diff options
| author | Brice Figureau <brice-puppet@daysofwonder.com> | 2009-03-30 23:10:19 +0200 |
|---|---|---|
| committer | Brice Figureau <brice-puppet@daysofwonder.com> | 2009-04-23 20:52:03 +0200 |
| commit | c0c824548e03e603f5a51c61262ae6a58e7549fb (patch) | |
| tree | c2fff712f555006a7569ec1b2b4324311532b375 /spec/integration | |
| parent | aac996ed17e0ec72c5098b1225eb159aae4901fc (diff) | |
| download | puppet-c0c824548e03e603f5a51c61262ae6a58e7549fb.tar.gz puppet-c0c824548e03e603f5a51c61262ae6a58e7549fb.tar.xz puppet-c0c824548e03e603f5a51c61262ae6a58e7549fb.zip | |
Refactor rest authorization to raise exceptions deeper
The idea is to raise an AuthorizationException at the same place
we check the authorization instead of in an upper level to be
able to spot where the authorization took place in the exception
backtrace.
Moreover, this changes also makes Rights::allowed? to return
the matching acl so that the upper layer can have a chance to
report which ACL resulted in the match.
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
Diffstat (limited to 'spec/integration')
5 files changed, 6 insertions, 6 deletions
diff --git a/spec/integration/indirector/certificate/rest.rb b/spec/integration/indirector/certificate/rest.rb index c42bafbd0..8512fa95a 100755 --- a/spec/integration/indirector/certificate/rest.rb +++ b/spec/integration/indirector/certificate/rest.rb @@ -48,7 +48,7 @@ describe "Certificate REST Terminus" do @mock_model = stub('faked model', :name => "certificate") Puppet::Indirector::Request.any_instance.stubs(:model).returns(@mock_model) - Puppet::Network::HTTP::WEBrickREST.any_instance.stubs(:authorized?).returns(true) + Puppet::Network::HTTP::WEBrickREST.any_instance.stubs(:check_authorization).returns(true) end after do diff --git a/spec/integration/indirector/certificate_request/rest.rb b/spec/integration/indirector/certificate_request/rest.rb index 138187691..a1dc5c017 100755 --- a/spec/integration/indirector/certificate_request/rest.rb +++ b/spec/integration/indirector/certificate_request/rest.rb @@ -53,7 +53,7 @@ describe "Certificate Request REST Terminus" do @mock_model = stub('faked model', :name => "certificate request") Puppet::Indirector::Request.any_instance.stubs(:model).returns(@mock_model) - Puppet::Network::HTTP::WEBrickREST.any_instance.stubs(:authorized?).returns(true) + Puppet::Network::HTTP::WEBrickREST.any_instance.stubs(:check_authorization).returns(true) end after do diff --git a/spec/integration/indirector/certificate_revocation_list/rest.rb b/spec/integration/indirector/certificate_revocation_list/rest.rb index a1ba4f9a0..dce0cf05b 100755 --- a/spec/integration/indirector/certificate_revocation_list/rest.rb +++ b/spec/integration/indirector/certificate_revocation_list/rest.rb @@ -57,7 +57,7 @@ describe "Certificate REST Terminus" do @mock_model = stub('faked model', :name => "certificate") Puppet::Indirector::Request.any_instance.stubs(:model).returns(@mock_model) - Puppet::Network::HTTP::WEBrickREST.any_instance.stubs(:authorized?).returns(true) + Puppet::Network::HTTP::WEBrickREST.any_instance.stubs(:check_authorization).returns(true) end after do diff --git a/spec/integration/indirector/report/rest.rb b/spec/integration/indirector/report/rest.rb index 115007588..7903ac9fb 100644 --- a/spec/integration/indirector/report/rest.rb +++ b/spec/integration/indirector/report/rest.rb @@ -50,7 +50,7 @@ describe "Report REST Terminus" do @mock_model = stub_everything 'faked model', :name => "report", :convert_from => @report Puppet::Indirector::Request.any_instance.stubs(:model).returns(@mock_model) - Puppet::Network::HTTP::WEBrickREST.any_instance.stubs(:authorized?).returns(true) + Puppet::Network::HTTP::WEBrickREST.any_instance.stubs(:check_authorization) end after do diff --git a/spec/integration/indirector/rest.rb b/spec/integration/indirector/rest.rb index 34619c409..ede073d45 100755 --- a/spec/integration/indirector/rest.rb +++ b/spec/integration/indirector/rest.rb @@ -78,7 +78,7 @@ describe Puppet::Indirector::REST do Puppet::Indirector::Request.any_instance.stubs(:model).returns(@mock_model) # do not trigger the authorization layer - Puppet::Network::HTTP::WEBrickREST.any_instance.stubs(:authorized?).returns(true) + Puppet::Network::HTTP::WEBrickREST.any_instance.stubs(:check_authorization).returns(true) end describe "when finding a model instance over REST" do @@ -311,7 +311,7 @@ describe Puppet::Indirector::REST do Puppet::Indirector::Request.any_instance.stubs(:model).returns(@mock_model) # do not trigger the authorization layer - Puppet::Network::HTTP::MongrelREST.any_instance.stubs(:authorized?).returns(true) + Puppet::Network::HTTP::MongrelREST.any_instance.stubs(:check_authorization).returns(true) end after do |