RubyGems - puppet - Versions diffs - 6.21.1 → 7.4.1 - Mend

puppet 6.21.1 → 7.4.1

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (402) hide show

checksums.yaml +4 -4
data/Gemfile +1 -4
data/Gemfile.lock +5 -5
data/README.md +1 -1
data/conf/fileserver.conf +5 -10
data/ext/build_defaults.yaml +1 -2
data/ext/osx/file_mapping.yaml +0 -5
data/ext/project_data.yaml +2 -14
data/ext/redhat/puppet.spec.erb +0 -1
data/ext/windows/service/daemon.rb +6 -5
data/install.rb +21 -17
data/lib/puppet.rb +11 -20
data/lib/puppet/application.rb +172 -98
data/lib/puppet/application/device.rb +100 -104
data/lib/puppet/application/filebucket.rb +13 -9
data/lib/puppet/application/ssl.rb +1 -1
data/lib/puppet/configurer.rb +27 -29
data/lib/puppet/configurer/plugin_handler.rb +21 -19
data/lib/puppet/defaults.rb +57 -162
data/lib/puppet/environments.rb +8 -23
data/lib/puppet/face/facts.rb +73 -49
data/lib/puppet/face/help.rb +1 -1
data/lib/puppet/face/node/clean.rb +8 -0
data/lib/puppet/face/plugin.rb +5 -8
data/lib/puppet/ffi/windows.rb +12 -0
data/lib/puppet/ffi/windows/api_types.rb +311 -0
data/lib/puppet/ffi/windows/constants.rb +404 -0
data/lib/puppet/ffi/windows/functions.rb +628 -0
data/lib/puppet/ffi/windows/structs.rb +338 -0
data/lib/puppet/file_serving/configuration.rb +0 -5
data/lib/puppet/file_serving/configuration/parser.rb +6 -32
data/lib/puppet/file_serving/http_metadata.rb +1 -1
data/lib/puppet/file_serving/mount.rb +1 -2
data/lib/puppet/forge/repository.rb +0 -1
data/lib/puppet/generate/models/type/type.rb +4 -1
data/lib/puppet/http.rb +22 -13
data/lib/puppet/http/client.rb +164 -114
data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
data/lib/puppet/http/errors.rb +16 -0
data/lib/puppet/http/external_client.rb +5 -7
data/lib/puppet/{network/http → http}/factory.rb +8 -11
data/lib/puppet/{network/http → http}/pool.rb +61 -26
data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
data/lib/puppet/http/proxy.rb +137 -0
data/lib/puppet/http/redirector.rb +4 -12
data/lib/puppet/http/resolver.rb +5 -15
data/lib/puppet/http/resolver/server_list.rb +6 -10
data/lib/puppet/http/resolver/settings.rb +4 -7
data/lib/puppet/http/resolver/srv.rb +7 -11
data/lib/puppet/http/response.rb +36 -54
data/lib/puppet/http/response_converter.rb +24 -0
data/lib/puppet/http/response_net_http.rb +42 -0
data/lib/puppet/http/retry_after_handler.rb +4 -13
data/lib/puppet/http/service.rb +12 -26
data/lib/puppet/http/service/ca.rb +11 -22
data/lib/puppet/http/service/compiler.rb +22 -69
data/lib/puppet/http/service/file_server.rb +18 -27
data/lib/puppet/http/service/puppetserver.rb +26 -12
data/lib/puppet/http/service/report.rb +8 -10
data/lib/puppet/http/session.rb +11 -20
data/lib/puppet/{network/http → http}/site.rb +1 -2
data/lib/puppet/indirector/catalog/rest.rb +2 -4
data/lib/puppet/indirector/facts/facter.rb +25 -3
data/lib/puppet/indirector/facts/rest.rb +3 -22
data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
data/lib/puppet/indirector/file_content/rest.rb +2 -6
data/lib/puppet/indirector/file_metadata/rest.rb +3 -9
data/lib/puppet/indirector/file_server.rb +1 -8
data/lib/puppet/indirector/generic_http.rb +0 -11
data/lib/puppet/indirector/node/rest.rb +2 -4
data/lib/puppet/indirector/report/rest.rb +3 -8
data/lib/puppet/indirector/request.rb +0 -101
data/lib/puppet/indirector/rest.rb +12 -263
data/lib/puppet/module_tool/applications.rb +0 -1
data/lib/puppet/network/authconfig.rb +2 -96
data/lib/puppet/network/authorization.rb +13 -35
data/lib/puppet/network/formats.rb +67 -0
data/lib/puppet/network/http.rb +3 -3
data/lib/puppet/network/http/api/indirected_routes.rb +2 -20
data/lib/puppet/network/http/api/master/v3.rb +11 -13
data/lib/puppet/network/http/connection.rb +247 -316
data/lib/puppet/network/http/handler.rb +0 -1
data/lib/puppet/network/http_pool.rb +16 -34
data/lib/puppet/node.rb +1 -30
data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
data/lib/puppet/pal/pal_impl.rb +3 -1
data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
data/lib/puppet/parser/compiler.rb +0 -198
data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
data/lib/puppet/parser/resource.rb +0 -69
data/lib/puppet/pops/evaluator/evaluator_impl.rb +0 -5
data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
data/lib/puppet/pops/issues.rb +0 -5
data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
data/lib/puppet/pops/model/ast.pp +0 -42
data/lib/puppet/pops/model/ast.rb +0 -290
data/lib/puppet/pops/model/factory.rb +0 -45
data/lib/puppet/pops/model/model_label_provider.rb +0 -5
data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
data/lib/puppet/pops/model/pn_transformer.rb +0 -16
data/lib/puppet/pops/parser/egrammar.ra +0 -56
data/lib/puppet/pops/parser/eparser.rb +1520 -1712
data/lib/puppet/pops/parser/lexer2.rb +4 -4
data/lib/puppet/pops/parser/parser_support.rb +0 -5
data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
data/lib/puppet/pops/types/type_calculator.rb +0 -7
data/lib/puppet/pops/types/type_parser.rb +0 -4
data/lib/puppet/pops/types/types.rb +0 -1
data/lib/puppet/pops/validation/checker4_0.rb +9 -37
data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
data/lib/puppet/provider.rb +0 -13
data/lib/puppet/provider/nameservice.rb +0 -18
data/lib/puppet/provider/package/dpkg.rb +0 -10
data/lib/puppet/provider/package/gem.rb +23 -3
data/lib/puppet/provider/package/pip.rb +0 -1
data/lib/puppet/provider/package/pkg.rb +0 -4
data/lib/puppet/provider/package/portage.rb +1 -1
data/lib/puppet/provider/package/puppet_gem.rb +1 -4
data/lib/puppet/provider/service/smf.rb +191 -73
data/lib/puppet/provider/user/directoryservice.rb +0 -10
data/lib/puppet/reference/configuration.rb +7 -5
data/lib/puppet/reference/indirection.rb +1 -1
data/lib/puppet/resource.rb +1 -89
data/lib/puppet/resource/catalog.rb +1 -14
data/lib/puppet/resource/type.rb +3 -119
data/lib/puppet/resource/type_collection.rb +3 -48
data/lib/puppet/runtime.rb +1 -2
data/lib/puppet/settings.rb +45 -33
data/lib/puppet/settings/integer_setting.rb +17 -0
data/lib/puppet/settings/port_setting.rb +15 -0
data/lib/puppet/settings/priority_setting.rb +5 -4
data/lib/puppet/ssl.rb +10 -6
data/lib/puppet/ssl/base.rb +3 -5
data/lib/puppet/ssl/certificate.rb +0 -6
data/lib/puppet/ssl/certificate_request.rb +1 -12
data/lib/puppet/ssl/certificate_signer.rb +6 -0
data/lib/puppet/ssl/oids.rb +3 -1
data/lib/puppet/ssl/ssl_provider.rb +17 -0
data/lib/puppet/ssl/state_machine.rb +3 -1
data/lib/puppet/ssl/verifier.rb +2 -0
data/lib/puppet/test/test_helper.rb +1 -3
data/lib/puppet/transaction.rb +1 -7
data/lib/puppet/transaction/report.rb +2 -4
data/lib/puppet/type.rb +0 -76
data/lib/puppet/type/file.rb +5 -7
data/lib/puppet/type/file/checksum.rb +1 -1
data/lib/puppet/type/file/source.rb +1 -1
data/lib/puppet/type/filebucket.rb +3 -3
data/lib/puppet/type/package.rb +5 -13
data/lib/puppet/type/user.rb +1 -1
data/lib/puppet/util/execution.rb +0 -11
data/lib/puppet/util/http_proxy.rb +2 -215
data/lib/puppet/util/monkey_patches.rb +0 -46
data/lib/puppet/util/rdoc.rb +0 -7
data/lib/puppet/util/retry_action.rb +1 -1
data/lib/puppet/util/run_mode.rb +9 -1
data/lib/puppet/util/windows.rb +3 -8
data/lib/puppet/util/windows/daemon.rb +360 -0
data/lib/puppet/util/windows/error.rb +1 -0
data/lib/puppet/util/windows/eventlog.rb +4 -9
data/lib/puppet/util/windows/file.rb +8 -242
data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
data/lib/puppet/util/windows/process.rb +4 -226
data/lib/puppet/util/windows/service.rb +9 -460
data/lib/puppet/util/windows/string.rb +12 -13
data/lib/puppet/util/yaml.rb +0 -22
data/lib/puppet/vendor/require_vendored.rb +0 -1
data/lib/puppet/version.rb +1 -1
data/lib/puppet/x509.rb +5 -1
data/lib/puppet/x509/cert_provider.rb +29 -1
data/locales/puppet.pot +521 -1226
data/man/man5/puppet.conf.5 +34 -94
data/man/man8/puppet-facts.8 +56 -35
data/man/man8/puppet-filebucket.8 +3 -3
data/man/man8/puppet-module.8 +0 -57
data/man/man8/puppet.8 +1 -1
data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
data/spec/integration/application/agent_spec.rb +24 -11
data/spec/integration/application/apply_spec.rb +1 -1
data/spec/integration/application/filebucket_spec.rb +16 -16
data/spec/integration/application/help_spec.rb +2 -0
data/spec/integration/application/plugin_spec.rb +23 -1
data/spec/integration/defaults_spec.rb +7 -3
data/spec/integration/indirector/file_content/file_server_spec.rb +0 -2
data/spec/integration/indirector/file_metadata/file_server_spec.rb +0 -2
data/spec/integration/network/http_pool_spec.rb +3 -21
data/spec/integration/parser/catalog_spec.rb +0 -38
data/spec/integration/parser/node_spec.rb +0 -9
data/spec/integration/parser/pcore_resource_spec.rb +0 -37
data/spec/integration/type/file_spec.rb +5 -4
data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
data/spec/integration/util/windows/security_spec.rb +1 -1
data/spec/lib/puppet_spec/puppetserver.rb +1 -1
data/spec/lib/puppet_spec/settings.rb +1 -0
data/spec/spec_helper.rb +2 -0
data/spec/unit/agent_spec.rb +0 -2
data/spec/unit/application/facts_spec.rb +86 -0
data/spec/unit/application/filebucket_spec.rb +41 -39
data/spec/unit/application/ssl_spec.rb +2 -2
data/spec/unit/certificate_factory_spec.rb +1 -1
data/spec/unit/configurer/downloader_spec.rb +6 -2
data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
data/spec/unit/configurer_spec.rb +12 -9
data/spec/unit/context/trusted_information_spec.rb +2 -6
data/spec/unit/defaults_spec.rb +22 -47
data/spec/unit/environments_spec.rb +0 -3
data/spec/unit/face/facts_spec.rb +4 -0
data/spec/unit/face/node_spec.rb +14 -2
data/spec/unit/face/plugin_spec.rb +73 -33
data/spec/unit/file_bucket/file_spec.rb +1 -1
data/spec/unit/file_serving/configuration/parser_spec.rb +22 -18
data/spec/unit/file_serving/configuration_spec.rb +6 -12
data/spec/unit/functions/camelcase_spec.rb +1 -1
data/spec/unit/functions/capitalize_spec.rb +1 -1
data/spec/unit/functions/downcase_spec.rb +1 -1
data/spec/unit/functions/upcase_spec.rb +1 -1
data/spec/unit/http/client_spec.rb +7 -8
data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
data/spec/unit/http/external_client_spec.rb +4 -4
data/spec/unit/{network/http → http}/factory_spec.rb +5 -11
data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
data/spec/unit/http/resolver_spec.rb +13 -13
data/spec/unit/http/service/compiler_spec.rb +0 -62
data/spec/unit/http/service/file_server_spec.rb +3 -3
data/spec/unit/http/service/puppetserver_spec.rb +34 -4
data/spec/unit/http/service_spec.rb +0 -1
data/spec/unit/http/session_spec.rb +16 -14
data/spec/unit/{network/http → http}/site_spec.rb +3 -3
data/spec/unit/indirector/facts/facter_spec.rb +113 -0
data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
data/spec/unit/indirector/file_server_spec.rb +1 -15
data/spec/unit/indirector/report/rest_spec.rb +2 -17
data/spec/unit/indirector/request_spec.rb +0 -264
data/spec/unit/indirector/rest_spec.rb +98 -752
data/spec/unit/network/authconfig_spec.rb +2 -129
data/spec/unit/network/authorization_spec.rb +2 -55
data/spec/unit/network/formats_spec.rb +45 -4
data/spec/unit/network/http/api/indirected_routes_spec.rb +1 -92
data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
data/spec/unit/network/http/api_spec.rb +10 -0
data/spec/unit/network/http/connection_spec.rb +19 -41
data/spec/unit/network/http/handler_spec.rb +0 -1
data/spec/unit/network/http_pool_spec.rb +0 -4
data/spec/unit/node/environment_spec.rb +33 -21
data/spec/unit/node_spec.rb +2 -54
data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
data/spec/unit/pops/types/type_calculator_spec.rb +6 -6
data/spec/unit/pops/types/type_factory_spec.rb +1 -1
data/spec/unit/pops/validator/validator_spec.rb +61 -46
data/spec/unit/pops/visitor_spec.rb +1 -1
data/spec/unit/provider/nameservice_spec.rb +0 -57
data/spec/unit/provider/package/dpkg_spec.rb +0 -48
data/spec/unit/provider/package/gem_spec.rb +32 -0
data/spec/unit/provider/package/puppet_gem_spec.rb +3 -2
data/spec/unit/provider/service/smf_spec.rb +401 -165
data/spec/unit/provider/service/windows_spec.rb +0 -1
data/spec/unit/provider_spec.rb +0 -12
data/spec/unit/resource/type_collection_spec.rb +2 -22
data/spec/unit/resource_spec.rb +0 -56
data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
data/spec/unit/settings/integer_setting_spec.rb +42 -0
data/spec/unit/settings/port_setting_spec.rb +31 -0
data/spec/unit/settings/priority_setting_spec.rb +4 -4
data/spec/unit/settings_spec.rb +17 -0
data/spec/unit/ssl/base_spec.rb +36 -3
data/spec/unit/ssl/certificate_request_spec.rb +19 -55
data/spec/unit/ssl/certificate_spec.rb +2 -11
data/spec/unit/ssl/state_machine_spec.rb +0 -1
data/spec/unit/ssl/verifier_spec.rb +0 -21
data/spec/unit/transaction/report_spec.rb +0 -2
data/spec/unit/transaction/resource_harness_spec.rb +2 -2
data/spec/unit/transaction_spec.rb +45 -79
data/spec/unit/type/file/checksum_spec.rb +6 -6
data/spec/unit/type/file/content_spec.rb +1 -1
data/spec/unit/type/file/ensure_spec.rb +1 -1
data/spec/unit/type/file/mode_spec.rb +1 -1
data/spec/unit/type/file/source_spec.rb +0 -1
data/spec/unit/type/file_spec.rb +12 -6
data/spec/unit/type/package_spec.rb +1 -1
data/spec/unit/type_spec.rb +20 -0
data/spec/unit/util/backups_spec.rb +0 -2
data/spec/unit/util/execution_spec.rb +0 -29
data/spec/unit/util/monkey_patches_spec.rb +0 -6
data/spec/unit/util/run_mode_spec.rb +21 -121
data/spec/unit/util/windows/string_spec.rb +1 -3
data/spec/unit/util/yaml_spec.rb +0 -54
data/spec/unit/util_spec.rb +0 -18
metadata +47 -162
data/conf/auth.conf +0 -150
data/lib/puppet/application/cert.rb +0 -76
data/lib/puppet/application/key.rb +0 -4
data/lib/puppet/application/man.rb +0 -4
data/lib/puppet/application/status.rb +0 -4
data/lib/puppet/face/key.rb +0 -16
data/lib/puppet/face/man.rb +0 -145
data/lib/puppet/face/module/build.rb +0 -14
data/lib/puppet/face/module/generate.rb +0 -14
data/lib/puppet/face/module/search.rb +0 -103
data/lib/puppet/face/status.rb +0 -51
data/lib/puppet/indirector/certificate/file.rb +0 -9
data/lib/puppet/indirector/certificate/rest.rb +0 -18
data/lib/puppet/indirector/certificate_request/file.rb +0 -9
data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
data/lib/puppet/indirector/file_content/http.rb +0 -22
data/lib/puppet/indirector/key/file.rb +0 -46
data/lib/puppet/indirector/key/memory.rb +0 -7
data/lib/puppet/indirector/ssl_file.rb +0 -162
data/lib/puppet/indirector/status.rb +0 -3
data/lib/puppet/indirector/status/local.rb +0 -12
data/lib/puppet/indirector/status/rest.rb +0 -27
data/lib/puppet/module_tool/applications/searcher.rb +0 -29
data/lib/puppet/network/auth_config_parser.rb +0 -90
data/lib/puppet/network/authstore.rb +0 -283
data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
data/lib/puppet/network/http/base_pool.rb +0 -36
data/lib/puppet/network/http/compression.rb +0 -127
data/lib/puppet/network/http/connection_adapter.rb +0 -184
data/lib/puppet/network/http/nocache_pool.rb +0 -28
data/lib/puppet/network/rest_controller.rb +0 -2
data/lib/puppet/network/rights.rb +0 -210
data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
data/lib/puppet/parser/environment_compiler.rb +0 -202
data/lib/puppet/pops/types/enumeration.rb +0 -16
data/lib/puppet/resource/capability_finder.rb +0 -154
data/lib/puppet/rest/errors.rb +0 -15
data/lib/puppet/rest/response.rb +0 -35
data/lib/puppet/rest/route.rb +0 -85
data/lib/puppet/rest/routes.rb +0 -135
data/lib/puppet/ssl/host.rb +0 -505
data/lib/puppet/ssl/key.rb +0 -61
data/lib/puppet/ssl/validator.rb +0 -61
data/lib/puppet/ssl/validator/default_validator.rb +0 -209
data/lib/puppet/ssl/validator/no_validator.rb +0 -22
data/lib/puppet/ssl/verifier_adapter.rb +0 -58
data/lib/puppet/status.rb +0 -40
data/lib/puppet/util/connection.rb +0 -88
data/lib/puppet/util/fact_dif.rb +0 -62
data/lib/puppet/util/ssl.rb +0 -83
data/lib/puppet/util/windows/api_types.rb +0 -309
data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
data/lib/puppet/vendor/load_pathspec.rb +0 -1
data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
data/lib/puppet/vendor/pathspec/LICENSE +0 -201
data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
data/lib/puppet/vendor/pathspec/README.md +0 -53
data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
data/man/man8/puppet-key.8 +0 -126
data/man/man8/puppet-man.8 +0 -76
data/man/man8/puppet-status.8 +0 -108
data/spec/integration/network/authconfig_spec.rb +0 -256
data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
data/spec/unit/application/man_spec.rb +0 -52
data/spec/unit/capability_spec.rb +0 -414
data/spec/unit/face/key_spec.rb +0 -9
data/spec/unit/face/module/search_spec.rb +0 -231
data/spec/unit/face/status_spec.rb +0 -9
data/spec/unit/indirector/certificate/file_spec.rb +0 -14
data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
data/spec/unit/indirector/key/file_spec.rb +0 -78
data/spec/unit/indirector/ssl_file_spec.rb +0 -305
data/spec/unit/indirector/status/local_spec.rb +0 -10
data/spec/unit/indirector/status/rest_spec.rb +0 -50
data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
data/spec/unit/network/auth_config_parser_spec.rb +0 -115
data/spec/unit/network/authstore_spec.rb +0 -422
data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
data/spec/unit/network/http/compression_spec.rb +0 -240
data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
data/spec/unit/network/http_spec.rb +0 -9
data/spec/unit/network/rights_spec.rb +0 -439
data/spec/unit/parser/environment_compiler_spec.rb +0 -730
data/spec/unit/pops/types/enumeration_spec.rb +0 -51
data/spec/unit/resource/capability_finder_spec.rb +0 -148
data/spec/unit/rest/route_spec.rb +0 -132
data/spec/unit/ssl/host_spec.rb +0 -645
data/spec/unit/ssl/key_spec.rb +0 -173
data/spec/unit/ssl/validator_spec.rb +0 -278
data/spec/unit/status_spec.rb +0 -45
data/spec/unit/util/ssl_spec.rb +0 -91

data/spec/unit/network/authconfig_spec.rb CHANGED Viewed

@@ -1,135 +1,8 @@
 require 'spec_helper'
 require 'puppet/network/authconfig'
-describe Puppet::Network::DefaultAuthProvider do
-  before :each do
-    allow(Puppet::FileSystem).to receive(:stat).and_return(double('stat', :ctime => :now))
-    allow(Time).to receive(:now).and_return(Time.now)
-  end
-  describe "when initializing" do
-    it "inserts default ACLs after setting initial rights" do
-      expect_any_instance_of(Puppet::Network::DefaultAuthProvider).to receive(:insert_default_acl)
-      Puppet::Network::DefaultAuthProvider.new
-    end
-  end
-  describe "when defining an acl with mk_acl" do
-    before :each do
-      allow_any_instance_of(Puppet::Network::DefaultAuthProvider).to receive(:insert_default_acl)
-      @authprovider = Puppet::Network::DefaultAuthProvider.new
-    end
-    it "should create a new right for each default acl" do
-      @authprovider.mk_acl(:acl => '/')
-      expect(@authprovider.rights['/']).to be
-    end
-    it "allows everyone for each default right" do
-      @authprovider.mk_acl(:acl => '/')
-      expect(@authprovider.rights['/']).to be_globalallow
-    end
-    it "accepts an argument to restrict the method" do
-      @authprovider.mk_acl(:acl => '/', :method => :find)
-      expect(@authprovider.rights['/'].methods).to eq([:find])
-    end
-    it "creates rights with authentication set to true by default" do
-      @authprovider.mk_acl(:acl => '/')
-      expect(@authprovider.rights['/'].authentication).to be_truthy
-    end
-    it "accepts an argument to set the authentication requirement" do
-      @authprovider.mk_acl(:acl => '/', :authenticated => :any)
-      expect(@authprovider.rights['/'].authentication).to be_falsey
-    end
-  end
-  describe "when adding default ACLs" do
-    before :each do
-      allow_any_instance_of(Puppet::Network::DefaultAuthProvider).to receive(:insert_default_acl)
-      @authprovider = Puppet::Network::DefaultAuthProvider.new
-      allow_any_instance_of(Puppet::Network::DefaultAuthProvider).to receive(:insert_default_acl).and_call_original
-    end
-    Puppet::Network::DefaultAuthProvider::default_acl.each do |acl|
-      it "should create a default right for #{acl[:acl]}" do
-        allow(@authprovider).to receive(:mk_acl)
-        expect(@authprovider).to receive(:mk_acl).with(acl)
-        @authprovider.insert_default_acl
-      end
-    end
-    it "should log at info loglevel" do
-      expect(Puppet).to receive(:info).at_least(:once)
-      @authprovider.insert_default_acl
-    end
-    it "creates an empty catch-all rule for '/' for any authentication request state" do
-      allow(@authprovider).to receive(:mk_acl)
-      @authprovider.insert_default_acl
-      expect(@authprovider.rights['/']).to be_empty
-      expect(@authprovider.rights['/'].authentication).to be_falsey
-    end
-    it '(CVE-2013-2275) allows report submission only for the node matching the certname by default' do
-      acl = {
-        :acl => "~ ^#{Puppet::Network::HTTP::MASTER_URL_PREFIX}\/v3\/report\/([^\/]+)$",
-        :method => :save,
-        :allow => '$1',
-        :authenticated => true
-      }
-      allow(@authprovider).to receive(:mk_acl)
-      expect(@authprovider).to receive(:mk_acl).with(acl)
-      @authprovider.insert_default_acl
-    end
-  end
-  describe "when checking authorization" do
-    it "should ask for authorization to the ACL subsystem" do
-      params = {
-        :ip => "127.0.0.1",
-        :node => "me",
-        :environment => :env,
-        :authenticated => true
-      }
-      expect_any_instance_of(Puppet::Network::Rights).to receive(:is_request_forbidden_and_why?).with(:save, "/path/to/resource", params)
-      described_class.new.check_authorization(:save, "/path/to/resource", params)
-    end
-  end
-end
 describe Puppet::Network::AuthConfig do
-  after :each do
-    Puppet::Network::AuthConfig.authprovider_class = nil
-  end
-  class TestAuthProvider
-    def initialize(rights=nil); end
-    def check_authorization(method, path, params); end
-  end
-  it "instantiates authprovider_class with rights" do
-    Puppet::Network::AuthConfig.authprovider_class = TestAuthProvider
-    rights = Puppet::Network::Rights.new
-    expect(TestAuthProvider).to receive(:new).with(rights)
-    described_class.new(rights)
-  end
-  it "delegates authorization check to authprovider_class" do
-    Puppet::Network::AuthConfig.authprovider_class = TestAuthProvider
-    expect_any_instance_of(TestAuthProvider).to receive(:check_authorization).with(:save, '/path/to/resource', {})
-    described_class.new.check_authorization(:save, '/path/to/resource', {})
-  end
-  it "uses DefaultAuthProvider by default" do
-    Puppet::Network::AuthConfig.authprovider_class = nil
-    expect_any_instance_of(Puppet::Network::DefaultAuthProvider).to receive(:check_authorization).with(:save, '/path/to/resource', {})
-    described_class.new.check_authorization(:save, '/path/to/resource', {})
+  it "accepts an auth provider class" do
+    Puppet::Network::AuthConfig.authprovider_class = Object
   end
 end

data/spec/unit/network/authorization_spec.rb CHANGED Viewed

@@ -1,61 +1,8 @@
 require 'spec_helper'
-require 'puppet/network/http'
-require 'puppet/network/http/api/indirected_routes'
 require 'puppet/network/authorization'
 describe Puppet::Network::Authorization do
-  class AuthTest
-    include Puppet::Network::Authorization
-  end
-  subject { AuthTest.new }
-  context "when creating an authconfig object" do
-    before :each do
-      # Other tests may have created an authconfig, so we have to undo that.
-      @orig_auth_config = Puppet::Network::AuthConfigLoader.instance_variable_get(:@auth_config)
-      @orig_auth_config_file = Puppet::Network::AuthConfigLoader.instance_variable_get(:@auth_config_file)
-      Puppet::Network::AuthConfigLoader.instance_variable_set(:@auth_config, nil)
-      Puppet::Network::AuthConfigLoader.instance_variable_set(:@auth_config_file, nil)
-    end
-    after :each do
-      Puppet::Network::AuthConfigLoader.instance_variable_set(:@auth_config, @orig_auth_config)
-      Puppet::Network::AuthConfigLoader.instance_variable_set(:@auth_config_file, @orig_auth_config_file)
-    end
-    it "creates default ACL entries if no file has been read" do
-      expect(Puppet::Network::AuthConfigParser).to receive(:new_from_file).and_raise(Errno::ENOENT)
-      expect_any_instance_of(Puppet::Network::DefaultAuthProvider).to receive(:insert_default_acl)
-      subject.authconfig
-    end
-  end
-  class TestAuthConfig
-    def check_authorization(method, path, params); end
-  end
-  class TestAuthConfigLoader
-    def self.authconfig
-      TestAuthConfig.new
-    end
-  end
-  context "when checking authorization" do
-    after :each do
-      Puppet::Network::Authorization.authconfigloader_class = nil
-    end
-    it "delegates to the authconfig object" do
-      Puppet::Network::Authorization.authconfigloader_class =
-          TestAuthConfigLoader
-      expect_any_instance_of(TestAuthConfig).to receive(:check_authorization).with(
-          :save, '/mypath', {:param1 => "value1"}).and_return("yay, it worked!")
-      expect(subject.check_authorization(
-                 :save, '/mypath',
-                 {:param1 => "value1"})).to eq("yay, it worked!")
-    end
+  it "accepts an auth config loader class" do
+    Puppet::Network::Authorization.authconfigloader_class = Object
   end
 end

data/spec/unit/network/formats_spec.rb CHANGED Viewed

@@ -161,19 +161,19 @@ describe "Puppet Network Format" do
     end
     it 'raises when interning an instance of an unacceptable indirected type' do
-      obj = Puppet::SSL::Key.new('foo')
+      obj = :something
       expect {
         yaml.intern(obj.class, YAML.dump(obj))
-      }.to raise_error(Puppet::Network::FormatHandler::FormatError, /Tried to load unspecified class: Puppet::SSL::Key/)
+      }.to raise_error(Puppet::Network::FormatHandler::FormatError, /Tried to load unspecified class: Symbol/)
     end
     it 'raises when interning multple instances of an unacceptable indirected type' do
-      obj = Puppet::SSL::Key.new('foo')
+      obj = :something
       expect {
         yaml.intern_multiple(obj.class, YAML.dump([obj]))
-      }.to raise_error(Puppet::Network::FormatHandler::FormatError, /Tried to load unspecified class: Puppet::SSL::Key/)
+      }.to raise_error(Puppet::Network::FormatHandler::FormatError, /Tried to load unspecified class: Symbol/)
     end
   end
@@ -534,4 +534,45 @@ EOT
       end
     end
   end
+  describe ":flat format" do
+    let(:flat) { Puppet::Network::FormatHandler.format(:flat) }
+    it "should include a flat format" do
+      expect(flat).to be_an_instance_of Puppet::Network::Format
+    end
+    [:intern, :intern_multiple].each do |method|
+      it "should not implement #{method}" do
+        expect { flat.send(method, String, 'blah') }.to raise_error NotImplementedError
+      end
+    end
+    context "when rendering arrays" do
+      {
+          []                           => "",
+          [1, 2]                       => "0=1\n1=2\n",
+          ["one"]                      => "0=one\n",
+          [{"one" => 1}, {"two" => 2}] => "0.one=1\n1.two=2\n",
+          [['something', 'for'], ['the', 'test']]  => "0=[\"something\", \"for\"]\n1=[\"the\", \"test\"]\n"
+      }.each_pair do |input, output|
+        it "should render #{input.inspect} as one item per line" do
+          expect(flat.render(input)).to eq(output)
+        end
+      end
+    end
+    context "when rendering hashes" do
+      {
+          {}                                   => "",
+          {1 => 2}                             => "1=2\n",
+          {"one" => "two"}                     => "one=two\n",
+          {[1,2] => 3, [2,3] => 5, [3,4] => 7} => "[1, 2]=3\n[2, 3]=5\n[3, 4]=7\n",
+      }.each_pair do |input, output|
+        it "should render #{input.inspect}" do
+          expect(flat.render(input)).to eq(output)
+        end
+      end
+    end
+  end
 end

data/spec/unit/network/http/api/indirected_routes_spec.rb CHANGED Viewed

@@ -58,7 +58,7 @@ describe Puppet::Network::HTTP::API::IndirectedRoutes do
       }.to raise_error(bad_request_error)
     end
-    it "should not pass a buck_path parameter through (See Bugs #13553, #13518, #13511)" do
+    it "should not pass a bucket_path parameter through (See Bugs #13553, #13518, #13511)" do
       expect(handler.uri2indirection("GET", "#{master_url_prefix}/node/bar",
                               { :environment => "env",
                                 :bucket_path => "/malicious/path" })[3]).not_to include({ :bucket_path => "/malicious/path" })
@@ -118,10 +118,6 @@ describe Puppet::Network::HTTP::API::IndirectedRoutes do
       expect(handler.uri2indirection("PUT", "#{master_url_prefix}/facts/puppet.node.test", params)[0].name).to eq(:facts)
     end
-    it "should change indirection name to 'status' if the http method is a GET and the indirection name is statuses" do
-      expect(handler.uri2indirection("GET", "#{master_url_prefix}/statuses/bar", params)[0].name).to eq(:status)
-    end
     it "should change indirection name to 'node' if the http method is a GET and the indirection name is nodes" do
       expect(handler.uri2indirection("GET", "#{master_url_prefix}/nodes/bar", params)[0].name).to eq(:node)
     end
@@ -145,96 +141,9 @@ describe Puppet::Network::HTTP::API::IndirectedRoutes do
       _, _, key, _ = handler.uri2indirection("GET", "#{master_url_prefix}/node/#{escaped}", params)
       expect(key).to eq(escaped)
     end
-    it "should not unescape the URI passed through in a call to check_authorization" do
-      key_escaped = Puppet::Util.uri_encode("foo bar")
-      uri_escaped = "#{master_url_prefix}/node/#{key_escaped}"
-      expect(handler).to receive(:check_authorization).with(anything, uri_escaped, anything)
-      handler.uri2indirection("GET", uri_escaped, params)
-    end
-    it "when the environment is unknown should remove :environment from params passed to check_authorization and therefore fail" do
-      expect(handler).to receive(:check_authorization).with(anything,
-                                                            anything,
-                                                            excluding(:environment))
-      expect { handler.uri2indirection("GET",
-                                       "#{master_url_prefix}/node/bar",
-                                       {:environment => 'bogus'})
-      }.to raise_error(not_found_error)
-    end
-    it "should not URI unescape the indirection key as passed through to a call to check_authorization" do
-      expect(handler).to receive(:check_authorization).with(anything, anything, hash_including(environment: be_a(Puppet::Node::Environment).and(have_attributes(name: :env))))
-      handler.uri2indirection("GET", "#{master_url_prefix}/node/bar", params)
-    end
-  end
-  describe "when converting a request into a URI" do
-    let(:environment) { Puppet::Node::Environment.create(:myenv, []) }
-    let(:request) { Puppet::Indirector::Request.new(:foo, :find, "with spaces", nil, :foo => :bar, :environment => environment) }
-    it "should include the environment in the query string of the URI" do
-      expect(handler.class.request_to_uri(request)).to eq("#{master_url_prefix}/foo/with%20spaces?environment=myenv&foo=bar")
-    end
-    it "should include the correct url prefix if it is a ca request" do
-      allow(request).to receive(:indirection_name).and_return("certificate")
-      expect(handler.class.request_to_uri(request)).to eq("#{ca_url_prefix}/certificate/with%20spaces?environment=myenv&foo=bar")
-    end
-    it "should pluralize the indirection name if the method is 'search'" do
-      allow(request).to receive(:method).and_return(:search)
-      expect(handler.class.request_to_uri(request).split("/")[3]).to eq("foos")
-    end
-    it "should add the query string to the URI" do
-      expect(request).to receive(:query_string).and_return("query")
-      expect(handler.class.request_to_uri(request)).to match(/\&query$/)
-    end
-  end
-  describe "when converting a request into a URI with body" do
-    let(:environment) { Puppet::Node::Environment.create(:myenv, []) }
-    let(:request) { Puppet::Indirector::Request.new(:foo, :find, "with spaces", nil, :foo => :bar, :environment => environment) }
-    it "should use the indirection as the first field of the URI" do
-      expect(handler.class.request_to_uri_and_body(request).first.split("/")[3]).to eq("foo")
-    end
-    it "should use the escaped key as the remainder of the URI" do
-      escaped = Puppet::Util.uri_encode("with spaces")
-      expect(handler.class.request_to_uri_and_body(request).first.split("/")[4].sub(/\?.+/, '')).to eq(escaped)
-    end
-    it "should include the correct url prefix if it is a master request" do
-      expect(handler.class.request_to_uri_and_body(request).first).to eq("#{master_url_prefix}/foo/with%20spaces")
-    end
-    it "should include the correct url prefix if it is a ca request" do
-      allow(request).to receive(:indirection_name).and_return("certificate")
-      expect(handler.class.request_to_uri_and_body(request).first).to eq("#{ca_url_prefix}/certificate/with%20spaces")
-    end
-    it "should return the URI and body separately" do
-      expect(handler.class.request_to_uri_and_body(request)).to eq(["#{master_url_prefix}/foo/with%20spaces", "environment=myenv&foo=bar"])
-    end
   end
   describe "when processing a request" do
-    it "should raise not_authorized_error when authorization fails" do
-      data = Puppet::IndirectorTesting.new("my data")
-      indirection.save(data, "my data")
-      request = a_request_that_heads(data)
-      expect(handler).to receive(:check_authorization).and_raise(Puppet::Network::AuthorizationError.new("forbidden"))
-      expect {
-        handler.call(request, response)
-      }.to raise_error(not_authorized_error)
-    end
     it "should raise not_found_error if the indirection does not support remote requests" do
       request = a_request_that_heads(Puppet::IndirectorTesting.new("my data"))

data/spec/unit/network/http/api/master/v3_spec.rb CHANGED Viewed

@@ -15,15 +15,18 @@ describe Puppet::Network::HTTP::API::Master::V3 do
         chain(Puppet::Network::HTTP::API::Master::V3.routes)
   }
-  it "mounts the environments endpoint" do
-    request = Puppet::Network::HTTP::Request.from_hash(:path => "#{master_url_prefix}/environments")
-    master_routes.process(request, response)
-    expect(response.code).to eq(200)
+  # simulate puppetserver registering its authconfigloader class
+  around :each do |example|
+    Puppet::Network::Authorization.authconfigloader_class = Object
+    begin
+      example.run
+    ensure
+      Puppet::Network::Authorization.authconfigloader_class = nil
+    end
   end
-  it "mounts the environment endpoint" do
-    request = Puppet::Network::HTTP::Request.from_hash(:path => "#{master_url_prefix}/environment/production")
+  it "mounts the environments endpoint" do
+    request = Puppet::Network::HTTP::Request.from_hash(:path => "#{master_url_prefix}/environments")
     master_routes.process(request, response)
     expect(response.code).to eq(200)
@@ -54,4 +57,22 @@ describe Puppet::Network::HTTP::API::Master::V3 do
       master_routes.process(request, response)
     }.to raise_error(not_found_error)
   end
+  it "checks authorization for indirected routes" do
+    Puppet::Network::Authorization.authconfigloader_class = nil
+    request = Puppet::Network::HTTP::Request.from_hash(:path => "#{master_url_prefix}/catalog/foo")
+    expect {
+      master_routes.process(request, response)
+    }.to raise_error(Puppet::Network::HTTP::Error::HTTPNotAuthorizedError, %r{Not Authorized: Forbidden request: /puppet/v3/catalog/foo \(method GET\)})
+  end
+  it "checks authorization for environments" do
+    Puppet::Network::Authorization.authconfigloader_class = nil
+    request = Puppet::Network::HTTP::Request.from_hash(:path => "#{master_url_prefix}/environments")
+    expect {
+      master_routes.process(request, response)
+    }.to raise_error(Puppet::Network::HTTP::Error::HTTPNotAuthorizedError, %r{Not Authorized: Forbidden request: /puppet/v3/environments \(method GET\)})
+  end
 end

data/spec/unit/network/http/api_spec.rb CHANGED Viewed

@@ -70,6 +70,16 @@ describe Puppet::Network::HTTP::API do
     end
     describe "when processing master routes" do
+      # simulate puppetserver registering its authconfigloader class
+      around :each do |example|
+        Puppet::Network::Authorization.authconfigloader_class = Object
+        begin
+          example.run
+        ensure
+          Puppet::Network::Authorization.authconfigloader_class = nil
+        end
+      end
       it "responds to v3 indirector requests" do
         req = Puppet::Network::HTTP::Request.from_hash(:path => "#{master_prefix}/v3/node/foo",
                                                        :params => {:environment => "production"},