Merge branch '2.7.x'

Conflicts: lib/puppet/feature/base.rb lib/puppet/file_serving/configuration.rb spec/unit/indirector/ssl_file_spec.rb spec/unit/parser/functions/extlookup_spec.rb spec/unit/resource/catalog_spec.rb test/language/ast/variable.rb
author: Nick Lewis <nick@puppetlabs.com> 2011-08-24 15:42:03 -0700
committer: Nick Lewis <nick@puppetlabs.com> 2011-08-24 15:42:03 -0700
commit: da4a2def42639817c4522fc0162bd691956998da (patch)
tree: 3cb423a7d2a7a803a922b710c661d675d11bf131 /spec/unit/util/suidmanager_spec.rb
parent: 0d51dc9be0bc1c785d749b8b352a1e43b1b6e9c6 (diff)
parent: 630ec36089e2224fba99b76d76eaf904af13e4d6 (diff)
download: puppet-da4a2def42639817c4522fc0162bd691956998da.tar.gz
puppet-da4a2def42639817c4522fc0162bd691956998da.tar.xz
puppet-da4a2def42639817c4522fc0162bd691956998da.zip
1 files changed, 89 insertions, 0 deletions
diff --git a/spec/unit/util/suidmanager_spec.rb b/spec/unit/util/suidmanager_spec.rb
index abfe3f723..474d0b2a2 100755
--- a/spec/unit/util/suidmanager_spec.rb
+++ b/spec/unit/util/suidmanager_spec.rb
@@ -66,6 +66,14 @@ describe Puppet::Util::SUIDManager do
 
       xids.should be_empty
     end
+
+    it "should not get or set euid/egid on Windows" do
+      Puppet.features.stubs(:microsoft_windows?).returns true
+
+      Puppet::Util::SUIDManager.asuser(user[:uid], user[:gid]) {}
+
+      xids.should be_empty
+    end
   end
 
   describe "#change_group" do
@@ -195,6 +203,15 @@ describe Puppet::Util::SUIDManager do
 
         xids.should be_empty
       end
+
+      it "should not get or set euid/egid on Windows" do
+        Puppet.features.stubs(:microsoft_windows?).returns true
+        Kernel.expects(:system).with('blah')
+
+        Puppet::Util::SUIDManager.system('blah', user[:uid], user[:gid])
+
+        xids.should be_empty
+      end
     end
 
     describe "with #run_and_capture" do
@@ -210,4 +227,76 @@ describe Puppet::Util::SUIDManager do
       end
     end
   end
+
+  describe "#root?" do
+    describe "on POSIX systems" do
+      before :each do
+        Puppet.features.stubs(:posix?).returns(true)
+        Puppet.features.stubs(:microsoft_windows?).returns(false)
+      end
+
+      it "should be root if uid is 0" do
+        Process.stubs(:uid).returns(0)
+
+        Puppet::Util::SUIDManager.should be_root
+      end
+
+      it "should not be root if uid is not 0" do
+        Process.stubs(:uid).returns(1)
+
+        Puppet::Util::SUIDManager.should_not be_root
+      end
+    end
+
+    describe "on Microsoft Windows", :if => Puppet.features.microsoft_windows? do
+      describe "2003 without UAC" do
+        it "should be root if user is a member of the Administrators group" do
+          Win32::Security.stubs(:elevated_security?).raises(Win32::Security::Error, "Incorrect function.")
+          Sys::Admin.stubs(:get_login).returns("Administrator")
+          Sys::Group.stubs(:members).returns(%w[Administrator])
+
+          Puppet::Util::SUIDManager.should be_root
+        end
+
+        it "should not be root if the process is running as Guest" do
+          Win32::Security.stubs(:elevated_security?).raises(Win32::Security::Error, "Incorrect function.")
+          Sys::Admin.stubs(:get_login).returns("Guest")
+          Sys::Group.stubs(:members).returns([])
+
+          Puppet::Util::SUIDManager.should_not be_root
+        end
+
+        it "should raise an exception if the process fails to open the process token" do
+          Win32::Security.stubs(:elevated_security?).raises(Win32::Security::Error, "Access denied.")
+          Sys::Admin.stubs(:get_login).returns("Administrator")
+          Sys::Group.expects(:members).never
+
+          lambda { Puppet::Util::SUIDManager.should raise_error(Win32::Security::Error, /Access denied./) }
+        end
+      end
+
+      describe "2008 with UAC" do
+        it "should be root if user is running with elevated privileges" do
+          Win32::Security.stubs(:elevated_security?).returns(true)
+          Sys::Admin.expects(:get_login).never
+
+          Puppet::Util::SUIDManager.should be_root
+        end
+
+        it "should not be root if user is not running with elevated privileges" do
+          Win32::Security.stubs(:elevated_security?).returns(false)
+          Sys::Admin.expects(:get_login).never
+
+          Puppet::Util::SUIDManager.should_not be_root
+        end
+
+        it "should raise an exception if the process fails to open the process token" do
+          Win32::Security.stubs(:elevated_security?).raises(Win32::Security::Error, "Access denied.")
+          Sys::Admin.expects(:get_login).never
+
+          lambda { Puppet::Util::SUIDManager.should raise_error(Win32::Security::Error, /Access denied./) }
+        end
+      end
+    end
+  end
 end
author	Nick Lewis <nick@puppetlabs.com>	2011-08-24 15:42:03 -0700
committer	Nick Lewis <nick@puppetlabs.com>	2011-08-24 15:42:03 -0700
commit	da4a2def42639817c4522fc0162bd691956998da (patch)
tree	3cb423a7d2a7a803a922b710c661d675d11bf131 /spec/unit/util/suidmanager_spec.rb
parent	0d51dc9be0bc1c785d749b8b352a1e43b1b6e9c6 (diff)
parent	630ec36089e2224fba99b76d76eaf904af13e4d6 (diff)
download	puppet-da4a2def42639817c4522fc0162bd691956998da.tar.gz puppet-da4a2def42639817c4522fc0162bd691956998da.tar.xz puppet-da4a2def42639817c4522fc0162bd691956998da.zip