puppet 6.16.0-x64-mingw32 → 7.0.0-x64-mingw32

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puppet might be problematic. Click here for more details.

Files changed (645) hide show
  1. checksums.yaml +4 -4
  2. data/Gemfile +5 -3
  3. data/Gemfile.lock +31 -33
  4. data/README.md +4 -5
  5. data/Rakefile +4 -12
  6. data/conf/fileserver.conf +5 -10
  7. data/ext/build_defaults.yaml +1 -1
  8. data/ext/osx/file_mapping.yaml +0 -5
  9. data/ext/project_data.yaml +1 -14
  10. data/ext/redhat/puppet.spec.erb +0 -1
  11. data/ext/windows/service/daemon.rb +6 -5
  12. data/install.rb +21 -17
  13. data/lib/puppet.rb +11 -20
  14. data/lib/puppet/agent.rb +2 -2
  15. data/lib/puppet/agent/locker.rb +0 -7
  16. data/lib/puppet/application.rb +172 -98
  17. data/lib/puppet/application/agent.rb +22 -6
  18. data/lib/puppet/application/apply.rb +18 -20
  19. data/lib/puppet/application/device.rb +100 -104
  20. data/lib/puppet/application/doc.rb +1 -1
  21. data/lib/puppet/application/filebucket.rb +15 -11
  22. data/lib/puppet/application/lookup.rb +16 -4
  23. data/lib/puppet/application/ssl.rb +1 -1
  24. data/lib/puppet/configurer.rb +66 -31
  25. data/lib/puppet/configurer/downloader.rb +31 -10
  26. data/lib/puppet/configurer/plugin_handler.rb +21 -19
  27. data/lib/puppet/confine.rb +2 -2
  28. data/lib/puppet/confine/any.rb +1 -1
  29. data/lib/puppet/defaults.rb +166 -169
  30. data/lib/puppet/environments.rb +41 -15
  31. data/lib/puppet/face/catalog.rb +1 -1
  32. data/lib/puppet/face/config.rb +56 -16
  33. data/lib/puppet/face/epp.rb +12 -2
  34. data/lib/puppet/face/facts.rb +66 -6
  35. data/lib/puppet/face/help.rb +1 -1
  36. data/lib/puppet/face/node.rb +3 -3
  37. data/lib/puppet/face/node/clean.rb +2 -2
  38. data/lib/puppet/face/plugin.rb +5 -8
  39. data/lib/puppet/feature/base.rb +1 -1
  40. data/lib/puppet/ffi/windows.rb +12 -0
  41. data/lib/puppet/ffi/windows/api_types.rb +311 -0
  42. data/lib/puppet/ffi/windows/constants.rb +404 -0
  43. data/lib/puppet/ffi/windows/functions.rb +628 -0
  44. data/lib/puppet/ffi/windows/structs.rb +338 -0
  45. data/lib/puppet/file_bucket/dipper.rb +1 -1
  46. data/lib/puppet/file_serving/configuration.rb +0 -5
  47. data/lib/puppet/file_serving/configuration/parser.rb +3 -32
  48. data/lib/puppet/file_serving/http_metadata.rb +13 -1
  49. data/lib/puppet/file_serving/metadata.rb +4 -1
  50. data/lib/puppet/file_serving/mount.rb +1 -2
  51. data/lib/puppet/file_serving/mount/locales.rb +1 -2
  52. data/lib/puppet/file_serving/mount/pluginfacts.rb +1 -2
  53. data/lib/puppet/file_serving/mount/plugins.rb +1 -2
  54. data/lib/puppet/file_serving/terminus_selector.rb +7 -8
  55. data/lib/puppet/file_system/file_impl.rb +4 -4
  56. data/lib/puppet/file_system/uniquefile.rb +8 -16
  57. data/lib/puppet/forge.rb +1 -1
  58. data/lib/puppet/forge/cache.rb +1 -1
  59. data/lib/puppet/forge/repository.rb +3 -8
  60. data/lib/puppet/functions/epp.rb +1 -0
  61. data/lib/puppet/functions/inline_epp.rb +1 -0
  62. data/lib/puppet/functions/lstrip.rb +4 -4
  63. data/lib/puppet/functions/new.rb +8 -3
  64. data/lib/puppet/functions/reverse_each.rb +1 -1
  65. data/lib/puppet/functions/rstrip.rb +4 -4
  66. data/lib/puppet/functions/step.rb +1 -1
  67. data/lib/puppet/functions/strip.rb +4 -4
  68. data/lib/puppet/generate/models/type/type.rb +4 -1
  69. data/lib/puppet/gettext/config.rb +5 -5
  70. data/lib/puppet/gettext/module_translations.rb +4 -4
  71. data/lib/puppet/http.rb +23 -13
  72. data/lib/puppet/http/client.rb +170 -115
  73. data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
  74. data/lib/puppet/http/errors.rb +16 -0
  75. data/lib/puppet/http/external_client.rb +5 -7
  76. data/lib/puppet/{network/http → http}/factory.rb +8 -11
  77. data/lib/puppet/{network/http → http}/pool.rb +61 -26
  78. data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
  79. data/lib/puppet/http/proxy.rb +137 -0
  80. data/lib/puppet/http/redirector.rb +13 -19
  81. data/lib/puppet/http/resolver.rb +10 -23
  82. data/lib/puppet/http/resolver/server_list.rb +23 -45
  83. data/lib/puppet/http/resolver/settings.rb +7 -10
  84. data/lib/puppet/http/resolver/srv.rb +11 -15
  85. data/lib/puppet/http/response.rb +49 -48
  86. data/lib/puppet/http/response_converter.rb +24 -0
  87. data/lib/puppet/http/response_net_http.rb +42 -0
  88. data/lib/puppet/http/retry_after_handler.rb +4 -13
  89. data/lib/puppet/http/service.rb +15 -27
  90. data/lib/puppet/http/service/ca.rb +11 -22
  91. data/lib/puppet/http/service/compiler.rb +23 -70
  92. data/lib/puppet/http/service/file_server.rb +19 -28
  93. data/lib/puppet/http/service/puppetserver.rb +53 -0
  94. data/lib/puppet/http/service/report.rb +8 -10
  95. data/lib/puppet/http/session.rb +16 -24
  96. data/lib/puppet/{network/http → http}/site.rb +1 -2
  97. data/lib/puppet/indirector.rb +1 -1
  98. data/lib/puppet/indirector/catalog/compiler.rb +1 -1
  99. data/lib/puppet/indirector/catalog/rest.rb +2 -4
  100. data/lib/puppet/indirector/exec.rb +1 -1
  101. data/lib/puppet/indirector/fact_search.rb +60 -0
  102. data/lib/puppet/indirector/facts/facter.rb +27 -6
  103. data/lib/puppet/indirector/facts/json.rb +27 -0
  104. data/lib/puppet/indirector/facts/rest.rb +3 -22
  105. data/lib/puppet/indirector/facts/yaml.rb +4 -59
  106. data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
  107. data/lib/puppet/indirector/file_content/rest.rb +3 -7
  108. data/lib/puppet/indirector/file_metadata/http.rb +25 -5
  109. data/lib/puppet/indirector/file_metadata/rest.rb +5 -11
  110. data/lib/puppet/indirector/file_server.rb +1 -8
  111. data/lib/puppet/indirector/generic_http.rb +0 -11
  112. data/lib/puppet/indirector/hiera.rb +4 -0
  113. data/lib/puppet/indirector/indirection.rb +1 -1
  114. data/lib/puppet/indirector/json.rb +5 -1
  115. data/lib/puppet/indirector/msgpack.rb +1 -1
  116. data/lib/puppet/indirector/node/json.rb +8 -0
  117. data/lib/puppet/indirector/node/rest.rb +2 -4
  118. data/lib/puppet/indirector/report/json.rb +34 -0
  119. data/lib/puppet/indirector/report/processor.rb +2 -2
  120. data/lib/puppet/indirector/report/rest.rb +3 -8
  121. data/lib/puppet/indirector/request.rb +2 -103
  122. data/lib/puppet/indirector/rest.rb +12 -263
  123. data/lib/puppet/indirector/yaml.rb +1 -1
  124. data/lib/puppet/module.rb +1 -2
  125. data/lib/puppet/module_tool/applications.rb +0 -1
  126. data/lib/puppet/network/authconfig.rb +2 -96
  127. data/lib/puppet/network/authorization.rb +13 -35
  128. data/lib/puppet/network/format_support.rb +2 -2
  129. data/lib/puppet/network/formats.rb +2 -1
  130. data/lib/puppet/network/http.rb +3 -3
  131. data/lib/puppet/network/http/api/indirected_routes.rb +3 -21
  132. data/lib/puppet/network/http/api/master/v3.rb +11 -13
  133. data/lib/puppet/network/http/api/master/v3/environments.rb +0 -1
  134. data/lib/puppet/network/http/connection.rb +247 -316
  135. data/lib/puppet/network/http/handler.rb +0 -1
  136. data/lib/puppet/network/http/route.rb +2 -2
  137. data/lib/puppet/network/http_pool.rb +16 -34
  138. data/lib/puppet/node.rb +1 -30
  139. data/lib/puppet/node/environment.rb +12 -5
  140. data/lib/puppet/node/facts.rb +17 -0
  141. data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
  142. data/lib/puppet/pal/pal_impl.rb +93 -14
  143. data/lib/puppet/parameter.rb +1 -1
  144. data/lib/puppet/parser/ast/leaf.rb +5 -5
  145. data/lib/puppet/parser/ast/pops_bridge.rb +0 -42
  146. data/lib/puppet/parser/compiler.rb +1 -199
  147. data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
  148. data/lib/puppet/parser/functions.rb +21 -17
  149. data/lib/puppet/parser/functions/create_resources.rb +11 -7
  150. data/lib/puppet/parser/resource.rb +3 -71
  151. data/lib/puppet/parser/resource/param.rb +6 -0
  152. data/lib/puppet/parser/type_loader.rb +2 -2
  153. data/lib/puppet/pops/adaptable.rb +7 -13
  154. data/lib/puppet/pops/adapters.rb +8 -4
  155. data/lib/puppet/pops/evaluator/collectors/abstract_collector.rb +1 -3
  156. data/lib/puppet/pops/evaluator/evaluator_impl.rb +27 -13
  157. data/lib/puppet/pops/evaluator/runtime3_converter.rb +2 -2
  158. data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
  159. data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
  160. data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
  161. data/lib/puppet/pops/loader/runtime3_type_loader.rb +4 -2
  162. data/lib/puppet/pops/loaders.rb +18 -11
  163. data/lib/puppet/pops/lookup/context.rb +1 -1
  164. data/lib/puppet/pops/lookup/hiera_config.rb +14 -1
  165. data/lib/puppet/pops/model/ast.pp +0 -42
  166. data/lib/puppet/pops/model/ast.rb +0 -290
  167. data/lib/puppet/pops/model/factory.rb +0 -45
  168. data/lib/puppet/pops/model/model_label_provider.rb +0 -5
  169. data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
  170. data/lib/puppet/pops/model/pn_transformer.rb +0 -16
  171. data/lib/puppet/pops/parser/egrammar.ra +0 -56
  172. data/lib/puppet/pops/parser/eparser.rb +1520 -1712
  173. data/lib/puppet/pops/parser/lexer2.rb +4 -4
  174. data/lib/puppet/pops/parser/parser_support.rb +0 -5
  175. data/lib/puppet/pops/resource/resource_type_impl.rb +2 -22
  176. data/lib/puppet/pops/types/iterable.rb +34 -8
  177. data/lib/puppet/pops/types/p_meta_type.rb +1 -1
  178. data/lib/puppet/pops/types/p_type_set_type.rb +4 -0
  179. data/lib/puppet/pops/types/type_calculator.rb +0 -7
  180. data/lib/puppet/pops/types/type_parser.rb +0 -4
  181. data/lib/puppet/pops/types/types.rb +0 -1
  182. data/lib/puppet/pops/validation/checker4_0.rb +28 -42
  183. data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
  184. data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -1
  185. data/lib/puppet/provider.rb +0 -13
  186. data/lib/puppet/provider/file/windows.rb +1 -1
  187. data/lib/puppet/provider/nameservice.rb +0 -18
  188. data/lib/puppet/provider/package/apt.rb +34 -0
  189. data/lib/puppet/provider/package/aptitude.rb +1 -1
  190. data/lib/puppet/provider/package/dpkg.rb +1 -11
  191. data/lib/puppet/provider/package/gem.rb +27 -5
  192. data/lib/puppet/provider/package/pip.rb +0 -1
  193. data/lib/puppet/provider/package/pip2.rb +17 -0
  194. data/lib/puppet/provider/package/pkg.rb +0 -4
  195. data/lib/puppet/provider/package/portage.rb +1 -1
  196. data/lib/puppet/provider/package/puppet_gem.rb +6 -4
  197. data/lib/puppet/provider/package/puppetserver_gem.rb +180 -0
  198. data/lib/puppet/provider/package/yum.rb +2 -1
  199. data/lib/puppet/provider/package/zypper.rb +3 -0
  200. data/lib/puppet/provider/service/smf.rb +191 -73
  201. data/lib/puppet/provider/service/windows.rb +23 -7
  202. data/lib/puppet/provider/user/aix.rb +1 -1
  203. data/lib/puppet/provider/user/directoryservice.rb +0 -10
  204. data/lib/puppet/provider/user/user_role_add.rb +1 -1
  205. data/lib/puppet/provider/user/useradd.rb +11 -4
  206. data/lib/puppet/provider/user/windows_adsi.rb +18 -1
  207. data/lib/puppet/reference/configuration.rb +2 -0
  208. data/lib/puppet/reference/indirection.rb +1 -1
  209. data/lib/puppet/reports/http.rb +2 -0
  210. data/lib/puppet/resource.rb +3 -90
  211. data/lib/puppet/resource/catalog.rb +1 -14
  212. data/lib/puppet/resource/type.rb +5 -112
  213. data/lib/puppet/resource/type_collection.rb +3 -48
  214. data/lib/puppet/runtime.rb +1 -2
  215. data/lib/puppet/settings.rb +84 -35
  216. data/lib/puppet/settings/base_setting.rb +26 -2
  217. data/lib/puppet/settings/integer_setting.rb +17 -0
  218. data/lib/puppet/settings/port_setting.rb +15 -0
  219. data/lib/puppet/settings/priority_setting.rb +5 -4
  220. data/lib/puppet/ssl.rb +10 -6
  221. data/lib/puppet/ssl/base.rb +3 -5
  222. data/lib/puppet/ssl/certificate.rb +0 -6
  223. data/lib/puppet/ssl/certificate_request.rb +1 -12
  224. data/lib/puppet/ssl/certificate_signer.rb +6 -0
  225. data/lib/puppet/ssl/oids.rb +3 -1
  226. data/lib/puppet/ssl/ssl_context.rb +2 -2
  227. data/lib/puppet/ssl/ssl_provider.rb +37 -1
  228. data/lib/puppet/ssl/state_machine.rb +3 -1
  229. data/lib/puppet/ssl/verifier.rb +2 -0
  230. data/lib/puppet/test/test_helper.rb +19 -16
  231. data/lib/puppet/transaction.rb +3 -9
  232. data/lib/puppet/transaction/persistence.rb +1 -1
  233. data/lib/puppet/transaction/report.rb +10 -8
  234. data/lib/puppet/trusted_external.rb +29 -1
  235. data/lib/puppet/type.rb +9 -77
  236. data/lib/puppet/type/file.rb +45 -22
  237. data/lib/puppet/type/file/checksum.rb +5 -5
  238. data/lib/puppet/type/file/source.rb +33 -13
  239. data/lib/puppet/type/filebucket.rb +4 -4
  240. data/lib/puppet/type/notify.rb +2 -2
  241. data/lib/puppet/type/package.rb +5 -13
  242. data/lib/puppet/type/service.rb +53 -0
  243. data/lib/puppet/type/user.rb +18 -3
  244. data/lib/puppet/util.rb +41 -3
  245. data/lib/puppet/util/autoload.rb +9 -7
  246. data/lib/puppet/util/character_encoding.rb +9 -5
  247. data/lib/puppet/util/checksums.rb +19 -4
  248. data/lib/puppet/util/execution.rb +2 -13
  249. data/lib/puppet/util/fileparsing.rb +2 -2
  250. data/lib/puppet/util/http_proxy.rb +2 -215
  251. data/lib/puppet/util/monkey_patches.rb +0 -46
  252. data/lib/puppet/util/provider_features.rb +1 -1
  253. data/lib/puppet/util/rdoc.rb +0 -7
  254. data/lib/puppet/util/reference.rb +1 -1
  255. data/lib/puppet/util/retry_action.rb +1 -1
  256. data/lib/puppet/util/rubygems.rb +5 -1
  257. data/lib/puppet/util/run_mode.rb +14 -2
  258. data/lib/puppet/util/windows.rb +3 -7
  259. data/lib/puppet/util/windows/daemon.rb +360 -0
  260. data/lib/puppet/util/windows/error.rb +1 -0
  261. data/lib/puppet/util/windows/eventlog.rb +5 -15
  262. data/lib/puppet/util/windows/file.rb +8 -242
  263. data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
  264. data/lib/puppet/util/windows/principal.rb +8 -6
  265. data/lib/puppet/util/windows/process.rb +4 -226
  266. data/lib/puppet/util/windows/registry.rb +11 -11
  267. data/lib/puppet/util/windows/security.rb +4 -4
  268. data/lib/puppet/util/windows/service.rb +52 -486
  269. data/lib/puppet/util/windows/string.rb +12 -13
  270. data/lib/puppet/util/windows/user.rb +242 -8
  271. data/lib/puppet/util/yaml.rb +0 -22
  272. data/lib/puppet/vendor/require_vendored.rb +0 -1
  273. data/lib/puppet/version.rb +1 -1
  274. data/lib/puppet/x509.rb +5 -1
  275. data/lib/puppet/x509/cert_provider.rb +29 -1
  276. data/locales/puppet.pot +713 -1380
  277. data/man/man5/puppet.conf.5 +84 -98
  278. data/man/man8/puppet-agent.8 +7 -4
  279. data/man/man8/puppet-apply.8 +1 -1
  280. data/man/man8/puppet-catalog.8 +1 -1
  281. data/man/man8/puppet-config.8 +6 -6
  282. data/man/man8/puppet-describe.8 +1 -1
  283. data/man/man8/puppet-device.8 +1 -1
  284. data/man/man8/puppet-doc.8 +1 -1
  285. data/man/man8/puppet-epp.8 +1 -1
  286. data/man/man8/puppet-facts.8 +55 -9
  287. data/man/man8/puppet-filebucket.8 +6 -6
  288. data/man/man8/puppet-generate.8 +1 -1
  289. data/man/man8/puppet-help.8 +1 -1
  290. data/man/man8/puppet-lookup.8 +2 -2
  291. data/man/man8/puppet-module.8 +1 -58
  292. data/man/man8/puppet-node.8 +7 -4
  293. data/man/man8/puppet-parser.8 +1 -1
  294. data/man/man8/puppet-plugin.8 +1 -1
  295. data/man/man8/puppet-report.8 +4 -1
  296. data/man/man8/puppet-resource.8 +1 -1
  297. data/man/man8/puppet-script.8 +1 -1
  298. data/man/man8/puppet-ssl.8 +1 -1
  299. data/man/man8/puppet.8 +2 -2
  300. data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/provider/applytest/applytest.rb +2 -0
  301. data/spec/fixtures/integration/application/apply/environments/spec/modules/amod/lib/puppet/type/applytest.rb +25 -0
  302. data/spec/fixtures/unit/forge/bacula-releases.json +128 -0
  303. data/spec/fixtures/unit/forge/bacula.tar.gz +0 -0
  304. data/spec/fixtures/unit/provider/package/puppetserver_gem/gem-list-local-packages +30 -0
  305. data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
  306. data/spec/integration/application/agent_spec.rb +157 -59
  307. data/spec/integration/application/apply_spec.rb +150 -150
  308. data/spec/integration/application/doc_spec.rb +16 -6
  309. data/spec/integration/application/filebucket_spec.rb +78 -29
  310. data/spec/integration/application/help_spec.rb +44 -0
  311. data/spec/integration/application/lookup_spec.rb +13 -0
  312. data/spec/integration/application/module_spec.rb +68 -0
  313. data/spec/integration/application/plugin_spec.rb +76 -4
  314. data/spec/integration/configurer_spec.rb +14 -0
  315. data/spec/integration/data_binding_spec.rb +82 -0
  316. data/spec/integration/defaults_spec.rb +33 -5
  317. data/spec/integration/directory_environments_spec.rb +17 -17
  318. data/spec/integration/environments/setting_hooks_spec.rb +1 -1
  319. data/spec/integration/indirector/facts/facter_spec.rb +8 -6
  320. data/spec/integration/network/http_pool_spec.rb +29 -30
  321. data/spec/integration/node/environment_spec.rb +1 -1
  322. data/spec/integration/parser/catalog_spec.rb +0 -38
  323. data/spec/integration/parser/compiler_spec.rb +11 -0
  324. data/spec/integration/parser/node_spec.rb +0 -9
  325. data/spec/integration/parser/pcore_resource_spec.rb +0 -37
  326. data/spec/integration/type/file_spec.rb +6 -5
  327. data/spec/integration/util/execution_spec.rb +22 -0
  328. data/spec/integration/util/windows/adsi_spec.rb +2 -2
  329. data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
  330. data/spec/integration/util/windows/process_spec.rb +26 -32
  331. data/spec/integration/util/windows/registry_spec.rb +7 -7
  332. data/spec/integration/util/windows/security_spec.rb +1 -1
  333. data/spec/integration/util/windows/user_spec.rb +47 -5
  334. data/spec/integration/util_spec.rb +7 -33
  335. data/spec/lib/puppet_spec/matchers.rb +0 -80
  336. data/spec/lib/puppet_spec/puppetserver.rb +9 -1
  337. data/spec/lib/puppet_spec/settings.rb +7 -1
  338. data/spec/shared_contexts/types_setup.rb +2 -0
  339. data/spec/spec_helper.rb +2 -0
  340. data/spec/unit/agent_spec.rb +0 -2
  341. data/spec/unit/application/agent_spec.rb +3 -4
  342. data/spec/unit/application/config_spec.rb +224 -4
  343. data/spec/unit/application/doc_spec.rb +2 -2
  344. data/spec/unit/application/face_base_spec.rb +6 -4
  345. data/spec/unit/application/facts_spec.rb +74 -8
  346. data/spec/unit/application/filebucket_spec.rb +41 -39
  347. data/spec/unit/application/resource_spec.rb +3 -1
  348. data/spec/unit/application/ssl_spec.rb +17 -4
  349. data/spec/unit/application_spec.rb +9 -4
  350. data/spec/unit/certificate_factory_spec.rb +1 -1
  351. data/spec/unit/configurer/downloader_spec.rb +14 -0
  352. data/spec/unit/configurer/fact_handler_spec.rb +4 -4
  353. data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
  354. data/spec/unit/configurer_spec.rb +96 -44
  355. data/spec/unit/confine_spec.rb +2 -1
  356. data/spec/unit/context/trusted_information_spec.rb +12 -10
  357. data/spec/unit/defaults_spec.rb +77 -28
  358. data/spec/unit/environments_spec.rb +96 -32
  359. data/spec/unit/face/config_spec.rb +65 -12
  360. data/spec/unit/face/facts_spec.rb +4 -0
  361. data/spec/unit/face/node_spec.rb +2 -2
  362. data/spec/unit/face/plugin_spec.rb +73 -33
  363. data/spec/unit/file_bucket/file_spec.rb +1 -1
  364. data/spec/unit/file_serving/configuration/parser_spec.rb +14 -18
  365. data/spec/unit/file_serving/configuration_spec.rb +6 -12
  366. data/spec/unit/file_serving/http_metadata_spec.rb +37 -14
  367. data/spec/unit/file_serving/mount/locales_spec.rb +2 -2
  368. data/spec/unit/file_serving/mount/pluginfacts_spec.rb +2 -2
  369. data/spec/unit/file_serving/mount/plugins_spec.rb +2 -2
  370. data/spec/unit/file_serving/terminus_selector_spec.rb +45 -26
  371. data/spec/unit/file_system/uniquefile_spec.rb +18 -0
  372. data/spec/unit/file_system_spec.rb +1 -2
  373. data/spec/unit/functions/camelcase_spec.rb +1 -1
  374. data/spec/unit/functions/capitalize_spec.rb +1 -1
  375. data/spec/unit/functions/downcase_spec.rb +1 -1
  376. data/spec/unit/functions/inline_epp_spec.rb +26 -1
  377. data/spec/unit/functions/upcase_spec.rb +1 -1
  378. data/spec/unit/http/client_spec.rb +71 -17
  379. data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
  380. data/spec/unit/http/external_client_spec.rb +4 -4
  381. data/spec/unit/{network/http → http}/factory_spec.rb +5 -11
  382. data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
  383. data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
  384. data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
  385. data/spec/unit/http/resolver_spec.rb +34 -15
  386. data/spec/unit/http/response_spec.rb +6 -0
  387. data/spec/unit/http/service/ca_spec.rb +2 -3
  388. data/spec/unit/http/service/compiler_spec.rb +51 -65
  389. data/spec/unit/http/service/file_server_spec.rb +5 -6
  390. data/spec/unit/http/service/puppetserver_spec.rb +112 -0
  391. data/spec/unit/http/service/report_spec.rb +2 -3
  392. data/spec/unit/http/service_spec.rb +1 -3
  393. data/spec/unit/http/session_spec.rb +24 -35
  394. data/spec/unit/{network/http → http}/site_spec.rb +3 -3
  395. data/spec/unit/indirector/catalog/json_spec.rb +1 -1
  396. data/spec/unit/indirector/catalog/rest_spec.rb +1 -1
  397. data/spec/unit/indirector/facts/facter_spec.rb +97 -0
  398. data/spec/unit/indirector/facts/json_spec.rb +255 -0
  399. data/spec/unit/indirector/facts/rest_spec.rb +1 -1
  400. data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
  401. data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
  402. data/spec/unit/indirector/file_metadata/http_spec.rb +27 -0
  403. data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
  404. data/spec/unit/indirector/file_server_spec.rb +1 -15
  405. data/spec/unit/indirector/json_spec.rb +8 -8
  406. data/spec/unit/indirector/msgpack_spec.rb +8 -8
  407. data/spec/unit/indirector/node/json_spec.rb +33 -0
  408. data/spec/unit/indirector/node/rest_spec.rb +1 -1
  409. data/spec/{integration/indirector/report/yaml.rb → unit/indirector/report/json_spec.rb} +13 -24
  410. data/spec/unit/indirector/report/rest_spec.rb +2 -17
  411. data/spec/unit/indirector/report/yaml_spec.rb +72 -8
  412. data/spec/unit/indirector/request_spec.rb +3 -267
  413. data/spec/unit/indirector/rest_spec.rb +98 -752
  414. data/spec/unit/indirector/yaml_spec.rb +7 -7
  415. data/spec/unit/interface_spec.rb +3 -3
  416. data/spec/unit/module_tool/tar/mini_spec.rb +20 -0
  417. data/spec/unit/network/authconfig_spec.rb +2 -132
  418. data/spec/unit/network/authorization_spec.rb +2 -55
  419. data/spec/unit/network/format_support_spec.rb +3 -2
  420. data/spec/unit/network/formats_spec.rb +4 -4
  421. data/spec/unit/network/http/api/indirected_routes_spec.rb +3 -98
  422. data/spec/unit/network/http/api/master/v3/environments_spec.rb +12 -23
  423. data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
  424. data/spec/unit/network/http/api_spec.rb +10 -0
  425. data/spec/unit/network/http/connection_spec.rb +61 -73
  426. data/spec/unit/network/http/handler_spec.rb +0 -6
  427. data/spec/unit/network/http_pool_spec.rb +0 -4
  428. data/spec/unit/node/environment_spec.rb +51 -22
  429. data/spec/unit/node_spec.rb +2 -54
  430. data/spec/unit/parser/ast/block_expression_spec.rb +1 -1
  431. data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
  432. data/spec/unit/parser/scope_spec.rb +1 -1
  433. data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +19 -8
  434. data/spec/unit/pops/loaders/loaders_spec.rb +77 -22
  435. data/spec/unit/pops/lookup/lookup_spec.rb +25 -0
  436. data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
  437. data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
  438. data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
  439. data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
  440. data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
  441. data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
  442. data/spec/unit/pops/types/type_calculator_spec.rb +7 -17
  443. data/spec/unit/pops/types/type_factory_spec.rb +1 -1
  444. data/spec/unit/pops/validator/validator_spec.rb +61 -46
  445. data/spec/unit/pops/visitor_spec.rb +1 -1
  446. data/spec/unit/provider/exec_spec.rb +4 -3
  447. data/spec/unit/provider/nameservice_spec.rb +0 -57
  448. data/spec/unit/provider/package/apt_spec.rb +77 -0
  449. data/spec/unit/provider/package/aptitude_spec.rb +1 -0
  450. data/spec/unit/provider/package/dpkg_spec.rb +22 -55
  451. data/spec/unit/provider/package/gem_spec.rb +32 -0
  452. data/spec/unit/provider/package/openbsd_spec.rb +2 -0
  453. data/spec/unit/provider/package/pip2_spec.rb +36 -0
  454. data/spec/unit/provider/package/puppet_gem_spec.rb +6 -2
  455. data/spec/unit/provider/package/puppetserver_gem_spec.rb +137 -0
  456. data/spec/unit/provider/package/yum_spec.rb +31 -0
  457. data/spec/unit/provider/package/zypper_spec.rb +14 -0
  458. data/spec/unit/provider/service/base_spec.rb +2 -4
  459. data/spec/unit/provider/service/bsd_spec.rb +5 -1
  460. data/spec/unit/provider/service/daemontools_spec.rb +1 -1
  461. data/spec/unit/provider/service/debian_spec.rb +3 -5
  462. data/spec/unit/provider/service/freebsd_spec.rb +1 -1
  463. data/spec/unit/provider/service/gentoo_spec.rb +4 -5
  464. data/spec/unit/provider/service/init_spec.rb +45 -5
  465. data/spec/unit/provider/service/launchd_spec.rb +5 -6
  466. data/spec/unit/provider/service/openrc_spec.rb +4 -5
  467. data/spec/unit/provider/service/openwrt_spec.rb +1 -1
  468. data/spec/unit/provider/service/redhat_spec.rb +1 -1
  469. data/spec/unit/provider/service/runit_spec.rb +2 -1
  470. data/spec/unit/provider/service/smf_spec.rb +402 -166
  471. data/spec/unit/provider/service/src_spec.rb +3 -5
  472. data/spec/unit/provider/service/systemd_spec.rb +3 -6
  473. data/spec/unit/provider/service/upstart_spec.rb +4 -5
  474. data/spec/unit/provider/service/windows_spec.rb +50 -15
  475. data/spec/unit/provider/user/openbsd_spec.rb +1 -0
  476. data/spec/unit/provider/user/useradd_spec.rb +22 -16
  477. data/spec/unit/provider/user/windows_adsi_spec.rb +82 -0
  478. data/spec/unit/provider_spec.rb +0 -12
  479. data/spec/unit/puppet_pal_2pec.rb +40 -0
  480. data/spec/unit/puppet_pal_catalog_spec.rb +45 -0
  481. data/spec/unit/reports/store_spec.rb +17 -13
  482. data/spec/unit/resource/type_collection_spec.rb +2 -22
  483. data/spec/unit/resource_spec.rb +3 -59
  484. data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
  485. data/spec/unit/settings/integer_setting_spec.rb +42 -0
  486. data/spec/unit/settings/port_setting_spec.rb +31 -0
  487. data/spec/unit/settings/priority_setting_spec.rb +4 -4
  488. data/spec/unit/settings_spec.rb +586 -239
  489. data/spec/unit/ssl/base_spec.rb +36 -3
  490. data/spec/unit/ssl/certificate_request_spec.rb +15 -45
  491. data/spec/unit/ssl/certificate_spec.rb +2 -11
  492. data/spec/unit/ssl/ssl_provider_spec.rb +78 -49
  493. data/spec/unit/ssl/state_machine_spec.rb +0 -1
  494. data/spec/unit/ssl/verifier_spec.rb +0 -21
  495. data/spec/unit/test/test_helper_spec.rb +17 -0
  496. data/spec/unit/transaction/persistence_spec.rb +15 -0
  497. data/spec/unit/transaction/report_spec.rb +3 -3
  498. data/spec/unit/transaction/resource_harness_spec.rb +2 -2
  499. data/spec/unit/transaction_spec.rb +45 -79
  500. data/spec/unit/type/file/checksum_spec.rb +6 -6
  501. data/spec/unit/type/file/content_spec.rb +1 -1
  502. data/spec/unit/type/file/ensure_spec.rb +1 -1
  503. data/spec/unit/type/file/mode_spec.rb +1 -1
  504. data/spec/unit/type/file/source_spec.rb +4 -5
  505. data/spec/unit/type/file_spec.rb +134 -102
  506. data/spec/unit/type/filebucket_spec.rb +1 -1
  507. data/spec/unit/type/package_spec.rb +1 -1
  508. data/spec/unit/type/service_spec.rb +209 -0
  509. data/spec/unit/type/user_spec.rb +31 -2
  510. data/spec/unit/type_spec.rb +70 -0
  511. data/spec/unit/util/backups_spec.rb +0 -2
  512. data/spec/unit/util/character_encoding_spec.rb +4 -4
  513. data/spec/unit/util/checksums_spec.rb +16 -0
  514. data/spec/unit/util/command_line_spec.rb +11 -6
  515. data/spec/unit/util/execution_spec.rb +0 -29
  516. data/spec/unit/util/monkey_patches_spec.rb +0 -6
  517. data/spec/unit/util/rubygems_spec.rb +2 -2
  518. data/spec/unit/util/run_mode_spec.rb +27 -127
  519. data/spec/unit/util/windows/api_types_spec.rb +104 -40
  520. data/spec/unit/util/windows/service_spec.rb +4 -4
  521. data/spec/unit/util/windows/string_spec.rb +1 -3
  522. data/spec/unit/util/yaml_spec.rb +0 -54
  523. data/spec/unit/util_spec.rb +3 -21
  524. data/spec/unit/x509/cert_provider_spec.rb +1 -1
  525. metadata +76 -270
  526. data/conf/auth.conf +0 -150
  527. data/lib/puppet/application/cert.rb +0 -76
  528. data/lib/puppet/application/key.rb +0 -4
  529. data/lib/puppet/application/man.rb +0 -4
  530. data/lib/puppet/application/status.rb +0 -4
  531. data/lib/puppet/face/key.rb +0 -16
  532. data/lib/puppet/face/man.rb +0 -145
  533. data/lib/puppet/face/module/build.rb +0 -14
  534. data/lib/puppet/face/module/generate.rb +0 -14
  535. data/lib/puppet/face/module/search.rb +0 -103
  536. data/lib/puppet/face/status.rb +0 -51
  537. data/lib/puppet/indirector/certificate/file.rb +0 -9
  538. data/lib/puppet/indirector/certificate/rest.rb +0 -18
  539. data/lib/puppet/indirector/certificate_request/file.rb +0 -9
  540. data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
  541. data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
  542. data/lib/puppet/indirector/file_content/http.rb +0 -22
  543. data/lib/puppet/indirector/key/file.rb +0 -46
  544. data/lib/puppet/indirector/key/memory.rb +0 -7
  545. data/lib/puppet/indirector/ssl_file.rb +0 -162
  546. data/lib/puppet/indirector/status.rb +0 -3
  547. data/lib/puppet/indirector/status/local.rb +0 -12
  548. data/lib/puppet/indirector/status/rest.rb +0 -27
  549. data/lib/puppet/module_tool/applications/searcher.rb +0 -29
  550. data/lib/puppet/network/auth_config_parser.rb +0 -90
  551. data/lib/puppet/network/authstore.rb +0 -283
  552. data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
  553. data/lib/puppet/network/http/api/master/v3/environment.rb +0 -85
  554. data/lib/puppet/network/http/base_pool.rb +0 -36
  555. data/lib/puppet/network/http/compression.rb +0 -127
  556. data/lib/puppet/network/http/connection_adapter.rb +0 -182
  557. data/lib/puppet/network/http/nocache_pool.rb +0 -28
  558. data/lib/puppet/network/rest_controller.rb +0 -2
  559. data/lib/puppet/network/rights.rb +0 -210
  560. data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -64
  561. data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -20
  562. data/lib/puppet/parser/environment_compiler.rb +0 -199
  563. data/lib/puppet/pops/types/enumeration.rb +0 -16
  564. data/lib/puppet/resource/capability_finder.rb +0 -154
  565. data/lib/puppet/rest/errors.rb +0 -15
  566. data/lib/puppet/rest/response.rb +0 -35
  567. data/lib/puppet/rest/route.rb +0 -85
  568. data/lib/puppet/rest/routes.rb +0 -135
  569. data/lib/puppet/ssl/host.rb +0 -505
  570. data/lib/puppet/ssl/key.rb +0 -61
  571. data/lib/puppet/ssl/validator.rb +0 -61
  572. data/lib/puppet/ssl/validator/default_validator.rb +0 -209
  573. data/lib/puppet/ssl/validator/no_validator.rb +0 -22
  574. data/lib/puppet/ssl/verifier_adapter.rb +0 -58
  575. data/lib/puppet/status.rb +0 -40
  576. data/lib/puppet/util/connection.rb +0 -88
  577. data/lib/puppet/util/ssl.rb +0 -83
  578. data/lib/puppet/util/windows/api_types.rb +0 -282
  579. data/lib/puppet/vendor/load_pathspec.rb +0 -1
  580. data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
  581. data/lib/puppet/vendor/pathspec/LICENSE +0 -201
  582. data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
  583. data/lib/puppet/vendor/pathspec/README.md +0 -53
  584. data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
  585. data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
  586. data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
  587. data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
  588. data/man/man8/puppet-key.8 +0 -126
  589. data/man/man8/puppet-man.8 +0 -76
  590. data/man/man8/puppet-status.8 +0 -108
  591. data/spec/integration/faces/config_spec.rb +0 -91
  592. data/spec/integration/faces/documentation_spec.rb +0 -57
  593. data/spec/integration/file_bucket/file_spec.rb +0 -50
  594. data/spec/integration/file_serving/content_spec.rb +0 -7
  595. data/spec/integration/file_serving/fileset_spec.rb +0 -12
  596. data/spec/integration/file_serving/metadata_spec.rb +0 -8
  597. data/spec/integration/file_serving/terminus_helper_spec.rb +0 -20
  598. data/spec/integration/file_system/uniquefile_spec.rb +0 -26
  599. data/spec/integration/module_tool/forge_spec.rb +0 -51
  600. data/spec/integration/module_tool/tar/mini_spec.rb +0 -28
  601. data/spec/integration/network/authconfig_spec.rb +0 -256
  602. data/spec/integration/provider/service/init_spec.rb +0 -48
  603. data/spec/integration/provider/service/systemd_spec.rb +0 -25
  604. data/spec/integration/provider/service/windows_spec.rb +0 -50
  605. data/spec/integration/reference/providers_spec.rb +0 -21
  606. data/spec/integration/reports_spec.rb +0 -13
  607. data/spec/integration/ssl/certificate_request_spec.rb +0 -44
  608. data/spec/integration/ssl/host_spec.rb +0 -72
  609. data/spec/integration/ssl/key_spec.rb +0 -99
  610. data/spec/integration/test/test_helper_spec.rb +0 -31
  611. data/spec/shared_behaviours/file_serving_model.rb +0 -51
  612. data/spec/unit/capability_spec.rb +0 -414
  613. data/spec/unit/face/catalog_spec.rb +0 -6
  614. data/spec/unit/face/key_spec.rb +0 -9
  615. data/spec/unit/face/man_spec.rb +0 -25
  616. data/spec/unit/face/module/search_spec.rb +0 -231
  617. data/spec/unit/face/module_spec.rb +0 -3
  618. data/spec/unit/face/status_spec.rb +0 -9
  619. data/spec/unit/indirector/certificate/file_spec.rb +0 -14
  620. data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
  621. data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
  622. data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
  623. data/spec/unit/indirector/key/file_spec.rb +0 -79
  624. data/spec/unit/indirector/ssl_file_spec.rb +0 -305
  625. data/spec/unit/indirector/status/local_spec.rb +0 -10
  626. data/spec/unit/indirector/status/rest_spec.rb +0 -50
  627. data/spec/unit/man_spec.rb +0 -31
  628. data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
  629. data/spec/unit/network/auth_config_parser_spec.rb +0 -115
  630. data/spec/unit/network/authstore_spec.rb +0 -422
  631. data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
  632. data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
  633. data/spec/unit/network/http/compression_spec.rb +0 -240
  634. data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
  635. data/spec/unit/network/http_spec.rb +0 -9
  636. data/spec/unit/network/rights_spec.rb +0 -439
  637. data/spec/unit/parser/environment_compiler_spec.rb +0 -723
  638. data/spec/unit/pops/types/enumeration_spec.rb +0 -51
  639. data/spec/unit/resource/capability_finder_spec.rb +0 -143
  640. data/spec/unit/rest/route_spec.rb +0 -132
  641. data/spec/unit/ssl/host_spec.rb +0 -650
  642. data/spec/unit/ssl/key_spec.rb +0 -173
  643. data/spec/unit/ssl/validator_spec.rb +0 -278
  644. data/spec/unit/status_spec.rb +0 -45
  645. data/spec/unit/util/ssl_spec.rb +0 -91
@@ -1,64 +0,0 @@
1
- require 'spec_helper'
2
-
3
- require 'puppet/network/http'
4
- require 'puppet/network/http/connection'
5
-
6
- describe Puppet::Network::HTTP::NoCachePool do
7
- let(:site) { Puppet::Network::HTTP::Site.new('https', 'rubygems.org', 443) }
8
- let(:verifier) { double('verifier', :setup_connection => nil) }
9
-
10
- it 'yields a started connection' do
11
- http = double('http', start: nil, finish: nil, started?: true)
12
-
13
- factory = Puppet::Network::HTTP::Factory.new
14
- allow(factory).to receive(:create_connection).and_return(http)
15
- pool = Puppet::Network::HTTP::NoCachePool.new(factory)
16
-
17
- expect { |b|
18
- pool.with_connection(site, verifier, &b)
19
- }.to yield_with_args(http)
20
- end
21
-
22
- it 'yields a new connection each time' do
23
- http1 = double('http1', start: nil, finish: nil, started?: true)
24
- http2 = double('http2', start: nil, finish: nil, started?: true)
25
-
26
- factory = Puppet::Network::HTTP::Factory.new
27
- allow(factory).to receive(:create_connection).and_return(http1, http2)
28
- pool = Puppet::Network::HTTP::NoCachePool.new(factory)
29
-
30
- expect { |b|
31
- pool.with_connection(site, verifier, &b)
32
- }.to yield_with_args(http1)
33
-
34
- expect { |b|
35
- pool.with_connection(site, verifier, &b)
36
- }.to yield_with_args(http2)
37
- end
38
-
39
- it 'has a close method' do
40
- Puppet::Network::HTTP::NoCachePool.new.close
41
- end
42
-
43
- it 'logs a deprecation warning' do
44
- http = double('http', start: nil, finish: nil, started?: true)
45
-
46
- factory = Puppet::Network::HTTP::Factory.new
47
- allow(factory).to receive(:create_connection).and_return(http)
48
- Puppet::Network::HTTP::NoCachePool.new(factory)
49
-
50
- expect(@logs).to include(an_object_having_attributes(level: :warning, message: /Puppet::Network::HTTP::NoCachePool is deprecated/))
51
- end
52
-
53
- it 'omits the warning when deprecations are disabled' do
54
- Puppet[:disable_warnings] = 'deprecations'
55
-
56
- http = double('http', start: nil, finish: nil, started?: true)
57
-
58
- factory = Puppet::Network::HTTP::Factory.new
59
- allow(factory).to receive(:create_connection).and_return(http)
60
- Puppet::Network::HTTP::NoCachePool.new(factory)
61
-
62
- expect(@logs).to eq([])
63
- end
64
- end
@@ -1,9 +0,0 @@
1
- require 'spec_helper'
2
- require 'puppet/network/http'
3
-
4
- describe Puppet::Network::HTTP do
5
- it 'defines an http_pool context' do
6
- pool = Puppet.lookup(:http_pool)
7
- expect(pool).to be_a(Puppet::Network::HTTP::Pool)
8
- end
9
- end
@@ -1,439 +0,0 @@
1
- require 'spec_helper'
2
-
3
- require 'puppet/network/rights'
4
-
5
- describe Puppet::Network::Rights do
6
- before do
7
- @right = Puppet::Network::Rights.new
8
- end
9
-
10
- describe "when validating a :head request" do
11
- [:find, :save].each do |allowed_method|
12
- it "should allow the request if only #{allowed_method} is allowed" do
13
- rights = Puppet::Network::Rights.new
14
- right = rights.newright("/")
15
- right.allow("*")
16
- right.restrict_method(allowed_method)
17
- right.restrict_authenticated(:any)
18
- expect(rights.is_request_forbidden_and_why?(:head, "/indirection_name/key", {})).to eq(nil)
19
- end
20
- end
21
-
22
- it "should disallow the request if neither :find nor :save is allowed" do
23
- rights = Puppet::Network::Rights.new
24
- why_forbidden = rights.is_request_forbidden_and_why?(:head, "/indirection_name/key", {})
25
- expect(why_forbidden).to be_instance_of(Puppet::Network::AuthorizationError)
26
- expect(why_forbidden.to_s).to eq("Forbidden request: /indirection_name/key [find]")
27
- end
28
- end
29
-
30
- it "should throw an error if type can't be determined" do
31
- expect { @right.newright("name") }.to raise_error(ArgumentError, /Unknown right type/)
32
- end
33
-
34
- describe "when creating new path ACLs" do
35
- it "should not throw an error if the ACL already exists" do
36
- @right.newright("/name")
37
-
38
- expect { @right.newright("/name")}.not_to raise_error
39
- end
40
-
41
- it "should throw an error if the acl uri path is not absolute" do
42
- expect { @right.newright("name")}.to raise_error(ArgumentError, /Unknown right type/)
43
- end
44
-
45
- it "should create a new ACL with the correct path" do
46
- @right.newright("/name")
47
-
48
- expect(@right["/name"]).not_to be_nil
49
- end
50
-
51
- it "should create an ACL of type Puppet::Network::AuthStore" do
52
- @right.newright("/name")
53
-
54
- expect(@right["/name"]).to be_a_kind_of(Puppet::Network::AuthStore)
55
- end
56
- end
57
-
58
- describe "when creating new regex ACLs" do
59
- it "should not throw an error if the ACL already exists" do
60
- @right.newright("~ .rb$")
61
-
62
- expect { @right.newright("~ .rb$")}.not_to raise_error
63
- end
64
-
65
- it "should create a new ACL with the correct regex" do
66
- @right.newright("~ .rb$")
67
-
68
- expect(@right.include?(".rb$")).not_to be_nil
69
- end
70
-
71
- it "should be able to lookup the regex" do
72
- @right.newright("~ .rb$")
73
-
74
- expect(@right[".rb$"]).not_to be_nil
75
- end
76
-
77
- it "should be able to lookup the regex by its full name" do
78
- @right.newright("~ .rb$")
79
-
80
- expect(@right["~ .rb$"]).not_to be_nil
81
- end
82
-
83
- it "should create an ACL of type Puppet::Network::AuthStore" do
84
- expect(@right.newright("~ .rb$")).to be_a_kind_of(Puppet::Network::AuthStore)
85
- end
86
- end
87
-
88
- describe "when checking ACLs existence" do
89
- it "should return false if there are no matching rights" do
90
- expect(@right.include?("name")).to be_falsey
91
- end
92
-
93
- it "should return true if a path right exists" do
94
- @right.newright("/name")
95
-
96
- expect(@right.include?("/name")).to be_truthy
97
- end
98
-
99
- it "should return false if no matching path rights exist" do
100
- @right.newright("/name")
101
-
102
- expect(@right.include?("/differentname")).to be_falsey
103
- end
104
-
105
- it "should return true if a regex right exists" do
106
- @right.newright("~ .rb$")
107
-
108
- expect(@right.include?(".rb$")).to be_truthy
109
- end
110
-
111
- it "should return false if no matching path rights exist" do
112
- @right.newright("~ .rb$")
113
-
114
- expect(@right.include?(".pp$")).to be_falsey
115
- end
116
- end
117
-
118
- describe "when checking if right is allowed" do
119
- before :each do
120
- allow(@right).to receive(:right).and_return(nil)
121
-
122
- @pathacl = double('pathacl', :"<=>" => 1, :line => 0, :file => 'dummy')
123
- allow(Puppet::Network::Rights::Right).to receive(:new).and_return(@pathacl)
124
- end
125
-
126
- it "should delegate to is_forbidden_and_why?" do
127
- expect(@right).to receive(:is_forbidden_and_why?).with("namespace", :node => "host.domain.com", :ip => "127.0.0.1").and_return(nil)
128
-
129
- @right.allowed?("namespace", "host.domain.com", "127.0.0.1")
130
- end
131
-
132
- it "should return true if is_forbidden_and_why? returns nil" do
133
- allow(@right).to receive(:is_forbidden_and_why?).and_return(nil)
134
- expect(@right.allowed?("namespace", :args)).to be_truthy
135
- end
136
-
137
- it "should return false if is_forbidden_and_why? returns an AuthorizationError" do
138
- allow(@right).to receive(:is_forbidden_and_why?).and_return(Puppet::Network::AuthorizationError.new("forbidden"))
139
- expect(@right.allowed?("namespace", :args1, :args2)).to be_falsey
140
- end
141
-
142
- it "should pass the match? return to allowed?" do
143
- @right.newright("/path/to/there")
144
-
145
- expect(@pathacl).to receive(:match?).and_return(:match)
146
- expect(@pathacl).to receive(:allowed?).with(anything, anything, hash_including(match: :match)).and_return(true)
147
-
148
- expect(@right.is_forbidden_and_why?("/path/to/there", {})).to eq(nil)
149
- end
150
-
151
- describe "with path acls" do
152
- before :each do
153
- @long_acl = double('longpathacl', :name => "/path/to/there", :line => 0, :file => 'dummy')
154
- allow(Puppet::Network::Rights::Right).to receive(:new).with("/path/to/there", 0, nil).and_return(@long_acl)
155
-
156
- @short_acl = double('shortpathacl', :name => "/path/to", :line => 0, :file => 'dummy')
157
- allow(Puppet::Network::Rights::Right).to receive(:new).with("/path/to", 0, nil).and_return(@short_acl)
158
-
159
- allow(@long_acl).to receive(:"<=>").with(@short_acl).and_return(0)
160
- allow(@short_acl).to receive(:"<=>").with(@long_acl).and_return(0)
161
- end
162
-
163
- it "should select the first match" do
164
- @right.newright("/path/to", 0)
165
- @right.newright("/path/to/there", 0)
166
-
167
- allow(@long_acl).to receive(:match?).and_return(true)
168
- allow(@short_acl).to receive(:match?).and_return(true)
169
-
170
- expect(@short_acl).to receive(:allowed?).and_return(true)
171
- expect(@long_acl).not_to receive(:allowed?)
172
-
173
- expect(@right.is_forbidden_and_why?("/path/to/there/and/there", {})).to eq(nil)
174
- end
175
-
176
- it "should select the first match that doesn't return :dunno" do
177
- @right.newright("/path/to/there", 0, nil)
178
- @right.newright("/path/to", 0, nil)
179
-
180
- allow(@long_acl).to receive(:match?).and_return(true)
181
- allow(@short_acl).to receive(:match?).and_return(true)
182
-
183
- expect(@long_acl).to receive(:allowed?).and_return(:dunno)
184
- expect(@short_acl).to receive(:allowed?).and_return(true)
185
-
186
- expect(@right.is_forbidden_and_why?("/path/to/there/and/there", {})).to eq(nil)
187
- end
188
-
189
- it "should not select an ACL that doesn't match" do
190
- @right.newright("/path/to/there", 0)
191
- @right.newright("/path/to", 0)
192
-
193
- allow(@long_acl).to receive(:match?).and_return(false)
194
- allow(@short_acl).to receive(:match?).and_return(true)
195
-
196
- expect(@long_acl).not_to receive(:allowed?)
197
- expect(@short_acl).to receive(:allowed?).and_return(true)
198
-
199
- expect(@right.is_forbidden_and_why?("/path/to/there/and/there", {})).to eq(nil)
200
- end
201
-
202
- it "should not raise an AuthorizationError if allowed" do
203
- @right.newright("/path/to/there", 0)
204
-
205
- allow(@long_acl).to receive(:match?).and_return(true)
206
- allow(@long_acl).to receive(:allowed?).and_return(true)
207
-
208
- expect(@right.is_forbidden_and_why?("/path/to/there/and/there", {})).to eq(nil)
209
- end
210
-
211
- it "should raise an AuthorizationError if the match is denied" do
212
- @right.newright("/path/to/there", 0, nil)
213
-
214
- allow(@long_acl).to receive(:match?).and_return(true)
215
- allow(@long_acl).to receive(:allowed?).and_return(false)
216
-
217
- expect(@right.is_forbidden_and_why?("/path/to/there", {})).to be_instance_of(Puppet::Network::AuthorizationError)
218
- end
219
-
220
- it "should raise an AuthorizationError if no path match" do
221
- expect(@right.is_forbidden_and_why?("/nomatch", {})).to be_instance_of(Puppet::Network::AuthorizationError)
222
- end
223
- end
224
-
225
- describe "with regex acls" do
226
- before :each do
227
- @regex_acl1 = double('regex_acl1', :name => "/files/(.*)/myfile", :line => 0, :file => 'dummy')
228
- allow(Puppet::Network::Rights::Right).to receive(:new).with("~ /files/(.*)/myfile", 0, nil).and_return(@regex_acl1)
229
-
230
- @regex_acl2 = double('regex_acl2', :name => "/files/(.*)/myfile/", :line => 0, :file => 'dummy')
231
- allow(Puppet::Network::Rights::Right).to receive(:new).with("~ /files/(.*)/myfile/", 0, nil).and_return(@regex_acl2)
232
-
233
- allow(@regex_acl1).to receive(:"<=>").with(@regex_acl2).and_return(0)
234
- allow(@regex_acl2).to receive(:"<=>").with(@regex_acl1).and_return(0)
235
- end
236
-
237
- it "should select the first match" do
238
- @right.newright("~ /files/(.*)/myfile", 0)
239
- @right.newright("~ /files/(.*)/myfile/", 0)
240
-
241
- allow(@regex_acl1).to receive(:match?).and_return(true)
242
- allow(@regex_acl2).to receive(:match?).and_return(true)
243
-
244
- expect(@regex_acl1).to receive(:allowed?).and_return(true)
245
- expect(@regex_acl2).not_to receive(:allowed?)
246
-
247
- expect(@right.is_forbidden_and_why?("/files/repository/myfile/other", {})).to eq(nil)
248
- end
249
-
250
- it "should select the first match that doesn't return :dunno" do
251
- @right.newright("~ /files/(.*)/myfile", 0)
252
- @right.newright("~ /files/(.*)/myfile/", 0)
253
-
254
- allow(@regex_acl1).to receive(:match?).and_return(true)
255
- allow(@regex_acl2).to receive(:match?).and_return(true)
256
-
257
- expect(@regex_acl1).to receive(:allowed?).and_return(:dunno)
258
- expect(@regex_acl2).to receive(:allowed?).and_return(true)
259
-
260
- expect(@right.is_forbidden_and_why?("/files/repository/myfile/other", {})).to eq(nil)
261
- end
262
-
263
- it "should not select an ACL that doesn't match" do
264
- @right.newright("~ /files/(.*)/myfile", 0)
265
- @right.newright("~ /files/(.*)/myfile/", 0)
266
-
267
- allow(@regex_acl1).to receive(:match?).and_return(false)
268
- allow(@regex_acl2).to receive(:match?).and_return(true)
269
-
270
- expect(@regex_acl1).not_to receive(:allowed?)
271
- expect(@regex_acl2).to receive(:allowed?).and_return(true)
272
-
273
- expect(@right.is_forbidden_and_why?("/files/repository/myfile/other", {})).to eq(nil)
274
- end
275
-
276
- it "should not raise an AuthorizationError if allowed" do
277
- @right.newright("~ /files/(.*)/myfile", 0)
278
-
279
- allow(@regex_acl1).to receive(:match?).and_return(true)
280
- allow(@regex_acl1).to receive(:allowed?).and_return(true)
281
-
282
- expect(@right.is_forbidden_and_why?("/files/repository/myfile/other", {})).to eq(nil)
283
- end
284
-
285
- it "should raise an error if no regex acl match" do
286
- expect(@right.is_forbidden_and_why?("/path", {})).to be_instance_of(Puppet::Network::AuthorizationError)
287
- end
288
-
289
- it "should raise an AuthorizedError on deny" do
290
- expect(@right.is_forbidden_and_why?("/path", {})).to be_instance_of(Puppet::Network::AuthorizationError)
291
- end
292
-
293
- end
294
- end
295
-
296
- describe Puppet::Network::Rights::Right do
297
- before :each do
298
- @acl = Puppet::Network::Rights::Right.new("/path",0, nil)
299
- end
300
-
301
- describe "with path" do
302
- it "should match up to its path length" do
303
- expect(@acl.match?("/path/that/works")).not_to be_nil
304
- end
305
-
306
- it "should match up to its path length" do
307
- expect(@acl.match?("/paththatalsoworks")).not_to be_nil
308
- end
309
-
310
- it "should return nil if no match" do
311
- expect(@acl.match?("/notpath")).to be_nil
312
- end
313
- end
314
-
315
- describe "with regex" do
316
- before :each do
317
- @acl = Puppet::Network::Rights::Right.new("~ .rb$",0, nil)
318
- end
319
-
320
- it "should match as a regex" do
321
- expect(@acl.match?("this should work.rb")).not_to be_nil
322
- end
323
-
324
- it "should return nil if no match" do
325
- expect(@acl.match?("do not match")).to be_nil
326
- end
327
- end
328
-
329
- it "should allow all rest methods by default" do
330
- expect(@acl.methods).to eq(Puppet::Network::Rights::Right::ALL)
331
- end
332
-
333
- it "should allow only authenticated request by default" do
334
- expect(@acl.authentication).to be_truthy
335
- end
336
-
337
- it "should allow modification of the methods filters" do
338
- @acl.restrict_method(:save)
339
-
340
- expect(@acl.methods).to eq([:save])
341
- end
342
-
343
- it "should stack methods filters" do
344
- @acl.restrict_method(:save)
345
- @acl.restrict_method(:destroy)
346
-
347
- expect(@acl.methods).to eq([:save, :destroy])
348
- end
349
-
350
- it "should raise an error if the method is already filtered" do
351
- @acl.restrict_method(:save)
352
-
353
- expect { @acl.restrict_method(:save) }.to raise_error(ArgumentError, /'save' is already in the '\/path'/)
354
- end
355
-
356
- it "should allow setting an environment filters" do
357
- env = Puppet::Node::Environment.create(:acltest, [])
358
- Puppet.override(:environments => Puppet::Environments::Static.new(env)) do
359
- @acl.restrict_environment(:acltest)
360
-
361
- expect(@acl.environment).to eq([env])
362
- end
363
- end
364
-
365
- ["on", "yes", "true", true].each do |auth|
366
- it "should allow filtering on authenticated requests with '#{auth}'" do
367
- @acl.restrict_authenticated(auth)
368
-
369
- expect(@acl.authentication).to be_truthy
370
- end
371
- end
372
-
373
- ["off", "no", "false", false, "all", "any", :all, :any].each do |auth|
374
- it "should allow filtering on authenticated or unauthenticated requests with '#{auth}'" do
375
- @acl.restrict_authenticated(auth)
376
- expect(@acl.authentication).to be_falsey
377
- end
378
- end
379
-
380
- describe "when checking right authorization" do
381
- it "should return :dunno if this right is not restricted to the given method" do
382
- @acl.restrict_method(:destroy)
383
-
384
- expect(@acl.allowed?("me","127.0.0.1", { :method => :save } )).to eq(:dunno)
385
- end
386
-
387
- it "should return true if this right is restricted to the given method" do
388
- @acl.restrict_method(:save)
389
- @acl.allow("me")
390
-
391
- expect(@acl.allowed?("me","127.0.0.1", { :method => :save, :authenticated => true })).to eq true
392
- end
393
-
394
- it "should return :dunno if this right is not restricted to the given environment" do
395
- prod = Puppet::Node::Environment.create(:production, [])
396
- dev = Puppet::Node::Environment.create(:development, [])
397
- Puppet.override(:environments => Puppet::Environments::Static.new(prod, dev)) do
398
- @acl.restrict_environment(:production)
399
-
400
- expect(@acl.allowed?("me","127.0.0.1", { :method => :save, :environment => dev })).to eq(:dunno)
401
- end
402
- end
403
-
404
- it "returns true if the request is permitted for this environment" do
405
- @acl.allow("me")
406
- prod = Puppet::Node::Environment.create(:production, [])
407
- Puppet.override(:environments => Puppet::Environments::Static.new(prod)) do
408
- @acl.restrict_environment(:production)
409
- expect(@acl.allowed?("me", "127.0.0.1", { :method => :save, :authenticated => true, :environment => prod })).to eq true
410
- end
411
- end
412
-
413
- it "should return :dunno if this right is not restricted to the given request authentication state" do
414
- @acl.restrict_authenticated(true)
415
-
416
- expect(@acl.allowed?("me","127.0.0.1", { :method => :save, :authenticated => false })).to eq(:dunno)
417
- end
418
-
419
- it "returns true if this right is restricted to the given request authentication state" do
420
- @acl.restrict_authenticated(false)
421
- @acl.allow("me")
422
-
423
- expect(@acl.allowed?("me","127.0.0.1", {:method => :save, :authenticated => false })).to eq true
424
- end
425
-
426
- it "should interpolate allow/deny patterns with the given match" do
427
- expect(@acl).to receive(:interpolate).with(:match)
428
-
429
- @acl.allowed?("me","127.0.0.1", { :method => :save, :match => :match, :authenticated => true })
430
- end
431
-
432
- it "should reset interpolation after the match" do
433
- expect(@acl).to receive(:reset_interpolation)
434
-
435
- @acl.allowed?("me","127.0.0.1", { :method => :save, :match => :match, :authenticated => true })
436
- end
437
- end
438
- end
439
- end