RubyGems - puppet - Versions diffs - 6.21.0-x64-mingw32 → 6.24.0-x64-mingw32 - Mend

puppet 6.21.0-x64-mingw32 → 6.24.0-x64-mingw32

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (217) hide show

checksums.yaml +4 -4
data/CONTRIBUTING.md +5 -5
data/Gemfile +1 -1
data/Gemfile.lock +29 -23
data/README.md +4 -4
data/ext/osx/puppet.plist +2 -0
data/ext/project_data.yaml +3 -2
data/lib/puppet.rb +3 -3
data/lib/puppet/application/agent.rb +12 -5
data/lib/puppet/application/apply.rb +2 -1
data/lib/puppet/application/device.rb +2 -1
data/lib/puppet/application/filebucket.rb +1 -0
data/lib/puppet/application/resource.rb +17 -3
data/lib/puppet/application/script.rb +2 -1
data/lib/puppet/application/ssl.rb +12 -0
data/lib/puppet/configurer/downloader.rb +2 -1
data/lib/puppet/defaults.rb +27 -5
data/lib/puppet/environments.rb +26 -1
data/lib/puppet/face/facts.rb +128 -30
data/lib/puppet/face/help/action.erb +1 -0
data/lib/puppet/face/help/face.erb +1 -0
data/lib/puppet/face/node/clean.rb +11 -0
data/lib/puppet/file_serving/fileset.rb +14 -2
data/lib/puppet/file_system/file_impl.rb +1 -1
data/lib/puppet/file_system/memory_file.rb +8 -1
data/lib/puppet/file_system/windows.rb +4 -2
data/lib/puppet/forge.rb +3 -3
data/lib/puppet/functions/all.rb +1 -1
data/lib/puppet/functions/camelcase.rb +1 -1
data/lib/puppet/functions/capitalize.rb +2 -2
data/lib/puppet/functions/downcase.rb +2 -2
data/lib/puppet/functions/empty.rb +8 -0
data/lib/puppet/functions/get.rb +5 -5
data/lib/puppet/functions/group_by.rb +13 -5
data/lib/puppet/functions/lest.rb +1 -1
data/lib/puppet/functions/new.rb +100 -100
data/lib/puppet/functions/partition.rb +12 -4
data/lib/puppet/functions/require.rb +5 -5
data/lib/puppet/functions/sort.rb +3 -3
data/lib/puppet/functions/strftime.rb +1 -0
data/lib/puppet/functions/tree_each.rb +7 -9
data/lib/puppet/functions/type.rb +4 -4
data/lib/puppet/functions/unwrap.rb +17 -2
data/lib/puppet/functions/upcase.rb +2 -2
data/lib/puppet/http/resolver/server_list.rb +15 -4
data/lib/puppet/http/service/compiler.rb +69 -0
data/lib/puppet/http/service/file_server.rb +2 -1
data/lib/puppet/indirector/catalog/compiler.rb +1 -0
data/lib/puppet/indirector/facts/facter.rb +24 -3
data/lib/puppet/indirector/file_metadata/rest.rb +1 -0
data/lib/puppet/indirector/resource/ral.rb +6 -1
data/lib/puppet/interface/documentation.rb +1 -0
data/lib/puppet/module_tool/applications/installer.rb +4 -0
data/lib/puppet/module_tool/errors/shared.rb +17 -0
data/lib/puppet/network/formats.rb +67 -0
data/lib/puppet/network/http/factory.rb +4 -0
data/lib/puppet/parser/functions/fqdn_rand.rb +14 -6
data/lib/puppet/pops/types/p_sem_ver_type.rb +8 -2
data/lib/puppet/pops/types/p_sensitive_type.rb +10 -0
data/lib/puppet/pops/types/type_mismatch_describer.rb +1 -1
data/lib/puppet/provider/exec/posix.rb +16 -4
data/lib/puppet/provider/package/dnfmodule.rb +1 -1
data/lib/puppet/provider/package/nim.rb +11 -6
data/lib/puppet/provider/package/pip.rb +15 -3
data/lib/puppet/provider/parsedfile.rb +3 -0
data/lib/puppet/provider/service/systemd.rb +14 -4
data/lib/puppet/provider/service/windows.rb +38 -0
data/lib/puppet/provider/user/directoryservice.rb +25 -12
data/lib/puppet/provider/user/useradd.rb +9 -2
data/lib/puppet/reference/configuration.rb +1 -1
data/lib/puppet/settings.rb +30 -7
data/lib/puppet/settings/environment_conf.rb +1 -0
data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
data/lib/puppet/type/exec.rb +16 -3
data/lib/puppet/type/file.rb +19 -1
data/lib/puppet/type/file/mode.rb +6 -0
data/lib/puppet/type/file/selcontext.rb +1 -1
data/lib/puppet/type/service.rb +18 -38
data/lib/puppet/type/tidy.rb +22 -3
data/lib/puppet/type/user.rb +38 -20
data/lib/puppet/util/fact_dif.rb +36 -17
data/lib/puppet/util/monkey_patches.rb +7 -0
data/lib/puppet/util/selinux.rb +30 -4
data/lib/puppet/util/symbolic_file_mode.rb +29 -17
data/lib/puppet/util/windows/adsi.rb +46 -0
data/lib/puppet/util/windows/api_types.rb +1 -1
data/lib/puppet/util/windows/principal.rb +9 -2
data/lib/puppet/util/windows/sid.rb +6 -2
data/lib/puppet/version.rb +1 -1
data/locales/puppet.pot +360 -280
data/man/man5/puppet.conf.5 +279 -251
data/man/man8/puppet-agent.8 +1 -1
data/man/man8/puppet-apply.8 +1 -1
data/man/man8/puppet-catalog.8 +9 -9
data/man/man8/puppet-config.8 +1 -1
data/man/man8/puppet-describe.8 +1 -1
data/man/man8/puppet-device.8 +1 -1
data/man/man8/puppet-doc.8 +1 -1
data/man/man8/puppet-epp.8 +1 -1
data/man/man8/puppet-facts.8 +65 -7
data/man/man8/puppet-filebucket.8 +1 -1
data/man/man8/puppet-generate.8 +1 -1
data/man/man8/puppet-help.8 +1 -1
data/man/man8/puppet-key.8 +7 -7
data/man/man8/puppet-lookup.8 +1 -1
data/man/man8/puppet-man.8 +1 -1
data/man/man8/puppet-module.8 +1 -1
data/man/man8/puppet-node.8 +5 -5
data/man/man8/puppet-parser.8 +1 -1
data/man/man8/puppet-plugin.8 +1 -1
data/man/man8/puppet-report.8 +5 -5
data/man/man8/puppet-resource.8 +1 -1
data/man/man8/puppet-script.8 +1 -1
data/man/man8/puppet-ssl.8 +5 -1
data/man/man8/puppet-status.8 +4 -4
data/man/man8/puppet.8 +2 -2
data/spec/fixtures/ssl/127.0.0.1-key.pem +107 -57
data/spec/fixtures/ssl/127.0.0.1.pem +52 -31
data/spec/fixtures/ssl/bad-basic-constraints.pem +57 -35
data/spec/fixtures/ssl/bad-int-basic-constraints.pem +57 -35
data/spec/fixtures/ssl/ca.pem +57 -35
data/spec/fixtures/ssl/crl.pem +28 -18
data/spec/fixtures/ssl/ec-key.pem +11 -11
data/spec/fixtures/ssl/ec.pem +33 -24
data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
data/spec/fixtures/ssl/encrypted-key.pem +108 -58
data/spec/fixtures/ssl/intermediate-agent-crl.pem +28 -19
data/spec/fixtures/ssl/intermediate-agent.pem +57 -36
data/spec/fixtures/ssl/intermediate-crl.pem +31 -21
data/spec/fixtures/ssl/intermediate.pem +57 -36
data/spec/fixtures/ssl/oid-key.pem +117 -0
data/spec/fixtures/ssl/oid.pem +69 -0
data/spec/fixtures/ssl/pluto-key.pem +107 -57
data/spec/fixtures/ssl/pluto.pem +52 -30
data/spec/fixtures/ssl/request-key.pem +107 -57
data/spec/fixtures/ssl/request.pem +47 -26
data/spec/fixtures/ssl/revoked-key.pem +107 -57
data/spec/fixtures/ssl/revoked.pem +52 -30
data/spec/fixtures/ssl/signed-key.pem +107 -57
data/spec/fixtures/ssl/signed.pem +52 -30
data/spec/fixtures/ssl/tampered-cert.pem +52 -30
data/spec/fixtures/ssl/tampered-csr.pem +47 -26
data/spec/fixtures/ssl/trusted_oid_mapping.yaml +5 -0
data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +107 -57
data/spec/fixtures/ssl/unknown-127.0.0.1.pem +50 -29
data/spec/fixtures/ssl/unknown-ca-key.pem +107 -57
data/spec/fixtures/ssl/unknown-ca.pem +55 -33
data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +9 -0
data/spec/integration/application/filebucket_spec.rb +11 -0
data/spec/integration/application/module_spec.rb +21 -0
data/spec/integration/application/plugin_spec.rb +1 -1
data/spec/integration/application/resource_spec.rb +64 -0
data/spec/integration/application/ssl_spec.rb +20 -0
data/spec/integration/environments/settings_interpolation_spec.rb +0 -4
data/spec/integration/http/client_spec.rb +12 -0
data/spec/integration/indirector/direct_file_server_spec.rb +1 -3
data/spec/integration/indirector/facts/facter_spec.rb +90 -36
data/spec/integration/type/exec_spec.rb +70 -45
data/spec/integration/util/windows/adsi_spec.rb +18 -0
data/spec/integration/util/windows/principal_spec.rb +21 -0
data/spec/integration/util/windows/registry_spec.rb +6 -0
data/spec/lib/puppet/test_ca.rb +7 -2
data/spec/lib/puppet_spec/settings.rb +1 -0
data/spec/spec_helper.rb +11 -1
data/spec/unit/application/agent_spec.rb +7 -2
data/spec/unit/application/facts_spec.rb +482 -3
data/spec/unit/application/ssl_spec.rb +23 -0
data/spec/unit/configurer/downloader_spec.rb +6 -0
data/spec/unit/configurer_spec.rb +23 -0
data/spec/unit/defaults_spec.rb +16 -0
data/spec/unit/environments_spec.rb +199 -88
data/spec/unit/face/facts_spec.rb +4 -0
data/spec/unit/file_serving/fileset_spec.rb +60 -0
data/spec/unit/file_system_spec.rb +15 -0
data/spec/unit/functions/assert_type_spec.rb +1 -1
data/spec/unit/functions/empty_spec.rb +10 -0
data/spec/unit/functions/unwrap_spec.rb +8 -0
data/spec/unit/functions4_spec.rb +2 -2
data/spec/unit/gettext/config_spec.rb +12 -0
data/spec/unit/http/service/compiler_spec.rb +123 -0
data/spec/unit/indirector/catalog/compiler_spec.rb +14 -10
data/spec/unit/indirector/facts/facter_spec.rb +95 -0
data/spec/unit/indirector/resource/ral_spec.rb +40 -75
data/spec/unit/module_tool/applications/installer_spec.rb +12 -0
data/spec/unit/network/formats_spec.rb +41 -0
data/spec/unit/network/http/factory_spec.rb +19 -0
data/spec/unit/parser/functions/fqdn_rand_spec.rb +15 -1
data/spec/unit/parser/templatewrapper_spec.rb +12 -2
data/spec/unit/pops/types/p_sem_ver_type_spec.rb +18 -0
data/spec/unit/pops/types/p_sensitive_type_spec.rb +18 -0
data/spec/unit/provider/package/dnfmodule_spec.rb +10 -1
data/spec/unit/provider/package/nim_spec.rb +42 -0
data/spec/unit/provider/package/pip_spec.rb +37 -0
data/spec/unit/provider/parsedfile_spec.rb +10 -0
data/spec/unit/provider/service/init_spec.rb +1 -0
data/spec/unit/provider/service/openwrt_spec.rb +3 -1
data/spec/unit/provider/service/systemd_spec.rb +53 -8
data/spec/unit/provider/service/windows_spec.rb +202 -0
data/spec/unit/provider/user/directoryservice_spec.rb +67 -35
data/spec/unit/provider/user/useradd_spec.rb +21 -6
data/spec/unit/resource/catalog_spec.rb +1 -1
data/spec/unit/settings_spec.rb +97 -56
data/spec/unit/ssl/state_machine_spec.rb +19 -5
data/spec/unit/transaction/additional_resource_generator_spec.rb +0 -2
data/spec/unit/transaction_spec.rb +18 -20
data/spec/unit/type/exec_spec.rb +76 -29
data/spec/unit/type/file/selinux_spec.rb +3 -3
data/spec/unit/type/file/source_spec.rb +4 -4
data/spec/unit/type/service_spec.rb +59 -188
data/spec/unit/type/tidy_spec.rb +24 -7
data/spec/unit/type/user_spec.rb +45 -0
data/spec/unit/util/selinux_spec.rb +87 -16
data/spec/unit/util/windows/sid_spec.rb +41 -0
data/tasks/generate_cert_fixtures.rake +12 -3
metadata +24 -9
data/spec/lib/matchers/include.rb +0 -27
data/spec/lib/matchers/include_spec.rb +0 -32

data/spec/unit/type/file/selinux_spec.rb CHANGED Viewed

@@ -7,7 +7,7 @@ require 'spec_helper'
     before do
       @path = make_absolute("/my/file")
-      @resource = Puppet::Type.type(:file).new :path => @path
+      @resource = Puppet::Type.type(:file).new(:path => @path, :ensure => :file)
       @sel = property.new :resource => @resource
     end
@@ -50,13 +50,13 @@ require 'spec_helper'
     end
     it "should handle no default gracefully" do
-      expect(@sel).to receive(:get_selinux_default_context).with(@path).and_return(nil)
+      expect(@sel).to receive(:get_selinux_default_context).with(@path, :file).and_return(nil)
       expect(@sel.default).to be_nil
     end
     it "should be able to detect matchpathcon defaults" do
       allow(@sel).to receive(:debug)
-      expect(@sel).to receive(:get_selinux_default_context).with(@path).and_return("user_u:role_r:type_t:s0")
+      expect(@sel).to receive(:get_selinux_default_context).with(@path, :file).and_return("user_u:role_r:type_t:s0")
       expectedresult = case param
         when :seluser; "user_u"
         when :selrole; "role_r"

data/spec/unit/type/file/source_spec.rb CHANGED Viewed

@@ -264,7 +264,7 @@ describe Puppet::Type.type(:file).attrclass(:source), :uses_checksums => true do
           expect(@resource[:owner]).to eq(100)
           expect(@resource[:group]).to eq(200)
-          expect(@resource[:mode]).to eq("173")
+          expect(@resource[:mode]).to eq("0173")
           # Metadata calls it checksum and checksum_type, we call it content and checksum.
           expect(@resource[:content]).to eq(@metadata.checksum)
@@ -281,7 +281,7 @@ describe Puppet::Type.type(:file).attrclass(:source), :uses_checksums => true do
           expect(@resource[:owner]).to eq(1)
           expect(@resource[:group]).to eq(2)
-          expect(@resource[:mode]).to eq('173')
+          expect(@resource[:mode]).to eq('0173')
           expect(@resource[:content]).not_to eq(@metadata.checksum)
           expect(@resource[:checksum]).not_to eq(@metadata.checksum_type.to_sym)
         end
@@ -318,7 +318,7 @@ describe Puppet::Type.type(:file).attrclass(:source), :uses_checksums => true do
             expect(@resource[:owner]).to eq(100)
             expect(@resource[:group]).to eq(200)
-            expect(@resource[:mode]).to eq("173")
+            expect(@resource[:mode]).to eq("0173")
           end
           it "copies the remote owner" do
@@ -336,7 +336,7 @@ describe Puppet::Type.type(:file).attrclass(:source), :uses_checksums => true do
           it "copies the remote mode" do
             @source.copy_source_values
-            expect(@resource[:mode]).to eq("173")
+            expect(@resource[:mode]).to eq("0173")
           end
         end

data/spec/unit/type/service_spec.rb CHANGED Viewed

@@ -72,50 +72,65 @@ describe test_title, "when validating attribute values" do
       allow(@provider.class).to receive(:supports_parameter?).and_return(true)
     end
-    it "should support :true as a value" do
-      srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :true)
-      expect(srv.should(:enable)).to eq(:true)
-    end
+    describe "for value without required features" do
+      before :each do
+        allow(@provider).to receive(:satisfies?)
+      end
-    it "should support :false as a value" do
-      srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :false)
-      expect(srv.should(:enable)).to eq(:false)
-    end
+      it "should not support :mask as a value" do
+        expect { Puppet::Type.type(:service).new(:name => "yay", :enable => :mask) }.to raise_error(
+          Puppet::ResourceError,
+          /Provider .+ must have features 'maskable' to set 'enable' to 'mask'/
+        )
+      end
-    it "should support :mask as a value" do
-      srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :mask)
-      expect(srv.should(:enable)).to eq(:mask)
-    end
+      it "should not support :manual as a value" do
+        expect { Puppet::Type.type(:service).new(:name => "yay", :enable => :manual) }.to raise_error(
+          Puppet::ResourceError,
+          /Provider .+ must have features 'manual_startable' to set 'enable' to 'manual'/
+        )
+      end
-    it "should support :manual as a value on Windows" do
-      allow(Puppet::Util::Platform).to receive(:windows?).and_return(true)
-      srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :manual)
-      expect(srv.should(:enable)).to eq(:manual)
+      it "should not support :mask as a value" do
+        expect { Puppet::Type.type(:service).new(:name => "yay", :enable => :delayed) }.to raise_error(
+          Puppet::ResourceError,
+          /Provider .+ must have features 'delayed_startable' to set 'enable' to 'delayed'/
+        )
+      end
     end
-    it "should support :delayed as a value on Windows" do
-      allow(Puppet::Util::Platform).to receive(:windows?).and_return(true)
+    describe "for value with required features" do
+      before :each do
+        allow(@provider).to receive(:satisfies?).and_return(:true)
+      end
-      srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :delayed)
-      expect(srv.should(:enable)).to eq(:delayed)
-    end
+      it "should support :true as a value" do
+        srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :true)
+        expect(srv.should(:enable)).to eq(:true)
+      end
-    it "should not support :manual as a value when not on Windows" do
-      allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
+      it "should support :false as a value" do
+        srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :false)
+        expect(srv.should(:enable)).to eq(:false)
+      end
-      expect { Puppet::Type.type(:service).new(:name => "yay", :enable => :manual) }.to raise_error(
-        Puppet::Error,
-        /Setting enable to manual is only supported on Microsoft Windows\./
-      )
-    end
+      it "should support :mask as a value" do
+        srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :mask)
+        expect(srv.should(:enable)).to eq(:mask)
+      end
-    it "should not support :delayed as a value when not on Windows" do
-      allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
+      it "should support :manual as a value on Windows" do
+        allow(Puppet::Util::Platform).to receive(:windows?).and_return(true)
+        srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :manual)
+        expect(srv.should(:enable)).to eq(:manual)
+      end
-      expect { Puppet::Type.type(:service).new(:name => "yay", :enable => :delayed) }.to raise_error(
-        Puppet::Error,
-        /Setting enable to delayed is only supported on Microsoft Windows\./
-      )
+      it "should support :delayed as a value on Windows" do
+        allow(Puppet::Util::Platform).to receive(:windows?).and_return(true)
+        srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :delayed)
+        expect(srv.should(:enable)).to eq(:delayed)
+      end
     end
   end
@@ -150,105 +165,24 @@ describe test_title, "when validating attribute values" do
       provider_class_with_logon_credentials = Puppet::Type.type(:service).provide(:simple) do
         has_features :manages_logon_credentials
         def logonpassword=(value) end
+        def logonaccount_insync?(current) end
       end
       allow(Puppet::Type.type(:service)).to receive(:defaultprovider).and_return(provider_class_with_logon_credentials)
     end
     describe "the 'logonaccount' property" do
-      it "should not be munged nor checked when not on Windows" do
-        allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
-        service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'NonWindowsUser')
+      let(:service) {Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser')}
-        expect { service }.not_to raise_error
-        expect(service[:logonaccount]).to eq('NonWindowsUser')
+      it "should let superclass implementation resolve insyncness when provider does not respond to the 'logonaccount_insync?' method" do
+        allow(service.provider).to receive(:respond_to?).with(:logonaccount_insync?).and_return(false)
+        expect(service.property(:logonaccount).insync?('myUser')).to eq(true)
       end
-      context "when on Windows", :if => Puppet::Util::Platform.windows? do
-        before do
-          allow(Puppet::Util::Windows::User).to receive(:password_is?).and_return(true)
-          allow(Puppet::Util::Windows::ADSI).to receive(:computer_name).and_return("myPC")
-          allow(Puppet::Util::Windows::User).to receive(:get_rights).and_return('SeServiceLogonRight')
-        end
-        it "should fail when the `Log On As A Service` right is missing from given user" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser))
-          allow(Puppet::Util::Windows::User).to receive(:get_rights).with('myPC\\myUser').and_return("")
-          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser') }.to raise_error(Puppet::Error, /"myPC\\myUser" is missing the 'Log On As A Service' right./)
-        end
-        it "should fail when the `Log On As A Service` right is set to denied for given user" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser))
-          allow(Puppet::Util::Windows::User).to receive(:get_rights).with('myPC\\myUser').and_return("SeDenyServiceLogonRight")
-          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser') }.to raise_error(Puppet::Error, /"myPC\\myUser" has the 'Log On As A Service' right set to denied./)
-        end
-        it "should not fail when given user has the `Log On As A Service` right" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser))
-          allow(Puppet::Util::Windows::User).to receive(:get_rights).with('myPC\\myUser').and_return("SeServiceLogonRight")
-          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser') }.not_to raise_error
-        end
-        it "should not fail when given user is a default system account even if the `Log On As A Service` right is missing" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("LOCAL SERVICE", nil, nil, "NT AUTHORITY", :SidTypeUser))
-          allow(Puppet::Util::Windows::User).to receive(:default_system_account?).and_return(true)
-          expect(Puppet::Util::Windows::User).not_to receive(:get_rights)
-          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser') }.not_to raise_error
-        end
-        ['LocalSystem', '.\LocalSystem', 'myPC\LocalSystem', 'lOcALsysTem'].each do |user_input|
-          it "should succesfully munge #{user_input} to 'LocalSystem'" do
-            service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => user_input)
-            expect { service }.not_to raise_error
-            expect(service[:logonaccount]).to eq('LocalSystem')
-          end
-        end
-        it "should succesfully munge local account" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser))
-          service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser')
-          expect { service }.not_to raise_error
-          expect(service[:logonaccount]).to eq('.\myUser')
-        end
-        it "should succesfully munge domain account" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("DomainUser", nil, nil, "myDomain", :SidTypeUser))
-          service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'DomainUser')
-          expect { service }.not_to raise_error
-          expect(service[:logonaccount]).to eq('myDomain\DomainUser')
-        end
-        it "should succesfully munge well known user" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("LOCAL SERVICE", nil, nil, "NT AUTHORITY", :SidTypeWellKnownGroup))
-          service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'LocalService')
-          expect { service }.not_to raise_error
-          expect(service[:logonaccount]).to eq('NT AUTHORITY\LOCAL SERVICE')
-        end
-        it "should succesfully munge a SID" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("NETWORK SERVICE", nil, nil, "NT AUTHORITY", :SidTypeUser))
-          service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'S-1-5-20')
-          expect { service }.not_to raise_error
-          expect(service[:logonaccount]).to eq('NT AUTHORITY\NETWORK SERVICE')
-        end
-        it "should fail when account is invalid" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(nil)
-          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'InvalidUser') }.to raise_error(Puppet::Error, /"InvalidUser" is not a valid account/)
-        end
-        it "should fail when sid type is not user or well known user" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("Administrators", nil, nil, "BUILTIN", :SidTypeAlias))
-          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'Administrators') }.to raise_error(Puppet::Error, /"Administrators" is not a valid account/)
-        end
+      it "should let provider resolve insyncness when provider responds to the 'logonaccount_insync?' method" do
+        allow(service.provider).to receive(:respond_to?).with(:logonaccount_insync?, any_args).and_return(true)
+        allow(service.provider).to receive(:logonaccount_insync?).and_return(false)
+        expect(service.property(:logonaccount).insync?('myUser')).to eq(false)
       end
     end
@@ -258,7 +192,6 @@ describe test_title, "when validating attribute values" do
       end
       it "should default to empty string when only logonaccount is being managed" do
-        allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
         service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser')
         expect { service }.not_to raise_error
@@ -271,70 +204,8 @@ describe test_title, "when validating attribute values" do
       end
       it "should fail when logonpassword includes the ':' character" do
-        allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
         expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser', :logonpassword => 'my:Pass') }.to raise_error(Puppet::Error, /Passwords cannot include ':'/)
       end
-      it "should not further check the password against given account when not on Windows" do
-        allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
-        expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser', :logonpassword => 'myPass') }.not_to raise_error
-      end
-      context "when on Windows", :if => Puppet::Util::Platform.windows? do
-        before do
-          allow(Puppet::Util::Windows::ADSI).to receive(:computer_name).and_return("myPC")
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(name_to_principal_result)
-          allow(Puppet::Util::Windows::User).to receive(:get_rights).and_return('SeServiceLogonRight')
-        end
-        it "should pass validation when given account is 'LocalSystem'" do
-          allow(Puppet::Util::Windows::User).to receive(:localsystem?).with('LocalSystem').and_return(true)
-          allow(Puppet::Util::Windows::User).to receive(:default_system_account?).with('LocalSystem').and_return(false)
-          expect(Puppet::Util::Windows::SID).not_to receive(:name_to_principal)
-          expect(Puppet::Util::Windows::User).not_to receive(:password_is?)
-          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'LocalSystem') }.not_to raise_error
-        end
-        ['LOCAL SERVICE', 'NETWORK SERVICE', 'SYSTEM'].each do |predefined_local_account|
-          describe "when given account is #{predefined_local_account}" do
-            let(:name_to_principal_result) do
-              Puppet::Util::Windows::SID::Principal.new(predefined_local_account, nil, nil, "NT AUTHORITY", :SidTypeUser)
-            end
-            it "should pass validation" do
-              allow(Puppet::Util::Windows::User).to receive(:localsystem?).with(predefined_local_account).and_return(false)
-              expect(Puppet::Util::Windows::User).to receive(:default_system_account?).with(predefined_local_account).and_return(true)
-              expect(Puppet::Util::Windows::User).to receive(:default_system_account?).with("NT AUTHORITY\\#{predefined_local_account}").and_return(true)
-              expect(Puppet::Util::Windows::User).not_to receive(:password_is?)
-              expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => predefined_local_account) }.not_to raise_error
-            end
-          end
-        end
-        let(:name_to_principal_result) do
-          Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser)
-        end
-        describe "when given logonaccount is not a predefined local account" do
-          before do
-            allow(Puppet::Util::Windows::User).to receive(:localsystem?).with('myUser').and_return(false)
-            allow(Puppet::Util::Windows::User).to receive(:default_system_account?).with('myUser').and_return(false)
-            allow(Puppet::Util::Windows::User).to receive(:default_system_account?).with('.\\myUser').and_return(false)
-          end
-          it "should pass validation if password is proven correct" do
-            allow(Puppet::Util::Windows::User).to receive(:password_is?).with('myUser', 'myPass', '.').and_return(true)
-            expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser', :logonpassword => 'myPass') }.not_to raise_error
-          end
-          it "should not pass validation if password check fails" do
-            allow(Puppet::Util::Windows::User).to receive(:password_is?).with('myUser', 'myWrongPass', '.').and_return(false)
-            expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser', :logonpassword => 'myWrongPass') }.to raise_error(Puppet::Error, /The given password is invalid for user '.\\myUser'/)
-          end
-        end
-      end
     end
   end

data/spec/unit/type/tidy_spec.rb CHANGED Viewed

@@ -195,17 +195,27 @@ describe tidy do
         allow(Puppet::FileServing::Fileset).to receive(:new).and_return(@fileset)
       end
-      it "should use a Fileset for infinite recursion" do
-        expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true).and_return(@fileset)
+      it "should use a Fileset with default max_files for infinite recursion" do
+        expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :max_files=>0).and_return(@fileset)
         expect(@fileset).to receive(:files).and_return(%w{. one two})
         allow(@tidy).to receive(:tidy?).and_return(false)
         @tidy.generate
       end
-      it "should use a Fileset for limited recursion" do
+      it "should use a Fileset with default max_files for limited recursion" do
         @tidy[:recurse] = 42
-        expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :recurselimit => 42).and_return(@fileset)
+        expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :recurselimit => 42, :max_files=>0).and_return(@fileset)
+        expect(@fileset).to receive(:files).and_return(%w{. one two})
+        allow(@tidy).to receive(:tidy?).and_return(false)
+        @tidy.generate
+      end
+      it "should use a Fileset with max_files for limited recursion" do
+        @tidy[:recurse] = 42
+        @tidy[:max_files] = 9876
+        expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :recurselimit => 42, :max_files=>9876).and_return(@fileset)
         expect(@fileset).to receive(:files).and_return(%w{. one two})
         allow(@tidy).to receive(:tidy?).and_return(false)
@@ -270,6 +280,13 @@ describe tidy do
         @ager.tidy?(@basepath, @stat)
       end
+      it "should return true if the specified age is 0" do
+        @tidy[:age] = "0"
+        expect(@stat).to receive(:mtime).and_return(Time.now)
+        expect(@ager).to be_tidy(@basepath, @stat)
+      end
       it "should return false if the file is more recent than the specified age" do
         expect(@stat).to receive(:mtime).and_return(Time.now)
@@ -411,7 +428,7 @@ describe tidy do
       @tidy[:recurse] = true
       @tidy[:rmdirs] = true
       fileset = double('fileset')
-      expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true).and_return(fileset)
+      expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :max_files=>0).and_return(fileset)
       expect(fileset).to receive(:files).and_return(%w{. one two one/subone two/subtwo one/subone/ssone})
       allow(@tidy).to receive(:tidy?).and_return(true)
@@ -433,7 +450,7 @@ describe tidy do
       @tidy[:recurse] = true
       @tidy[:rmdirs] = true
       fileset = double('fileset')
-      expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true).and_return(fileset)
+      expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :max_files=>0).and_return(fileset)
       expect(fileset).to receive(:files).and_return(%w{. a a/2 a/1 a/3})
       allow(@tidy).to receive(:tidy?).and_return(true)
@@ -446,7 +463,7 @@ describe tidy do
       @tidy[:noop] = true
       fileset = double('fileset')
-      expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true).and_return(fileset)
+      expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :max_files=>0).and_return(fileset)
       expect(fileset).to receive(:files).and_return(%w{. a a/2 a/1 a/3})
       allow(@tidy).to receive(:tidy?).and_return(true)

data/spec/unit/type/user_spec.rb CHANGED Viewed

@@ -174,6 +174,51 @@ describe Puppet::Type.type(:user) do
     end
   end
+  describe "when managing the purge_ssh_keys property" do
+    context "with valid input" do
+      it "should support a :true value" do
+        expect { described_class.new(:name => 'foo', :purge_ssh_keys => :true) }.to_not raise_error
+      end
+      it "should support a :false value" do
+        expect { described_class.new(:name => 'foo', :purge_ssh_keys => :false) }.to_not raise_error
+      end
+      it "should support a String value" do
+        expect { described_class.new(:name => 'foo', :purge_ssh_keys => File.expand_path('home/foo/.ssh/authorized_keys')) }.to_not raise_error
+      end
+      it "should support an Array value" do
+        expect { described_class.new(:name => 'foo', :purge_ssh_keys => [File.expand_path('home/foo/.ssh/authorized_keys'),
+          File.expand_path('custom/authorized_keys')]) }.to_not raise_error
+      end
+    end
+    context "with faulty input" do
+      it "should raise error for relative path" do
+        expect { described_class.new(:name => 'foo', :purge_ssh_keys => 'home/foo/.ssh/authorized_keys') }.to raise_error(Puppet::ResourceError,
+          /Paths to keyfiles must be absolute/ )
+      end
+      it "should raise error for invalid type" do
+        expect { described_class.new(:name => 'foo', :purge_ssh_keys => :invalid) }.to raise_error(Puppet::ResourceError,
+          /purge_ssh_keys must be true, false, or an array of file names/ )
+      end
+      it "should raise error for array with relative path" do
+        expect { described_class.new(:name => 'foo', :purge_ssh_keys => ['home/foo/.ssh/authorized_keys',
+          File.expand_path('custom/authorized_keys')]) }.to raise_error(Puppet::ResourceError,
+          /Paths to keyfiles must be absolute/ )
+      end
+      it "should raise error for array with invalid type" do
+        expect { described_class.new(:name => 'foo', :purge_ssh_keys => [:invalid,
+          File.expand_path('custom/authorized_keys')]) }.to raise_error(Puppet::ResourceError,
+          /Each entry for purge_ssh_keys must be a string/ )
+      end
+    end
+  end
   describe "when managing the uid property" do
     it "should convert number-looking strings into actual numbers" do
       expect(described_class.new(:name => 'foo', :uid => '50')[:uid]).to eq(50)