RubyGems - puppet - Versions diffs - 6.22.1 → 6.23.0 - Mend

puppet 6.22.1 → 6.23.0

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (129) hide show

checksums.yaml +4 -4
data/Gemfile.lock +14 -14
data/ext/osx/puppet.plist +2 -0
data/lib/puppet/application/agent.rb +12 -5
data/lib/puppet/application/apply.rb +2 -1
data/lib/puppet/application/device.rb +2 -1
data/lib/puppet/application/resource.rb +2 -1
data/lib/puppet/application/script.rb +2 -1
data/lib/puppet/configurer/downloader.rb +2 -1
data/lib/puppet/defaults.rb +5 -3
data/lib/puppet/file_serving/fileset.rb +14 -2
data/lib/puppet/functions/all.rb +1 -1
data/lib/puppet/functions/camelcase.rb +1 -1
data/lib/puppet/functions/capitalize.rb +2 -2
data/lib/puppet/functions/downcase.rb +2 -2
data/lib/puppet/functions/get.rb +5 -5
data/lib/puppet/functions/group_by.rb +13 -5
data/lib/puppet/functions/lest.rb +1 -1
data/lib/puppet/functions/new.rb +100 -100
data/lib/puppet/functions/partition.rb +4 -4
data/lib/puppet/functions/require.rb +5 -5
data/lib/puppet/functions/sort.rb +3 -3
data/lib/puppet/functions/tree_each.rb +7 -9
data/lib/puppet/functions/type.rb +4 -4
data/lib/puppet/functions/upcase.rb +2 -2
data/lib/puppet/http/resolver/server_list.rb +15 -4
data/lib/puppet/http/service/compiler.rb +69 -0
data/lib/puppet/http/service/file_server.rb +2 -1
data/lib/puppet/indirector/catalog/compiler.rb +1 -0
data/lib/puppet/indirector/file_metadata/rest.rb +1 -0
data/lib/puppet/parser/functions/fqdn_rand.rb +14 -6
data/lib/puppet/pops/types/p_sem_ver_type.rb +8 -2
data/lib/puppet/pops/types/p_sensitive_type.rb +10 -0
data/lib/puppet/provider/package/nim.rb +11 -6
data/lib/puppet/provider/service/systemd.rb +13 -3
data/lib/puppet/provider/service/windows.rb +38 -0
data/lib/puppet/provider/user/directoryservice.rb +25 -12
data/lib/puppet/reference/configuration.rb +1 -1
data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
data/lib/puppet/type/file.rb +19 -1
data/lib/puppet/type/file/selcontext.rb +1 -1
data/lib/puppet/type/service.rb +18 -38
data/lib/puppet/type/tidy.rb +21 -2
data/lib/puppet/type/user.rb +38 -20
data/lib/puppet/util/selinux.rb +30 -4
data/lib/puppet/version.rb +1 -1
data/locales/puppet.pot +109 -101
data/man/man5/puppet.conf.5 +272 -252
data/man/man8/puppet-agent.8 +1 -1
data/man/man8/puppet-apply.8 +1 -1
data/man/man8/puppet-catalog.8 +1 -1
data/man/man8/puppet-config.8 +1 -1
data/man/man8/puppet-describe.8 +1 -1
data/man/man8/puppet-device.8 +1 -1
data/man/man8/puppet-doc.8 +1 -1
data/man/man8/puppet-epp.8 +1 -1
data/man/man8/puppet-facts.8 +1 -1
data/man/man8/puppet-filebucket.8 +1 -1
data/man/man8/puppet-generate.8 +1 -1
data/man/man8/puppet-help.8 +1 -1
data/man/man8/puppet-key.8 +1 -1
data/man/man8/puppet-lookup.8 +1 -1
data/man/man8/puppet-man.8 +1 -1
data/man/man8/puppet-module.8 +1 -1
data/man/man8/puppet-node.8 +1 -1
data/man/man8/puppet-parser.8 +1 -1
data/man/man8/puppet-plugin.8 +1 -1
data/man/man8/puppet-report.8 +1 -1
data/man/man8/puppet-resource.8 +1 -1
data/man/man8/puppet-script.8 +1 -1
data/man/man8/puppet-ssl.8 +1 -1
data/man/man8/puppet-status.8 +1 -1
data/man/man8/puppet.8 +2 -2
data/spec/fixtures/ssl/127.0.0.1-key.pem +107 -57
data/spec/fixtures/ssl/127.0.0.1.pem +52 -31
data/spec/fixtures/ssl/bad-basic-constraints.pem +57 -35
data/spec/fixtures/ssl/bad-int-basic-constraints.pem +57 -35
data/spec/fixtures/ssl/ca.pem +57 -35
data/spec/fixtures/ssl/crl.pem +28 -18
data/spec/fixtures/ssl/ec-key.pem +11 -11
data/spec/fixtures/ssl/ec.pem +33 -24
data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
data/spec/fixtures/ssl/encrypted-key.pem +108 -58
data/spec/fixtures/ssl/intermediate-agent-crl.pem +28 -19
data/spec/fixtures/ssl/intermediate-agent.pem +57 -36
data/spec/fixtures/ssl/intermediate-crl.pem +31 -21
data/spec/fixtures/ssl/intermediate.pem +57 -36
data/spec/fixtures/ssl/pluto-key.pem +107 -57
data/spec/fixtures/ssl/pluto.pem +52 -30
data/spec/fixtures/ssl/request-key.pem +107 -57
data/spec/fixtures/ssl/request.pem +47 -26
data/spec/fixtures/ssl/revoked-key.pem +107 -57
data/spec/fixtures/ssl/revoked.pem +52 -30
data/spec/fixtures/ssl/signed-key.pem +107 -57
data/spec/fixtures/ssl/signed.pem +52 -30
data/spec/fixtures/ssl/tampered-cert.pem +52 -30
data/spec/fixtures/ssl/tampered-csr.pem +47 -26
data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +107 -57
data/spec/fixtures/ssl/unknown-127.0.0.1.pem +50 -29
data/spec/fixtures/ssl/unknown-ca-key.pem +107 -57
data/spec/fixtures/ssl/unknown-ca.pem +55 -33
data/spec/integration/application/resource_spec.rb +30 -0
data/spec/lib/puppet/test_ca.rb +2 -2
data/spec/unit/application/agent_spec.rb +7 -2
data/spec/unit/configurer/downloader_spec.rb +6 -0
data/spec/unit/configurer_spec.rb +23 -0
data/spec/unit/file_serving/fileset_spec.rb +60 -0
data/spec/unit/gettext/config_spec.rb +12 -0
data/spec/unit/http/service/compiler_spec.rb +123 -0
data/spec/unit/indirector/catalog/compiler_spec.rb +14 -10
data/spec/unit/parser/functions/fqdn_rand_spec.rb +15 -1
data/spec/unit/pops/types/p_sem_ver_type_spec.rb +18 -0
data/spec/unit/pops/types/p_sensitive_type_spec.rb +18 -0
data/spec/unit/provider/package/nim_spec.rb +42 -0
data/spec/unit/provider/service/init_spec.rb +1 -0
data/spec/unit/provider/service/openwrt_spec.rb +3 -1
data/spec/unit/provider/service/systemd_spec.rb +42 -8
data/spec/unit/provider/service/windows_spec.rb +202 -0
data/spec/unit/provider/user/directoryservice_spec.rb +67 -35
data/spec/unit/ssl/state_machine_spec.rb +19 -5
data/spec/unit/transaction/additional_resource_generator_spec.rb +0 -2
data/spec/unit/transaction_spec.rb +18 -20
data/spec/unit/type/file/selinux_spec.rb +3 -3
data/spec/unit/type/service_spec.rb +59 -188
data/spec/unit/type/tidy_spec.rb +17 -7
data/spec/unit/type/user_spec.rb +45 -0
data/spec/unit/util/selinux_spec.rb +87 -16
data/tasks/generate_cert_fixtures.rake +2 -2
metadata +4 -2

data/spec/unit/transaction/additional_resource_generator_spec.rb CHANGED Viewed

@@ -93,8 +93,6 @@ describe Puppet::Transaction::AdditionalResourceGenerator do
     end
   end
   after(:each) do
     Puppet::Type.rmtype(:gen_empty)
     Puppet::Type.rmtype(:eval_after)

data/spec/unit/transaction_spec.rb CHANGED Viewed

@@ -5,13 +5,6 @@ require 'puppet_spec/compiler'
 require 'puppet/transaction'
 require 'fileutils'
-Puppet::Type.newtype(:generator) do
-  newparam(:name) { isnamevar }
-  def generate
-  end
-end
 describe Puppet::Transaction do
   include PuppetSpec::Files
   include PuppetSpec::Compiler
@@ -27,6 +20,19 @@ describe Puppet::Transaction do
     transaction
   end
+  before(:all) do
+    Puppet::Type.newtype(:transaction_generator) do
+      newparam(:name) { isnamevar }
+      def generate
+      end
+    end
+  end
+  after(:all) do
+    Puppet::Type.rmtype(:transaction_generator)
+  end
   before do
     @basepath = make_absolute("/what/ever")
     @transaction = Puppet::Transaction.new(Puppet::Resource::Catalog.new, nil, Puppet::Graph::SequentialPrioritizer.new)
@@ -330,9 +336,9 @@ describe Puppet::Transaction do
   describe "when generating resources before traversal" do
     let(:catalog) { Puppet::Resource::Catalog.new }
     let(:transaction) { Puppet::Transaction.new(catalog, nil, Puppet::Graph::SequentialPrioritizer.new) }
-    let(:generator) { Puppet::Type.type(:generator).new :title => "generator" }
+    let(:generator) { Puppet::Type.type(:transaction_generator).new :title => "generator" }
     let(:generated) do
-      %w[a b c].map { |name| Puppet::Type.type(:generator).new(:name => name) }
+      %w[a b c].map { |name| Puppet::Type.type(:transaction_generator).new(:name => name) }
     end
     before :each do
@@ -673,7 +679,7 @@ describe Puppet::Transaction do
         end
         describe "and new resources are generated" do
-          let(:generator) { Puppet::Type.type(:generator).new :title => "generator" }
+          let(:generator) { Puppet::Type.type(:transaction_generator).new :title => "generator" }
           let(:generated) do
             %w[a b c].map { |name| Puppet::Type.type(:package).new :title => "foo", :name => name, :provider => :apt }
           end
@@ -787,16 +793,8 @@ describe Puppet::Transaction do
     end
     it "should call Selinux.matchpathcon_fini in case Selinux is enabled ", :if => Puppet.features.posix? do
-      unless defined?(Selinux)
-        module Selinux
-          def self.is_selinux_enabled
-            true
-          end
-          def self.matchpathcon_fini
-          end
-        end
-      end
+      selinux = double('selinux', is_selinux_enabled: true, matchpathcon_fini: nil)
+      stub_const('Selinux', selinux)
       resource = Puppet::Type.type(:file).new(:path => make_absolute("/tmp/foo"))
       transaction = transaction_with_resource(resource)

data/spec/unit/type/file/selinux_spec.rb CHANGED Viewed

@@ -7,7 +7,7 @@ require 'spec_helper'
     before do
       @path = make_absolute("/my/file")
-      @resource = Puppet::Type.type(:file).new :path => @path
+      @resource = Puppet::Type.type(:file).new(:path => @path, :ensure => :file)
       @sel = property.new :resource => @resource
     end
@@ -50,13 +50,13 @@ require 'spec_helper'
     end
     it "should handle no default gracefully" do
-      expect(@sel).to receive(:get_selinux_default_context).with(@path).and_return(nil)
+      expect(@sel).to receive(:get_selinux_default_context).with(@path, :file).and_return(nil)
       expect(@sel.default).to be_nil
     end
     it "should be able to detect matchpathcon defaults" do
       allow(@sel).to receive(:debug)
-      expect(@sel).to receive(:get_selinux_default_context).with(@path).and_return("user_u:role_r:type_t:s0")
+      expect(@sel).to receive(:get_selinux_default_context).with(@path, :file).and_return("user_u:role_r:type_t:s0")
       expectedresult = case param
         when :seluser; "user_u"
         when :selrole; "role_r"

data/spec/unit/type/service_spec.rb CHANGED Viewed

@@ -72,50 +72,65 @@ describe test_title, "when validating attribute values" do
       allow(@provider.class).to receive(:supports_parameter?).and_return(true)
     end
-    it "should support :true as a value" do
-      srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :true)
-      expect(srv.should(:enable)).to eq(:true)
-    end
+    describe "for value without required features" do
+      before :each do
+        allow(@provider).to receive(:satisfies?)
+      end
-    it "should support :false as a value" do
-      srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :false)
-      expect(srv.should(:enable)).to eq(:false)
-    end
+      it "should not support :mask as a value" do
+        expect { Puppet::Type.type(:service).new(:name => "yay", :enable => :mask) }.to raise_error(
+          Puppet::ResourceError,
+          /Provider .+ must have features 'maskable' to set 'enable' to 'mask'/
+        )
+      end
-    it "should support :mask as a value" do
-      srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :mask)
-      expect(srv.should(:enable)).to eq(:mask)
-    end
+      it "should not support :manual as a value" do
+        expect { Puppet::Type.type(:service).new(:name => "yay", :enable => :manual) }.to raise_error(
+          Puppet::ResourceError,
+          /Provider .+ must have features 'manual_startable' to set 'enable' to 'manual'/
+        )
+      end
-    it "should support :manual as a value on Windows" do
-      allow(Puppet::Util::Platform).to receive(:windows?).and_return(true)
-      srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :manual)
-      expect(srv.should(:enable)).to eq(:manual)
+      it "should not support :mask as a value" do
+        expect { Puppet::Type.type(:service).new(:name => "yay", :enable => :delayed) }.to raise_error(
+          Puppet::ResourceError,
+          /Provider .+ must have features 'delayed_startable' to set 'enable' to 'delayed'/
+        )
+      end
     end
-    it "should support :delayed as a value on Windows" do
-      allow(Puppet::Util::Platform).to receive(:windows?).and_return(true)
+    describe "for value with required features" do
+      before :each do
+        allow(@provider).to receive(:satisfies?).and_return(:true)
+      end
-      srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :delayed)
-      expect(srv.should(:enable)).to eq(:delayed)
-    end
+      it "should support :true as a value" do
+        srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :true)
+        expect(srv.should(:enable)).to eq(:true)
+      end
-    it "should not support :manual as a value when not on Windows" do
-      allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
+      it "should support :false as a value" do
+        srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :false)
+        expect(srv.should(:enable)).to eq(:false)
+      end
-      expect { Puppet::Type.type(:service).new(:name => "yay", :enable => :manual) }.to raise_error(
-        Puppet::Error,
-        /Setting enable to manual is only supported on Microsoft Windows\./
-      )
-    end
+      it "should support :mask as a value" do
+        srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :mask)
+        expect(srv.should(:enable)).to eq(:mask)
+      end
-    it "should not support :delayed as a value when not on Windows" do
-      allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
+      it "should support :manual as a value on Windows" do
+        allow(Puppet::Util::Platform).to receive(:windows?).and_return(true)
+        srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :manual)
+        expect(srv.should(:enable)).to eq(:manual)
+      end
-      expect { Puppet::Type.type(:service).new(:name => "yay", :enable => :delayed) }.to raise_error(
-        Puppet::Error,
-        /Setting enable to delayed is only supported on Microsoft Windows\./
-      )
+      it "should support :delayed as a value on Windows" do
+        allow(Puppet::Util::Platform).to receive(:windows?).and_return(true)
+        srv = Puppet::Type.type(:service).new(:name => "yay", :enable => :delayed)
+        expect(srv.should(:enable)).to eq(:delayed)
+      end
     end
   end
@@ -150,105 +165,24 @@ describe test_title, "when validating attribute values" do
       provider_class_with_logon_credentials = Puppet::Type.type(:service).provide(:simple) do
         has_features :manages_logon_credentials
         def logonpassword=(value) end
+        def logonaccount_insync?(current) end
       end
       allow(Puppet::Type.type(:service)).to receive(:defaultprovider).and_return(provider_class_with_logon_credentials)
     end
     describe "the 'logonaccount' property" do
-      it "should not be munged nor checked when not on Windows" do
-        allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
-        service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'NonWindowsUser')
+      let(:service) {Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser')}
-        expect { service }.not_to raise_error
-        expect(service[:logonaccount]).to eq('NonWindowsUser')
+      it "should let superclass implementation resolve insyncness when provider does not respond to the 'logonaccount_insync?' method" do
+        allow(service.provider).to receive(:respond_to?).with(:logonaccount_insync?).and_return(false)
+        expect(service.property(:logonaccount).insync?('myUser')).to eq(true)
       end
-      context "when on Windows", :if => Puppet::Util::Platform.windows? do
-        before do
-          allow(Puppet::Util::Windows::User).to receive(:password_is?).and_return(true)
-          allow(Puppet::Util::Windows::ADSI).to receive(:computer_name).and_return("myPC")
-          allow(Puppet::Util::Windows::User).to receive(:get_rights).and_return('SeServiceLogonRight')
-        end
-        it "should fail when the `Log On As A Service` right is missing from given user" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser))
-          allow(Puppet::Util::Windows::User).to receive(:get_rights).with('myPC\\myUser').and_return("")
-          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser') }.to raise_error(Puppet::Error, /"myPC\\myUser" is missing the 'Log On As A Service' right./)
-        end
-        it "should fail when the `Log On As A Service` right is set to denied for given user" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser))
-          allow(Puppet::Util::Windows::User).to receive(:get_rights).with('myPC\\myUser').and_return("SeDenyServiceLogonRight")
-          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser') }.to raise_error(Puppet::Error, /"myPC\\myUser" has the 'Log On As A Service' right set to denied./)
-        end
-        it "should not fail when given user has the `Log On As A Service` right" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser))
-          allow(Puppet::Util::Windows::User).to receive(:get_rights).with('myPC\\myUser').and_return("SeServiceLogonRight")
-          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser') }.not_to raise_error
-        end
-        it "should not fail when given user is a default system account even if the `Log On As A Service` right is missing" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("LOCAL SERVICE", nil, nil, "NT AUTHORITY", :SidTypeUser))
-          allow(Puppet::Util::Windows::User).to receive(:default_system_account?).and_return(true)
-          expect(Puppet::Util::Windows::User).not_to receive(:get_rights)
-          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser') }.not_to raise_error
-        end
-        ['LocalSystem', '.\LocalSystem', 'myPC\LocalSystem', 'lOcALsysTem'].each do |user_input|
-          it "should succesfully munge #{user_input} to 'LocalSystem'" do
-            service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => user_input)
-            expect { service }.not_to raise_error
-            expect(service[:logonaccount]).to eq('LocalSystem')
-          end
-        end
-        it "should succesfully munge local account" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser))
-          service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser')
-          expect { service }.not_to raise_error
-          expect(service[:logonaccount]).to eq('.\myUser')
-        end
-        it "should succesfully munge domain account" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("DomainUser", nil, nil, "myDomain", :SidTypeUser))
-          service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'DomainUser')
-          expect { service }.not_to raise_error
-          expect(service[:logonaccount]).to eq('myDomain\DomainUser')
-        end
-        it "should succesfully munge well known user" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("LOCAL SERVICE", nil, nil, "NT AUTHORITY", :SidTypeWellKnownGroup))
-          service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'LocalService')
-          expect { service }.not_to raise_error
-          expect(service[:logonaccount]).to eq('NT AUTHORITY\LOCAL SERVICE')
-        end
-        it "should succesfully munge a SID" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("NETWORK SERVICE", nil, nil, "NT AUTHORITY", :SidTypeUser))
-          service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'S-1-5-20')
-          expect { service }.not_to raise_error
-          expect(service[:logonaccount]).to eq('NT AUTHORITY\NETWORK SERVICE')
-        end
-        it "should fail when account is invalid" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(nil)
-          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'InvalidUser') }.to raise_error(Puppet::Error, /"InvalidUser" is not a valid account/)
-        end
-        it "should fail when sid type is not user or well known user" do
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(Puppet::Util::Windows::SID::Principal.new("Administrators", nil, nil, "BUILTIN", :SidTypeAlias))
-          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'Administrators') }.to raise_error(Puppet::Error, /"Administrators" is not a valid account/)
-        end
+      it "should let provider resolve insyncness when provider responds to the 'logonaccount_insync?' method" do
+        allow(service.provider).to receive(:respond_to?).with(:logonaccount_insync?, any_args).and_return(true)
+        allow(service.provider).to receive(:logonaccount_insync?).and_return(false)
+        expect(service.property(:logonaccount).insync?('myUser')).to eq(false)
       end
     end
@@ -258,7 +192,6 @@ describe test_title, "when validating attribute values" do
       end
       it "should default to empty string when only logonaccount is being managed" do
-        allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
         service = Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser')
         expect { service }.not_to raise_error
@@ -271,70 +204,8 @@ describe test_title, "when validating attribute values" do
       end
       it "should fail when logonpassword includes the ':' character" do
-        allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
         expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser', :logonpassword => 'my:Pass') }.to raise_error(Puppet::Error, /Passwords cannot include ':'/)
       end
-      it "should not further check the password against given account when not on Windows" do
-        allow(Puppet::Util::Platform).to receive(:windows?).and_return(false)
-        expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser', :logonpassword => 'myPass') }.not_to raise_error
-      end
-      context "when on Windows", :if => Puppet::Util::Platform.windows? do
-        before do
-          allow(Puppet::Util::Windows::ADSI).to receive(:computer_name).and_return("myPC")
-          allow(Puppet::Util::Windows::SID).to receive(:name_to_principal).and_return(name_to_principal_result)
-          allow(Puppet::Util::Windows::User).to receive(:get_rights).and_return('SeServiceLogonRight')
-        end
-        it "should pass validation when given account is 'LocalSystem'" do
-          allow(Puppet::Util::Windows::User).to receive(:localsystem?).with('LocalSystem').and_return(true)
-          allow(Puppet::Util::Windows::User).to receive(:default_system_account?).with('LocalSystem').and_return(false)
-          expect(Puppet::Util::Windows::SID).not_to receive(:name_to_principal)
-          expect(Puppet::Util::Windows::User).not_to receive(:password_is?)
-          expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'LocalSystem') }.not_to raise_error
-        end
-        ['LOCAL SERVICE', 'NETWORK SERVICE', 'SYSTEM'].each do |predefined_local_account|
-          describe "when given account is #{predefined_local_account}" do
-            let(:name_to_principal_result) do
-              Puppet::Util::Windows::SID::Principal.new(predefined_local_account, nil, nil, "NT AUTHORITY", :SidTypeUser)
-            end
-            it "should pass validation" do
-              allow(Puppet::Util::Windows::User).to receive(:localsystem?).with(predefined_local_account).and_return(false)
-              expect(Puppet::Util::Windows::User).to receive(:default_system_account?).with(predefined_local_account).and_return(true)
-              expect(Puppet::Util::Windows::User).to receive(:default_system_account?).with("NT AUTHORITY\\#{predefined_local_account}").and_return(true)
-              expect(Puppet::Util::Windows::User).not_to receive(:password_is?)
-              expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => predefined_local_account) }.not_to raise_error
-            end
-          end
-        end
-        let(:name_to_principal_result) do
-          Puppet::Util::Windows::SID::Principal.new("myUser", nil, nil, "myPC", :SidTypeUser)
-        end
-        describe "when given logonaccount is not a predefined local account" do
-          before do
-            allow(Puppet::Util::Windows::User).to receive(:localsystem?).with('myUser').and_return(false)
-            allow(Puppet::Util::Windows::User).to receive(:default_system_account?).with('myUser').and_return(false)
-            allow(Puppet::Util::Windows::User).to receive(:default_system_account?).with('.\\myUser').and_return(false)
-          end
-          it "should pass validation if password is proven correct" do
-            allow(Puppet::Util::Windows::User).to receive(:password_is?).with('myUser', 'myPass', '.').and_return(true)
-            expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser', :logonpassword => 'myPass') }.not_to raise_error
-          end
-          it "should not pass validation if password check fails" do
-            allow(Puppet::Util::Windows::User).to receive(:password_is?).with('myUser', 'myWrongPass', '.').and_return(false)
-            expect { Puppet::Type.type(:service).new(:name => "yay", :logonaccount => 'myUser', :logonpassword => 'myWrongPass') }.to raise_error(Puppet::Error, /The given password is invalid for user '.\\myUser'/)
-          end
-        end
-      end
     end
   end

data/spec/unit/type/tidy_spec.rb CHANGED Viewed

@@ -195,17 +195,27 @@ describe tidy do
         allow(Puppet::FileServing::Fileset).to receive(:new).and_return(@fileset)
       end
-      it "should use a Fileset for infinite recursion" do
-        expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true).and_return(@fileset)
+      it "should use a Fileset with default max_files for infinite recursion" do
+        expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :max_files=>0).and_return(@fileset)
         expect(@fileset).to receive(:files).and_return(%w{. one two})
         allow(@tidy).to receive(:tidy?).and_return(false)
         @tidy.generate
       end
-      it "should use a Fileset for limited recursion" do
+      it "should use a Fileset with default max_files for limited recursion" do
         @tidy[:recurse] = 42
-        expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :recurselimit => 42).and_return(@fileset)
+        expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :recurselimit => 42, :max_files=>0).and_return(@fileset)
+        expect(@fileset).to receive(:files).and_return(%w{. one two})
+        allow(@tidy).to receive(:tidy?).and_return(false)
+        @tidy.generate
+      end
+      it "should use a Fileset with max_files for limited recursion" do
+        @tidy[:recurse] = 42
+        @tidy[:max_files] = 9876
+        expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :recurselimit => 42, :max_files=>9876).and_return(@fileset)
         expect(@fileset).to receive(:files).and_return(%w{. one two})
         allow(@tidy).to receive(:tidy?).and_return(false)
@@ -411,7 +421,7 @@ describe tidy do
       @tidy[:recurse] = true
       @tidy[:rmdirs] = true
       fileset = double('fileset')
-      expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true).and_return(fileset)
+      expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :max_files=>0).and_return(fileset)
       expect(fileset).to receive(:files).and_return(%w{. one two one/subone two/subtwo one/subone/ssone})
       allow(@tidy).to receive(:tidy?).and_return(true)
@@ -433,7 +443,7 @@ describe tidy do
       @tidy[:recurse] = true
       @tidy[:rmdirs] = true
       fileset = double('fileset')
-      expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true).and_return(fileset)
+      expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :max_files=>0).and_return(fileset)
       expect(fileset).to receive(:files).and_return(%w{. a a/2 a/1 a/3})
       allow(@tidy).to receive(:tidy?).and_return(true)
@@ -446,7 +456,7 @@ describe tidy do
       @tidy[:noop] = true
       fileset = double('fileset')
-      expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true).and_return(fileset)
+      expect(Puppet::FileServing::Fileset).to receive(:new).with(@basepath, :recurse => true, :max_files=>0).and_return(fileset)
       expect(fileset).to receive(:files).and_return(%w{. a a/2 a/1 a/3})
       allow(@tidy).to receive(:tidy?).and_return(true)