ridley 2.3.0 → 2.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: f571021ed99ad605622448d1f79edcb954abfafa
-  data.tar.gz: 3549b22251eba2ecf03e1829531e90d6d32dc50e
+  metadata.gz: f7da3aeb7959de4937cc94f7ca1f72214816ed75
+  data.tar.gz: e103b754e4768cf2a704104978da665fcccf27f3
 SHA512:
-  metadata.gz: 83ab54c5ef8ceb4128a6d12d1e6c741b9126b9e13fdc84b5a2cf68cc4eb76047e2bb77a3d28c8c4a3b3803d5ab970fa40b8494c260b552e1d0c60c38f748d71d
-  data.tar.gz: e9662d26e3d80e53f6ee3e710f2cc089f8bfe07c6d32d23d3e337ebdf4bf438e45bf35d435b22c54da6e5b34c25b5e3f8cd2a5d0a5ecc23045526022d892619d
+  metadata.gz: 52b2039fca91e517019c01472e0bd8679a33427c964f7508989d77f19ca60037e5a5a68ceb75a6089f7997c5812c83516139cea71f6c0c68006b65ef8642c223
+  data.tar.gz: d550361f34542efa082c38ff3c8abd71aca4d0ee59a4427f640e49e3a9405db7fadf8b56b6e7fa8903ccb160406391114206ddd25c0836f9cfd636350fd7f6b6

data/README.md

@@ -134,6 +134,7 @@ ridley.node        #=> Ridley::NodeResource
 ridley.role        #=> Ridley::RoleResource
 ridley.sandbox     #=> Ridley::SandboxResource
 ridley.search      #=> Ridley::SearchResource
+ridley.user        #=> Ridley::UserResource
 ```
 
 DataBagItems are the only exception to this rule. The DataBagItem resource is accessed from a DataBagObject
@@ -377,6 +378,21 @@ Search will return an array of the appropriate Chef Objects if one of the defaul
 -  client
 -  environment
 
+User Resource
+-------------
+
+### Regenerating a user's private key
+
+Works the same way as with a client resource.
+
+### Authenticating user's password
+
+```ruby
+ridley = Ridley.new(...)
+ridley.user.authenticate('username', 'password')
+ridley.user.find('username').authenticate('password')
+```
+
 Authors and Contributors
 ------------------------
 - Jamie Winsor (<jamie@vialstudios.com>)

data/lib/ridley/chef_objects/user_object.rb

@@ -0,0 +1,57 @@
+module Ridley
+  class UserObject < Ridley::ChefObject
+    set_chef_id "name"
+    set_chef_type "user"
+    set_chef_json_class "Chef::User"
+
+    attribute :name,
+      type: String,
+      required: true
+
+    attribute :admin,
+      type: Boolean,
+      required: true,
+      default: false
+
+    attribute :certificate,
+      type: String
+
+    attribute :public_key,
+      type: String
+
+    attribute :private_key,
+      type: [ String, Boolean ],
+      default: false
+
+    attribute :password,
+      type: String
+
+    attribute :orgname,
+      type: String
+
+    # Regenerates the private key of the instantiated user object. The new
+    # private key will be set to the value of the 'private_key' accessor
+    # of the instantiated user object.
+    #
+    # @return [Boolean]
+    #   true for success and false for failure
+    def regenerate_key
+      self.private_key = true
+      self.save
+    end
+
+    def authenticate(password)
+      @resource.authenticate(self.chef_id, password)
+    end
+
+    # Override to_json to reflect to massage the returned attributes based on the type
+    # of connection. Only OHC/OPC requires the json_class attribute is not present.
+    def to_json
+      if resource.connection.hosted?
+        to_hash.except(:json_class).to_json
+      else
+        super
+      end
+    end
+  end
+end

data/lib/ridley/client.rb

@@ -26,6 +26,7 @@ module Ridley
         supervise_as :sandbox_resource, Ridley::SandboxResource, connection_registry,
           options[:client_name], options[:client_key], options.slice(*Ridley::Connection::VALID_OPTIONS)
         supervise_as :search_resource, Ridley::SearchResource, connection_registry
+        supervise_as :user_resource, Ridley::UserResource, connection_registry
       end
     end
 
@@ -181,6 +182,11 @@ module Ridley
       @resources_registry[:sandbox_resource]
     end
 
+    # @return [Ridley::UserResource]
+    def user
+      @resources_registry[:user_resource]
+    end
+
     # Perform a search the Chef Server
     #
     # @param [#to_sym, #to_s] index

data/lib/ridley/resources/user_resource.rb

@@ -0,0 +1,36 @@
+module Ridley
+  # @example listing all users
+  #   conn = Ridley.new(...)
+  #   conn.user.all #=> [
+  #     #<Ridley::ClientObject chef_id:'admin'>
+  #   ]
+  class UserResource < Ridley::Resource
+    set_resource_path "users"
+    represented_by Ridley::UserObject
+
+    # Retrieves a user from the remote connection matching the given chef_id
+    # and regenerates it's private key. An instance of the updated object will
+    # be returned and have a value set for the 'private_key' accessor.
+    #
+    # @param [String, #chef_id] chef_user
+    #
+    # @raise [Errors::ResourceNotFound]
+    #   if a user with the given chef_id is not found
+    #
+    # @return [Ridley::UserObject]
+    def regenerate_key(chef_user)
+      unless chef_user = find(chef_user)
+        abort Errors::ResourceNotFound.new("user '#{chef_user}' not found")
+      end
+
+      chef_user.private_key = true
+      update(chef_user)
+    end
+
+    def authenticate(username, password)
+      resp = request(:post, '/authenticate_user', {'name' => username, 'password' => password}.to_json)
+      abort("Username mismatch: sent #{username}, received #{resp['name']}") unless resp['name'] == username
+      resp['verified']
+    end
+  end
+end

data/lib/ridley/version.rb

@@ -1,3 +1,3 @@
 module Ridley
-  VERSION = "2.3.0"
+  VERSION = "2.4.0"
 end

data/spec/acceptance/user_resource_spec.rb

@@ -0,0 +1,130 @@
+require 'spec_helper'
+
+describe "User API operations", type: "wip" do
+  let(:server_url)  { Ridley::RSpec::ChefServer.server_url }
+  let(:user_name) { "reset" }
+  let(:user_key)  { fixtures_path.join('reset.pem').to_s }
+  let(:connection)  { Ridley.new(server_url: server_url, client_name: user_name, client_key: user_key) }
+
+  describe "finding a user" do
+    context "when the server has a user of the given name" do
+      before { chef_user("reset", admin: false) }
+
+      it "returns a UserObject" do
+        connection.user.find("reset").should be_a(Ridley::UserObject)
+      end
+    end
+
+    context "when the server does not have the user" do
+      it "returns a nil value" do
+        connection.user.find("not_there").should be_nil
+      end
+    end
+  end
+
+  describe "creating a user" do
+    it "returns a Ridley::UserObject" do
+      connection.user.create(name: "reset").should be_a(Ridley::UserObject)
+    end
+
+    it "adds a user to the chef server" do
+      old = connection.user.all.length
+      connection.user.create(name: "reset")
+      connection.user.all.should have(old + 1).items
+    end
+
+    it "has a value for #private_key" do
+      connection.user.create(name: "reset").private_key.should_not be_nil
+    end
+  end
+
+  describe "deleting a user" do
+    before { chef_user("reset", admin: false) }
+
+    it "returns a Ridley::UserObject object" do
+      connection.user.delete("reset").should be_a(Ridley::UserObject)
+    end
+
+    it "removes the user from the server" do
+      connection.user.delete("reset")
+
+      connection.user.find("reset").should be_nil
+    end
+  end
+
+  describe "deleting all users" do
+    before(:each) do
+      chef_user("reset", admin: false)
+      chef_user("jwinsor", admin: false)
+    end
+
+    it "returns an array of Ridley::UserObject objects" do
+      connection.user.delete_all.should each be_a(Ridley::UserObject)
+    end
+
+    it "deletes all users from the remote" do
+      connection.user.delete_all
+      connection.user.all.should have(0).users
+    end
+  end
+
+  describe "listing all users" do
+    before(:each) do
+      chef_user("reset", admin: false)
+      chef_user("jwinsor", admin: false)
+    end
+
+    it "returns an array of Ridley::UserObject objects" do
+      connection.user.all.should each be_a(Ridley::UserObject)
+    end
+
+    it "returns all of the users on the server" do
+      connection.user.all.should have(3).items
+    end
+  end
+
+  describe "regenerating a user's private key" do
+    before { chef_user("reset", admin: false) }
+
+    it "returns a Ridley::UserObject object with a value for #private_key" do
+      connection.user.regenerate_key("reset").private_key.should match(/^-----BEGIN RSA PRIVATE KEY-----/)
+    end
+  end
+
+  describe "authenticating a user" do
+    before { chef_user('reset', password: 'swordfish') }
+
+    it "returns true when given valid username & password" do
+      expect(connection.user.authenticate('reset', 'swordfish')).to be_true
+    end
+
+    it "returns false when given valid username & invalid password" do
+      expect(connection.user.authenticate('reset', "not a swordfish")).to be_false
+    end
+
+    it "returns false when given invalid username & valid password" do
+      expect(connection.user.authenticate("someone-else", 'swordfish')).to be_false
+    end
+
+    it "works also on a User object level" do
+      expect(connection.user.find('reset').authenticate('swordfish')).to be_true
+      expect(connection.user.find('reset').authenticate('not a swordfish')).to be_false
+    end
+  end
+
+  describe "changing user's password" do
+    before { chef_user('reset', password: 'swordfish') }
+    subject { connection.user.find('reset') }
+
+    it "changes the password with which user can authenticate" do
+      expect(subject.authenticate('swordfish')).to be_true
+      expect(subject.authenticate('salmon')).to be_false
+
+      subject.password = 'salmon'
+      subject.save
+
+      expect(subject.authenticate('swordfish')).to be_false
+      expect(subject.authenticate('salmon')).to be_true
+    end
+  end
+end

data/spec/support/chef_server.rb

@@ -69,6 +69,10 @@ module Ridley::RSpec
       load_data(:roles, name, hash)
     end
 
+    def chef_user(name, hash = Hash.new)
+      load_data(:users, name, hash)
+    end
+
     def chef_zero_connection
       Ridley::Connection.new(ChefServer.server_url, "reset", fixtures_path.join('reset.pem').to_s)
     end

data/spec/unit/ridley/resources/user_resource_spec.rb

@@ -0,0 +1,33 @@
+require 'spec_helper'
+
+describe Ridley::UserResource, type: 'wip' do
+  subject { described_class.new(double('registry')) }
+  let(:user_id) { "rspec-user" }
+  let(:user_password) { "swordfish" }
+
+  describe "#regenerate_key" do
+    before { subject.stub(find: nil) }
+
+    context "when a user with the given ID exists" do
+      let(:user) { double('chef-user') }
+      before { subject.should_receive(:find).with(user_id).and_return(user) }
+
+      it "sets the private key to true and updates the user" do
+        user.should_receive(:private_key=).with(true)
+        subject.should_receive(:update).with(user)
+
+        subject.regenerate_key(user_id)
+      end
+    end
+
+    context "when a user with the given ID does not exist" do
+      before { subject.should_receive(:find).with(user_id).and_return(nil) }
+
+      it "raises a ResourceNotFound error" do
+        expect {
+          subject.regenerate_key(user_id)
+        }.to raise_error(Ridley::Errors::ResourceNotFound)
+      end
+    end
+  end
+end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ridley
 version: !ruby/object:Gem::Version
-  version: 2.3.0
+  version: 2.4.0
 platform: ruby
 authors:
 - Jamie Winsor
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-11-27 00:00:00.000000000 Z
+date: 2013-12-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: addressable
@@ -289,6 +289,7 @@ files:
 - lib/ridley/chef_objects/node_object.rb
 - lib/ridley/chef_objects/role_object.rb
 - lib/ridley/chef_objects/sandbox_object.rb
+- lib/ridley/chef_objects/user_object.rb
 - lib/ridley/client.rb
 - lib/ridley/command_context.rb
 - lib/ridley/command_context/unix_uninstall.rb
@@ -319,6 +320,7 @@ files:
 - lib/ridley/resources/role_resource.rb
 - lib/ridley/resources/sandbox_resource.rb
 - lib/ridley/resources/search_resource.rb
+- lib/ridley/resources/user_resource.rb
 - lib/ridley/sandbox_uploader.rb
 - lib/ridley/version.rb
 - ridley.gemspec
@@ -333,6 +335,7 @@ files:
 - spec/acceptance/role_resource_spec.rb
 - spec/acceptance/sandbox_resource_spec.rb
 - spec/acceptance/search_resource_spec.rb
+- spec/acceptance/user_resource_spec.rb
 - spec/fixtures/chefignore
 - spec/fixtures/encrypted_data_bag_secret
 - spec/fixtures/example_cookbook/Guardfile
@@ -394,6 +397,7 @@ files:
 - spec/unit/ridley/resources/role_resource_spec.rb
 - spec/unit/ridley/resources/sandbox_resource_spec.rb
 - spec/unit/ridley/resources/search_resource_spec.rb
+- spec/unit/ridley/resources/user_resource_spec.rb
 - spec/unit/ridley/sandbox_uploader_spec.rb
 - spec/unit/ridley_spec.rb
 homepage: https://github.com/RiotGames/ridley
@@ -430,6 +434,7 @@ test_files:
 - spec/acceptance/role_resource_spec.rb
 - spec/acceptance/sandbox_resource_spec.rb
 - spec/acceptance/search_resource_spec.rb
+- spec/acceptance/user_resource_spec.rb
 - spec/fixtures/chefignore
 - spec/fixtures/encrypted_data_bag_secret
 - spec/fixtures/example_cookbook/Guardfile
@@ -491,6 +496,7 @@ test_files:
 - spec/unit/ridley/resources/role_resource_spec.rb
 - spec/unit/ridley/resources/sandbox_resource_spec.rb
 - spec/unit/ridley/resources/search_resource_spec.rb
+- spec/unit/ridley/resources/user_resource_spec.rb
 - spec/unit/ridley/sandbox_uploader_spec.rb
 - spec/unit/ridley_spec.rb
 has_rdoc: