?' do
+    shared_file_permission_tests(:readable?)
+  end
+
+  describe '#writable?' do
+    shared_file_permission_tests(:writable?)
+  end
+
+  describe '#executable?' do
+    shared_file_permission_tests(:executable?)
+  end
+
+  describe '#to_s' do
+    it 'returns a properly formatted string' do
+      resource.to_s.must_equal('File /fakepath/fakefile')
+    end
+  end
+
+  describe '#file_permission_granted?' do
+    describe 'when not on a unix OS' do
+      it 'raises an exception' do
+        resource.stubs(:unix?).returns(false)
+
+        proc { resource.send(:file_permission_granted?, 'flag', nil, nil) }.must_raise(RuntimeError)
+      end
+    end
+
+    describe 'when on a unix OS' do
+      before do
+        resource.stubs(:unix?).returns(true)
+      end
+
+      describe 'when no user is provided' do
+        it 'checks file permission by mask' do
+          resource.expects(:check_file_permission_by_mask).with('usergroup', 'flag')
+          resource.send(:file_permission_granted?, 'flag', 'usergroup', nil)
+        end
+      end
+
+      describe 'when a user is provided' do
+        it 'checks file permission by user' do
+          resource.expects(:check_file_permission_by_user).with('user', 'flag')
+          resource.send(:file_permission_granted?, 'flag', nil, 'user')
+        end
+      end
+    end
+  end
+
+  describe '#check_file_permission_by_mask' do
+    describe 'when no mask is returned' do
+      let(:file) { stub(unix_mode_mask: nil) }
+
+      it 'raises an exception' do
+        file = stub(unix_mode_mask: nil)
+        resource.stubs(:file).returns(file)
+        proc { resource.send(:check_file_permission_by_mask, 'usergroup', 'flag') }.must_raise(RuntimeError)
+      end
+    end
+
+    describe 'when a mask is returned' do
+      describe 'when the bitwise AND returns a non-zero' do
+        let(:file) { stub(unix_mode_mask: 292, mode: 420) }
+        it 'returns true' do
+          resource.stubs(:file).returns(file)
+          resource.send(:check_file_permission_by_mask, 'usergroup', 'flag').must_equal(true)
+        end
+      end
+
+      describe 'when the bitwise AND returns zero' do
+        let(:file) { stub(unix_mode_mask: 73, mode: 420) }
+        it 'returns false' do
+          resource.stubs(:file).returns(file)
+          resource.send(:check_file_permission_by_mask, 'usergroup', 'flag').must_equal(false)
+        end
+      end
+    end
+  end
+
+  describe 'check_file_permission_by_user' do
+    describe 'when on linux' do
+      before do
+        resource.stubs(:linux?).returns(true)
+      end
+
+      it 'executes a properly formatted command' do
+        cmd = stub(exit_status: 0)
+        inspec.expects(:command).with('su -s /bin/sh -c "test -flag /fakepath/fakefile" user').returns(cmd)
+        resource.send(:check_file_permission_by_user, 'user', 'flag')
+      end
+
+      it 'returns true when the cmd exits 0' do
+        cmd = stub(exit_status: 0)
+        inspec.stubs(:command).returns(cmd)
+        resource.send(:check_file_permission_by_user, 'user', 'flag').must_equal(true)
+      end
+
+      it 'returns true when the cmd exits non-zero' do
+        cmd = stub(exit_status: 1)
+        inspec.stubs(:command).returns(cmd)
+        resource.send(:check_file_permission_by_user, 'user', 'flag').must_equal(false)
+      end
+    end
+
+    describe 'when on freebsd' do
+      before do
+        resource.stubs(:linux?).returns(false)
+        resource.stubs(:family).returns('freebsd')
+      end
+
+      it 'executes a properly formatted command' do
+        cmd = stub(exit_status: 0)
+        inspec.expects(:command).with('sudo -u user test -flag /fakepath/fakefile').returns(cmd)
+        resource.send(:check_file_permission_by_user, 'user', 'flag')
+      end
+
+      it 'returns true when the cmd exits 0' do
+        cmd = stub(exit_status: 0)
+        inspec.stubs(:command).returns(cmd)
+        resource.send(:check_file_permission_by_user, 'user', 'flag').must_equal(true)
+      end
+
+      it 'returns true when the cmd exits non-zero' do
+        cmd = stub(exit_status: 1)
+        inspec.stubs(:command).returns(cmd)
+        resource.send(:check_file_permission_by_user, 'user', 'flag').must_equal(false)
+      end
+    end
+
+    describe 'when not on linux or freebsd' do
+      before do
+        resource.stubs(:linux?).returns(false)
+        resource.stubs(:family).returns('fakefamily')
+      end
+
+      it 'returns an error string' do
+        resource.send(:check_file_permission_by_user, 'user', 'flag').must_equal('The `file` resource does not support `by_user` on your OS.')
+      end
+    end
+  end
+
+  describe '#usergroup_for' do
+    it 'returns "other" if "others" is provided' do
+      resource.send(:usergroup_for, 'others', nil).must_equal('other')
+    end
+
+    it 'returns "all" if no usergroup or user is specified' do
+      resource.send(:usergroup_for, nil, nil).must_equal('all')
+    end
+
+    it 'returns nil if the usergroup is nil and a user is specified' do
+      resource.send(:usergroup_for, nil, 'user').must_equal(nil)
+    end
+
+    it 'returns the passed-in usergroup if usergroup is not nil and user is nil' do
+      resource.send(:usergroup_for, 'mygroup', nil).must_equal('mygroup')
+    end
+  end
+end

data/test/unit/resources/package_test.rb

@@ -33,6 +33,15 @@ describe 'Inspec::Resources::Package' do
     _(resource.info).must_equal pkg
   end
 
+  # wrlinux
+  it 'verify wrlinux package parsing' do
+    resource = MockLoader.new(:wrlinux).load_resource('package', 'curl')
+    pkg = { name: 'curl', installed: true, version: '7.29.0', type: 'rpm' }
+    _(resource.installed?).must_equal true
+    _(resource.version).must_equal '7.29.0'
+    _(resource.info).must_equal pkg
+  end
+
   # windows
   it 'verify windows package parsing' do
     resource = MockLoader.new(:windows).load_resource('package', 'Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161')

data/test/unit/resources/port_test.rb

@@ -9,38 +9,58 @@ describe 'Inspec::Resources::Port' do
   it 'verify port on Ubuntu 14.04' do
     resource = MockLoader.new(:ubuntu1404).load_resource('port', 22)
     _(resource.listening?).must_equal true
-    _(resource.protocol).must_equal %w{ tcp tcp6 }
-    _(resource.pid).must_equal [1]
-    _(resource.process).must_equal ['sshd']
+    _(resource.protocols).must_equal %w{ tcp tcp6 }
+    _(resource.pids).must_equal [1]
+    _(resource.processes).must_equal ['sshd']
   end
 
   it 'verify port on MacOs x' do
     resource = MockLoader.new(:osx104).load_resource('port', 2022)
     _(resource.listening?).must_equal true
-    _(resource.protocol).must_equal ['tcp']
-    _(resource.process).must_equal ['VBoxHeadl']
+    _(resource.protocols).must_equal ['tcp']
+    _(resource.processes).must_equal ['VBoxHeadl']
   end
 
   it 'verify port on Windows' do
     resource = MockLoader.new(:windows).load_resource('port', 135)
     _(resource.listening?).must_equal true
-    _(resource.protocol).must_equal ['tcp']
-    _(resource.process).must_equal nil
+    _(resource.protocols).must_equal ['tcp']
+    _(resource.processes).must_equal nil
   end
 
   it 'verify port on FreeBSD' do
     resource = MockLoader.new(:freebsd10).load_resource('port', 22)
     _(resource.listening?).must_equal true
-    _(resource.protocol).must_equal %w{ tcp6 tcp }
-    _(resource.pid).must_equal [668]
-    _(resource.process).must_equal ['sshd']
+    _(resource.protocols).must_equal %w{ tcp6 tcp }
+    _(resource.pids).must_equal [668]
+    _(resource.processes).must_equal ['sshd']
+  end
+
+  it 'verify port on wrlinux' do
+    resource = MockLoader.new(:wrlinux).load_resource('port', 22)
+    _(resource.listening?).must_equal true
+    _(resource.protocols).must_equal %w{ tcp tcp6 }
+    _(resource.processes).must_equal ['sshd']
   end
 
   it 'verify running on undefined' do
     resource = MockLoader.new(:undefined).load_resource('port', 22)
     _(resource.listening?).must_equal false
-    _(resource.protocol).must_equal nil
-    _(resource.pid).must_equal nil
-    _(resource.process).must_equal nil
+    _(resource.protocols).must_equal nil
+    _(resource.pids).must_equal nil
+    _(resource.processes).must_equal nil
+  end
+
+  it 'verify port and interface on Ubuntu 14.04' do
+    resource = MockLoader.new(:ubuntu1404).load_resource('port', '0.0.0.0', 22)
+    _(resource.listening?).must_equal true
+    _(resource.protocols).must_equal %w{ tcp }
+    _(resource.pids).must_equal [1]
+    _(resource.processes).must_equal ['sshd']
+  end
+
+  it 'verify not listening port on interface on Ubuntu 14.04' do
+    resource = MockLoader.new(:ubuntu1404).load_resource('port', '127.0.0.1', 22)
+    _(resource.listening?).must_equal false
   end
 end

data/test/unit/resources/processes_test.rb

@@ -29,4 +29,10 @@ describe 'Inspec::Resources::Processes' do
 
     _(resource.list.length).must_equal 1
   end
+
+  it 'retrieves the users and states as arrays' do
+    resource = load_resource('processes', 'svc')
+    _(resource.users.sort).must_equal ['noot']
+    _(resource.states.sort).must_equal ['S', 'Ss']
+  end
 end

data/test/unit/resources/service_test.rb

@@ -107,6 +107,16 @@ describe 'Inspec::Resources::Service' do
     _(resource.running?).must_equal true
   end
 
+  # wrlinux
+  it 'verify wrlinux package parsing' do
+    resource = MockLoader.new(:wrlinux).load_resource('service', 'sshd')
+    srv = { name: 'sshd', description: nil, installed: true, running: true, enabled: true, type: 'sysv' }
+    _(resource.info).must_equal srv
+    _(resource.installed?).must_equal true
+    _(resource.enabled?).must_equal true
+    _(resource.running?).must_equal true
+  end
+
   # unknown OS
   it 'verify package handling on unsupported os' do
     resource = MockLoader.new(:undefined).load_resource('service', 'dhcp')

data/test/unit/resources/user_test.rb

@@ -56,6 +56,18 @@ describe 'Inspec::Resources::User' do
     _(resource.warndays).must_equal 7
   end
 
+  it 'read user on centos7' do
+    resource = MockLoader.new(:wrlinux).load_resource('user', 'root')
+    _(resource.exists?).must_equal true
+    _(resource.group).must_equal 'root'
+    _(resource.groups).must_equal ['root']
+    _(resource.home).must_equal '/root'
+    _(resource.shell).must_equal '/bin/bash'
+    _(resource.mindays).must_equal 0
+    _(resource.maxdays).must_equal 99999
+    _(resource.warndays).must_equal 7
+  end
+
   it 'read user on freebsd' do
     resource = MockLoader.new(:freebsd10).load_resource('user', 'root')
     _(resource.exists?).must_equal true

data/test/unit/utils/find_files_test.rb

@@ -0,0 +1,23 @@
+# encoding: utf-8
+# author: Stephan Renatus
+
+require 'helper'
+
+describe FindFiles do
+  let (:findfiles) do
+    class FindFilesTest
+      include FindFiles
+      def inspec
+        Inspec::Backend.create(backend: :mock)
+      end
+    end
+    FindFilesTest.new
+  end
+
+  describe '#find_files' do
+    it 'returns an array (of findings)' do
+      files = findfiles.find_files('/no/such/mock', type: 'file', depth: 1)
+      files.must_equal([])
+    end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: inspec
 version: !ruby/object:Gem::Version
-  version: 0.9.5
+  version: 0.9.6
 platform: ruby
 authors:
 - Dominik Richter
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-11-25 00:00:00.000000000 Z
+date: 2015-12-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: r-train
@@ -136,6 +136,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: mocha
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.1'
 description: Validate Inspec compliance checks.
 email:
 - dominik.richter@gmail.com
@@ -153,21 +167,35 @@ files:
 - README.md
 - Rakefile
 - bin/inspec
-- bin/inspec.orig
 - docs/ctl_inspec.rst
 - docs/dsl_inspec.rst
 - docs/inspec_and_friends.rst
 - docs/readme.rst
 - docs/resources.rst
 - docs/template.rst
-- examples/test-kitchen/.kitchen.yml
-- examples/test-kitchen/Berksfile
-- examples/test-kitchen/Gemfile
-- examples/test-kitchen/README.md
-- examples/test-kitchen/metadata.rb
-- examples/test-kitchen/recipes/default.rb
-- examples/test-kitchen/recipes/nginx.rb
-- examples/test-kitchen/test/integration/default/web_spec.rb
+- examples/README.md
+- examples/kitchen-ansible/.kitchen.yml
+- examples/kitchen-ansible/Gemfile
+- examples/kitchen-ansible/README.md
+- examples/kitchen-ansible/files/nginx.repo
+- examples/kitchen-ansible/tasks/main.yml
+- examples/kitchen-ansible/test/integration/default/default.yml
+- examples/kitchen-ansible/test/integration/default/web_spec.rb
+- examples/kitchen-chef/.kitchen.yml
+- examples/kitchen-chef/Berksfile
+- examples/kitchen-chef/Gemfile
+- examples/kitchen-chef/README.md
+- examples/kitchen-chef/metadata.rb
+- examples/kitchen-chef/recipes/default.rb
+- examples/kitchen-chef/recipes/nginx.rb
+- examples/kitchen-chef/test/integration/default/web_spec.rb
+- examples/kitchen-puppet/.kitchen.yml
+- examples/kitchen-puppet/Gemfile
+- examples/kitchen-puppet/Puppetfile
+- examples/kitchen-puppet/README.md
+- examples/kitchen-puppet/manifests/site.pp
+- examples/kitchen-puppet/metadata.json
+- examples/kitchen-puppet/test/integration/default/web_spec.rb
 - inspec.gemspec
 - lib/inspec.rb
 - lib/inspec/backend.rb
@@ -193,7 +221,6 @@ files:
 - lib/inspec/targets/zip.rb
 - lib/inspec/version.rb
 - lib/matchers/matchers.rb
-- lib/resources/.service.rb.swp
 - lib/resources/apache.rb
 - lib/resources/apache_conf.rb
 - lib/resources/apt.rb
@@ -272,13 +299,16 @@ files:
 - test/integration/cookbooks/os_prepare/recipes/service.rb
 - test/integration/test/integration/default/_debug_spec.rb
 - test/integration/test/integration/default/apt_spec.rb
+- test/integration/test/integration/default/compare_matcher_spec.rb
 - test/integration/test/integration/default/csv_spec.rb
+- test/integration/test/integration/default/etc_group.rb
 - test/integration/test/integration/default/file_spec.rb
 - test/integration/test/integration/default/group_spec.rb
 - test/integration/test/integration/default/ini_spec.rb
 - test/integration/test/integration/default/json_spec.rb
 - test/integration/test/integration/default/kernel_module_spec.rb
 - test/integration/test/integration/default/kernel_parameter_spec.rb
+- test/integration/test/integration/default/os_spec.rb
 - test/integration/test/integration/default/package_spec.rb
 - test/integration/test/integration/default/port_spec.rb
 - test/integration/test/integration/default/registry_key_spec.rb
@@ -306,6 +336,8 @@ files:
 - test/unit/mock/cmd/dscl
 - test/unit/mock/cmd/env
 - test/unit/mock/cmd/etc-apt
+- test/unit/mock/cmd/find-apache2-conf-enabled
+- test/unit/mock/cmd/find-apache2-ports-conf
 - test/unit/mock/cmd/find-etc-rc-d-name-S
 - test/unit/mock/cmd/find-net-interface
 - test/unit/mock/cmd/gem-list-local-a-q-rubocop
@@ -348,6 +380,7 @@ files:
 - test/unit/mock/cmd/systemctl-show-all-sshd
 - test/unit/mock/cmd/win32_product
 - test/unit/mock/cmd/yum-repolist-all
+- test/unit/mock/files/apache2.conf
 - test/unit/mock/files/auditd.conf
 - test/unit/mock/files/bond0
 - test/unit/mock/files/etcgroup
@@ -361,15 +394,16 @@ files:
 - test/unit/mock/files/ntp.conf
 - test/unit/mock/files/passwd
 - test/unit/mock/files/policyfile.lock.json
+- test/unit/mock/files/ports.conf
 - test/unit/mock/files/rootwrap.conf
+- test/unit/mock/files/serve-cgi-bin.conf
 - test/unit/mock/files/ssh_config
 - test/unit/mock/files/sshd_config
 - test/unit/mock/profiles/empty/metadata.rb
 - test/unit/mock/profiles/metadata/metadata.rb
-- test/unit/mock/profiles/rules/metadata.rb
-- test/unit/mock/profiles/rules/test/test.rb
 - test/unit/profile_context_test.rb
 - test/unit/profile_test.rb
+- test/unit/resources/apache_conf_test.rb
 - test/unit/resources/apt_test.rb
 - test/unit/resources/audit_policy_test.rb
 - test/unit/resources/auditd_conf_test.rb
@@ -378,6 +412,7 @@ files:
 - test/unit/resources/bridge_test.rb
 - test/unit/resources/csv_test.rb
 - test/unit/resources/etc_group_test.rb
+- test/unit/resources/file_test.rb
 - test/unit/resources/gem_test.rb
 - test/unit/resources/group_test.rb
 - test/unit/resources/host_test.rb
@@ -411,6 +446,7 @@ files:
 - test/unit/resources/yum_test.rb
 - test/unit/simpleconfig_test.rb
 - test/unit/utils/content_parser_test.rb
+- test/unit/utils/find_files_test.rb
 homepage: https://github.com/chef/inspec
 licenses:
 - Apache 2.0
@@ -455,13 +491,16 @@ test_files:
 - test/integration/cookbooks/os_prepare/recipes/service.rb
 - test/integration/test/integration/default/_debug_spec.rb
 - test/integration/test/integration/default/apt_spec.rb
+- test/integration/test/integration/default/compare_matcher_spec.rb
 - test/integration/test/integration/default/csv_spec.rb
+- test/integration/test/integration/default/etc_group.rb
 - test/integration/test/integration/default/file_spec.rb
 - test/integration/test/integration/default/group_spec.rb
 - test/integration/test/integration/default/ini_spec.rb
 - test/integration/test/integration/default/json_spec.rb
 - test/integration/test/integration/default/kernel_module_spec.rb
 - test/integration/test/integration/default/kernel_parameter_spec.rb
+- test/integration/test/integration/default/os_spec.rb
 - test/integration/test/integration/default/package_spec.rb
 - test/integration/test/integration/default/port_spec.rb
 - test/integration/test/integration/default/registry_key_spec.rb
@@ -489,6 +528,8 @@ test_files:
 - test/unit/mock/cmd/dscl
 - test/unit/mock/cmd/env
 - test/unit/mock/cmd/etc-apt
+- test/unit/mock/cmd/find-apache2-conf-enabled
+- test/unit/mock/cmd/find-apache2-ports-conf
 - test/unit/mock/cmd/find-etc-rc-d-name-S
 - test/unit/mock/cmd/find-net-interface
 - test/unit/mock/cmd/gem-list-local-a-q-rubocop
@@ -531,6 +572,7 @@ test_files:
 - test/unit/mock/cmd/systemctl-show-all-sshd
 - test/unit/mock/cmd/win32_product
 - test/unit/mock/cmd/yum-repolist-all
+- test/unit/mock/files/apache2.conf
 - test/unit/mock/files/auditd.conf
 - test/unit/mock/files/bond0
 - test/unit/mock/files/etcgroup
@@ -544,15 +586,16 @@ test_files:
 - test/unit/mock/files/ntp.conf
 - test/unit/mock/files/passwd
 - test/unit/mock/files/policyfile.lock.json
+- test/unit/mock/files/ports.conf
 - test/unit/mock/files/rootwrap.conf
+- test/unit/mock/files/serve-cgi-bin.conf
 - test/unit/mock/files/ssh_config
 - test/unit/mock/files/sshd_config
 - test/unit/mock/profiles/empty/metadata.rb
 - test/unit/mock/profiles/metadata/metadata.rb
-- test/unit/mock/profiles/rules/metadata.rb
-- test/unit/mock/profiles/rules/test/test.rb
 - test/unit/profile_context_test.rb
 - test/unit/profile_test.rb
+- test/unit/resources/apache_conf_test.rb
 - test/unit/resources/apt_test.rb
 - test/unit/resources/audit_policy_test.rb
 - test/unit/resources/auditd_conf_test.rb
@@ -561,6 +604,7 @@ test_files:
 - test/unit/resources/bridge_test.rb
 - test/unit/resources/csv_test.rb
 - test/unit/resources/etc_group_test.rb
+- test/unit/resources/file_test.rb
 - test/unit/resources/gem_test.rb
 - test/unit/resources/group_test.rb
 - test/unit/resources/host_test.rb
@@ -594,3 +638,4 @@ test_files:
 - test/unit/resources/yum_test.rb
 - test/unit/simpleconfig_test.rb
 - test/unit/utils/content_parser_test.rb
+- test/unit/utils/find_files_test.rb