Bug #6061 -- verify that negative {min,max}_password_age are accepted.

Setting the age value to -1 will disable the specific aging value; we should
accept that, but continue to reject null or empty values as invalid.

Add tests to verify that this code enforces as expected.

1 files changed, 28 insertions, 0 deletions

diff --git a/spec/unit/type/user_spec.rb b/spec/unit/type/user_spec.rb
index 0c3e2ab2d..297134446 100755
--- a/spec/unit/type/user_spec.rb
+++ b/spec/unit/type/user_spec.rb
@@ -245,6 +245,34 @@ describe user do
     end
   end
 
+  describe "when managing minimum password age" do
+    before do
+      @age = user.attrclass(:password_min_age).new(:resource => @resource)
+    end
+
+    it "should accept a negative minimum age" do
+      expect { @age.should = -1 }.should_not raise_error
+    end
+
+    it "should fail with an empty minimum age" do
+      expect { @age.should = '' }.should raise_error(Puppet::Error)
+    end
+  end
+
+  describe "when managing maximum password age" do
+    before do
+      @age = user.attrclass(:password_max_age).new(:resource => @resource)
+    end
+
+    it "should accept a negative maximum age" do
+      expect { @age.should = -1 }.should_not raise_error
+    end
+
+    it "should fail with an empty maximum age" do
+      expect { @age.should = '' }.should raise_error(Puppet::Error)
+    end
+  end
+
   describe "when managing passwords" do
     before do
       @password = user.attrclass(:password).new(:resource => @resource, :should => "mypass")