diff options
author | Brice Figureau <brice-puppet@daysofwonder.com> | 2009-10-26 20:07:20 +0100 |
---|---|---|
committer | James Turnbull <james@lovedthanlost.net> | 2009-10-27 12:23:28 +1100 |
commit | 6b254ebc606b128cbf4d778023da3c4cc396fe29 (patch) | |
tree | ebdfc0a6a5becdbc976d04b966ae141f1e6df063 /spec/unit/network | |
parent | ff3a7bc17b66b73f5cf155a2ffb62ccd85f9e9bc (diff) | |
download | puppet-6b254ebc606b128cbf4d778023da3c4cc396fe29.tar.gz puppet-6b254ebc606b128cbf4d778023da3c4cc396fe29.tar.xz puppet-6b254ebc606b128cbf4d778023da3c4cc396fe29.zip |
Fix #2753 - Do not "global allow" plugins/modules mount if some rules have been parsed
When fixing #2424, we were adding a global allow (ie allow(*)) to
the plugins/modules mount.
Unfortunately global allow always win against any other rules that
can be defined in fileserver.conf.
This patch makes sure we add those global allow entries only if
we didn't get any rules from fileserver.conf
Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
Diffstat (limited to 'spec/unit/network')
-rw-r--r-- | spec/unit/network/authstore.rb | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/spec/unit/network/authstore.rb b/spec/unit/network/authstore.rb index 55b2c7bbc..4087b28ed 100644 --- a/spec/unit/network/authstore.rb +++ b/spec/unit/network/authstore.rb @@ -4,6 +4,36 @@ require File.dirname(__FILE__) + '/../../spec_helper' require 'puppet/network/authconfig' +describe Puppet::Network::AuthStore do + describe "when checking if the acl has some entries" do + before :each do + @authstore = Puppet::Network::AuthStore.new + end + + it "should be empty if no ACE have been entered" do + @authstore.should be_empty + end + + it "should not be empty if it is a global allow" do + @authstore.allow('*') + + @authstore.should_not be_empty + end + + it "should not be empty if at least one allow has been entered" do + @authstore.allow('1.1.1.*') + + @authstore.should_not be_empty + end + + it "should not be empty if at least one deny has been entered" do + @authstore.deny('1.1.1.*') + + @authstore.should_not be_empty + end + end +end + describe Puppet::Network::AuthStore::Declaration do ['100.101.99.98','100.100.100.100','1.2.3.4','11.22.33.44'].each { |ip| |