puppet 3.0.1 → 3.0.2.rc1

data/spec/unit/provider/user/ldap_spec.rb

@@ -24,14 +24,6 @@ describe provider_class do
     provider_class.should be_manages_passwords
   end
 
-  it "should use the ldap group provider to convert group names to numbers" do
-    provider = provider_class.new(:name => "foo")
-    Puppet::Type.type(:group).provider(:ldap).expects(:name2id).with("bar").returns 10
-
-    provider.gid = 'bar'
-    provider.gid.should == 10
-  end
-
   {:name => "uid",
     :password => "userPassword",
     :comment => "cn",
@@ -53,10 +45,13 @@ describe provider_class do
     end
 
     it "should generate the sn as the last field of the cn" do
+      Puppet::Type.type(:group).provider(:ldap).expects(:name2id).with(["whatever"]).returns [123]
+
       resource = stub 'resource', :should => %w{whatever}
       resource.stubs(:should).with(:comment).returns ["Luke Kanies"]
       resource.stubs(:should).with(:ensure).returns :present
       instance = provider_class.new(:name => "luke", :ensure => :absent)
+
       instance.stubs(:resource).returns resource
 
       @connection.expects(:add).with { |dn, attrs| attrs["sn"] == ["Kanies"] }
@@ -65,8 +60,25 @@ describe provider_class do
       instance.flush
     end
 
+    it "should translate a group name to the numeric id" do
+      Puppet::Type.type(:group).provider(:ldap).expects(:name2id).with("bar").returns 101
+
+      resource = stub 'resource', :should => %w{whatever}
+      resource.stubs(:should).with(:gid).returns 'bar'
+      resource.stubs(:should).with(:ensure).returns :present
+      instance = provider_class.new(:name => "luke", :ensure => :absent)
+      instance.stubs(:resource).returns resource
+
+      @connection.expects(:add).with { |dn, attrs| attrs["gidNumber"] == ["101"] }
+
+      instance.create
+      instance.flush
+    end
+
     describe "with no uid specified" do
       it "should pick the first available UID after the largest existing UID" do
+        Puppet::Type.type(:group).provider(:ldap).expects(:name2id).with(["whatever"]).returns [123]
+
         low = {:name=>["luke"], :shell=>:absent, :uid=>["600"], :home=>["/h"], :gid=>["1000"], :password=>["blah"], :comment=>["l k"]}
         high = {:name=>["testing"], :shell=>:absent, :uid=>["640"], :home=>["/h"], :gid=>["1000"], :password=>["blah"], :comment=>["t u"]}
         provider_class.manager.expects(:search).returns([low, high])
@@ -84,6 +96,8 @@ describe provider_class do
       end
 
       it "should pick 501 of no users exist" do
+        Puppet::Type.type(:group).provider(:ldap).expects(:name2id).with(["whatever"]).returns [123]
+
         provider_class.manager.expects(:search).returns nil
 
         resource = stub 'resource', :should => %w{whatever}

data/spec/unit/provider/user/windows_adsi_spec.rb

@@ -136,11 +136,11 @@ describe Puppet::Type.type(:user).provider(:windows_adsi) do
     provider.delete
   end
 
-  it 'should delete the profile if managehome is set' do
+  it 'should delete the profile if managehome is set', :if => Puppet.features.microsoft_windows? do
     resource[:managehome] = true
 
     sid = 'S-A-B-C'
-    Puppet::Util::ADSI.expects(:sid_for_account).with('testuser').returns(sid)
+    Puppet::Util::Windows::Security.expects(:name_to_sid).with('testuser').returns(sid)
     Puppet::Util::ADSI::UserProfile.expects(:delete).with(sid)
     connection.expects(:Delete).with('user', 'testuser')
 
@@ -153,8 +153,8 @@ describe Puppet::Type.type(:user).provider(:windows_adsi) do
     provider.flush
   end
 
-  it "should return the user's SID as uid" do
-    Puppet::Util::ADSI.expects(:sid_for_account).with('testuser').returns('S-1-5-21-1362942247-2130103807-3279964888-1111')
+  it "should return the user's SID as uid", :if => Puppet.features.microsoft_windows? do
+    Puppet::Util::Windows::Security.expects(:name_to_sid).with('testuser').returns('S-1-5-21-1362942247-2130103807-3279964888-1111')
 
     provider.uid.should == 'S-1-5-21-1362942247-2130103807-3279964888-1111'
   end

data/spec/unit/provider_spec.rb

@@ -657,7 +657,7 @@ describe Puppet::Provider do
   end
 
   def allow_creation_of(command, environment = {})
-      Puppet::Provider::Command.stubs(:new).with(command.name, command.executable, Puppet::Util, Puppet::Util::Execution, { :custom_environment => environment }).returns(command)
+      Puppet::Provider::Command.stubs(:new).with(command.name, command.executable, Puppet::Util, Puppet::Util::Execution, { :failonfail => true, :combine => true, :custom_environment => environment }).returns(command)
   end
 
   def file_exists_and_is_executable(path)

data/spec/unit/run_spec.rb

@@ -14,7 +14,7 @@ describe Puppet::Run do
 
   it "should use a configurer agent as its agent" do
     agent = mock 'agent'
-    Puppet::Agent.expects(:new).with(Puppet::Configurer).returns agent
+    Puppet::Agent.expects(:new).with(Puppet::Configurer, anything).returns agent
 
     @runner.agent.should equal(agent)
   end

data/spec/unit/settings_spec.rb

@@ -1539,6 +1539,22 @@ describe Puppet::Settings do
     it "should transform boolean option to no- form" do
       Puppet::Settings.clean_opt("--[no-]option", false).should == ["--no-option", false]
     end
+
+    it "should set preferred run mode from --run_mode <foo> string without error" do
+      args = ["--run_mode", "master"]
+      settings.expects(:handlearg).with("--run_mode", "master").never
+      expect { settings.send(:parse_global_options, args) } .to_not raise_error
+      Puppet.settings.preferred_run_mode.should == :master
+      args.empty?.should == true
+    end
+
+    it "should set preferred run mode from --run_mode=<foo> string without error" do
+      args = ["--run_mode=master"]
+      settings.expects(:handlearg).with("--run_mode", "master").never
+      expect { settings.send(:parse_global_options, args) } .to_not raise_error
+      Puppet.settings.preferred_run_mode.should == :master
+      args.empty?.should == true
+    end
   end
 
   describe "default_certname" do

data/spec/unit/ssl/certificate_authority_spec.rb

@@ -905,6 +905,30 @@ describe Puppet::SSL::CertificateAuthority do
         @ca.crl.expects(:revoke).with { |serial, key| serial == 16 }
         @ca.revoke('host')
       end
+
+      context "revocation by serial number (#16798)" do
+        it "revokes when given a lower case hexadecimal formatted string" do
+          @ca.crl.expects(:revoke).with { |serial, key| serial == 15 }
+          Puppet::SSL::Certificate.indirection.expects(:find).with("0xf").returns nil
+
+          @ca.revoke('0xf')
+        end
+
+        it "revokes when given an upper case hexadecimal formatted string" do
+          @ca.crl.expects(:revoke).with { |serial, key| serial == 15 }
+          Puppet::SSL::Certificate.indirection.expects(:find).with("0xF").returns nil
+
+          @ca.revoke('0xF')
+        end
+
+        it "handles very large serial numbers" do
+          bighex = '0x4000000000000000000000000000000000000000'
+          @ca.crl.expects(:revoke).with { |serial, key| serial == 2**(159-1) }
+          Puppet::SSL::Certificate.indirection.expects(:find).with(bighex).returns nil
+
+          @ca.revoke(bighex)
+        end
+      end
     end
 
     it "should be able to generate a complete new SSL host" do

data/spec/unit/util/adsi_spec.rb

@@ -28,25 +28,21 @@ describe Puppet::Util::ADSI do
     Puppet::Util::ADSI.computer_uri.should == "WinNT://testcomputername"
   end
 
-  describe ".sid_for_account" do
+  describe ".sid_for_account", :if => Puppet.features.microsoft_windows? do
     it "should return nil if the account does not exist" do
-      connection.expects(:execquery).returns([])
+      Puppet::Util::Windows::Security.expects(:name_to_sid).with('foobar').returns nil
 
       Puppet::Util::ADSI.sid_for_account('foobar').should be_nil
     end
 
     it "should return a SID for a passed user or group name" do
-      Puppet::Util::ADSI.expects(:execquery).with(
-        "SELECT Sid from Win32_Account WHERE Name = 'testers' AND LocalAccount = true"
-      ).returns([stub('acct_id', :Sid => 'S-1-5-32-547')])
+      Puppet::Util::Windows::Security.expects(:name_to_sid).with('testers').returns 'S-1-5-32-547'
 
       Puppet::Util::ADSI.sid_for_account('testers').should == 'S-1-5-32-547'
     end
 
     it "should return a SID for a passed fully-qualified user or group name" do
-      Puppet::Util::ADSI.expects(:execquery).with(
-        "SELECT Sid from Win32_Account WHERE Name = 'testers' AND Domain = 'MACHINE' AND LocalAccount = true"
-      ).returns([stub('acct_id', :Sid => 'S-1-5-32-547')])
+      Puppet::Util::Windows::Security.expects(:name_to_sid).with('MACHINE\testers').returns 'S-1-5-32-547'
 
       Puppet::Util::ADSI.sid_for_account('MACHINE\testers').should == 'S-1-5-32-547'
     end

data/spec/unit/util/diff_spec.rb

@@ -9,7 +9,7 @@ describe Puppet::Util::Diff do
       Puppet[:diff] = 'foo'
       Puppet[:diff_args] = 'bar'
 
-      Puppet::Util::Execution.expects(:execute).with(['foo', 'bar', 'a', 'b'], {:failonfail => false}).returns('baz')
+      Puppet::Util::Execution.expects(:execute).with(['foo', 'bar', 'a', 'b'], {:failonfail => false, :combine => false}).returns('baz')
       subject.diff('a', 'b').should == 'baz'
     end
 
@@ -17,7 +17,7 @@ describe Puppet::Util::Diff do
       Puppet[:diff] = 'foo'
       Puppet[:diff_args] = ''
 
-      Puppet::Util::Execution.expects(:execute).with(['foo', 'a', 'b'], {:failonfail => false}).returns('baz')
+      Puppet::Util::Execution.expects(:execute).with(['foo', 'a', 'b'], {:failonfail => false, :combine => false}).returns('baz')
       subject.diff('a', 'b').should == 'baz'
     end
 

data/spec/unit/util/execution_spec.rb

@@ -3,8 +3,6 @@ require 'spec_helper'
 
 describe Puppet::Util::Execution do
   include Puppet::Util::Execution
-
-
   # utility method to help deal with some windows vs. unix differences
   def process_status(exitstatus)
     return exitstatus if Puppet.features.microsoft_windows?
@@ -20,7 +18,6 @@ describe Puppet::Util::Execution do
     Puppet::Util::Execution.send(:execute_windows, command, arguments, stdin, stdout, stderr)
   end
 
-
   describe "execution methods" do
     let(:pid) { 5501 }
     let(:process_handle) { 0xDEADBEEF }
@@ -254,6 +251,50 @@ describe Puppet::Util::Execution do
 
             Puppet::Util::Execution.execute('test command', :squelch => false, :combine => false)
           end
+
+          it "should combine stdout and stderr if combine is true" do
+            outfile = Tempfile.new('stdout')
+            Tempfile.stubs(:new).returns(outfile)
+
+            Puppet::Util::Execution.expects(executor).with do |_,_,_,stdout,stderr|
+              stdout.path == outfile.path and stderr.path == outfile.path
+            end.returns(rval)
+
+            Puppet::Util::Execution.execute('test command', :combine => true)
+          end
+
+          it "should default combine to true when no options are specified" do
+            outfile = Tempfile.new('stdout')
+            Tempfile.stubs(:new).returns(outfile)
+
+            Puppet::Util::Execution.expects(executor).with do |_,_,_,stdout,stderr|
+              stdout.path == outfile.path and stderr.path == outfile.path
+            end.returns(rval)
+
+            Puppet::Util::Execution.execute('test command')
+          end
+
+          it "should default combine to false when options are specified, but combine is not" do
+            outfile = Tempfile.new('stdout')
+            Tempfile.stubs(:new).returns(outfile)
+
+            Puppet::Util::Execution.expects(executor).with do |_,_,_,stdout,stderr|
+              stdout.path == outfile.path and stderr.path == null_file
+            end.returns(rval)
+
+            Puppet::Util::Execution.execute('test command', :failonfail => false)
+          end
+
+          it "should default combine to false when an empty hash of options is specified" do
+            outfile = Tempfile.new('stdout')
+            Tempfile.stubs(:new).returns(outfile)
+
+            Puppet::Util::Execution.expects(executor).with do |_,_,_,stdout,stderr|
+              stdout.path == outfile.path and stderr.path == null_file
+            end.returns(rval)
+
+            Puppet::Util::Execution.execute('test command', {})
+          end
         end
       end
 
@@ -483,41 +524,60 @@ describe Puppet::Util::Execution do
         Tempfile.stubs(:new).returns(stdout)
         file = File.new(stdout.path, 'r')
 
-        expect {
-          Puppet::Util.execute('test command')
-        }.to_not raise_error
+        Puppet::Util.execute('test command')
       end
 
       it "should raise an error if failonfail is true and the child failed" do
         stub_process_wait(1)
 
         expect {
-          Puppet::Util::Execution.execute('fail command', :failonfail => true)
+          subject.execute('fail command', :failonfail => true)
         }.to raise_error(Puppet::ExecutionFailure, /Execution of 'fail command' returned 1/)
       end
 
       it "should not raise an error if failonfail is false and the child failed" do
         stub_process_wait(1)
 
-        expect {
-          Puppet::Util::Execution.execute('fail command', :failonfail => false)
-        }.not_to raise_error
+        subject.execute('fail command', :failonfail => false)
       end
 
       it "should not raise an error if failonfail is true and the child succeeded" do
-        expect {
-          Puppet::Util::Execution.execute('fail command', :failonfail => true)
-        }.not_to raise_error
+        stub_process_wait(0)
+
+        subject.execute('fail command', :failonfail => true)
+      end
+
+      it "should not raise an error if failonfail is false and the child succeeded" do
+        stub_process_wait(0)
+
+        subject.execute('fail command', :failonfail => false)
       end
 
-      it "should respect default values for args that aren't overridden if a partial arg list is passed in" do
+      it "should default failonfail to true when no options are specified" do
         stub_process_wait(1)
+
         expect {
-          # here we are passing in a non-nil value for "arguments", but we aren't specifying a value for
-          # :failonfail.  We expect it to be set to its normal default value (true).
-          Puppet::Util::Execution.execute('fail command', { :squelch => true })
+          subject.execute('fail command')
         }.to raise_error(Puppet::ExecutionFailure, /Execution of 'fail command' returned 1/)
       end
+
+      it "should default failonfail to false when options are specified, but failonfail is not" do
+        stub_process_wait(1)
+
+        subject.execute('fail command', { :combine => true })
+      end
+
+      it "should default failonfail to false when an empty hash of options is specified" do
+        stub_process_wait(1)
+
+        subject.execute('fail command', {})
+      end
+
+      it "should raise an error if a nil option is specified" do
+        expect {
+          Puppet::Util::Execution.execute('fail command', nil)
+        }.to raise_error(TypeError, /can\'t convert nil into Hash/)
+      end
     end
   end
 
@@ -544,9 +604,7 @@ describe Puppet::Util::Execution do
     it "should not fail if asked not to fail, and the child does" do
       Puppet::Util::Execution.stubs(:open).returns('error message')
       $CHILD_STATUS.stubs(:==).with(0).returns(false)
-      expect do
-        Puppet::Util::Execution.execpipe('echo hello', false).should == 'error message'
-      end.not_to raise_error
+      Puppet::Util::Execution.execpipe('echo hello', false).should == 'error message'
     end
   end
 end

data/spec/unit/util/feature_spec.rb

@@ -39,7 +39,7 @@ describe Puppet::Util::Feature do
     @features.should be_available
   end
 
-  it "should cache the results of a feature load" do
+  it "should cache the results of a feature load via code block" do
     $loaded_feature = 0
     @features.add(:myfeature) { $loaded_feature += 1 }
     @features.myfeature?
@@ -78,4 +78,15 @@ describe Puppet::Util::Feature do
 
     @features.should_not be_myfeature
   end
+
+  it "should change the feature to be present when its libraries become available" do
+    @features.add(:myfeature, :libs => %w{foo bar})
+    @features.expects(:require).twice().with("foo").raises(LoadError).then.returns(nil)
+    @features.stubs(:require).with("bar")
+
+    Puppet.expects(:debug)
+
+    @features.should_not be_myfeature
+    @features.should be_myfeature
+  end
 end

data/spec/unit/util/selinux_spec.rb

@@ -129,6 +129,26 @@ describe Puppet::Util::SELinux do
       get_selinux_default_context("/foo").should == "user_u:role_r:type_t:s0"
     end
 
+    it "handles permission denied errors by issuing a warning" do
+      self.stubs(:selinux_support?).returns true
+      self.stubs(:selinux_label_support?).returns true
+      Selinux.stubs(:matchpathcon).with("/root/chuj", 0).returns(-1)
+      self.stubs(:file_lstat).with("/root/chuj").raises(Errno::EACCES, "/root/chuj")
+
+      self.expects(:warning).with("Could not stat; Permission denied - /root/chuj")
+      get_selinux_default_context("/root/chuj").should be_nil
+    end
+
+    it "handles no such file or directory errors by issuing a warning" do
+      self.stubs(:selinux_support?).returns true
+      self.stubs(:selinux_label_support?).returns true
+      Selinux.stubs(:matchpathcon).with("/root/chuj", 0).returns(-1)
+      self.stubs(:file_lstat).with("/root/chuj").raises(Errno::ENOENT, "/root/chuj")
+
+      self.expects(:warning).with("Could not stat; No such file or directory - /root/chuj")
+      get_selinux_default_context("/root/chuj").should be_nil
+    end
+
     it "should return nil if matchpathcon returns failure" do
       self.expects(:selinux_support?).returns true
       fstat = stub 'File::Stat', :mode => 0

data/spec/unit/util/windows/sid_spec.rb

@@ -0,0 +1,100 @@
+#!/usr/bin/env ruby
+require 'spec_helper'
+
+describe "Puppet::Util::Windows::SID", :if => Puppet.features.microsoft_windows? do
+  if Puppet.features.microsoft_windows?
+    require 'puppet/util/windows'
+    class SIDTester
+      include Puppet::Util::Windows::SID
+    end
+  end
+
+  let(:subject)      { SIDTester.new }
+  let(:sid)          { Win32::Security::SID::LocalSystem }
+  let(:invalid_sid)  { 'bogus' }
+  let(:unknown_sid)  { 'S-0-0-0' }
+  let(:unknown_name) { 'chewbacca' }
+
+  context "#name_to_sid" do
+    it "should return nil if the account does not exist" do
+      subject.name_to_sid(unknown_name).should be_nil
+    end
+
+    it "should accept unqualified account name" do
+      subject.name_to_sid('SYSTEM').should == sid
+    end
+
+    it "should be case-insensitive" do
+      subject.name_to_sid('SYSTEM').should == subject.name_to_sid('system')
+    end
+
+    it "should accept domain qualified account names" do
+      subject.name_to_sid('NT AUTHORITY\SYSTEM').should == sid
+    end
+
+    it "should be the identity function for any sid" do
+      subject.name_to_sid(sid).should == sid
+    end
+  end
+
+  context "#sid_to_name" do
+    it "should return nil if given a sid for an account that doesn't exist" do
+      subject.sid_to_name(unknown_sid).should be_nil
+    end
+
+    it "should accept a sid" do
+      subject.sid_to_name(sid).should == "NT AUTHORITY\\SYSTEM"
+    end
+  end
+
+  context "#sid_ptr_to_string" do
+    it "should raise if given an invalid sid" do
+      expect {
+        subject.sid_ptr_to_string(nil)
+      }.to raise_error(Puppet::Error, /Invalid SID/)
+    end
+
+    it "should yield a valid sid pointer" do
+      string = nil
+      subject.string_to_sid_ptr(sid) do |ptr|
+        string = subject.sid_ptr_to_string(ptr)
+      end
+      string.should == sid
+    end
+  end
+
+  context "#string_to_sid_ptr" do
+    it "should yield sid_ptr" do
+      ptr = nil
+      subject.string_to_sid_ptr(sid) do |p|
+        ptr = p
+      end
+      ptr.should_not be_nil
+    end
+
+    it "should raise on an invalid sid" do
+      expect {
+        subject.string_to_sid_ptr(invalid_sid)
+      }.to raise_error(Puppet::Error, /Failed to convert string SID/)
+    end
+  end
+
+  context "#valid_sid?" do
+    it "should return true for a valid SID" do
+      subject.valid_sid?(sid).should be_true
+    end
+
+    it "should return false for an invalid SID" do
+      subject.valid_sid?(invalid_sid).should be_false
+    end
+
+    it "should raise if the conversion fails" do
+      subject.expects(:string_to_sid_ptr).with(sid).
+        raises(Puppet::Util::Windows::Error.new("Failed to convert string SID: #{sid}", Windows::Error::ERROR_ACCESS_DENIED))
+
+      expect {
+        subject.string_to_sid_ptr(sid) {|ptr| }
+      }.to raise_error(Puppet::Util::Windows::Error, /Failed to convert string SID: #{sid}/)
+    end
+  end
+end