diff options
| -rw-r--r-- | lib/puppet/provider/user/user_role_add.rb | 35 | ||||
| -rw-r--r-- | spec/unit/provider/user/user_role_add.rb | 53 |
2 files changed, 83 insertions, 5 deletions
diff --git a/lib/puppet/provider/user/user_role_add.rb b/lib/puppet/provider/user/user_role_add.rb index 00fc24b3a..1be3fa6f1 100644 --- a/lib/puppet/provider/user/user_role_add.rb +++ b/lib/puppet/provider/user/user_role_add.rb @@ -22,11 +22,7 @@ Puppet::Type.type(:user).provide :user_role_add, :parent => :useradd do value !~ /\s/ end - has_features :manages_homedir, :allows_duplicates, :manages_solaris_rbac - - if Puppet.features.libshadow? - has_feature :manages_passwords - end + has_features :manages_homedir, :allows_duplicates, :manages_solaris_rbac, :manages_passwords #must override this to hand the keyvalue pairs def add_properties @@ -152,5 +148,34 @@ Puppet::Type.type(:user).provide :user_role_add, :parent => :useradd do def keys=(keys_hash) run([command(:modify)] + build_keys_cmd(keys_hash) << @resource[:name], "modify attribute key pairs") end + + #Read in /etc/shadow, find the line for this user (skipping comments, because who knows) and return the hashed pw (the second entry) + #No abstraction, all esoteric knowledge of file formats, yay + def password + #got perl? + if ary = File.readlines("/etc/shadow").reject { |r| r =~ /^[^\w]/}.collect { |l| l.split(':')[0..1] }.find { |user, passwd| user == @resource[:name] } + pass = ary[1] + end + pass + end + + #Read in /etc/shadow, find the line for our used and rewrite it with the new pw + #Smooth like 80 grit + def password=(cryptopw) + File.open("/etc/shadow", "r") do |shadow| + File.open("/etc/shadow_tmp", "w", 0600) do |shadow_tmp| + while line = shadow.gets do + line_arr = line.split(':') + if line_arr[0] = @resource[:name] + line_arr[1] = cryptopw + line = line_arr.join(':') + end + shadow_tmp.print line + end + end + end + + File.rename("/etc/shadow_tmp", "/etc/shadow") + end end diff --git a/spec/unit/provider/user/user_role_add.rb b/spec/unit/provider/user/user_role_add.rb index fc2074d44..ccbda1fb6 100644 --- a/spec/unit/provider/user/user_role_add.rb +++ b/spec/unit/provider/user/user_role_add.rb @@ -188,4 +188,57 @@ describe provider_class do @provider.keys=({}) end end + + describe "when getting the hashed password" do + before do + @array = mock "array" + end + + it "should readlines of /etc/shadow" do + File.expects(:readlines).with("/etc/shadow").returns([]) + @provider.password + end + + it "should reject anything that doesn't start with alpha numerics" do + @array.expects(:reject).returns([]) + File.stubs(:readlines).with("/etc/shadow").returns(@array) + @provider.password + end + + it "should collect splitting on ':'" do + @array.stubs(:reject).returns(@array) + @array.expects(:collect).returns([]) + File.stubs(:readlines).with("/etc/shadow").returns(@array) + @provider.password + end + + it "should find the matching user" do + @resource.stubs(:[]).with(:name).returns("username") + @array.stubs(:reject).returns(@array) + @array.stubs(:collect).returns([["username", "hashedpassword"], ["someoneelse", "theirpassword"]]) + File.stubs(:readlines).with("/etc/shadow").returns(@array) + @provider.password.must == "hashedpassword" + end + + it "should get the right password" do + @resource.stubs(:[]).with(:name).returns("username") + File.stubs(:readlines).with("/etc/shadow").returns(["#comment", " nonsense", " ", "username:hashedpassword:stuff:foo:bar:::", "other:pword:yay:::"]) + @provider.password.must == "hashedpassword" + end + end + + describe "when setting the password" do + #how can you mock these blocks up? + it "should open /etc/shadow for reading and /etc/shadow_tmp for writing" do + File.expects(:open).with("/etc/shadow", "r") + File.stubs(:rename) + @provider.password=("hashedpassword") + end + + it "should rename the /etc/shadow_tmp to /etc/shadow" do + File.stubs(:open).with("/etc/shadow", "r") + File.expects(:rename).with("/etc/shadow_tmp", "/etc/shadow") + @provider.password=("hashedpassword") + end + end end |