puppet 5.4.0 → 5.5.0

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (441) hide show
  1. data/Gemfile +3 -3
  2. data/MAINTAINERS +0 -19
  3. data/README.md +5 -5
  4. data/Rakefile +26 -0
  5. data/conf/auth.conf +5 -0
  6. data/ext/project_data.yaml +1 -0
  7. data/ext/regexp_nodes/regexp_nodes.rb +3 -4
  8. data/lib/puppet/application/apply.rb +1 -1
  9. data/lib/puppet/application/cert.rb +3 -1
  10. data/lib/puppet/application/device.rb +100 -13
  11. data/lib/puppet/application/facts.rb +5 -0
  12. data/lib/puppet/application/lookup.rb +12 -2
  13. data/lib/puppet/configurer.rb +37 -17
  14. data/lib/puppet/confine.rb +4 -1
  15. data/lib/puppet/datatypes.rb +1 -1
  16. data/lib/puppet/environments.rb +1 -1
  17. data/lib/puppet/error.rb +6 -3
  18. data/lib/puppet/external/dot.rb +0 -7
  19. data/lib/puppet/external/nagios/parser.rb +1 -1
  20. data/lib/puppet/face/config.rb +92 -10
  21. data/lib/puppet/face/epp.rb +31 -6
  22. data/lib/puppet/face/facts.rb +49 -0
  23. data/lib/puppet/face/help.rb +33 -35
  24. data/lib/puppet/face/help/action.erb +1 -1
  25. data/lib/puppet/face/help/face.erb +1 -1
  26. data/lib/puppet/face/man.rb +55 -12
  27. data/lib/puppet/face/parser.rb +30 -3
  28. data/lib/puppet/file_bucket/file.rb +0 -2
  29. data/lib/puppet/file_serving/base.rb +10 -10
  30. data/lib/puppet/forge.rb +3 -3
  31. data/lib/puppet/forge/errors.rb +3 -3
  32. data/lib/puppet/functions.rb +1 -3
  33. data/lib/puppet/functions/alert.rb +1 -1
  34. data/lib/puppet/functions/all.rb +6 -6
  35. data/lib/puppet/functions/annotate.rb +10 -10
  36. data/lib/puppet/functions/any.rb +6 -6
  37. data/lib/puppet/functions/assert_type.rb +4 -4
  38. data/lib/puppet/functions/binary_file.rb +14 -2
  39. data/lib/puppet/functions/break.rb +31 -2
  40. data/lib/puppet/functions/call.rb +4 -4
  41. data/lib/puppet/functions/contain.rb +19 -3
  42. data/lib/puppet/functions/convert_to.rb +6 -5
  43. data/lib/puppet/functions/crit.rb +1 -1
  44. data/lib/puppet/functions/debug.rb +1 -1
  45. data/lib/puppet/functions/defined.rb +11 -9
  46. data/lib/puppet/functions/dig.rb +26 -2
  47. data/lib/puppet/functions/each.rb +8 -8
  48. data/lib/puppet/functions/emerg.rb +1 -1
  49. data/lib/puppet/functions/empty.rb +79 -0
  50. data/lib/puppet/functions/err.rb +1 -1
  51. data/lib/puppet/functions/eyaml_lookup_key.rb +3 -1
  52. data/lib/puppet/functions/filter.rb +7 -7
  53. data/lib/puppet/functions/find_file.rb +15 -1
  54. data/lib/puppet/functions/flatten.rb +64 -0
  55. data/lib/puppet/functions/hiera.rb +6 -6
  56. data/lib/puppet/functions/hiera_array.rb +6 -6
  57. data/lib/puppet/functions/hiera_hash.rb +6 -6
  58. data/lib/puppet/functions/hiera_include.rb +8 -8
  59. data/lib/puppet/functions/include.rb +28 -2
  60. data/lib/puppet/functions/info.rb +1 -1
  61. data/lib/puppet/functions/inline_epp.rb +2 -2
  62. data/lib/puppet/functions/join.rb +56 -0
  63. data/lib/puppet/functions/json_data.rb +2 -2
  64. data/lib/puppet/functions/keys.rb +25 -0
  65. data/lib/puppet/functions/length.rb +44 -0
  66. data/lib/puppet/functions/lest.rb +39 -1
  67. data/lib/puppet/functions/lookup.rb +2 -1
  68. data/lib/puppet/functions/map.rb +10 -9
  69. data/lib/puppet/functions/match.rb +6 -6
  70. data/lib/puppet/functions/new.rb +995 -2
  71. data/lib/puppet/functions/next.rb +1 -1
  72. data/lib/puppet/functions/notice.rb +1 -1
  73. data/lib/puppet/functions/reduce.rb +6 -6
  74. data/lib/puppet/functions/regsubst.rb +9 -3
  75. data/lib/puppet/functions/require.rb +36 -2
  76. data/lib/puppet/functions/return.rb +1 -1
  77. data/lib/puppet/functions/reverse_each.rb +71 -2
  78. data/lib/puppet/functions/slice.rb +23 -9
  79. data/lib/puppet/functions/split.rb +12 -10
  80. data/lib/puppet/functions/step.rb +73 -1
  81. data/lib/puppet/functions/strftime.rb +176 -2
  82. data/lib/puppet/functions/then.rb +65 -2
  83. data/lib/puppet/functions/tree_each.rb +19 -19
  84. data/lib/puppet/functions/type.rb +42 -1
  85. data/lib/puppet/functions/unique.rb +13 -13
  86. data/lib/puppet/functions/unwrap.rb +8 -4
  87. data/lib/puppet/functions/values.rb +25 -0
  88. data/lib/puppet/functions/versioncmp.rb +1 -1
  89. data/lib/puppet/functions/warning.rb +1 -1
  90. data/lib/puppet/functions/with.rb +6 -4
  91. data/lib/puppet/functions/yaml_data.rb +3 -1
  92. data/lib/puppet/indirector/certificate_status/file.rb +1 -1
  93. data/lib/puppet/indirector/facts/facter.rb +1 -3
  94. data/lib/puppet/indirector/facts/rest.rb +21 -0
  95. data/lib/puppet/indirector/facts/yaml.rb +0 -4
  96. data/lib/puppet/indirector/rest.rb +2 -2
  97. data/lib/puppet/module.rb +3 -3
  98. data/lib/puppet/module/task.rb +2 -3
  99. data/lib/puppet/module_tool/applications/application.rb +4 -4
  100. data/lib/puppet/module_tool/applications/builder.rb +2 -2
  101. data/lib/puppet/module_tool/applications/checksummer.rb +3 -3
  102. data/lib/puppet/module_tool/applications/unpacker.rb +2 -2
  103. data/lib/puppet/module_tool/metadata.rb +3 -3
  104. data/lib/puppet/network/authconfig.rb +1 -1
  105. data/lib/puppet/network/format_support.rb +1 -1
  106. data/lib/puppet/network/formats.rb +5 -7
  107. data/lib/puppet/network/http/api/indirected_routes.rb +1 -0
  108. data/lib/puppet/network/http/api/master/v3/environment.rb +2 -2
  109. data/lib/puppet/network/http/api/master/v3/environments.rb +2 -2
  110. data/lib/puppet/network/http/error.rb +3 -3
  111. data/lib/puppet/network/resolver.rb +1 -2
  112. data/lib/puppet/parser/compiler.rb +12 -5
  113. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +1 -1
  114. data/lib/puppet/parser/functions/fqdn_rand.rb +15 -4
  115. data/lib/puppet/parser/functions/new.rb +31 -46
  116. data/lib/puppet/parser/parser_factory.rb +1 -1
  117. data/lib/puppet/parser/resource.rb +1 -1
  118. data/lib/puppet/parser/type_loader.rb +11 -11
  119. data/lib/puppet/pops/evaluator/closure.rb +1 -1
  120. data/lib/puppet/pops/evaluator/collector_transformer.rb +1 -1
  121. data/lib/puppet/pops/evaluator/epp_evaluator.rb +2 -2
  122. data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +2 -2
  123. data/lib/puppet/pops/evaluator/runtime3_support.rb +5 -2
  124. data/lib/puppet/pops/functions/dispatch.rb +1 -1
  125. data/lib/puppet/pops/issue_reporter.rb +18 -1
  126. data/lib/puppet/pops/issues.rb +6 -3
  127. data/lib/puppet/pops/loader/ruby_data_type_instantiator.rb +1 -2
  128. data/lib/puppet/pops/loader/ruby_function_instantiator.rb +1 -2
  129. data/lib/puppet/pops/loader/task_instantiator.rb +5 -5
  130. data/lib/puppet/pops/loader/type_definition_instantiator.rb +4 -1
  131. data/lib/puppet/pops/loaders.rb +18 -7
  132. data/lib/puppet/pops/lookup/global_data_provider.rb +1 -1
  133. data/lib/puppet/pops/lookup/lookup_adapter.rb +55 -6
  134. data/lib/puppet/pops/model/factory.rb +6 -3
  135. data/lib/puppet/pops/model/model_tree_dumper.rb +4 -0
  136. data/lib/puppet/pops/model/pn_transformer.rb +400 -0
  137. data/lib/puppet/pops/parser/egrammar.ra +1 -1
  138. data/lib/puppet/pops/parser/eparser.rb +1 -1
  139. data/lib/puppet/pops/parser/heredoc_support.rb +1 -1
  140. data/lib/puppet/pops/parser/lexer_support.rb +3 -2
  141. data/lib/puppet/pops/parser/locator.rb +0 -2
  142. data/lib/puppet/pops/parser/pn_parser.rb +316 -0
  143. data/lib/puppet/pops/pcore.rb +17 -17
  144. data/lib/puppet/pops/pn.rb +236 -0
  145. data/lib/puppet/pops/serialization/json.rb +7 -7
  146. data/lib/puppet/pops/types/class_loader.rb +6 -3
  147. data/lib/puppet/pops/types/implementation_registry.rb +28 -35
  148. data/lib/puppet/pops/types/p_object_type.rb +3 -3
  149. data/lib/puppet/pops/types/p_timespan_type.rb +2 -2
  150. data/lib/puppet/pops/types/p_type_set_type.rb +24 -1
  151. data/lib/puppet/pops/types/ruby_generator.rb +3 -4
  152. data/lib/puppet/pops/types/type_calculator.rb +1 -1
  153. data/lib/puppet/pops/types/type_factory.rb +0 -4
  154. data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
  155. data/lib/puppet/pops/types/type_parser.rb +14 -7
  156. data/lib/puppet/pops/types/types.rb +1 -1
  157. data/lib/puppet/pops/utils.rb +2 -2
  158. data/lib/puppet/pops/validation/checker4_0.rb +6 -2
  159. data/lib/puppet/provider/group/groupadd.rb +3 -1
  160. data/lib/puppet/provider/group/windows_adsi.rb +4 -7
  161. data/lib/puppet/provider/nameservice.rb +3 -3
  162. data/lib/puppet/provider/package/pacman.rb +4 -4
  163. data/lib/puppet/provider/package/pip.rb +3 -3
  164. data/lib/puppet/provider/package/pkgdmg.rb +3 -3
  165. data/lib/puppet/provider/package/pkgutil.rb +2 -2
  166. data/lib/puppet/provider/package/portage.rb +9 -9
  167. data/lib/puppet/provider/package/zypper.rb +2 -2
  168. data/lib/puppet/provider/service/base.rb +1 -1
  169. data/lib/puppet/provider/service/smf.rb +3 -2
  170. data/lib/puppet/provider/service/systemd.rb +1 -1
  171. data/lib/puppet/provider/user/useradd.rb +6 -2
  172. data/lib/puppet/provider/user/windows_adsi.rb +1 -1
  173. data/lib/puppet/provider/yumrepo/inifile.rb +20 -9
  174. data/lib/puppet/provider/zfs/zfs.rb +1 -1
  175. data/lib/puppet/reference/configuration.rb +2 -0
  176. data/lib/puppet/reference/type.rb +11 -11
  177. data/lib/puppet/resource.rb +1 -1
  178. data/lib/puppet/resource/capability_finder.rb +5 -5
  179. data/lib/puppet/resource/catalog.rb +6 -3
  180. data/lib/puppet/resource/status.rb +9 -2
  181. data/lib/puppet/resource/type.rb +1 -1
  182. data/lib/puppet/settings.rb +31 -19
  183. data/lib/puppet/settings/base_setting.rb +5 -0
  184. data/lib/puppet/settings/config_file.rb +1 -1
  185. data/lib/puppet/settings/ttl_setting.rb +5 -0
  186. data/lib/puppet/ssl/certificate_factory.rb +2 -2
  187. data/lib/puppet/ssl/certificate_request.rb +0 -2
  188. data/lib/puppet/syntax_checkers/json.rb +1 -1
  189. data/lib/puppet/transaction/additional_resource_generator.rb +2 -2
  190. data/lib/puppet/transaction/event.rb +1 -1
  191. data/lib/puppet/transaction/report.rb +18 -12
  192. data/lib/puppet/type.rb +9 -13
  193. data/lib/puppet/type/augeas.rb +2 -2
  194. data/lib/puppet/type/cron.rb +11 -6
  195. data/lib/puppet/type/exec.rb +1 -1
  196. data/lib/puppet/type/file.rb +4 -5
  197. data/lib/puppet/type/host.rb +1 -1
  198. data/lib/puppet/type/k5login.rb +30 -54
  199. data/lib/puppet/type/package.rb +3 -3
  200. data/lib/puppet/type/schedule.rb +12 -12
  201. data/lib/puppet/type/scheduled_task.rb +2 -2
  202. data/lib/puppet/type/ssh_authorized_key.rb +5 -5
  203. data/lib/puppet/type/sshkey.rb +2 -2
  204. data/lib/puppet/type/tidy.rb +1 -1
  205. data/lib/puppet/type/user.rb +1 -1
  206. data/lib/puppet/type/yumrepo.rb +26 -5
  207. data/lib/puppet/util.rb +0 -4
  208. data/lib/puppet/util/backups.rb +1 -1
  209. data/lib/puppet/util/inifile.rb +3 -4
  210. data/lib/puppet/util/json.rb +68 -0
  211. data/lib/puppet/util/json_lockfile.rb +3 -3
  212. data/lib/puppet/util/log.rb +2 -5
  213. data/lib/puppet/util/log/destinations.rb +2 -2
  214. data/lib/puppet/util/network_device/cisco/facts.rb +1 -1
  215. data/lib/puppet/util/plist.rb +1 -1
  216. data/lib/puppet/util/reference.rb +1 -8
  217. data/lib/puppet/util/tagging.rb +1 -1
  218. data/lib/puppet/util/warnings.rb +0 -2
  219. data/lib/puppet/util/windows/adsi.rb +15 -18
  220. data/lib/puppet/util/windows/com.rb +2 -1
  221. data/lib/puppet/util/windows/file.rb +2 -2
  222. data/lib/puppet/util/windows/principal.rb +7 -6
  223. data/lib/puppet/util/windows/sid.rb +60 -7
  224. data/lib/puppet/util/windows/taskscheduler.rb +0 -9
  225. data/lib/puppet/version.rb +1 -1
  226. data/lib/puppet_pal.rb +53 -48
  227. data/locales/ja/puppet.po +1357 -912
  228. data/locales/puppet.pot +549 -466
  229. data/man/man5/puppet.conf.5 +103 -20
  230. data/man/man8/puppet-agent.8 +6 -2
  231. data/man/man8/puppet-apply.8 +2 -2
  232. data/man/man8/puppet-ca.8 +1 -1
  233. data/man/man8/puppet-catalog.8 +1 -1
  234. data/man/man8/puppet-cert.8 +1 -1
  235. data/man/man8/puppet-certificate.8 +1 -1
  236. data/man/man8/puppet-certificate_request.8 +1 -1
  237. data/man/man8/puppet-certificate_revocation_list.8 +1 -1
  238. data/man/man8/puppet-config.8 +35 -1
  239. data/man/man8/puppet-describe.8 +1 -1
  240. data/man/man8/puppet-device.8 +33 -11
  241. data/man/man8/puppet-doc.8 +1 -1
  242. data/man/man8/puppet-epp.8 +34 -12
  243. data/man/man8/puppet-facts.8 +50 -1
  244. data/man/man8/puppet-filebucket.8 +38 -11
  245. data/man/man8/puppet-generate.8 +1 -1
  246. data/man/man8/puppet-help.8 +1 -1
  247. data/man/man8/puppet-key.8 +1 -1
  248. data/man/man8/puppet-lookup.8 +1 -1
  249. data/man/man8/puppet-man.8 +10 -4
  250. data/man/man8/puppet-master.8 +1 -1
  251. data/man/man8/puppet-module.8 +15 -6
  252. data/man/man8/puppet-node.8 +1 -1
  253. data/man/man8/puppet-parser.8 +31 -8
  254. data/man/man8/puppet-plugin.8 +1 -1
  255. data/man/man8/puppet-report.8 +1 -1
  256. data/man/man8/puppet-resource.8 +1 -1
  257. data/man/man8/puppet-script.8 +67 -0
  258. data/man/man8/puppet-status.8 +1 -1
  259. data/man/man8/puppet.8 +3 -3
  260. data/spec/fixtures/unit/pops/binder/bindings_composer/ok/modules/awesome2/lib/puppet_x/awesome2/echo_scheme_handler.rb +1 -1
  261. data/spec/integration/application/apply_spec.rb +15 -15
  262. data/spec/integration/application/lookup_spec.rb +21 -0
  263. data/spec/integration/faces/config_spec.rb +16 -4
  264. data/spec/integration/network/http/api/indirected_routes_spec.rb +5 -5
  265. data/spec/integration/parser/catalog_spec.rb +1 -1
  266. data/spec/integration/parser/collection_spec.rb +2 -2
  267. data/spec/integration/parser/compiler_spec.rb +17 -18
  268. data/spec/integration/parser/pcore_resource_spec.rb +2 -2
  269. data/spec/integration/parser/scope_spec.rb +2 -2
  270. data/spec/integration/ssl/certificate_authority_spec.rb +7 -7
  271. data/spec/integration/ssl/certificate_revocation_list_spec.rb +1 -1
  272. data/spec/integration/ssl/key_spec.rb +1 -1
  273. data/spec/integration/transaction/report_spec.rb +3 -3
  274. data/spec/integration/transaction_spec.rb +0 -1
  275. data/spec/integration/type/file_spec.rb +10 -11
  276. data/spec/integration/type_spec.rb +1 -2
  277. data/spec/integration/util/windows/adsi_spec.rb +86 -1
  278. data/spec/integration/util/windows/principal_spec.rb +11 -2
  279. data/spec/integration/util/windows/security_spec.rb +2 -2
  280. data/spec/lib/matchers/json.rb +4 -4
  281. data/spec/lib/puppet_spec/language.rb +34 -35
  282. data/spec/lib/puppet_spec/module_tool/shared_functions.rb +2 -2
  283. data/spec/shared_behaviours/file_server_terminus.rb +0 -2
  284. data/spec/shared_behaviours/things_that_declare_options.rb +2 -2
  285. data/spec/spec_helper.rb +1 -1
  286. data/spec/unit/application/cert_spec.rb +21 -9
  287. data/spec/unit/application/device_spec.rb +96 -2
  288. data/spec/unit/application/face_base_spec.rb +2 -2
  289. data/spec/unit/application/lookup_spec.rb +0 -1
  290. data/spec/unit/configurer_spec.rb +14 -0
  291. data/spec/unit/confine_spec.rb +16 -0
  292. data/spec/unit/data_providers/hiera_data_provider_spec.rb +4 -4
  293. data/spec/unit/datatypes_spec.rb +49 -0
  294. data/spec/unit/environments_spec.rb +7 -0
  295. data/spec/unit/face/config_spec.rb +116 -12
  296. data/spec/unit/face/epp_face_spec.rb +53 -2
  297. data/spec/unit/face/facts_spec.rb +53 -0
  298. data/spec/unit/face/help_spec.rb +62 -69
  299. data/spec/unit/face/man_spec.rb +26 -0
  300. data/spec/unit/face/module/list_spec.rb +0 -1
  301. data/spec/unit/face/parser_spec.rb +78 -0
  302. data/spec/unit/file_bucket/dipper_spec.rb +0 -4
  303. data/spec/unit/file_serving/content_spec.rb +0 -1
  304. data/spec/unit/file_serving/fileset_spec.rb +0 -1
  305. data/spec/unit/file_serving/metadata_spec.rb +0 -1
  306. data/spec/unit/file_serving/terminus_selector_spec.rb +0 -2
  307. data/spec/unit/forge_spec.rb +1 -2
  308. data/spec/unit/functions/assert_type_spec.rb +1 -1
  309. data/spec/unit/functions/empty_spec.rb +77 -0
  310. data/spec/unit/functions/epp_spec.rb +1 -1
  311. data/spec/unit/functions/flatten_spec.rb +31 -0
  312. data/spec/unit/functions/include_spec.rb +2 -2
  313. data/spec/unit/functions/inline_epp_spec.rb +1 -1
  314. data/spec/unit/functions/join_spec.rb +33 -0
  315. data/spec/unit/functions/keys_spec.rb +31 -0
  316. data/spec/unit/functions/length_spec.rb +50 -0
  317. data/spec/unit/functions/lookup_fixture_spec.rb +1 -1
  318. data/spec/unit/functions/lookup_spec.rb +52 -0
  319. data/spec/unit/functions/shared.rb +1 -1
  320. data/spec/unit/functions/values_spec.rb +30 -0
  321. data/spec/unit/functions/versioncmp_spec.rb +1 -1
  322. data/spec/unit/functions4_spec.rb +30 -32
  323. data/spec/unit/graph/title_hash_prioritizer_spec.rb +2 -1
  324. data/spec/unit/indirector/catalog/compiler_spec.rb +0 -15
  325. data/spec/unit/indirector/facts/rest_spec.rb +45 -0
  326. data/spec/unit/indirector/facts/yaml_spec.rb +6 -0
  327. data/spec/unit/indirector/file_bucket_file/file_spec.rb +2 -2
  328. data/spec/unit/indirector/indirection_spec.rb +1 -1
  329. data/spec/unit/indirector/node/ldap_spec.rb +2 -2
  330. data/spec/unit/indirector/request_spec.rb +0 -2
  331. data/spec/unit/indirector/rest_spec.rb +2 -2
  332. data/spec/unit/indirector_spec.rb +0 -1
  333. data/spec/unit/info_service_spec.rb +1 -1
  334. data/spec/unit/interface/action_manager_spec.rb +1 -1
  335. data/spec/unit/interface/action_spec.rb +1 -1
  336. data/spec/unit/module_spec.rb +0 -5
  337. data/spec/unit/module_tool/applications/builder_spec.rb +1 -1
  338. data/spec/unit/module_tool/applications/unpacker_spec.rb +4 -4
  339. data/spec/unit/network/formats_spec.rb +5 -13
  340. data/spec/unit/network/http/api/indirected_routes_spec.rb +6 -2
  341. data/spec/unit/network/http/connection_spec.rb +1 -1
  342. data/spec/unit/network/http/handler_spec.rb +3 -2
  343. data/spec/unit/node/environment_spec.rb +1 -1
  344. data/spec/unit/node_spec.rb +3 -3
  345. data/spec/unit/parser/compiler_spec.rb +9 -2
  346. data/spec/unit/parser/environment_compiler_spec.rb +8 -8
  347. data/spec/unit/parser/functions/create_resources_spec.rb +1 -1
  348. data/spec/unit/parser/functions/fail_spec.rb +1 -1
  349. data/spec/unit/parser/functions/fqdn_rand_spec.rb +24 -0
  350. data/spec/unit/parser/functions/realize_spec.rb +1 -1
  351. data/spec/unit/parser/resource_spec.rb +0 -1
  352. data/spec/unit/parser/scope_spec.rb +3 -3
  353. data/spec/unit/parser/type_loader_spec.rb +1 -1
  354. data/spec/unit/pops/adaptable_spec.rb +0 -1
  355. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +0 -3
  356. data/spec/unit/pops/evaluator/runtime3_converter_spec.rb +0 -4
  357. data/spec/unit/pops/factory_rspec_helper.rb +1 -1
  358. data/spec/unit/pops/factory_spec.rb +5 -5
  359. data/spec/unit/pops/issues_spec.rb +23 -8
  360. data/spec/unit/pops/loaders/loaders_spec.rb +24 -2
  361. data/spec/unit/pops/loaders/static_loader_spec.rb +1 -1
  362. data/spec/unit/pops/lookup/interpolation_spec.rb +5 -0
  363. data/spec/unit/pops/lookup/lookup_spec.rb +56 -0
  364. data/spec/unit/pops/model/pn_transformer_spec.rb +53 -0
  365. data/spec/unit/pops/parser/lexer2_spec.rb +14 -5
  366. data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +9 -9
  367. data/spec/unit/pops/parser/parse_calls_spec.rb +1 -1
  368. data/spec/unit/pops/parser/parse_functions_spec.rb +1 -1
  369. data/spec/unit/pops/parser/parse_heredoc_spec.rb +3 -3
  370. data/spec/unit/pops/parser/parse_lambda_spec.rb +1 -1
  371. data/spec/unit/pops/parser/parse_resource_spec.rb +35 -35
  372. data/spec/unit/pops/parser/pn_parser_spec.rb +101 -0
  373. data/spec/unit/pops/pn_spec.rb +148 -0
  374. data/spec/unit/pops/types/iterable_spec.rb +1 -1
  375. data/spec/unit/pops/types/p_object_type_spec.rb +5 -5
  376. data/spec/unit/pops/types/p_timespan_type_spec.rb +11 -4
  377. data/spec/unit/pops/types/p_timestamp_type_spec.rb +9 -2
  378. data/spec/unit/pops/types/p_type_set_type_spec.rb +106 -2
  379. data/spec/unit/pops/types/ruby_generator_spec.rb +3 -8
  380. data/spec/unit/pops/types/string_converter_spec.rb +3 -3
  381. data/spec/unit/pops/types/type_calculator_spec.rb +1 -1
  382. data/spec/unit/pops/validator/validator_spec.rb +3 -1
  383. data/spec/unit/property_spec.rb +2 -2
  384. data/spec/unit/provider/aixobject_spec.rb +1 -1
  385. data/spec/unit/provider/cron/crontab_spec.rb +3 -3
  386. data/spec/unit/provider/exec/posix_spec.rb +6 -6
  387. data/spec/unit/provider/group/groupadd_spec.rb +4 -4
  388. data/spec/unit/provider/group/windows_adsi_spec.rb +79 -22
  389. data/spec/unit/provider/ldap_spec.rb +0 -1
  390. data/spec/unit/provider/nameservice_spec.rb +5 -5
  391. data/spec/unit/provider/package/rpm_spec.rb +3 -4
  392. data/spec/unit/provider/package/yum_spec.rb +6 -2
  393. data/spec/unit/provider/parsedfile_spec.rb +1 -1
  394. data/spec/unit/provider/service/base_spec.rb +2 -4
  395. data/spec/unit/provider/service/init_spec.rb +2 -2
  396. data/spec/unit/provider/service/openrc_spec.rb +2 -2
  397. data/spec/unit/provider/service/redhat_spec.rb +2 -2
  398. data/spec/unit/provider/service/smf_spec.rb +2 -0
  399. data/spec/unit/provider/service/systemd_spec.rb +3 -3
  400. data/spec/unit/provider/service/upstart_spec.rb +7 -7
  401. data/spec/unit/provider/ssh_authorized_key/parsed_spec.rb +0 -4
  402. data/spec/unit/provider/sshkey/parsed_spec.rb +0 -2
  403. data/spec/unit/provider/user/useradd_spec.rb +15 -9
  404. data/spec/unit/provider/user/windows_adsi_spec.rb +4 -4
  405. data/spec/unit/provider/yumrepo/inifile_spec.rb +76 -0
  406. data/spec/unit/puppet_pal_2pec.rb +4 -5
  407. data/spec/unit/resource/catalog_spec.rb +8 -3
  408. data/spec/unit/resource/status_spec.rb +15 -4
  409. data/spec/unit/resource/type_spec.rb +2 -3
  410. data/spec/unit/settings_spec.rb +9 -4
  411. data/spec/unit/ssl/certificate_authority_spec.rb +1 -9
  412. data/spec/unit/ssl/certificate_request_spec.rb +1 -2
  413. data/spec/unit/transaction/report_spec.rb +41 -0
  414. data/spec/unit/transaction_spec.rb +1 -1
  415. data/spec/unit/type/exec_spec.rb +7 -9
  416. data/spec/unit/type/file/selinux_spec.rb +0 -1
  417. data/spec/unit/type/file_spec.rb +4 -3
  418. data/spec/unit/type/k5login_spec.rb +79 -10
  419. data/spec/unit/type/mount_spec.rb +1 -1
  420. data/spec/unit/type/nagios_spec.rb +6 -6
  421. data/spec/unit/type/user_spec.rb +1 -1
  422. data/spec/unit/type/yumrepo_spec.rb +18 -0
  423. data/spec/unit/type/zfs_spec.rb +1 -1
  424. data/spec/unit/type_spec.rb +14 -15
  425. data/spec/unit/util/docs_spec.rb +1 -1
  426. data/spec/unit/util/execution_spec.rb +0 -1
  427. data/spec/unit/util/inifile_spec.rb +35 -4
  428. data/spec/unit/util/log/destinations_spec.rb +2 -2
  429. data/spec/unit/util/log_spec.rb +6 -5
  430. data/spec/unit/util/network_device/cisco/device_spec.rb +2 -2
  431. data/spec/unit/util/plist_spec.rb +3 -3
  432. data/spec/unit/util/selinux_spec.rb +2 -2
  433. data/spec/unit/util/tagging_spec.rb +1 -7
  434. data/spec/unit/util/windows/adsi_spec.rb +31 -27
  435. data/spec/unit/util/windows/sid_spec.rb +86 -15
  436. data/spec/unit/util_spec.rb +2 -2
  437. data/spec/watchr.rb +0 -1
  438. data/tasks/benchmark.rake +37 -0
  439. data/tasks/manpages.rake +1 -1
  440. metadata +71 -11
  441. checksums.yaml +0 -7
@@ -82,5 +82,5 @@ module Puppet::Util::Backups
82
82
  sum = self.bucket.backup(f)
83
83
  self.info _("Filebucketed %{f} to %{filebucket} with sum %{sum}") % { f: f, filebucket: self.bucket.name, sum: sum }
84
84
  return sum
85
- end
85
+ end
86
86
  end
@@ -148,7 +148,7 @@ module Puppet::Util::IniConfig
148
148
  )
149
149
  INI_CONTINUATION = /^[ \t\r\n\f]/
150
150
  INI_SECTION_NAME = /^\[([^\]]+)\]/
151
- INI_PROPERTY = /^\s*([^\s=]+)\s*\=(.*)$/
151
+ INI_PROPERTY = /^\s*([^\s=]+)\s*\=\s*(.*)$/
152
152
 
153
153
  # @api private
154
154
  def parse(text)
@@ -177,10 +177,9 @@ module Puppet::Util::IniConfig
177
177
  section = add_section(section_name)
178
178
  optname = nil
179
179
  elsif (match = l.match(INI_PROPERTY))
180
- # We allow space around the keys, but not the values
181
- # For the values, we don't know if space is significant
180
+ # the regex strips leading white space from the value, and here we strip the trailing white space as well
182
181
  key = match[1]
183
- val = match[2]
182
+ val = match[2].rstrip
184
183
 
185
184
  if section.nil?
186
185
  raise IniParseError.new(_("Property with key %{key} outside of a section") % { key: key.inspect })
@@ -0,0 +1,68 @@
1
+ module Puppet::Util
2
+ module Json
3
+ class ParseError < StandardError
4
+ attr_reader :cause, :data
5
+
6
+ def self.build(original_exception, data)
7
+ new(original_exception.message).tap do |exception|
8
+ exception.instance_eval do
9
+ @cause = original_exception
10
+ set_backtrace original_exception.backtrace
11
+ @data = data
12
+ end
13
+ end
14
+ end
15
+ end
16
+
17
+ begin
18
+ require 'multi_json'
19
+ # Force backend detection before attempting to use the library
20
+ # or load any other JSON libraries
21
+ MultiJson.default_adapter
22
+
23
+ # Preserve core type monkey-patching done by the built-in JSON gem
24
+ require 'json'
25
+ rescue LoadError
26
+ require 'json'
27
+ end
28
+
29
+ # These methods do similar processing to the fallback implemented by MultiJson
30
+ # when using the built-in JSON backend, to ensure consistent behavior
31
+ # whether or not MultiJson can be loaded.
32
+ def self.load(string, options = {})
33
+ if defined? MultiJson
34
+ begin
35
+ MultiJson.load(string, options)
36
+ rescue MultiJson::ParseError => e
37
+ raise Puppet::Util::Json::ParseError.build(e, string)
38
+ end
39
+ else
40
+ begin
41
+ string = string.read if string.respond_to?(:read)
42
+
43
+ options[:symbolize_names] = true if options.delete(:symbolize_keys)
44
+ ::JSON.parse(string, options)
45
+ rescue JSON::ParserError => e
46
+ raise Puppet::Util::Json::ParseError.build(e, string)
47
+ end
48
+ end
49
+ end
50
+
51
+ def self.dump(object, options = {})
52
+ if defined? MultiJson
53
+ # MultiJson calls `merge` on the options it is passed, which relies
54
+ # on the options' defining a `to_hash` method. In Ruby 1.9.3,
55
+ # JSON::Ext::Generator::State only defines `to_h`, not `to_hash`, so we
56
+ # need to convert it first, similar to what is done in the `else` block
57
+ # below. Later versions of the JSON gem alias `to_h` to `to_hash`, so this
58
+ # can be removed once we drop Ruby 1.9.3 support.
59
+ options = options.to_h if options.class.name == "JSON::Ext::Generator::State"
60
+
61
+ MultiJson.dump(object, options)
62
+ else
63
+ options.merge!(::JSON::PRETTY_STATE_PROTOTYPE.to_h) if options.delete(:pretty)
64
+ object.to_json(options)
65
+ end
66
+ end
67
+ end
68
+ end
@@ -23,7 +23,7 @@ class Puppet::Util::JsonLockfile < Puppet::Util::Lockfile
23
23
  def lock(lock_data = nil)
24
24
  return false if locked?
25
25
 
26
- super(lock_data.to_json)
26
+ super(Puppet::Util::Json.dump(lock_data))
27
27
  end
28
28
 
29
29
  # Retrieve the (optional) lock data that was specified at the time the file
@@ -35,8 +35,8 @@ class Puppet::Util::JsonLockfile < Puppet::Util::Lockfile
35
35
  return nil unless file_locked?
36
36
  file_contents = super
37
37
  return nil if file_contents.nil? or file_contents.empty?
38
- JSON.parse(file_contents)
39
- rescue JSON::ParserError
38
+ Puppet::Util::Json.load(file_contents)
39
+ rescue Puppet::Util::Json::ParseError
40
40
  Puppet.warning _("Unable to read lockfile data from %{path}: not in JSON") % { path: @file_path }
41
41
  nil
42
42
  end
@@ -164,8 +164,6 @@ class Puppet::Util::Log
164
164
  end
165
165
  end
166
166
 
167
- private
168
- # produces UTF-8 strings or dumps strings when they cannot be re-encoded
169
167
  def Log.coerce_string(str)
170
168
  return Puppet::Util::CharacterEncoding.convert_to_utf_8(str) if str.valid_encoding?
171
169
 
@@ -175,8 +173,7 @@ class Puppet::Util::Log
175
173
  message += '\n' + _("Backtrace:\n%{backtrace}") % { backtrace: caller[0..10].join("\n") }
176
174
  message
177
175
  end
178
-
179
- public
176
+ private_class_method :coerce_string
180
177
 
181
178
  # Route the actual message. FIXME There are lots of things this method
182
179
  # should do, like caching and a bit more. It's worth noting that there's
@@ -381,7 +378,7 @@ class Puppet::Util::Log
381
378
  def source=(source)
382
379
  if defined?(Puppet::Type) && source.is_a?(Puppet::Type)
383
380
  @source = source.path
384
- source.tags.each { |t| tag(t) }
381
+ merge_tags_from(source)
385
382
  self.file = source.file
386
383
  self.line = source.line
387
384
  else
@@ -109,7 +109,7 @@ Puppet::Util::Log.newdesttype :file do
109
109
  def handle(msg)
110
110
  if @json > 0
111
111
  @json > 1 ? @file.puts(',') : @json = 2
112
- JSON.dump(msg.to_structured_hash, @file)
112
+ Puppet::Util::Json.dump(msg.to_structured_hash, @file)
113
113
  else
114
114
  @file.puts("#{msg.time} #{msg.source} (#{msg.level}): #{msg}")
115
115
  end
@@ -135,7 +135,7 @@ Puppet::Util::Log.newdesttype :logstash_event do
135
135
 
136
136
  def handle(msg)
137
137
  message = format(msg)
138
- $stdout.puts message.to_json
138
+ $stdout.puts Puppet::Util::Json.dump(message)
139
139
  end
140
140
  end
141
141
 
@@ -63,7 +63,7 @@ class Puppet::Util::NetworkDevice::Cisco::Facts
63
63
  end
64
64
 
65
65
  def uptime_to_seconds(uptime)
66
- captures = (uptime.match /^(?:(\d+) years?,)?\s*(?:(\d+) weeks?,)?\s*(?:(\d+) days?,)?\s*(?:(\d+) hours?,)?\s*(\d+) minutes?$/).captures
66
+ captures = (uptime.match(/^(?:(\d+) years?,)?\s*(?:(\d+) weeks?,)?\s*(?:(\d+) days?,)?\s*(?:(\d+) hours?,)?\s*(\d+) minutes?$/)).captures
67
67
  captures.zip([31536000, 604800, 86400, 3600, 60]).inject(0) do |total, (x,y)|
68
68
  total + (x.nil? ? 0 : x.to_i * y)
69
69
  end
@@ -41,7 +41,7 @@ module Puppet::Util::Plist
41
41
 
42
42
  Puppet.debug "Plist #{file_path} ill-formatted, converting with plutil"
43
43
  begin
44
- plist = Puppet::Util::Execution.execute(['/usr/bin/plutil', '-convert', 'xml1', '-o', '/dev/stdout', file_path],
44
+ plist = Puppet::Util::Execution.execute(['/usr/bin/plutil', '-convert', 'xml1', '-o', '-', file_path],
45
45
  {:failonfail => true, :combine => true})
46
46
  return parse_plist(plist)
47
47
  rescue Puppet::ExecutionFailure => detail
@@ -12,10 +12,6 @@ class Puppet::Util::Reference
12
12
 
13
13
  instance_load(:reference, 'puppet/reference')
14
14
 
15
- def self.footer
16
- "\n\n----------------\n\n" + _("*This page autogenerated on %{current_time}*\n") % { current_time: Time.now.to_s }
17
- end
18
-
19
15
  def self.modes
20
16
  %w{pdf text}
21
17
  end
@@ -111,15 +107,12 @@ class Puppet::Util::Reference
111
107
  def to_markdown(withcontents = true)
112
108
  # First the header
113
109
  text = markdown_header(@title, 1)
114
- #TRANSLATORS message accompanied by date of generation
115
- text << _("\n\n**This page is autogenerated; any changes will get overwritten** *(last generated on %{current_time})*\n\n") % { current_time: Time.now.to_s }
110
+ text << _("\n\n**This page is autogenerated; any changes will get overwritten**\n\n")
116
111
 
117
112
  text << @header
118
113
 
119
114
  text << generate
120
115
 
121
- text << self.class.footer if withcontents
122
-
123
116
  text
124
117
  end
125
118
  end
@@ -87,7 +87,7 @@ module Puppet::Util::Tagging
87
87
 
88
88
  # Merge tags from a tagged instance with no attempts to split, downcase
89
89
  # or verify the tags
90
- def merge_tags(tag_source)
90
+ def merge_tags_from(tag_source)
91
91
  @tags ||= new_tags
92
92
  tag_source.merge_into(@tags)
93
93
  end
@@ -20,8 +20,6 @@ module Puppet::Util::Warnings
20
20
  nil
21
21
  end
22
22
 
23
- protected
24
-
25
23
  def self.maybe_log(message, klass)
26
24
  @stampwarnings ||= {}
27
25
  @stampwarnings[klass] ||= []
@@ -66,7 +66,7 @@ module Puppet::Util::Windows::ADSI
66
66
  return sid_uri(sid) if sid.kind_of?(Puppet::Util::Windows::SID::Principal)
67
67
 
68
68
  begin
69
- sid = Puppet::Util::Windows::SID.name_to_sid_object(sid)
69
+ sid = Puppet::Util::Windows::SID.name_to_principal(sid)
70
70
  sid_uri(sid)
71
71
  rescue Puppet::Util::Windows::Error, Puppet::Error
72
72
  nil
@@ -114,7 +114,7 @@ module Puppet::Util::Windows::ADSI
114
114
  Puppet::Util::Windows::SID.sid_to_name('S-1-5-32').upcase,
115
115
  # localized version of NT AUTHORITY (can't use S-1-5)
116
116
  # for instance AUTORITE NT on French Windows
117
- Puppet::Util::Windows::SID.name_to_sid_object('SYSTEM').domain.upcase
117
+ Puppet::Util::Windows::SID.name_to_principal('SYSTEM').domain.upcase
118
118
  ]
119
119
  end
120
120
 
@@ -139,10 +139,12 @@ module Puppet::Util::Windows::ADSI
139
139
  return account, domain
140
140
  end
141
141
 
142
+ # returns Puppet::Util::Windows::SID::Principal[]
143
+ # may contain objects that represent unresolvable SIDs
142
144
  def get_sids(adsi_child_collection)
143
145
  sids = []
144
146
  adsi_child_collection.each do |m|
145
- sids << Puppet::Util::Windows::SID.octet_string_to_sid_object(m.objectSID)
147
+ sids << Puppet::Util::Windows::SID.ads_to_principal(m)
146
148
  end
147
149
 
148
150
  sids
@@ -152,7 +154,7 @@ module Puppet::Util::Windows::ADSI
152
154
  return {} if names.nil? || names.empty?
153
155
 
154
156
  sids = names.map do |name|
155
- sid = Puppet::Util::Windows::SID.name_to_sid_object(name)
157
+ sid = Puppet::Util::Windows::SID.name_to_principal(name)
156
158
  raise Puppet::Error.new( _("Could not resolve name: %{name}") % { name: name } ) if !sid
157
159
  [sid.sid, sid]
158
160
  end
@@ -183,7 +185,7 @@ module Puppet::Util::Windows::ADSI
183
185
  end
184
186
 
185
187
  def sid
186
- @sid ||= Puppet::Util::Windows::SID.octet_string_to_sid_object(native_user.objectSID)
188
+ @sid ||= Puppet::Util::Windows::SID.octet_string_to_principal(native_user.objectSID)
187
189
  end
188
190
 
189
191
  def uri
@@ -336,12 +338,12 @@ module Puppet::Util::Windows::ADSI
336
338
  end
337
339
 
338
340
  def self.current_user_sid
339
- Puppet::Util::Windows::SID.name_to_sid_object(current_user_name)
341
+ Puppet::Util::Windows::SID.name_to_principal(current_user_name)
340
342
  end
341
343
 
342
344
  def self.exists?(name_or_sid)
343
345
  well_known = false
344
- if (sid = Puppet::Util::Windows::SID.name_to_sid_object(name_or_sid))
346
+ if (sid = Puppet::Util::Windows::SID.name_to_principal(name_or_sid))
345
347
  return true if sid.account_type == :SidTypeUser
346
348
 
347
349
  # 'well known group' is special as it can be a group like Everyone OR a user like SYSTEM
@@ -431,7 +433,7 @@ module Puppet::Util::Windows::ADSI
431
433
  end
432
434
 
433
435
  def sid
434
- @sid ||= Puppet::Util::Windows::SID.octet_string_to_sid_object(native_group.objectSID)
436
+ @sid ||= Puppet::Util::Windows::SID.octet_string_to_principal(native_group.objectSID)
435
437
  end
436
438
 
437
439
  def commit
@@ -463,18 +465,13 @@ module Puppet::Util::Windows::ADSI
463
465
  end
464
466
  end
465
467
 
468
+ # returns Puppet::Util::Windows::SID::Principal[]
469
+ # may contain objects that represent unresolvable SIDs
470
+ # qualified account names are returned by calling #domain_account
466
471
  def members
467
- # WIN32OLE objects aren't enumerable, so no map
468
- members = []
469
- # Setting WIN32OLE.codepage in the microsoft_windows feature ensures
470
- # values are returned as UTF-8
471
- native_group.Members.each {|m| members << m.Name}
472
- members
473
- end
474
-
475
- def member_sids
476
472
  self.class.get_sids(native_group.Members)
477
473
  end
474
+ alias member_sids members
478
475
 
479
476
  def set_members(desired_members, inclusive = true)
480
477
  return if desired_members.nil?
@@ -508,7 +505,7 @@ module Puppet::Util::Windows::ADSI
508
505
 
509
506
  def self.exists?(name_or_sid)
510
507
  well_known = false
511
- if (sid = Puppet::Util::Windows::SID.name_to_sid_object(name_or_sid))
508
+ if (sid = Puppet::Util::Windows::SID.name_to_principal(name_or_sid))
512
509
  return true if sid.account_type == :SidTypeGroup
513
510
 
514
511
  # 'well known group' is special as it can be a group like Everyone OR a user like SYSTEM
@@ -76,8 +76,9 @@ module Puppet::Util::Windows::COM
76
76
  vtable_hash = Hash[(ifaces.map { |iface| iface::VTBL::SPEC.to_a } << spec.to_a).flatten(1)]
77
77
  const_set(:SPEC, vtable_hash)
78
78
 
79
- layout \
79
+ layout(
80
80
  *self::SPEC.map { |name, signature| [name, callback(*signature)] }.flatten
81
+ )
81
82
  end
82
83
 
83
84
  const_set(:VTBL, vtable)
@@ -393,8 +393,6 @@ module Puppet::Util::Windows::File
393
393
  end
394
394
  module_function :lstat
395
395
 
396
- private
397
-
398
396
  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa364571(v=vs.85).aspx
399
397
  FSCTL_GET_REPARSE_POINT = 0x900a8
400
398
 
@@ -410,6 +408,7 @@ module Puppet::Util::Windows::File
410
408
 
411
409
  path
412
410
  end
411
+ private_class_method :resolve_symlink
413
412
 
414
413
  # these reparse point types are the only ones Puppet currently understands
415
414
  # so rather than raising an exception in readlink, prefer to not consider
@@ -426,6 +425,7 @@ module Puppet::Util::Windows::File
426
425
 
427
426
  symlink
428
427
  end
428
+ private_class_method :symlink_reparse_point?
429
429
 
430
430
  ffi_convention :stdcall
431
431
 
@@ -32,9 +32,10 @@ module Puppet::Util::Windows::SID
32
32
  @sid_bytes == compare.sid_bytes
33
33
  end
34
34
 
35
- # added for backward compatibility
35
+ # returns authority qualified account name
36
+ # prefer to compare Principal instances with == operator or by #sid
36
37
  def to_s
37
- @sid
38
+ @domain_account
38
39
  end
39
40
 
40
41
  # = 8 + max sub identifiers (15) * 4
@@ -64,14 +65,14 @@ module Puppet::Util::Windows::SID
64
65
  last_error = FFI.errno
65
66
 
66
67
  if (success == FFI::WIN32_FALSE && last_error != ERROR_INSUFFICIENT_BUFFER)
67
- raise Puppet::Util::Windows::Error.new(_('Failed to call LookupAccountNameW'), last_error)
68
+ raise Puppet::Util::Windows::Error.new(_('Failed to call LookupAccountNameW with account: %{account_name}') % { account_name: account_name}, last_error)
68
69
  end
69
70
 
70
71
  FFI::MemoryPointer.new(:lpwstr, domain_length_ptr.read_dword) do |domain_ptr|
71
72
  if LookupAccountNameW(system_name_ptr, account_name_ptr,
72
73
  sid_ptr, sid_length_ptr,
73
74
  domain_ptr, domain_length_ptr, name_use_enum_ptr) == FFI::WIN32_FALSE
74
- raise Puppet::Util::Windows::Error.new(_('Failed to call LookupAccountNameW'))
75
+ raise Puppet::Util::Windows::Error.new(_('Failed to call LookupAccountNameW with account: %{account_name}') % { account_name: account_name} )
75
76
  end
76
77
 
77
78
  # with a SID returned, loop back through lookup_account_sid to retrieve official name
@@ -116,14 +117,14 @@ module Puppet::Util::Windows::SID
116
117
  last_error = FFI.errno
117
118
 
118
119
  if (success == FFI::WIN32_FALSE && last_error != ERROR_INSUFFICIENT_BUFFER)
119
- raise Puppet::Util::Windows::Error.new(_('Failed to call LookupAccountSidW'), last_error)
120
+ raise Puppet::Util::Windows::Error.new(_('Failed to call LookupAccountSidW with bytes: %{sid_bytes}') % { sid_bytes: sid_bytes}, last_error)
120
121
  end
121
122
 
122
123
  FFI::MemoryPointer.new(:lpwstr, name_length_ptr.read_dword) do |name_ptr|
123
124
  FFI::MemoryPointer.new(:lpwstr, domain_length_ptr.read_dword) do |domain_ptr|
124
125
  if LookupAccountSidW(system_name_ptr, sid_ptr, name_ptr, name_length_ptr,
125
126
  domain_ptr, domain_length_ptr, name_use_enum_ptr) == FFI::WIN32_FALSE
126
- raise Puppet::Util::Windows::Error.new(_('Failed to call LookupAccountSidW'))
127
+ raise Puppet::Util::Windows::Error.new(_('Failed to call LookupAccountSidW with bytes: %{sid_bytes}') % { sid_bytes: sid_bytes} )
127
128
  end
128
129
 
129
130
  return new(
@@ -52,18 +52,18 @@ module Puppet::Util::Windows
52
52
  # 'BUILTIN\Administrators', or 'S-1-5-32-544', and will return the
53
53
  # SID. Returns nil if the account doesn't exist.
54
54
  def name_to_sid(name)
55
- sid = name_to_sid_object(name)
55
+ sid = name_to_principal(name)
56
56
 
57
57
  sid ? sid.sid : nil
58
58
  end
59
59
  module_function :name_to_sid
60
60
 
61
- # Convert an account name, e.g. 'Administrators' into a SID object,
61
+ # Convert an account name, e.g. 'Administrators' into a Principal::SID object,
62
62
  # e.g. 'S-1-5-32-544'. The name can be specified as 'Administrators',
63
63
  # 'BUILTIN\Administrators', or 'S-1-5-32-544', and will return the
64
64
  # SID object. Returns nil if the account doesn't exist.
65
65
  # This method returns a SID::Principal with the account, domain, SID, etc
66
- def name_to_sid_object(name)
66
+ def name_to_principal(name)
67
67
  # Apparently, we accept a symbol..
68
68
  name = name.to_s.strip if name
69
69
 
@@ -80,21 +80,50 @@ module Puppet::Util::Windows
80
80
  rescue
81
81
  nil
82
82
  end
83
- module_function :name_to_sid_object
83
+ module_function :name_to_principal
84
+ class << self; alias name_to_sid_object name_to_principal; end
84
85
 
85
- # Converts an octet string array of bytes to a SID object,
86
+ # Converts an octet string array of bytes to a SID::Principal object,
86
87
  # e.g. [1, 1, 0, 0, 0, 0, 0, 5, 18, 0, 0, 0] is the representation for
87
88
  # S-1-5-18, the local 'SYSTEM' account.
88
89
  # Raises an Error for nil or non-array input.
89
90
  # This method returns a SID::Principal with the account, domain, SID, etc
90
- def octet_string_to_sid_object(bytes)
91
+ def octet_string_to_principal(bytes)
91
92
  if !bytes || !bytes.respond_to?('pack') || bytes.empty?
92
93
  raise Puppet::Util::Windows::Error.new(_("Octet string must be an array of bytes"))
93
94
  end
94
95
 
95
96
  Principal.lookup_account_sid(bytes)
96
97
  end
97
- module_function :octet_string_to_sid_object
98
+ module_function :octet_string_to_principal
99
+ class << self; alias octet_string_to_sid_object octet_string_to_principal; end
100
+
101
+ # Converts a COM instance of IAdsUser or IAdsGroup to a SID::Principal object,
102
+ # Raises an Error for nil or an object without an objectSID / Name property.
103
+ # This method returns a SID::Principal with the account, domain, SID, etc
104
+ # This method will return instances even when the SID is unresolvable, as
105
+ # may be the case when domain users have been added to local groups, but
106
+ # removed from the domain
107
+ def ads_to_principal(ads_object)
108
+ if !ads_object || !ads_object.respond_to?(:ole_respond_to?) ||
109
+ !ads_object.ole_respond_to?(:objectSID) || !ads_object.ole_respond_to?(:Name)
110
+ raise Puppet::Error.new("ads_object must be an IAdsUser or IAdsGroup instance")
111
+ end
112
+ octet_string_to_principal(ads_object.objectSID)
113
+ rescue Puppet::Util::Windows::Error => e
114
+ # if the error is not a lookup / mapping problem, immediately re-raise
115
+ raise if e.code != ERROR_NONE_MAPPED
116
+
117
+ # if the Name property isn't formatted like a SID, OR
118
+ if !valid_sid?(ads_object.Name) ||
119
+ # if the objectSID doesn't match the Name property, also raise
120
+ ((converted = octet_string_to_sid_string(ads_object.objectSID)) != ads_object.Name)
121
+ raise Puppet::Error.new("ads_object Name: #{ads_object.Name} invalid or does not match objectSID: #{ads_object.objectSID} (#{converted})", e)
122
+ end
123
+
124
+ unresolved_principal(ads_object.Name, ads_object.objectSID)
125
+ end
126
+ module_function :ads_to_principal
98
127
 
99
128
  # Convert a SID string, e.g. "S-1-5-32-544" to a name,
100
129
  # e.g. 'BUILTIN\Administrators'. Returns nil if an account
@@ -191,6 +220,30 @@ module Puppet::Util::Windows
191
220
  end
192
221
  module_function :get_length_sid
193
222
 
223
+ def octet_string_to_sid_string(sid_bytes)
224
+ sid_string = nil
225
+
226
+ FFI::MemoryPointer.new(:byte, sid_bytes.length) do |sid_ptr|
227
+ sid_ptr.write_array_of_uchar(sid_bytes)
228
+ sid_string = Puppet::Util::Windows::SID.sid_ptr_to_string(sid_ptr)
229
+ end
230
+
231
+ sid_string
232
+ end
233
+ module_function :octet_string_to_sid_string
234
+
235
+ # @api private
236
+ def self.unresolved_principal(name, sid_bytes)
237
+ Principal.new(
238
+ name + " (unresolvable)", # account
239
+ sid_bytes, # sid_bytes
240
+ name, # sid string
241
+ nil, #domain
242
+ # https://msdn.microsoft.com/en-us/library/cc245534.aspx?f=255&MSPPError=-2147217396
243
+ # Indicates that the type of object could not be determined. For example, no object with that SID exists.
244
+ :SidTypeUnknown)
245
+ end
246
+
194
247
  ffi_convention :stdcall
195
248
 
196
249
  # https://msdn.microsoft.com/en-us/library/windows/desktop/aa379151(v=vs.85).aspx