diff options
| author | Nigel Kersten <nigelk@google.com> | 2009-07-06 14:55:52 -0700 |
|---|---|---|
| committer | James Turnbull <james@lovedthanlost.net> | 2009-07-11 00:47:17 +1000 |
| commit | 858d3334004bbcd642443a5de061b9733a8e765c (patch) | |
| tree | a1bf222e653c333304d5e908a741651b6446af34 /lib | |
| parent | 44f127f738f6427bdf2adbe1d06d57b7b62e715e (diff) | |
| download | puppet-858d3334004bbcd642443a5de061b9733a8e765c.tar.gz puppet-858d3334004bbcd642443a5de061b9733a8e765c.tar.xz puppet-858d3334004bbcd642443a5de061b9733a8e765c.zip | |
Fixes #2258,#2257,#2256. Maintain correct type for integers/booleans, allow correct values, and fix rule array handling
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/puppet/provider/macauthorization/macauthorization.rb | 13 | ||||
| -rw-r--r-- | lib/puppet/type/macauthorization.rb | 33 |
2 files changed, 39 insertions, 7 deletions
diff --git a/lib/puppet/provider/macauthorization/macauthorization.rb b/lib/puppet/provider/macauthorization/macauthorization.rb index 58f12b94c..0c7a9a633 100644 --- a/lib/puppet/provider/macauthorization/macauthorization.rb +++ b/lib/puppet/provider/macauthorization/macauthorization.rb @@ -258,9 +258,9 @@ Puppet::Type.type(:macauthorization).provide :macauthorization, :parent => Puppe value = self.class.parsed_auth_db[resource_name][native_attribute] case value when true, "true", :true - value = :true + value = true when false, "false", :false - value = :false + value = false end @property_hash[attribute] = value @@ -287,7 +287,14 @@ Puppet::Type.type(:macauthorization).provide :macauthorization, :parent => Puppe end define_method(field.to_s + "=") do |value| - @property_hash[field] = value + case value + when true, "true", :true + @property_hash[field] = true + when false, "false", :false + @property_hash[field] = false + else + @property_hash[field] = value + end end end diff --git a/lib/puppet/type/macauthorization.rb b/lib/puppet/type/macauthorization.rb index 3399cf3e2..7fdc5bfa3 100644 --- a/lib/puppet/type/macauthorization.rb +++ b/lib/puppet/type/macauthorization.rb @@ -17,7 +17,15 @@ Puppet::Type.newtype(:macauthorization) do when false, "false", :false :false else - raise Puppet::Error("munge_boolean only takes booleans") + fail("munge_boolean only takes booleans") + end + end + + def munge_integer(value) + begin + Integer(value) + rescue ArgumentError + fail("munge_integer only takes integers") end end @@ -74,6 +82,9 @@ Puppet::Type.newtype(:macauthorization) do newvalue(:user) newvalue(:'evaluate-mechanisms') + newvalue(:allow) + newvalue(:deny) + newvalue(:rule) end newproperty(:comment) do @@ -86,15 +97,22 @@ Puppet::Type.newtype(:macauthorization) do end newproperty(:k_of_n) do - desc "k-of-n. Built-in rights only show a value of '1' or absent, - other values may be acceptable. Undocumented." + desc "k-of-n describes how large a subset of rule mechanisms must + succeed for successful authentication. If there are 'n' mechanisms, + then 'k' (the integer value of this parameter) mechanisms must succeed. + The most common setting for this parameter is '1'. If k-of-n is not + set, then 'n-of-n' mechanisms must succeed." + + munge do |value| + @resource.munge_integer(value) + end end newproperty(:mechanisms, :array_matching => :all) do desc "an array of suitable mechanisms." end - newproperty(:rule, :array_match => :all) do + newproperty(:rule, :array_matching => :all) do desc "The rule(s) that this right refers to." end @@ -132,10 +150,17 @@ Puppet::Type.newtype(:macauthorization) do authenticate every time, set the timeout to 0. For minimum security, remove the timeout attribute so the user authenticates only once per session." + + munge do |value| + @resource.munge_integer(value) + end end newproperty(:tries) do desc "The number of tries allowed." + munge do |value| + @resource.munge_integer(value) + end end end |