Fix #2753 - Do not "global allow" plugins/modules mount if some rules have been parsed

When fixing #2424, we were adding a global allow (ie allow(*)) to
the plugins/modules mount.
Unfortunately global allow always win against any other rules that
can be defined in fileserver.conf.

This patch makes sure we add those global allow entries only if
we didn't get any rules from fileserver.conf

Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>

1 files changed, 30 insertions, 0 deletions

diff --git a/spec/unit/network/authstore.rb b/spec/unit/network/authstore.rb
index 55b2c7bbc..4087b28ed 100644
--- a/spec/unit/network/authstore.rb
+++ b/spec/unit/network/authstore.rb
@@ -4,6 +4,36 @@ require File.dirname(__FILE__) + '/../../spec_helper'
 
 require 'puppet/network/authconfig'
 
+describe Puppet::Network::AuthStore do
+    describe "when checking if the acl has some entries" do
+        before :each do
+            @authstore = Puppet::Network::AuthStore.new
+        end
+
+        it "should be empty if no ACE have been entered" do
+            @authstore.should be_empty
+        end
+
+        it "should not be empty if it is a global allow" do
+            @authstore.allow('*')
+
+            @authstore.should_not be_empty
+        end
+
+        it "should not be empty if at least one allow has been entered" do
+            @authstore.allow('1.1.1.*')
+
+            @authstore.should_not be_empty
+        end
+
+        it "should not be empty if at least one deny has been entered" do
+            @authstore.deny('1.1.1.*')
+
+            @authstore.should_not be_empty
+        end
+    end
+end
+
 describe Puppet::Network::AuthStore::Declaration do
 
     ['100.101.99.98','100.100.100.100','1.2.3.4','11.22.33.44'].each { |ip|