Merge pull request #25 from nicklewis/feature/master/windows-users-and-groups

(#8408/8409) Windows user and group providers
author: Cameron Thomas <cs.thomas.dev@gmail.com> 2011-08-10 12:21:10 -0700
committer: Cameron Thomas <cs.thomas.dev@gmail.com> 2011-08-10 12:21:10 -0700
commit: 6d692af86b70977b73be051992e18e34a1d64d65 (patch)
tree: 28656f82827ba450dcb801c09fb3c170b755a6be /spec
parent: 2b9b7c114e7c599f88be4f3be70f504add8072f8 (diff)
parent: 01f09f5f395bab66b90a4e81e958aa89025977b4 (diff)
3 files changed, 391 insertions, 0 deletions
diff --git a/spec/unit/provider/group/windows_adsi_spec.rb b/spec/unit/provider/group/windows_adsi_spec.rb
new file mode 100644
index 000000000..7faaa1a8c
--- /dev/null
+++ b/spec/unit/provider/group/windows_adsi_spec.rb
@@ -0,0 +1,79 @@
+#!/usr/bin/env ruby
+
+require 'spec_helper'
+
+describe Puppet::Type.type(:group).provider(:windows_adsi) do
+  let(:resource) do
+    Puppet::Type.type(:group).new(
+      :title => 'testers',
+      :provider => :windows_adsi
+    )
+  end
+
+  let(:provider) { resource.provider }
+
+  let(:connection) { stub 'connection' }
+
+  before :each do
+    Puppet::Util::ADSI.stubs(:computer_name).returns('testcomputername')
+    Puppet::Util::ADSI.stubs(:connect).returns connection
+  end
+
+  describe ".instances" do
+    it "should enumerate all groups" do
+      names = ['group1', 'group2', 'group3']
+      stub_groups = names.map{|n| stub(:name => n)}
+
+      connection.stubs(:execquery).with("select * from win32_group").returns stub_groups
+
+      described_class.instances.map(&:name).should =~ names
+    end
+  end
+
+  describe "when managing members" do
+    it "should be able to provide a list of members" do
+      provider.group.stubs(:members).returns ['user1', 'user2', 'user3']
+
+      provider.members.should =~ ['user1', 'user2', 'user3']
+    end
+
+    it "should be able to set group members" do
+      provider.group.stubs(:members).returns ['user1', 'user2']
+
+      provider.group.expects(:remove_members).with('user1')
+      provider.group.expects(:add_members).with('user3')
+
+      provider.members = ['user2', 'user3']
+    end
+  end
+
+  it "should be able to create a group" do
+    resource[:members] = ['user1', 'user2']
+
+    group = stub 'group'
+    Puppet::Util::ADSI::Group.expects(:create).with('testers').returns group
+
+    group.expects(:set_members).with(['user1', 'user2'])
+
+    provider.create
+  end
+
+  it "should be able to test whether a group exists" do
+    Puppet::Util::ADSI.stubs(:connect).returns stub('connection')
+    provider.should be_exists
+
+    Puppet::Util::ADSI.stubs(:connect).returns nil
+    provider.should_not be_exists
+  end
+
+  it "should be able to delete a group" do
+    connection.expects(:Delete).with('group', 'testers')
+
+    provider.delete
+  end
+
+  it "should warn when trying to manage the gid property" do
+    provider.expects(:warning).with { |msg| msg =~ /No support for managing property gid/ }
+    provider.send(:gid=, 500)
+  end
+end
diff --git a/spec/unit/provider/user/windows_adsi_spec.rb b/spec/unit/provider/user/windows_adsi_spec.rb
new file mode 100644
index 000000000..073a3d328
--- /dev/null
+++ b/spec/unit/provider/user/windows_adsi_spec.rb
@@ -0,0 +1,110 @@
+#!/usr/bin/env ruby
+
+require 'spec_helper'
+
+describe Puppet::Type.type(:user).provider(:windows_adsi) do
+  let(:resource) do
+    Puppet::Type.type(:user).new(
+      :title => 'testuser',
+      :comment => 'Test J. User',
+      :provider => :windows_adsi
+    )
+  end
+
+  let(:provider) { resource.provider }
+
+  let(:connection) { stub 'connection' }
+
+  before :each do
+    Puppet::Util::ADSI.stubs(:computer_name).returns('testcomputername')
+    Puppet::Util::ADSI.stubs(:connect).returns connection
+  end
+
+  describe ".instances" do
+    it "should enumerate all users" do
+      names = ['user1', 'user2', 'user3']
+      stub_users = names.map{|n| stub(:name => n)}
+
+      connection.stubs(:execquery).with("select * from win32_useraccount").returns(stub_users)
+
+      described_class.instances.map(&:name).should =~ names
+    end
+  end
+
+  it "should provide access to a Puppet::Util::ADSI::User object" do
+    provider.user.should be_a(Puppet::Util::ADSI::User)
+  end
+
+  describe "when managing groups" do
+    it 'should return the list of groups as a comma-separated list' do
+      provider.user.stubs(:groups).returns ['group1', 'group2', 'group3']
+
+      provider.groups.should == 'group1,group2,group3'
+    end
+
+    it "should return absent if there are no groups" do
+      provider.user.stubs(:groups).returns []
+
+      provider.groups.should == ''
+    end
+
+    it 'should be able to add a user to a set of groups' do
+      resource[:membership] = :minimum
+      provider.user.expects(:set_groups).with('group1,group2', true)
+
+      provider.groups = 'group1,group2'
+
+      resource[:membership] = :inclusive
+      provider.user.expects(:set_groups).with('group1,group2', false)
+
+      provider.groups = 'group1,group2'
+    end
+  end
+
+  describe "when creating a user" do
+    it "should create the user on the system and set its other properties" do
+      resource[:groups]     = ['group1', 'group2']
+      resource[:membership] = :inclusive
+      resource[:comment]    = 'a test user'
+      resource[:home]       = 'C:\Users\testuser'
+
+      user = stub 'user'
+      Puppet::Util::ADSI::User.expects(:create).with('testuser').returns user
+
+      user.stubs(:groups).returns(['group2', 'group3'])
+
+      user.expects(:set_groups).with('group1,group2', false)
+      user.expects(:[]=).with('Description', 'a test user')
+      user.expects(:[]=).with('HomeDirectory', 'C:\Users\testuser')
+
+      provider.create
+    end
+  end
+
+  it 'should be able to test whether a user exists' do
+    Puppet::Util::ADSI.stubs(:connect).returns stub('connection')
+    provider.should be_exists
+
+    Puppet::Util::ADSI.stubs(:connect).returns nil
+    provider.should_not be_exists
+  end
+
+  it 'should be able to delete a user' do
+    connection.expects(:Delete).with('user', 'testuser')
+
+    provider.delete
+  end
+
+  it "should commit the user when flushed" do
+    provider.user.expects(:commit)
+
+    provider.flush
+  end
+
+  [:uid, :gid, :shell].each do |prop|
+    it "should warn when trying to manage the #{prop} property" do
+      provider.expects(:warning).with { |msg| msg =~ /No support for managing property #{prop}/ }
+      provider.send("#{prop}=", 'foo')
+    end
+  end
+end
diff --git a/spec/unit/util/adsi_spec.rb b/spec/unit/util/adsi_spec.rb
new file mode 100644
index 000000000..b61724405
--- /dev/null
+++ b/spec/unit/util/adsi_spec.rb
@@ -0,0 +1,202 @@
+#!/usr/bin/env ruby
+
+require 'spec_helper'
+
+require 'puppet/util/adsi'
+
+describe Puppet::Util::ADSI do
+  let(:connection) { stub 'connection' }
+
+  before(:each) do
+    Puppet::Util::ADSI.instance_variable_set(:@computer_name, 'testcomputername')
+    Puppet::Util::ADSI.stubs(:connect).returns connection
+  end
+
+  it "should generate the correct URI for a resource" do
+    Puppet::Util::ADSI.uri('test', 'user').should == "WinNT://testcomputername/test,user"
+  end
+
+  it "should be able to get the name of the computer" do
+    Puppet::Util::ADSI.computer_name.should == 'testcomputername'
+  end
+
+  it "should be able to provide the correct WinNT base URI for the computer" do
+    Puppet::Util::ADSI.computer_uri.should == "WinNT://testcomputername"
+  end
+
+  describe Puppet::Util::ADSI::User do
+    let(:username)  { 'testuser' }
+
+    it "should generate the correct URI" do
+      Puppet::Util::ADSI::User.uri(username).should == "WinNT://testcomputername/#{username},user"
+    end
+
+    it "should be able to create a user" do
+      adsi_user = stub('adsi')
+
+      connection.expects(:Create).with('user', username).returns(adsi_user)
+
+      user = Puppet::Util::ADSI::User.create(username)
+
+      user.should be_a(Puppet::Util::ADSI::User)
+      user.native_user.should == adsi_user
+    end
+
+    it "should be able to check the existence of a user" do
+      Puppet::Util::ADSI.expects(:connect).with("WinNT://testcomputername/#{username},user").returns connection
+      Puppet::Util::ADSI::User.exists?(username).should be_true
+    end
+
+    it "should be able to delete a user" do
+      connection.expects(:Delete).with('user', username)
+
+      Puppet::Util::ADSI::User.delete(username)
+    end
+
+    describe "an instance" do
+      let(:adsi_user) { stub 'user' }
+      let(:user)      { Puppet::Util::ADSI::User.new(username, adsi_user) }
+
+      it "should provide its groups as a list of names" do
+        names = ["group1", "group2"]
+
+        groups = names.map { |name| mock('group', :Name => name) }
+
+        adsi_user.expects(:Groups).returns(groups)
+
+        user.groups.should =~ names
+      end
+
+      it "should be able to test whether a given password is correct" do
+        Puppet::Util::ADSI::User.expects(:logon).with(username, 'pwdwrong').returns(false)
+        Puppet::Util::ADSI::User.expects(:logon).with(username, 'pwdright').returns(true)
+
+        user.password_is?('pwdwrong').should be_false
+        user.password_is?('pwdright').should be_true
+      end
+
+      it "should be able to set a password" do
+        adsi_user.expects(:SetPassword).with('pwd')
+        adsi_user.expects(:SetInfo).at_least_once
+
+        flagname = "UserFlags"
+        fADS_UF_DONT_EXPIRE_PASSWD = 0x10000
+
+        adsi_user.expects(:Get).with(flagname).returns(0)
+        adsi_user.expects(:Put).with(flagname, fADS_UF_DONT_EXPIRE_PASSWD)
+
+        user.password = 'pwd'
+      end
+
+      it "should generate the correct URI" do
+        user.uri.should == "WinNT://testcomputername/#{username},user"
+      end
+
+      describe "when given a set of groups to which to add the user" do
+        let(:groups_to_set) { 'group1,group2' }
+
+        before(:each) do
+          user.expects(:groups).returns ['group2', 'group3']
+        end
+
+        describe "if membership is specified as inclusive" do
+          it "should add the user to those groups, and remove it from groups not in the list" do
+            group1 = stub 'group1'
+            group1.expects(:Add).with("WinNT://testcomputername/#{username},user")
+
+            group3 = stub 'group1'
+            group3.expects(:Remove).with("WinNT://testcomputername/#{username},user")
+
+            Puppet::Util::ADSI.expects(:connect).with('WinNT://testcomputername/group1,group').returns group1
+            Puppet::Util::ADSI.expects(:connect).with('WinNT://testcomputername/group3,group').returns group3
+
+            user.set_groups(groups_to_set, false)
+          end
+        end
+
+        describe "if membership is specified as minimum" do
+          it "should add the user to the specified groups without affecting its other memberships" do
+            group1 = stub 'group1'
+            group1.expects(:Add).with("WinNT://testcomputername/#{username},user")
+
+            Puppet::Util::ADSI.expects(:connect).with('WinNT://testcomputername/group1,group').returns group1
+
+            user.set_groups(groups_to_set, true)
+          end
+        end
+      end
+    end
+  end
+
+  describe Puppet::Util::ADSI::Group do
+    let(:groupname)  { 'testgroup' }
+
+    describe "an instance" do
+      let(:adsi_group) { stub 'group' }
+      let(:group)      { Puppet::Util::ADSI::Group.new(groupname, adsi_group) }
+
+      it "should be able to add a member" do
+        adsi_group.expects(:Add).with("WinNT://testcomputername/someone,user")
+
+        group.add_member('someone')
+      end
+
+      it "should be able to remove a member" do
+        adsi_group.expects(:Remove).with("WinNT://testcomputername/someone,user")
+
+        group.remove_member('someone')
+      end
+
+      it "should provide its groups as a list of names" do
+        names = ['user1', 'user2']
+
+        users = names.map { |name| mock('user', :Name => name) }
+
+        adsi_group.expects(:Members).returns(users)
+
+        group.members.should =~ names
+      end
+
+      it "should be able to add a list of users to a group" do
+        names = ['user1', 'user2']
+        adsi_group.expects(:Members).returns names.map{|n| stub(:Name => n)}
+
+        adsi_group.expects(:Remove).with('WinNT://testcomputername/user1,user')
+        adsi_group.expects(:Add).with('WinNT://testcomputername/user3,user')
+
+        group.set_members(['user2', 'user3'])
+      end
+
+      it "should generate the correct URI" do
+        group.uri.should == "WinNT://testcomputername/#{groupname},group"
+      end
+    end
+
+    it "should generate the correct URI" do
+      Puppet::Util::ADSI::Group.uri("people").should == "WinNT://testcomputername/people,group"
+    end
+
+    it "should be able to create a group" do
+      adsi_group = stub("adsi")
+
+      connection.expects(:Create).with('group', groupname).returns(adsi_group)
+
+      group = Puppet::Util::ADSI::Group.create(groupname)
+
+      group.should be_a(Puppet::Util::ADSI::Group)
+      group.native_group.should == adsi_group
+    end
+
+    it "should be able to confirm the existence of a group" do
+      Puppet::Util::ADSI.expects(:connect).with("WinNT://testcomputername/#{groupname},group").returns connection
+
+      Puppet::Util::ADSI::Group.exists?(groupname).should be_true
+    end
+
+    it "should be able to delete a group" do
+      connection.expects(:Delete).with('group', groupname)
+
+      Puppet::Util::ADSI::Group.delete(groupname)
+    end
+  end
+end
author	Cameron Thomas <cs.thomas.dev@gmail.com>	2011-08-10 12:21:10 -0700
committer	Cameron Thomas <cs.thomas.dev@gmail.com>	2011-08-10 12:21:10 -0700
commit	6d692af86b70977b73be051992e18e34a1d64d65 (patch)
tree	28656f82827ba450dcb801c09fb3c170b755a6be /spec
parent	2b9b7c114e7c599f88be4f3be70f504add8072f8 (diff)
parent	01f09f5f395bab66b90a4e81e958aa89025977b4 (diff)