puppet 2.7.19 → 2.7.20.rc1

data/spec/unit/provider/user/windows_adsi_spec.rb

@@ -83,6 +83,17 @@ describe Puppet::Type.type(:user).provider(:windows_adsi) do
       provider.create
     end
 
+    it "should load the profile if managehome is set", :if => Puppet.features.microsoft_windows? do
+      resource[:password] = '0xDeadBeef'
+      resource[:managehome] = true
+
+      user = stub_everything 'user'
+      Puppet::Util::ADSI::User.expects(:create).with('testuser').returns user
+      Puppet::Util::Windows::User.expects(:load_profile).with('testuser', '0xDeadBeef')
+
+      provider.create
+    end
+
     it "should set a user's password" do
       provider.user.expects(:password=).with('plaintextbad')
 
@@ -125,14 +136,25 @@ describe Puppet::Type.type(:user).provider(:windows_adsi) do
     provider.delete
   end
 
+  it 'should delete the profile if managehome is set', :if => Puppet.features.microsoft_windows? do
+    resource[:managehome] = true
+
+    sid = 'S-A-B-C'
+    Puppet::Util::Windows::Security.expects(:name_to_sid).with('testuser').returns(sid)
+    Puppet::Util::ADSI::UserProfile.expects(:delete).with(sid)
+    connection.expects(:Delete).with('user', 'testuser')
+
+    provider.delete
+  end
+
   it "should commit the user when flushed" do
     provider.user.expects(:commit)
 
     provider.flush
   end
 
-  it "should return the user's SID as uid" do
-    Puppet::Util::ADSI.expects(:sid_for_account).with('testuser').returns('S-1-5-21-1362942247-2130103807-3279964888-1111')
+  it "should return the user's SID as uid", :if => Puppet.features.microsoft_windows? do
+    Puppet::Util::Windows::Security.expects(:name_to_sid).with('testuser').returns('S-1-5-21-1362942247-2130103807-3279964888-1111')
 
     provider.uid.should == 'S-1-5-21-1362942247-2130103807-3279964888-1111'
   end

data/spec/unit/puppet_spec.rb

@@ -2,8 +2,18 @@
 
 require 'spec_helper'
 require 'puppet'
+require 'puppet_spec/files'
+require 'semver'
 
 describe Puppet do
+  include PuppetSpec::Files
+
+  context "#version" do
+    it "should be valid semver" do
+      SemVer.should be_valid Puppet.version
+    end
+  end
+
   Puppet::Util::Log.eachlevel do |level|
     it "should have a method for sending '#{level}' logs" do
       Puppet.should respond_to(level)

data/spec/unit/resource/status_spec.rb

@@ -148,7 +148,7 @@ describe Puppet::Resource::Status do
       @status.line = 27
       @status.evaluation_time = 2.7
       @status.tags = %w{one two}
-      @status.to_yaml_properties.should == Puppet::Resource::Status::YAML_ATTRIBUTES.sort
+      @status.to_yaml_properties.should =~ Puppet::Resource::Status::YAML_ATTRIBUTES
     end
   end
 end

data/spec/unit/resource_spec.rb

@@ -799,6 +799,79 @@ type: File
     end
   end
 
+  describe '#parse_title' do
+    describe 'with a composite namevar' do
+      before do
+        Puppet::Type.newtype(:composite) do
+
+          newparam(:name)
+          newparam(:value)
+
+          # Configure two title patterns to match a title that is either
+          # separated with a colon or exclamation point. The first capture
+          # will be used for the :name param, and the second capture will be
+          # used for the :value param.
+          def self.title_patterns
+            identity = lambda {|x| x }
+            reverse  = lambda {|x| x.reverse }
+            [
+              [
+                /^(.*?):(.*?)$/,
+                [
+                  [:name, identity],
+                  [:value, identity],
+                ]
+              ],
+              [
+                /^(.*?)!(.*?)$/,
+                [
+                  [:name, reverse],
+                  [:value, reverse],
+                ]
+              ],
+            ]
+          end
+        end
+      end
+
+      describe "with no matching title patterns" do
+        subject { Puppet::Resource.new(:composite, 'unmatching title')}
+
+        it "should raise an exception if no title patterns match" do
+          expect do
+            subject.to_hash
+          end.to raise_error(Puppet::Error, /No set of title patterns matched/)
+        end
+      end
+
+      describe "with a matching title pattern" do
+        subject { Puppet::Resource.new(:composite, 'matching:title') }
+
+        it "should not raise an exception if there was a match" do
+          expect do
+            subject.to_hash
+          end.to_not raise_error
+        end
+
+        it "should set the resource parameters from the parsed title values" do
+          h = subject.to_hash
+          h[:name].should == 'matching'
+          h[:value].should == 'title'
+        end
+      end
+
+      describe "and multiple title patterns" do
+        subject { Puppet::Resource.new(:composite, 'matching!title') }
+
+        it "should use the first title pattern that matches" do
+          h = subject.to_hash
+          h[:name].should == 'gnihctam'
+          h[:value].should == 'eltit'
+        end
+      end
+    end
+  end
+
   describe "#prune_parameters" do
     before do
       Puppet.newtype('blond') do

data/spec/unit/ssl/certificate_authority_spec.rb

@@ -334,7 +334,7 @@ describe Puppet::SSL::CertificateAuthority do
 
         expect do
           @ca.sign(@name, false, @request)
-        end.should_not raise_error(Puppet::SSL::CertificateAuthority::CertificateSigningError)
+        end.not_to raise_error(Puppet::SSL::CertificateAuthority::CertificateSigningError)
       end
 
       it "should save the resulting certificate" do
@@ -906,6 +906,30 @@ describe Puppet::SSL::CertificateAuthority do
         @ca.crl.expects(:revoke).with { |serial, key| serial == 16 }
         @ca.revoke('host')
       end
+
+      context "revocation by serial number (#16798)" do
+        it "revokes when given a lower case hexadecimal formatted string" do
+          @ca.crl.expects(:revoke).with { |serial, key| serial == 15 }
+          Puppet::SSL::Certificate.indirection.expects(:find).with("0xf").returns nil
+
+          @ca.revoke('0xf')
+        end
+
+        it "revokes when given an upper case hexadecimal formatted string" do
+          @ca.crl.expects(:revoke).with { |serial, key| serial == 15 }
+          Puppet::SSL::Certificate.indirection.expects(:find).with("0xF").returns nil
+
+          @ca.revoke('0xF')
+        end
+
+        it "handles very large serial numbers" do
+          bighex = '0x4000000000000000000000000000000000000000'
+          @ca.crl.expects(:revoke).with { |serial, key| serial == 2**(159-1) }
+          Puppet::SSL::Certificate.indirection.expects(:find).with(bighex).returns nil
+
+          @ca.revoke(bighex)
+        end
+      end
     end
 
     it "should be able to generate a complete new SSL host" do

data/spec/unit/ssl/host_spec.rb

@@ -3,6 +3,12 @@ require 'spec_helper'
 
 require 'puppet/ssl/host'
 
+def base_pson_comparison(result, pson_hash)
+  result["fingerprint"].should == pson_hash["fingerprint"]
+  result["name"].should        == pson_hash["name"]
+  result["state"].should       == pson_hash["desired_state"]
+end
+
 describe Puppet::SSL::Host do
   include PuppetSpec::Files
 
@@ -322,10 +328,10 @@ describe Puppet::SSL::Host do
       end
 
       it "should set the terminus class for Key, Certificate, CertificateRevocationList, and CertificateRequest as :file" do
-        Puppet::SSL::Key.indirection.terminus_class.should == :file
-        Puppet::SSL::Certificate.indirection.terminus_class.should == :file
-        Puppet::SSL::CertificateRequest.indirection.terminus_class.should == :file
-        Puppet::SSL::CertificateRevocationList.indirection.terminus_class.should == :file
+        Puppet::SSL::Key.indirection.terminus_class.should == :disabled_ca
+        Puppet::SSL::Certificate.indirection.terminus_class.should == :disabled_ca
+        Puppet::SSL::CertificateRequest.indirection.terminus_class.should == :disabled_ca
+        Puppet::SSL::CertificateRevocationList.indirection.terminus_class.should == :disabled_ca
       end
 
       it "should set the terminus class for Host to 'none'" do
@@ -797,23 +803,71 @@ describe Puppet::SSL::Host do
     end
 
     describe "when converting to PSON" do
+      let(:host) do
+        Puppet::SSL::Host.new("bazinga")
+      end
+      
+      let(:pson_hash) do
+        {
+          "fingerprint"   => host.certificate_request.fingerprint,
+          "desired_state" => 'requested',
+          "name"          => host.name
+        }
+      end
+      
       it "should be able to identify a host with an unsigned certificate request" do
-        host = Puppet::SSL::Host.new("bazinga")
         host.generate_certificate_request
-        pson_hash = {
-          "fingerprint"          => host.certificate_request.fingerprint,
-          "desired_state"        => 'requested',
-          "name"                 => host.name
-        }
 
         result = PSON.parse(Puppet::SSL::Host.new(host.name).to_pson)
-        result["fingerprint"].should == pson_hash["fingerprint"]
-        result["name"].should        == pson_hash["name"]
-        result["state"].should       == pson_hash["desired_state"]
-      end
+        
+        base_pson_comparison result, pson_hash
+      end
+      
+      describe "explicit fingerprints" do
+        [:SHA1, :SHA256, :SHA512].each do |md|
+          it "should include #{md}" do
+            mds = md.to_s
+            host.generate_certificate_request
+            pson_hash["fingerprints"] = {}
+            pson_hash["fingerprints"][mds] = host.certificate_request.fingerprint(md)
+
+            result = PSON.parse(Puppet::SSL::Host.new(host.name).to_pson)
+            base_pson_comparison result, pson_hash
+            result["fingerprints"][mds].should == pson_hash["fingerprints"][mds]
+          end
+        end
+      end
+      
+      describe "dns_alt_names" do
+        describe "when not specified" do
+          it "should include the dns_alt_names associated with the certificate" do
+            host.generate_certificate_request
+            pson_hash["desired_alt_names"] = host.certificate_request.subject_alt_names
+
+            result = PSON.parse(Puppet::SSL::Host.new(host.name).to_pson)
+            base_pson_comparison result, pson_hash
+            result["dns_alt_names"].should == pson_hash["desired_alt_names"]
+          end
+        end
+
+        [ "", 
+          "test, alt, names"
+        ].each do |alt_names|
+          describe "when #{alt_names}" do
+            it "should include the dns_alt_names associated with the certificate" do
+              host.generate_certificate_request :dns_alt_names => alt_names
+              pson_hash["desired_alt_names"] = host.certificate_request.subject_alt_names
+
+              result = PSON.parse(Puppet::SSL::Host.new(host.name).to_pson)
+              base_pson_comparison result, pson_hash
+              result["dns_alt_names"].should == pson_hash["desired_alt_names"]
+            end
+          end
+        end
+      end
+      
 
       it "should be able to identify a host with a signed certificate" do
-        host = Puppet::SSL::Host.new("bazinga")
         host.generate_certificate_request
         @ca.sign(host.name)
         pson_hash = {
@@ -823,26 +877,18 @@ describe Puppet::SSL::Host do
         }
 
         result = PSON.parse(Puppet::SSL::Host.new(host.name).to_pson)
-        result["fingerprint"].should == pson_hash["fingerprint"]
-        result["name"].should        == pson_hash["name"]
-        result["state"].should       == pson_hash["desired_state"]
+        base_pson_comparison result, pson_hash
       end
 
       it "should be able to identify a host with a revoked certificate" do
-        host = Puppet::SSL::Host.new("bazinga")
         host.generate_certificate_request
         @ca.sign(host.name)
         @ca.revoke(host.name)
-        pson_hash = {
-          "fingerprint"          => Puppet::SSL::Certificate.indirection.find(host.name).fingerprint,
-          "desired_state"        => 'revoked',
-          "name"                 => host.name,
-        }
+        pson_hash["fingerprint"] = Puppet::SSL::Certificate.indirection.find(host.name).fingerprint
+        pson_hash["desired_state"] = 'revoked'
 
         result = PSON.parse(Puppet::SSL::Host.new(host.name).to_pson)
-        result["fingerprint"].should == pson_hash["fingerprint"]
-        result["name"].should        == pson_hash["name"]
-        result["state"].should       == pson_hash["desired_state"]
+        base_pson_comparison result, pson_hash
       end
     end
 

data/spec/unit/ssl/key_spec.rb

@@ -16,10 +16,6 @@ describe Puppet::SSL::Key do
     @class.indirection.name.should == :key
   end
 
-  it "should default to the :file terminus" do
-    @class.indirection.terminus_class.should == :file
-  end
-
   it "should only support the text format" do
     @class.supported_formats.should == [:s]
   end

data/spec/unit/transaction/event_spec.rb

@@ -122,7 +122,7 @@ describe Puppet::Transaction::Event do
                                              :message => "Help I'm trapped in a spec test",
                                              :name => :mode_changed, :previous_value => 6, :property => :mode,
                                              :status => 'success')
-      event.to_yaml_properties.should == Puppet::Transaction::Event::YAML_ATTRIBUTES.sort
+      event.to_yaml_properties.should =~ Puppet::Transaction::Event::YAML_ATTRIBUTES
     end
   end
 end

data/spec/unit/type/exec_spec.rb

@@ -274,7 +274,7 @@ describe Puppet::Type.type(:exec) do
 
         it "should fail if the provider calls the command invalid" do
           expect { test(command, false) }.
-            to raise_error Puppet::Error, /Parameter #{@param} failed: from a stub/
+            to raise_error Puppet::Error, /Parameter #{@param} failed on Exec\[.*\]: from a stub/
         end
       end
     end

data/spec/unit/type/file/content_spec.rb

@@ -264,8 +264,9 @@ describe content do
       end
 
       it "should write to the given file handle" do
-        @fh.expects(:print).with("this is content")
-        @content.write(@fh)
+        fh = mock 'filehandle'
+        fh.expects(:print).with("this is content")
+        @content.write(fh)
       end
 
       it "should return the current checksum value" do
@@ -295,8 +296,9 @@ describe content do
         @content.resource.expects(:bucket).returns bucket
         bucket.expects(:getfile).with("foo").returns "mycontent"
 
-        @fh.expects(:print).with("mycontent")
-        @content.write(@fh)
+        fh = mock 'filehandle'
+        fh.expects(:print).with("mycontent")
+        @content.write(fh)
       end
     end
 

data/spec/unit/type/file_spec.rb

@@ -36,22 +36,12 @@ describe Puppet::Type.type(:file) do
         file[:path].should == "/"
       end
 
-      it "should accept a double-slash at the start of the path" do
+      it "should accept and preserve a double-slash at the start of the path" do
         expect {
           file[:path] = "//tmp/xxx"
-          # REVISIT: This should be wrong, later.  See the next test.
-          # --daniel 2011-01-31
-          file[:path].should == '/tmp/xxx'
+          file[:path].should == '//tmp/xxx'
         }.to_not raise_error
       end
-
-      # REVISIT: This is pending, because I don't want to try and audit the
-      # entire codebase to make sure we get this right.  POSIX treats two (and
-      # exactly two) '/' characters at the start of the path specially.
-      #
-      # See sections 3.2 and 4.11, which allow DomainOS to be all special like
-      # and still have the POSIX branding and all. --daniel 2011-01-31
-      it "should preserve the double-slash at the start of the path"
     end
 
     describe "on Windows systems", :if => Puppet.features.microsoft_windows? do

data/spec/unit/type/host_spec.rb

@@ -4,10 +4,11 @@ require 'spec_helper'
 host = Puppet::Type.type(:host)
 
 describe host do
+  FakeHostProvider = Struct.new(:ip, :host_aliases, :comment)
   before do
     @class = host
     @catalog = Puppet::Resource::Catalog.new
-    @provider = stub 'provider'
+    @provider = FakeHostProvider.new
     @resource = stub 'resource', :resource => nil, :provider => @provider
   end
 
@@ -618,27 +619,35 @@ describe host do
 
     it "should send the first value to the provider for ip property" do
       @ip = @class.attrclass(:ip).new(:resource => @resource, :should => %w{192.168.0.1 192.168.0.2})
-      @provider.expects(:ip=).with '192.168.0.1'
+
       @ip.sync
+
+      @provider.ip.should == '192.168.0.1'
     end
 
     it "should send the first value to the provider for comment property" do
       @comment = @class.attrclass(:comment).new(:resource => @resource, :should => %w{Bazinga Notme})
-      @provider.expects(:comment=).with 'Bazinga'
+
       @comment.sync
+
+      @provider.comment.should == 'Bazinga'
     end
 
     it "should send the joined array to the provider for host_alias" do
       @host_aliases = @class.attrclass(:host_aliases).new(:resource => @resource, :should => %w{foo bar})
-      @provider.expects(:host_aliases=).with 'foo bar'
+
       @host_aliases.sync
+
+      @provider.host_aliases.should == 'foo bar'
     end
 
     it "should also use the specified delimiter for joining" do
       @host_aliases = @class.attrclass(:host_aliases).new(:resource => @resource, :should => %w{foo bar})
       @host_aliases.stubs(:delimiter).returns "\t"
-      @provider.expects(:host_aliases=).with "foo\tbar"
+
       @host_aliases.sync
+
+      @provider.host_aliases.should == "foo\tbar"
     end
 
     it "should care about the order of host_aliases" do