RubyGems - puppet - Versions diffs - 6.23.0 → 7.0.0 - Mend

puppet 6.23.0 → 7.0.0

Potentially problematic release.

This version of puppet might be problematic. Click here for more details.

Files changed (581) hide show

checksums.yaml +4 -4
data/CODEOWNERS +16 -2
data/Gemfile +1 -3
data/Gemfile.lock +34 -46
data/README.md +1 -1
data/conf/fileserver.conf +5 -10
data/ext/build_defaults.yaml +1 -1
data/ext/osx/file_mapping.yaml +0 -5
data/ext/osx/puppet.plist +0 -2
data/ext/project_data.yaml +1 -14
data/ext/redhat/puppet.spec.erb +0 -1
data/ext/windows/service/daemon.rb +6 -5
data/install.rb +21 -17
data/lib/puppet.rb +11 -20
data/lib/puppet/application.rb +178 -108
data/lib/puppet/application/agent.rb +4 -12
data/lib/puppet/application/apply.rb +2 -4
data/lib/puppet/application/device.rb +100 -106
data/lib/puppet/application/filebucket.rb +13 -9
data/lib/puppet/application/resource.rb +1 -2
data/lib/puppet/application/script.rb +0 -2
data/lib/puppet/application/ssl.rb +1 -12
data/lib/puppet/application_support.rb +0 -7
data/lib/puppet/configurer.rb +30 -45
data/lib/puppet/configurer/downloader.rb +1 -2
data/lib/puppet/configurer/plugin_handler.rb +21 -19
data/lib/puppet/defaults.rb +100 -192
data/lib/puppet/environments.rb +60 -74
data/lib/puppet/face/facts.rb +5 -103
data/lib/puppet/face/help.rb +1 -1
data/lib/puppet/face/plugin.rb +5 -8
data/lib/puppet/ffi/windows.rb +12 -0
data/lib/puppet/ffi/windows/api_types.rb +311 -0
data/lib/puppet/ffi/windows/constants.rb +404 -0
data/lib/puppet/ffi/windows/functions.rb +628 -0
data/lib/puppet/ffi/windows/structs.rb +338 -0
data/lib/puppet/file_serving/configuration.rb +0 -5
data/lib/puppet/file_serving/configuration/parser.rb +3 -32
data/lib/puppet/file_serving/fileset.rb +2 -14
data/lib/puppet/file_serving/http_metadata.rb +1 -1
data/lib/puppet/file_serving/mount.rb +1 -2
data/lib/puppet/file_system/memory_file.rb +1 -8
data/lib/puppet/file_system/windows.rb +0 -2
data/lib/puppet/forge/repository.rb +0 -1
data/lib/puppet/functions/all.rb +1 -1
data/lib/puppet/functions/camelcase.rb +1 -1
data/lib/puppet/functions/capitalize.rb +2 -2
data/lib/puppet/functions/downcase.rb +2 -2
data/lib/puppet/functions/get.rb +5 -5
data/lib/puppet/functions/group_by.rb +5 -13
data/lib/puppet/functions/lest.rb +1 -1
data/lib/puppet/functions/new.rb +100 -100
data/lib/puppet/functions/partition.rb +4 -12
data/lib/puppet/functions/require.rb +5 -5
data/lib/puppet/functions/sort.rb +3 -3
data/lib/puppet/functions/tree_each.rb +9 -7
data/lib/puppet/functions/type.rb +4 -4
data/lib/puppet/functions/upcase.rb +2 -2
data/lib/puppet/generate/models/type/type.rb +4 -1
data/lib/puppet/http.rb +22 -13
data/lib/puppet/http/client.rb +164 -114
data/lib/puppet/{network/resolver.rb → http/dns.rb} +2 -2
data/lib/puppet/http/errors.rb +16 -0
data/lib/puppet/http/external_client.rb +5 -7
data/lib/puppet/{network/http → http}/factory.rb +8 -15
data/lib/puppet/{network/http → http}/pool.rb +61 -26
data/lib/puppet/{network/http/session.rb → http/pool_entry.rb} +2 -3
data/lib/puppet/http/proxy.rb +137 -0
data/lib/puppet/http/redirector.rb +4 -12
data/lib/puppet/http/resolver.rb +5 -15
data/lib/puppet/http/resolver/server_list.rb +10 -25
data/lib/puppet/http/resolver/settings.rb +4 -7
data/lib/puppet/http/resolver/srv.rb +7 -11
data/lib/puppet/http/response.rb +36 -54
data/lib/puppet/http/response_converter.rb +24 -0
data/lib/puppet/http/response_net_http.rb +42 -0
data/lib/puppet/http/retry_after_handler.rb +4 -13
data/lib/puppet/http/service.rb +12 -26
data/lib/puppet/http/service/ca.rb +11 -22
data/lib/puppet/http/service/compiler.rb +22 -138
data/lib/puppet/http/service/file_server.rb +19 -29
data/lib/puppet/http/service/puppetserver.rb +26 -12
data/lib/puppet/http/service/report.rb +8 -10
data/lib/puppet/http/session.rb +11 -20
data/lib/puppet/{network/http → http}/site.rb +1 -2
data/lib/puppet/indirector/catalog/compiler.rb +0 -1
data/lib/puppet/indirector/catalog/rest.rb +2 -4
data/lib/puppet/indirector/facts/rest.rb +3 -22
data/lib/puppet/indirector/file_bucket_file/rest.rb +3 -9
data/lib/puppet/indirector/file_content/rest.rb +2 -6
data/lib/puppet/indirector/file_metadata/rest.rb +3 -10
data/lib/puppet/indirector/file_server.rb +1 -8
data/lib/puppet/indirector/generic_http.rb +0 -11
data/lib/puppet/indirector/node/rest.rb +2 -4
data/lib/puppet/indirector/report/rest.rb +3 -8
data/lib/puppet/indirector/request.rb +0 -101
data/lib/puppet/indirector/rest.rb +12 -263
data/lib/puppet/module_tool/applications.rb +0 -1
data/lib/puppet/module_tool/applications/installer.rb +2 -48
data/lib/puppet/module_tool/errors/shared.rb +2 -17
data/lib/puppet/network/authconfig.rb +2 -96
data/lib/puppet/network/authorization.rb +13 -35
data/lib/puppet/network/formats.rb +0 -67
data/lib/puppet/network/http.rb +3 -3
data/lib/puppet/network/http/api/indirected_routes.rb +2 -20
data/lib/puppet/network/http/api/master/v3.rb +11 -13
data/lib/puppet/network/http/connection.rb +247 -316
data/lib/puppet/network/http/handler.rb +0 -1
data/lib/puppet/network/http_pool.rb +16 -34
data/lib/puppet/node.rb +1 -30
data/lib/puppet/pal/json_catalog_encoder.rb +4 -0
data/lib/puppet/pal/pal_impl.rb +3 -1
data/lib/puppet/parser/ast/leaf.rb +2 -3
data/lib/puppet/parser/ast/pops_bridge.rb +0 -38
data/lib/puppet/parser/compiler.rb +0 -198
data/lib/puppet/parser/compiler/catalog_validator/relationship_validator.rb +14 -39
data/lib/puppet/parser/functions/fqdn_rand.rb +6 -14
data/lib/puppet/parser/resource.rb +0 -69
data/lib/puppet/parser/templatewrapper.rb +1 -1
data/lib/puppet/pops/evaluator/deferred_resolver.rb +3 -5
data/lib/puppet/pops/evaluator/evaluator_impl.rb +0 -5
data/lib/puppet/pops/evaluator/runtime3_resource_support.rb +3 -3
data/lib/puppet/pops/evaluator/runtime3_support.rb +1 -1
data/lib/puppet/pops/issues.rb +0 -5
data/lib/puppet/pops/loader/ruby_legacy_function_instantiator.rb +6 -8
data/lib/puppet/pops/model/ast.pp +0 -42
data/lib/puppet/pops/model/ast.rb +0 -290
data/lib/puppet/pops/model/ast_transformer.rb +1 -1
data/lib/puppet/pops/model/factory.rb +0 -45
data/lib/puppet/pops/model/model_label_provider.rb +0 -5
data/lib/puppet/pops/model/model_tree_dumper.rb +0 -22
data/lib/puppet/pops/model/pn_transformer.rb +0 -16
data/lib/puppet/pops/parser/egrammar.ra +0 -56
data/lib/puppet/pops/parser/eparser.rb +1520 -1712
data/lib/puppet/pops/parser/lexer2.rb +4 -4
data/lib/puppet/pops/parser/parser_support.rb +0 -5
data/lib/puppet/pops/resource/resource_type_impl.rb +2 -24
data/lib/puppet/pops/types/p_sem_ver_type.rb +2 -8
data/lib/puppet/pops/types/p_sensitive_type.rb +0 -10
data/lib/puppet/pops/types/type_calculator.rb +0 -7
data/lib/puppet/pops/types/type_parser.rb +0 -4
data/lib/puppet/pops/types/types.rb +0 -1
data/lib/puppet/pops/validation/checker4_0.rb +9 -37
data/lib/puppet/pops/validation/tasks_checker.rb +0 -12
data/lib/puppet/pops/validation/validator_factory_4_0.rb +1 -2
data/lib/puppet/property/list.rb +1 -1
data/lib/puppet/provider.rb +0 -13
data/lib/puppet/provider/group/groupadd.rb +8 -13
data/lib/puppet/provider/nameservice.rb +0 -18
data/lib/puppet/provider/package/apt.rb +2 -34
data/lib/puppet/provider/package/aptitude.rb +0 -6
data/lib/puppet/provider/package/dnfmodule.rb +1 -1
data/lib/puppet/provider/package/dpkg.rb +0 -10
data/lib/puppet/provider/package/gem.rb +23 -3
data/lib/puppet/provider/package/nim.rb +6 -11
data/lib/puppet/provider/package/pip.rb +0 -1
data/lib/puppet/provider/package/pkg.rb +0 -4
data/lib/puppet/provider/package/portage.rb +1 -1
data/lib/puppet/provider/package/puppet_gem.rb +1 -4
data/lib/puppet/provider/service/debian.rb +0 -2
data/lib/puppet/provider/service/smf.rb +191 -73
data/lib/puppet/provider/service/systemd.rb +4 -14
data/lib/puppet/provider/service/windows.rb +0 -38
data/lib/puppet/provider/user/aix.rb +2 -2
data/lib/puppet/provider/user/directoryservice.rb +10 -33
data/lib/puppet/provider/user/useradd.rb +8 -62
data/lib/puppet/reference/configuration.rb +8 -7
data/lib/puppet/reference/indirection.rb +1 -1
data/lib/puppet/resource.rb +1 -89
data/lib/puppet/resource/catalog.rb +1 -14
data/lib/puppet/resource/type.rb +3 -119
data/lib/puppet/resource/type_collection.rb +3 -48
data/lib/puppet/runtime.rb +1 -2
data/lib/puppet/settings.rb +73 -66
data/lib/puppet/settings/environment_conf.rb +0 -1
data/lib/puppet/settings/integer_setting.rb +17 -0
data/lib/puppet/settings/port_setting.rb +15 -0
data/lib/puppet/settings/priority_setting.rb +5 -4
data/lib/puppet/ssl.rb +10 -6
data/lib/puppet/ssl/base.rb +3 -5
data/lib/puppet/ssl/certificate.rb +0 -6
data/lib/puppet/ssl/certificate_request.rb +1 -12
data/lib/puppet/ssl/certificate_signer.rb +6 -0
data/lib/puppet/ssl/oids.rb +3 -1
data/lib/puppet/ssl/ssl_provider.rb +17 -0
data/lib/puppet/ssl/state_machine.rb +3 -1
data/lib/puppet/ssl/verifier.rb +2 -0
data/lib/puppet/test/test_helper.rb +1 -3
data/lib/puppet/transaction.rb +1 -7
data/lib/puppet/transaction/additional_resource_generator.rb +1 -1
data/lib/puppet/transaction/report.rb +2 -4
data/lib/puppet/type.rb +0 -76
data/lib/puppet/type/file.rb +6 -26
data/lib/puppet/type/file/checksum.rb +1 -1
data/lib/puppet/type/file/selcontext.rb +1 -1
data/lib/puppet/type/file/source.rb +1 -1
data/lib/puppet/type/filebucket.rb +3 -3
data/lib/puppet/type/package.rb +8 -16
data/lib/puppet/type/service.rb +38 -18
data/lib/puppet/type/tidy.rb +2 -21
data/lib/puppet/type/user.rb +20 -38
data/lib/puppet/util/autoload.rb +8 -1
data/lib/puppet/util/execution.rb +0 -11
data/lib/puppet/util/http_proxy.rb +2 -215
data/lib/puppet/util/monkey_patches.rb +0 -53
data/lib/puppet/util/posix.rb +5 -54
data/lib/puppet/util/rdoc.rb +0 -7
data/lib/puppet/util/retry_action.rb +1 -1
data/lib/puppet/util/run_mode.rb +9 -1
data/lib/puppet/util/selinux.rb +4 -30
data/lib/puppet/util/windows.rb +3 -8
data/lib/puppet/util/windows/adsi.rb +0 -46
data/lib/puppet/util/windows/daemon.rb +360 -0
data/lib/puppet/util/windows/error.rb +1 -0
data/lib/puppet/util/windows/eventlog.rb +4 -9
data/lib/puppet/util/windows/file.rb +8 -242
data/lib/puppet/util/windows/monkey_patches/process.rb +414 -0
data/lib/puppet/util/windows/principal.rb +2 -9
data/lib/puppet/util/windows/process.rb +4 -226
data/lib/puppet/util/windows/service.rb +9 -460
data/lib/puppet/util/windows/sid.rb +2 -4
data/lib/puppet/util/windows/string.rb +12 -13
data/lib/puppet/util/yaml.rb +0 -22
data/lib/puppet/vendor/require_vendored.rb +0 -1
data/lib/puppet/version.rb +1 -1
data/lib/puppet/x509.rb +5 -1
data/lib/puppet/x509/cert_provider.rb +29 -1
data/locales/puppet.pot +651 -1436
data/man/man5/puppet.conf.5 +266 -354
data/man/man8/puppet-agent.8 +2 -2
data/man/man8/puppet-apply.8 +2 -2
data/man/man8/puppet-catalog.8 +1 -1
data/man/man8/puppet-config.8 +1 -1
data/man/man8/puppet-describe.8 +1 -1
data/man/man8/puppet-device.8 +2 -2
data/man/man8/puppet-doc.8 +1 -1
data/man/man8/puppet-epp.8 +1 -1
data/man/man8/puppet-facts.8 +4 -47
data/man/man8/puppet-filebucket.8 +4 -4
data/man/man8/puppet-generate.8 +1 -1
data/man/man8/puppet-help.8 +1 -1
data/man/man8/puppet-lookup.8 +1 -1
data/man/man8/puppet-module.8 +1 -58
data/man/man8/puppet-node.8 +1 -1
data/man/man8/puppet-parser.8 +1 -1
data/man/man8/puppet-plugin.8 +1 -1
data/man/man8/puppet-report.8 +1 -1
data/man/man8/puppet-resource.8 +1 -1
data/man/man8/puppet-script.8 +2 -2
data/man/man8/puppet-ssl.8 +1 -5
data/man/man8/puppet.8 +2 -2
data/spec/fixtures/ssl/127.0.0.1-key.pem +57 -107
data/spec/fixtures/ssl/127.0.0.1.pem +31 -52
data/spec/fixtures/ssl/bad-basic-constraints.pem +35 -57
data/spec/fixtures/ssl/bad-int-basic-constraints.pem +35 -57
data/spec/fixtures/ssl/ca.pem +35 -57
data/spec/fixtures/ssl/crl.pem +18 -28
data/spec/fixtures/ssl/ec-key.pem +11 -11
data/spec/fixtures/ssl/ec.pem +24 -33
data/spec/fixtures/ssl/encrypted-ec-key.pem +12 -12
data/spec/fixtures/ssl/encrypted-key.pem +58 -108
data/spec/fixtures/ssl/intermediate-agent-crl.pem +19 -28
data/spec/fixtures/ssl/intermediate-agent.pem +36 -57
data/spec/fixtures/ssl/intermediate-crl.pem +21 -31
data/spec/fixtures/ssl/intermediate.pem +36 -57
data/spec/fixtures/ssl/pluto-key.pem +57 -107
data/spec/fixtures/ssl/pluto.pem +30 -52
data/spec/fixtures/ssl/request-key.pem +57 -107
data/spec/fixtures/ssl/request.pem +26 -47
data/spec/fixtures/ssl/revoked-key.pem +57 -107
data/spec/fixtures/ssl/revoked.pem +30 -52
data/spec/fixtures/ssl/signed-key.pem +57 -107
data/spec/fixtures/ssl/signed.pem +30 -52
data/spec/fixtures/ssl/tampered-cert.pem +30 -52
data/spec/fixtures/ssl/tampered-csr.pem +26 -47
data/spec/fixtures/ssl/unknown-127.0.0.1-key.pem +57 -107
data/spec/fixtures/ssl/unknown-127.0.0.1.pem +29 -50
data/spec/fixtures/ssl/unknown-ca-key.pem +57 -107
data/spec/fixtures/ssl/unknown-ca.pem +33 -55
data/spec/fixtures/unit/provider/service/smf/{svcs.out → svcs_instances.out} +0 -0
data/spec/fixtures/unit/provider/user/aix/aix_passwd_file.out +0 -4
data/spec/integration/application/agent_spec.rb +27 -171
data/spec/integration/application/apply_spec.rb +1 -20
data/spec/integration/application/filebucket_spec.rb +16 -16
data/spec/integration/application/help_spec.rb +2 -0
data/spec/integration/application/plugin_spec.rb +24 -2
data/spec/integration/defaults_spec.rb +14 -3
data/spec/integration/http/client_spec.rb +0 -12
data/spec/integration/indirector/direct_file_server_spec.rb +3 -1
data/spec/integration/network/http_pool_spec.rb +3 -21
data/spec/integration/parser/catalog_spec.rb +0 -38
data/spec/integration/parser/node_spec.rb +0 -9
data/spec/integration/parser/pcore_resource_spec.rb +0 -37
data/spec/integration/resource/type_collection_spec.rb +6 -2
data/spec/integration/transaction_spec.rb +9 -4
data/spec/integration/type/file_spec.rb +5 -4
data/spec/integration/util/windows/adsi_spec.rb +1 -21
data/spec/integration/util/windows/monkey_patches/process_spec.rb +231 -0
data/spec/integration/util/windows/principal_spec.rb +0 -21
data/spec/integration/util/windows/registry_spec.rb +10 -6
data/spec/integration/util/windows/security_spec.rb +1 -1
data/spec/lib/matchers/include.rb +27 -0
data/spec/lib/matchers/include_spec.rb +32 -0
data/spec/lib/puppet/test_ca.rb +2 -2
data/spec/lib/puppet_spec/puppetserver.rb +1 -1
data/spec/lib/puppet_spec/settings.rb +1 -0
data/spec/spec_helper.rb +7 -12
data/spec/unit/agent_spec.rb +6 -10
data/spec/unit/application/agent_spec.rb +3 -7
data/spec/unit/application/facts_spec.rb +12 -456
data/spec/unit/application/filebucket_spec.rb +43 -39
data/spec/unit/application/ssl_spec.rb +2 -25
data/spec/unit/application_spec.rb +9 -51
data/spec/unit/certificate_factory_spec.rb +1 -1
data/spec/unit/configurer/downloader_spec.rb +6 -8
data/spec/unit/configurer/plugin_handler_spec.rb +56 -18
data/spec/unit/configurer_spec.rb +12 -32
data/spec/unit/confine/feature_spec.rb +1 -1
data/spec/unit/confine_spec.rb +2 -8
data/spec/unit/context/trusted_information_spec.rb +2 -6
data/spec/unit/defaults_spec.rb +68 -54
data/spec/unit/environments_spec.rb +68 -224
data/spec/unit/face/node_spec.rb +11 -0
data/spec/unit/face/plugin_spec.rb +73 -33
data/spec/unit/file_bucket/file_spec.rb +1 -1
data/spec/unit/file_serving/configuration/parser_spec.rb +15 -18
data/spec/unit/file_serving/configuration_spec.rb +6 -12
data/spec/unit/file_serving/fileset_spec.rb +0 -60
data/spec/unit/file_serving/metadata_spec.rb +3 -3
data/spec/unit/file_serving/terminus_helper_spec.rb +4 -11
data/spec/unit/file_system_spec.rb +0 -9
data/spec/unit/forge/module_release_spec.rb +7 -2
data/spec/unit/functions/camelcase_spec.rb +1 -1
data/spec/unit/functions/capitalize_spec.rb +1 -1
data/spec/unit/functions/downcase_spec.rb +1 -1
data/spec/unit/functions/upcase_spec.rb +1 -1
data/spec/unit/gettext/config_spec.rb +0 -12
data/spec/unit/http/client_spec.rb +7 -8
data/spec/unit/{network/resolver_spec.rb → http/dns_spec.rb} +3 -3
data/spec/unit/http/external_client_spec.rb +4 -4
data/spec/unit/{network/http → http}/factory_spec.rb +5 -30
data/spec/unit/{network/http/session_spec.rb → http/pool_entry_spec.rb} +3 -3
data/spec/unit/{network/http → http}/pool_spec.rb +12 -17
data/spec/unit/{util/http_proxy_spec.rb → http/proxy_spec.rb} +2 -69
data/spec/unit/http/resolver_spec.rb +13 -13
data/spec/unit/http/service/compiler_spec.rb +0 -185
data/spec/unit/http/service/file_server_spec.rb +3 -3
data/spec/unit/http/service/puppetserver_spec.rb +34 -4
data/spec/unit/http/service_spec.rb +0 -1
data/spec/unit/http/session_spec.rb +16 -14
data/spec/unit/{network/http → http}/site_spec.rb +3 -3
data/spec/unit/indirector/catalog/compiler_spec.rb +10 -14
data/spec/unit/indirector/face_spec.rb +1 -0
data/spec/unit/indirector/facts/facter_spec.rb +3 -0
data/spec/unit/indirector/file_bucket_file/file_spec.rb +5 -3
data/spec/unit/indirector/file_bucket_file/selector_spec.rb +8 -26
data/spec/unit/indirector/file_content/rest_spec.rb +0 -4
data/spec/unit/indirector/file_metadata/rest_spec.rb +0 -4
data/spec/unit/indirector/file_server_spec.rb +1 -15
data/spec/unit/indirector/indirection_spec.rb +12 -8
data/spec/unit/indirector/report/rest_spec.rb +2 -17
data/spec/unit/indirector/request_spec.rb +0 -264
data/spec/unit/indirector/rest_spec.rb +98 -752
data/spec/unit/indirector_spec.rb +2 -2
data/spec/unit/module_tool/applications/installer_spec.rb +0 -66
data/spec/unit/network/authconfig_spec.rb +2 -129
data/spec/unit/network/authorization_spec.rb +2 -55
data/spec/unit/network/formats_spec.rb +4 -45
data/spec/unit/network/http/api/indirected_routes_spec.rb +5 -92
data/spec/unit/network/http/api/master/v3_spec.rb +28 -7
data/spec/unit/network/http/api_spec.rb +10 -0
data/spec/unit/network/http/connection_spec.rb +19 -41
data/spec/unit/network/http/handler_spec.rb +0 -1
data/spec/unit/network/http_pool_spec.rb +0 -4
data/spec/unit/node/environment_spec.rb +33 -21
data/spec/unit/node_spec.rb +2 -54
data/spec/unit/parser/compiler_spec.rb +19 -3
data/spec/unit/parser/functions/create_resources_spec.rb +2 -20
data/spec/unit/parser/functions/fqdn_rand_spec.rb +1 -15
data/spec/unit/parser/resource_spec.rb +8 -14
data/spec/unit/parser/templatewrapper_spec.rb +3 -4
data/spec/unit/pops/evaluator/evaluating_parser_spec.rb +4 -7
data/spec/unit/pops/loaders/loaders_spec.rb +6 -21
data/spec/unit/pops/parser/parse_application_spec.rb +4 -22
data/spec/unit/pops/parser/parse_basic_expressions_spec.rb +0 -1
data/spec/unit/pops/parser/parse_capabilities_spec.rb +8 -21
data/spec/unit/pops/parser/parse_site_spec.rb +20 -24
data/spec/unit/pops/resource/resource_type_impl_spec.rb +0 -71
data/spec/unit/pops/serialization/to_from_hr_spec.rb +1 -1
data/spec/unit/pops/types/p_sem_ver_type_spec.rb +0 -18
data/spec/unit/pops/types/p_sensitive_type_spec.rb +0 -18
data/spec/unit/pops/types/type_calculator_spec.rb +6 -6
data/spec/unit/pops/types/type_factory_spec.rb +1 -1
data/spec/unit/pops/validator/validator_spec.rb +61 -46
data/spec/unit/pops/visitor_spec.rb +1 -1
data/spec/unit/property_spec.rb +0 -1
data/spec/unit/provider/group/groupadd_spec.rb +2 -5
data/spec/unit/provider/nameservice_spec.rb +64 -122
data/spec/unit/provider/package/apt_spec.rb +23 -28
data/spec/unit/provider/package/aptitude_spec.rb +1 -1
data/spec/unit/provider/package/base_spec.rb +5 -6
data/spec/unit/provider/package/dnfmodule_spec.rb +1 -10
data/spec/unit/provider/package/dpkg_spec.rb +0 -48
data/spec/unit/provider/package/gem_spec.rb +32 -0
data/spec/unit/provider/package/nim_spec.rb +0 -42
data/spec/unit/provider/package/pacman_spec.rb +12 -18
data/spec/unit/provider/package/pip_spec.rb +11 -6
data/spec/unit/provider/package/pkgdmg_spec.rb +4 -0
data/spec/unit/provider/package/puppet_gem_spec.rb +3 -2
data/spec/unit/provider/service/init_spec.rb +0 -1
data/spec/unit/provider/service/openwrt_spec.rb +1 -3
data/spec/unit/provider/service/smf_spec.rb +401 -165
data/spec/unit/provider/service/systemd_spec.rb +8 -53
data/spec/unit/provider/service/windows_spec.rb +0 -203
data/spec/unit/provider/user/aix_spec.rb +0 -5
data/spec/unit/provider/user/directoryservice_spec.rb +35 -67
data/spec/unit/provider/user/hpux_spec.rb +1 -1
data/spec/unit/provider/user/pw_spec.rb +0 -2
data/spec/unit/provider/user/useradd_spec.rb +3 -71
data/spec/unit/provider_spec.rb +8 -18
data/spec/unit/resource/catalog_spec.rb +1 -1
data/spec/unit/resource/type_collection_spec.rb +2 -22
data/spec/unit/resource/type_spec.rb +1 -1
data/spec/unit/resource_spec.rb +10 -67
data/spec/unit/settings/http_extra_headers_spec.rb +2 -4
data/spec/unit/settings/integer_setting_spec.rb +42 -0
data/spec/unit/settings/port_setting_spec.rb +31 -0
data/spec/unit/settings/priority_setting_spec.rb +4 -4
data/spec/unit/settings_spec.rb +23 -13
data/spec/unit/ssl/base_spec.rb +37 -3
data/spec/unit/ssl/certificate_request_spec.rb +15 -45
data/spec/unit/ssl/certificate_spec.rb +2 -11
data/spec/unit/ssl/ssl_provider_spec.rb +2 -5
data/spec/unit/ssl/state_machine_spec.rb +5 -20
data/spec/unit/ssl/verifier_spec.rb +0 -21
data/spec/unit/transaction/additional_resource_generator_spec.rb +9 -3
data/spec/unit/transaction/event_manager_spec.rb +11 -14
data/spec/unit/transaction/report_spec.rb +0 -2
data/spec/unit/transaction/resource_harness_spec.rb +2 -2
data/spec/unit/transaction_spec.rb +55 -96
data/spec/unit/type/file/checksum_spec.rb +6 -6
data/spec/unit/type/file/content_spec.rb +2 -1
data/spec/unit/type/file/ensure_spec.rb +1 -1
data/spec/unit/type/file/mode_spec.rb +1 -1
data/spec/unit/type/file/selinux_spec.rb +5 -3
data/spec/unit/type/file/source_spec.rb +0 -1
data/spec/unit/type/file_spec.rb +18 -6
data/spec/unit/type/group_spec.rb +6 -13
data/spec/unit/type/package_spec.rb +1 -1
data/spec/unit/type/resources_spec.rb +7 -7
data/spec/unit/type/service_spec.rb +189 -60
data/spec/unit/type/tidy_spec.rb +8 -17
data/spec/unit/type/user_spec.rb +0 -45
data/spec/unit/type_spec.rb +22 -2
data/spec/unit/util/at_fork_spec.rb +2 -2
data/spec/unit/util/autoload_spec.rb +1 -5
data/spec/unit/util/backups_spec.rb +2 -3
data/spec/unit/util/execution_spec.rb +11 -44
data/spec/unit/util/inifile_spec.rb +14 -6
data/spec/unit/util/log_spec.rb +7 -8
data/spec/unit/util/logging_spec.rb +3 -3
data/spec/unit/util/monkey_patches_spec.rb +0 -6
data/spec/unit/util/posix_spec.rb +15 -363
data/spec/unit/util/run_mode_spec.rb +21 -121
data/spec/unit/util/selinux_spec.rb +68 -163
data/spec/unit/util/storage_spec.rb +1 -3
data/spec/unit/util/suidmanager_spec.rb +41 -44
data/spec/unit/util/windows/sid_spec.rb +0 -6
data/spec/unit/util/windows/string_spec.rb +1 -3
data/spec/unit/util/yaml_spec.rb +0 -54
data/spec/unit/util_spec.rb +6 -31
data/tasks/generate_cert_fixtures.rake +2 -2
metadata +44 -181
data/conf/auth.conf +0 -150
data/lib/puppet/application/cert.rb +0 -76
data/lib/puppet/application/key.rb +0 -4
data/lib/puppet/application/man.rb +0 -4
data/lib/puppet/application/status.rb +0 -4
data/lib/puppet/face/key.rb +0 -16
data/lib/puppet/face/man.rb +0 -145
data/lib/puppet/face/module/build.rb +0 -14
data/lib/puppet/face/module/generate.rb +0 -14
data/lib/puppet/face/module/search.rb +0 -103
data/lib/puppet/face/status.rb +0 -51
data/lib/puppet/ffi/posix.rb +0 -10
data/lib/puppet/ffi/posix/constants.rb +0 -14
data/lib/puppet/ffi/posix/functions.rb +0 -24
data/lib/puppet/indirector/certificate/file.rb +0 -9
data/lib/puppet/indirector/certificate/rest.rb +0 -18
data/lib/puppet/indirector/certificate_request/file.rb +0 -9
data/lib/puppet/indirector/certificate_request/memory.rb +0 -7
data/lib/puppet/indirector/certificate_request/rest.rb +0 -11
data/lib/puppet/indirector/file_content/http.rb +0 -22
data/lib/puppet/indirector/key/file.rb +0 -46
data/lib/puppet/indirector/key/memory.rb +0 -7
data/lib/puppet/indirector/ssl_file.rb +0 -162
data/lib/puppet/indirector/status.rb +0 -3
data/lib/puppet/indirector/status/local.rb +0 -12
data/lib/puppet/indirector/status/rest.rb +0 -27
data/lib/puppet/module_tool/applications/searcher.rb +0 -29
data/lib/puppet/network/auth_config_parser.rb +0 -90
data/lib/puppet/network/authstore.rb +0 -283
data/lib/puppet/network/http/api/master/v3/authorization.rb +0 -18
data/lib/puppet/network/http/api/master/v3/environment.rb +0 -88
data/lib/puppet/network/http/base_pool.rb +0 -36
data/lib/puppet/network/http/compression.rb +0 -127
data/lib/puppet/network/http/connection_adapter.rb +0 -184
data/lib/puppet/network/http/nocache_pool.rb +0 -28
data/lib/puppet/network/rest_controller.rb +0 -2
data/lib/puppet/network/rights.rb +0 -210
data/lib/puppet/parser/compiler/catalog_validator/env_relationship_validator.rb +0 -66
data/lib/puppet/parser/compiler/catalog_validator/site_validator.rb +0 -22
data/lib/puppet/parser/environment_compiler.rb +0 -202
data/lib/puppet/pops/types/enumeration.rb +0 -16
data/lib/puppet/resource/capability_finder.rb +0 -154
data/lib/puppet/rest/errors.rb +0 -15
data/lib/puppet/rest/response.rb +0 -35
data/lib/puppet/rest/route.rb +0 -85
data/lib/puppet/rest/routes.rb +0 -135
data/lib/puppet/settings/alias_setting.rb +0 -37
data/lib/puppet/ssl/host.rb +0 -505
data/lib/puppet/ssl/key.rb +0 -61
data/lib/puppet/ssl/validator.rb +0 -61
data/lib/puppet/ssl/validator/default_validator.rb +0 -209
data/lib/puppet/ssl/validator/no_validator.rb +0 -22
data/lib/puppet/ssl/verifier_adapter.rb +0 -58
data/lib/puppet/status.rb +0 -40
data/lib/puppet/util/connection.rb +0 -88
data/lib/puppet/util/fact_dif.rb +0 -81
data/lib/puppet/util/ssl.rb +0 -83
data/lib/puppet/util/windows/api_types.rb +0 -309
data/lib/puppet/util/windows/monkey_patches/dir.rb +0 -40
data/lib/puppet/vendor/load_pathspec.rb +0 -1
data/lib/puppet/vendor/pathspec/CHANGELOG.md +0 -2
data/lib/puppet/vendor/pathspec/LICENSE +0 -201
data/lib/puppet/vendor/pathspec/PUPPET_README.md +0 -6
data/lib/puppet/vendor/pathspec/README.md +0 -53
data/lib/puppet/vendor/pathspec/lib/pathspec.rb +0 -122
data/lib/puppet/vendor/pathspec/lib/pathspec/gitignorespec.rb +0 -275
data/lib/puppet/vendor/pathspec/lib/pathspec/regexspec.rb +0 -17
data/lib/puppet/vendor/pathspec/lib/pathspec/spec.rb +0 -14
data/man/man8/puppet-key.8 +0 -126
data/man/man8/puppet-man.8 +0 -76
data/man/man8/puppet-status.8 +0 -108
data/spec/fixtures/integration/application/agent/cached_deferred_catalog.json +0 -91
data/spec/fixtures/unit/provider/service/systemd/list_unit_files_services_vendor_preset +0 -9
data/spec/integration/application/resource_spec.rb +0 -30
data/spec/integration/network/authconfig_spec.rb +0 -256
data/spec/integration/util/windows/monkey_patches/dir_spec.rb +0 -11
data/spec/unit/application/man_spec.rb +0 -52
data/spec/unit/capability_spec.rb +0 -414
data/spec/unit/face/key_spec.rb +0 -9
data/spec/unit/face/module/search_spec.rb +0 -231
data/spec/unit/face/status_spec.rb +0 -9
data/spec/unit/indirector/certificate/file_spec.rb +0 -14
data/spec/unit/indirector/certificate/rest_spec.rb +0 -61
data/spec/unit/indirector/certificate_request/file_spec.rb +0 -14
data/spec/unit/indirector/certificate_request/rest_spec.rb +0 -25
data/spec/unit/indirector/key/file_spec.rb +0 -78
data/spec/unit/indirector/ssl_file_spec.rb +0 -305
data/spec/unit/indirector/status/local_spec.rb +0 -10
data/spec/unit/indirector/status/rest_spec.rb +0 -50
data/spec/unit/module_tool/applications/searcher_spec.rb +0 -38
data/spec/unit/network/auth_config_parser_spec.rb +0 -115
data/spec/unit/network/authstore_spec.rb +0 -422
data/spec/unit/network/http/api/master/v3/authorization_spec.rb +0 -57
data/spec/unit/network/http/api/master/v3/environment_spec.rb +0 -185
data/spec/unit/network/http/compression_spec.rb +0 -240
data/spec/unit/network/http/nocache_pool_spec.rb +0 -64
data/spec/unit/network/http_spec.rb +0 -9
data/spec/unit/network/rights_spec.rb +0 -439
data/spec/unit/parser/environment_compiler_spec.rb +0 -730
data/spec/unit/pops/evaluator/deferred_resolver_spec.rb +0 -20
data/spec/unit/pops/types/enumeration_spec.rb +0 -51
data/spec/unit/resource/capability_finder_spec.rb +0 -148
data/spec/unit/rest/route_spec.rb +0 -132
data/spec/unit/ssl/host_spec.rb +0 -645
data/spec/unit/ssl/key_spec.rb +0 -173
data/spec/unit/ssl/validator_spec.rb +0 -278
data/spec/unit/status_spec.rb +0 -45
data/spec/unit/util/ssl_spec.rb +0 -91

data/lib/puppet/module_tool/applications.rb CHANGED Viewed

@@ -5,7 +5,6 @@ module Puppet::ModuleTool
     require 'puppet/module_tool/applications/application'
     require 'puppet/module_tool/applications/checksummer'
     require 'puppet/module_tool/applications/installer'
-    require 'puppet/module_tool/applications/searcher'
     require 'puppet/module_tool/applications/unpacker'
     require 'puppet/module_tool/applications/uninstaller'
     require 'puppet/module_tool/applications/upgrader'

data/lib/puppet/module_tool/applications/installer.rb CHANGED Viewed

@@ -131,54 +131,8 @@ module Puppet::ModuleTool
           begin
             Puppet.info _("Resolving dependencies ...")
             releases = SemanticPuppet::Dependency.resolve(graph)
-          rescue SemanticPuppet::Dependency::UnsatisfiableGraph => e
-            unsatisfied = nil
-            if e.respond_to?(:unsatisfied)
-              constraints = {}
-              # If the module we're installing satisfies all its
-              # dependencies, but would break an already installed
-              # module that depends on it, show what would break.
-              if name == e.unsatisfied
-                graph.constraints[name].each do |mod, range, _|
-                  next unless mod.split.include?('constraint')
-                  # If the user requested a specific version or range,
-                  # only show the modules with non-intersecting ranges
-                  if options[:version]
-                    requested_range = SemanticPuppet::VersionRange.parse(options[:version])
-                    constraint_range = SemanticPuppet::VersionRange.parse(range)
-                    if requested_range.intersection(constraint_range) == SemanticPuppet::VersionRange::EMPTY_RANGE
-                      constraints[mod.split.first] = range
-                    end
-                  else
-                    constraints[mod.split.first] = range
-                  end
-                end
-              # If the module fails to satisfy one of its
-              # dependencies, show the unsatisfiable module
-              else
-                unsatisfied_range = graph.dependencies[name].max.constraints[e.unsatisfied].first[1]
-                constraints[e.unsatisfied] = unsatisfied_range
-              end
-              installed_module = @environment.module_by_forge_name(e.unsatisfied.tr('-', '/'))
-              current_version = installed_module.version if installed_module
-              unsatisfied = {
-                :name => e.unsatisfied,
-                :constraints => constraints,
-                :current_version => current_version
-              }
-            end
-            raise NoVersionsSatisfyError, results.merge(
-                    :requested_name => name,
-                    :requested_version => options[:version] || graph.dependencies[name].max.version.to_s,
-                    :unsatisfied => unsatisfied
-            )
+          rescue SemanticPuppet::Dependency::UnsatisfiableGraph
+            raise NoVersionsSatisfyError, results.merge(:requested_name => name)
           end
           unless forced?

data/lib/puppet/module_tool/errors/shared.rb CHANGED Viewed

@@ -7,7 +7,6 @@ module Puppet::ModuleTool::Errors
       @installed_version = options[:installed_version]
       @conditions        = options[:conditions]
       @action            = options[:action]
-      @unsatisfied       = options[:unsatisfied]
       super _("Could not %{action} '%{module_name}' (%{version}); no version satisfies all dependencies") % { action: @action, module_name: @requested_name, version: vstring }
     end
@@ -15,23 +14,9 @@ module Puppet::ModuleTool::Errors
     def multiline
       message = []
       message << _("Could not %{action} module '%{module_name}' (%{version})") % { action: @action, module_name: @requested_name, version: vstring }
-      if @unsatisfied
-        message << _("  The requested version cannot satisfy one or more of the following installed modules:")
-        if @unsatisfied[:current_version]
-          message << _("    %{name}, installed: %{current_version}, expected: %{constraints}") % { name: @unsatisfied[:name], current_version: @unsatisfied[:current_version], constraints: @unsatisfied[:constraints][@unsatisfied[:name]] }
-        else
-          @unsatisfied[:constraints].each do |mod, range|
-            message << _("    %{mod}, expects '%{name}': %{range}") % { mod: mod, name: @requested_name, range: range }
-          end
-        end
-        message << _("")
-      else
-        message << _("  The requested version cannot satisfy all dependencies")
-      end
+      message << _("  No version of '%{module_name}' can satisfy all dependencies") % { module_name: @requested_name }
       #TRANSLATORS `puppet module %{action} --ignore-dependencies` is a command line and should not be translated
-      message << _("  Use `puppet module %{action} '%{module_name}' --ignore-dependencies` to %{action} only this module") % { action: @action, module_name: @requested_name }
+      message << _("    Use `puppet module %{action} --ignore-dependencies` to %{action} only this module") % { action: @action }
       message.join("\n")
     end
   end

data/lib/puppet/network/authconfig.rb CHANGED Viewed

@@ -1,101 +1,7 @@
-require 'puppet/network/rights'
-require 'puppet/network/http'
 module Puppet
-  class ConfigurationError < Puppet::Error; end
-  class Network::DefaultAuthProvider
-    attr_accessor :rights
-    def self.master_url_prefix
-      Puppet::Network::HTTP::MASTER_URL_PREFIX
-    end
-    def self.default_acl
-      [
-      # Master API V3
-      { :acl => "#{master_url_prefix}/v3/environments", :method => :find, :allow => '*', :authenticated => true },
-      { :acl => "~ ^#{master_url_prefix}\/v3\/catalog\/([^\/]+)$", :method => :find, :allow => '$1', :authenticated => true },
-      { :acl => "~ ^#{master_url_prefix}\/v3\/node\/([^\/]+)$", :method => :find, :allow => '$1', :authenticated => true },
-      { :acl => "~ ^#{master_url_prefix}\/v3\/report\/([^\/]+)$", :method => :save, :allow => '$1', :authenticated => true },
-      # this one will allow all file access, and thus delegate
-      # to fileserver.conf
-      { :acl => "#{master_url_prefix}/v3/file" },
-      { :acl => "#{master_url_prefix}/v3/status", :method => [:find], :authenticated => true },
-      ]
-    end
-    # Just proxy the setting methods to our rights stuff
-    [:allow, :deny].each do |method|
-      define_method(method) do |*args|
-        @rights.send(method, *args)
-      end
-    end
-    # force regular ACLs to be present
-    def insert_default_acl
-      self.class.default_acl.each do |acl|
-        unless rights[acl[:acl]]
-          Puppet.info _("Inserting default '%{acl}' (auth %{auth}) ACL") % { acl: acl[:acl], auth: acl[:authenticated] }
-          mk_acl(acl)
-        end
-      end
-      # queue an empty (ie deny all) right for every other path
-      # actually this is not strictly necessary as the rights system
-      # denies not explicitly allowed paths
-      unless rights["/"]
-        rights.newright("/").restrict_authenticated(:any)
-      end
-    end
-    def mk_acl(acl)
-      right = @rights.newright(acl[:acl])
-      right.allow(acl[:allow] || "*")
-      method = acl[:method]
-      if method
-        method = [method] unless method.is_a?(Array)
-        method.each { |m| right.restrict_method(m) }
-      end
-      right.restrict_authenticated(acl[:authenticated]) unless acl[:authenticated].nil?
-    end
-    # check whether this request is allowed in our ACL
-    # raise an Puppet::Network::AuthorizedError if the request
-    # is denied.
-    def check_authorization(method, path, params)
-      authorization_failure_exception = @rights.is_request_forbidden_and_why?(method, path, params)
-      if authorization_failure_exception
-        Puppet.warning(_("Denying access: %{authorization_failure_exception}") % { authorization_failure_exception: authorization_failure_exception })
-        raise authorization_failure_exception
-      end
-    end
-    def initialize(rights=nil)
-      @rights = rights || Puppet::Network::Rights.new
-      insert_default_acl
-    end
-  end
   class Network::AuthConfig
-    @@authprovider_class = nil
-    def self.authprovider_class=(klass)
-      @@authprovider_class = klass
-    end
-    def self.authprovider_class
-      @@authprovider_class || Puppet::Network::DefaultAuthProvider
-    end
-    def initialize(rights=nil)
-      @authprovider = self.class.authprovider_class.new(rights)
-    end
-    def check_authorization(method, path, params)
-      @authprovider.check_authorization(method, path, params)
+    def self.authprovider_class=(_)
+      # legacy auth is not supported, ignore
     end
   end
 end

data/lib/puppet/network/authorization.rb CHANGED Viewed

@@ -1,41 +1,19 @@
-require 'puppet/network/client_request'
-require 'puppet/network/authconfig'
-require 'puppet/network/auth_config_parser'
 module Puppet::Network
-  class AuthConfigLoader
-    # Create our config object if necessary. If there's no configuration file
-    # we install our defaults
-    def self.authconfig
-      @auth_config_file ||= Puppet::Util::WatchedFile.new(Puppet[:rest_authconfig])
-      if (not @auth_config) or @auth_config_file.changed?
-        begin
-          @auth_config = Puppet::Network::AuthConfigParser.new_from_file(Puppet[:rest_authconfig]).parse
-        rescue Errno::ENOENT, Errno::ENOTDIR
-          @auth_config = Puppet::Network::AuthConfig.new
-        end
-      end
-      @auth_config
-    end
-  end
   module Authorization
-    @@authconfigloader_class = nil
-    def self.authconfigloader_class=(klass)
-      @@authconfigloader_class = klass
-    end
-    def authconfig
-      authconfigloader = @@authconfigloader_class || AuthConfigLoader
-      authconfigloader.authconfig
-    end
+    class << self
+      # This method is deprecated and will be removed in a future release.
+      def authconfigloader_class=(klass)
+        @authconfigloader_class = klass
+      end
-    # Verify that our client has access.
-    def check_authorization(method, path, params)
-      authconfig.check_authorization(method, path, params)
+      # Verify something external to puppet is authorizing REST requests, so
+      # we don't fail insecurely due to misconfiguration.
+      def check_external_authorization(method, path)
+        if @authconfigloader_class.nil?
+          message = "Forbidden request: #{path} (method #{method})"
+          raise Puppet::Network::HTTP::Error::HTTPNotAuthorizedError.new(message, Puppet::Network::HTTP::Issues::FAILED_AUTHORIZATION)
+        end
+      end
     end
   end
 end

data/lib/puppet/network/formats.rb CHANGED Viewed

@@ -183,73 +183,6 @@ Puppet::Network::FormatHandler.create(:console,
   end
 end
-Puppet::Network::FormatHandler.create(:flat,
-                                      :mime   => 'text/x-flat-text',
-                                      :weight => 0) do
-  def flatten_hash(hash)
-    hash.each_with_object({}) do |(k, v), h|
-      if v.is_a? Hash
-        flatten_hash(v).map do |h_k, h_v|
-          h["#{k}.#{h_k}"] = h_v
-        end
-      elsif v.is_a? Array
-        v.each_with_index do |el, i|
-          if el.is_a? Hash
-            flatten_hash(el).map do |el_k, el_v|
-              h["#{k}.#{i}.#{el_k}"] = el_v
-            end
-          else
-            h["#{k}.#{i}"] = el
-          end
-        end
-      else
-        h[k] = v
-      end
-    end
-  end
-  def flatten_array(array)
-    a={}
-    array.each_with_index do |el, i|
-      if el.is_a? Hash
-        flatten_hash(el).map do |el_k, el_v|
-          a["#{i}.#{el_k}"] = el_v
-        end
-      else
-        a["#{i}"] = el
-      end
-    end
-    a
-  end
-  def construct_output(data)
-    output = ''
-    data.each do |key, value|
-      output << "#{key}=#{value}"
-      output << "\n"
-    end
-    output
-  end
-  def render(datum)
-    return datum if datum.is_a?(String) || datum.is_a?(Numeric)
-    # Simple hash
-    if datum.is_a?(Hash)
-      data = flatten_hash(datum)
-      return construct_output(data)
-    elsif datum.is_a?(Array)
-      data = flatten_array(datum)
-      return construct_output(data)
-    end
-    Puppet::Util::Json.dump(datum, :pretty => true, :quirks_mode => true)
-  end
-  def render_multiple(data)
-    data.collect(&:render).join("\n")
-  end
-end
 Puppet::Network::FormatHandler.create(:rich_data_json, mime: 'application/vnd.puppet.rich+json', charset: Encoding::UTF_8, weight: 30) do
   def intern(klass, text)
     Puppet.override({:rich_data => true}) do

data/lib/puppet/network/http.rb CHANGED Viewed

@@ -1,3 +1,4 @@
+# This module is used to handle puppet REST requests in puppetserver.
 module Puppet::Network::HTTP
   HEADER_ENABLE_PROFILING = "X-Puppet-Profiling"
   HEADER_PUPPET_VERSION = "X-Puppet-Version"
@@ -8,7 +9,9 @@ module Puppet::Network::HTTP
   CA_URL_PREFIX = "/puppet-ca"
   CA_URL_VERSIONS = "v1"
+  require 'puppet/network/authconfig'
   require 'puppet/network/authorization'
   require 'puppet/network/http/issues'
   require 'puppet/network/http/error'
   require 'puppet/network/http/route'
@@ -19,7 +22,4 @@ module Puppet::Network::HTTP
   require 'puppet/network/http/response'
   require 'puppet/network/http/request'
   require 'puppet/network/http/memory_response'
-  require 'puppet/network/http/compression'
-  require 'puppet/http'
 end

data/lib/puppet/network/http/api/indirected_routes.rb CHANGED Viewed

@@ -1,8 +1,6 @@
-require 'puppet/network/authorization'
 require 'puppet/network/http/api/indirection_type'
 class Puppet::Network::HTTP::API::IndirectedRoutes
-  include Puppet::Network::Authorization
   # How we map http methods and the indirection name in the URI
   # to an indirection method.
@@ -31,7 +29,8 @@ class Puppet::Network::HTTP::API::IndirectedRoutes
     Puppet::Network::HTTP::Route.path(/.*/).any(new)
   end
-  # handle an HTTP request
+  # Handle an HTTP request. The request has already been authenticated prior
+  # to calling this method.
   def call(request, response)
     indirection, method, key, params = uri2indirection(request.method, request.path, request.params)
     certificate = request.client_cert
@@ -99,12 +98,6 @@ class Puppet::Network::HTTP::API::IndirectedRoutes
       params[:environment] = configured_environment
     end
-    begin
-      check_authorization(method, "#{url_prefix}/#{indirection_name}/#{key}", params)
-    rescue Puppet::Network::AuthorizationError => e
-      raise Puppet::Network::HTTP::Error::HTTPNotAuthorizedError.new(e.message)
-    end
     if configured_environment.nil?
       raise Puppet::Network::HTTP::Error::HTTPNotFoundError.new(
         _("Could not find environment '%{environment}'") % { environment: environment })
@@ -120,17 +113,6 @@ class Puppet::Network::HTTP::API::IndirectedRoutes
     [indirection, method, key, params]
   end
-  def self.request_to_uri(request)
-    uri, body = request_to_uri_and_body(request)
-    "#{uri}?#{body}"
-  end
-  def self.request_to_uri_and_body(request)
-    url_prefix = IndirectionType.url_prefix_for(request.indirection_name.to_s)
-    indirection = request.method == :search ? pluralize(request.indirection_name.to_s) : request.indirection_name.to_s
-    ["#{url_prefix}/#{indirection}/#{Puppet::Util.uri_encode(request.key)}", "environment=#{request.environment.name}&#{request.query_string}"]
-  end
   private
   # Execute our find.

data/lib/puppet/network/http/api/master/v3.rb CHANGED Viewed

@@ -1,28 +1,26 @@
 class Puppet::Network::HTTP::API::Master::V3
-  require 'puppet/network/http/api/master/v3/authorization'
   require 'puppet/network/http/api/master/v3/environments'
-  require 'puppet/network/http/api/master/v3/environment'
   require 'puppet/network/http/api/indirected_routes'
-  AUTHZ = Authorization.new
+  def self.wrap(&block)
+    lambda do |request, response|
+      Puppet::Network::Authorization.check_external_authorization(request.method, request.path)
+      block.call.call(request, response)
+    end
+  end
   INDIRECTED = Puppet::Network::HTTP::Route.
       path(/.*/).
-      any(Puppet::Network::HTTP::API::IndirectedRoutes.new)
+      any(wrap { Puppet::Network::HTTP::API::IndirectedRoutes.new } )
   ENVIRONMENTS = Puppet::Network::HTTP::Route.
-      path(%r{^/environments$}).get(AUTHZ.wrap do
-    Environments.new(Puppet.lookup(:environments))
-  end)
-  ENVIRONMENT = Puppet::Network::HTTP::Route.
-      path(%r{^/environment/[^/]+$}).get(AUTHZ.wrap do
-    Environment.new
-  end)
+      path(%r{^/environments$}).
+      get(wrap { Environments.new(Puppet.lookup(:environments)) } )
   def self.routes
     Puppet::Network::HTTP::Route.path(%r{v3}).
         any.
-        chain(ENVIRONMENTS, ENVIRONMENT, INDIRECTED)
+        chain(ENVIRONMENTS, INDIRECTED)
   end
 end