summaryrefslogtreecommitdiffstats
path: root/spec/unit/network/authstore.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/unit/network/authstore.rb')
-rw-r--r--spec/unit/network/authstore.rb105
1 files changed, 77 insertions, 28 deletions
diff --git a/spec/unit/network/authstore.rb b/spec/unit/network/authstore.rb
index 4da3714ae..55b2c7bbc 100644
--- a/spec/unit/network/authstore.rb
+++ b/spec/unit/network/authstore.rb
@@ -6,25 +6,46 @@ require 'puppet/network/authconfig'
describe Puppet::Network::AuthStore::Declaration do
- describe "when the pattern is simple numeric IP" do
- before :each do
- @ip = '100.101.99.98'
- @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,@ip)
- end
- it "should match the specified IP" do
- @declaration.should be_match('www.testsite.org',@ip)
+ ['100.101.99.98','100.100.100.100','1.2.3.4','11.22.33.44'].each { |ip|
+ describe "when the pattern is a simple numeric IP such as #{ip}" do
+ before :each do
+ @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,ip)
+ end
+ it "should match the specified IP" do
+ @declaration.should be_match('www.testsite.org',ip)
+ end
+ it "should not match other IPs" do
+ @declaration.should_not be_match('www.testsite.org','200.101.99.98')
+ end
end
- it "should not match other IPs" do
- @declaration.should_not be_match('www.testsite.org','200.101.99.98')
- end
- end
+
+ (1..3).each { |n|
+ describe "when the pattern is a IP mask with #{n} numeric segments and a *" do
+ before :each do
+ @ip_pattern = ip.split('.')[0,n].join('.')+'.*'
+ @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,@ip_pattern)
+ end
+ it "should match an IP in the range" do
+ @declaration.should be_match('www.testsite.org',ip)
+ end
+ it "should not match other IPs" do
+ @declaration.should_not be_match('www.testsite.org','200.101.99.98')
+ end
+ it "should not match IPs that differ in the last non-wildcard segment" do
+ other = ip.split('.')
+ other[n-1].succ!
+ @declaration.should_not be_match('www.testsite.org',other.join('.'))
+ end
+ end
+ }
+ }
describe "when the pattern is a numeric IP with a back reference" do
before :each do
@ip = '100.101.$1'
@declaration = Puppet::Network::AuthStore::Declaration.new(:allow,@ip).interpolate('12.34'.match(/(.*)/))
end
- it "should match an IP with the apropriate interpolation" do
+ it "should match an IP with the appropriate interpolation" do
@declaration.should be_match('www.testsite.org',@ip.sub(/\$1/,'12.34'))
end
it "should not match other IPs" do
@@ -32,20 +53,25 @@ describe Puppet::Network::AuthStore::Declaration do
end
end
- describe "when the pattern is a PQDN" do
- before :each do
- @host = 'spirit.mars.nasa.gov'
- @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,@host)
- end
- it "should match the specified PQDN" do
- pending "FQDN consensus"
- @declaration.should be_match(@host,'200.101.99.98')
- end
- it "should not match a similar FQDN" do
- pending "FQDN consensus"
- @declaration.should_not be_match(@host+'.','200.101.99.98')
- end
- end
+ {
+ 'spirit.mars.nasa.gov' => 'a PQDN',
+ 'ratchet.2ndsiteinc.com' => 'a PQDN with digits',
+ 'a.c.ru' => 'a PQDN with short segments',
+ }.each {|pqdn,desc|
+ describe "when the pattern is #{desc}" do
+ before :each do
+ @host = pqdn
+ @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,@host)
+ end
+ it "should match the specified PQDN" do
+ @declaration.should be_match(@host,'200.101.99.98')
+ end
+ it "should not match a similar FQDN" do
+ pending "FQDN consensus"
+ @declaration.should_not be_match(@host+'.','200.101.99.98')
+ end
+ end
+ }
describe "when the pattern is a FQDN" do
before :each do
@@ -57,7 +83,6 @@ describe Puppet::Network::AuthStore::Declaration do
@declaration.should be_match(@host,'200.101.99.98')
end
it "should not match a similar PQDN" do
- #pending "FQDN consensus"
@declaration.should_not be_match(@host[0..-2],'200.101.99.98')
end
end
@@ -70,7 +95,31 @@ describe Puppet::Network::AuthStore::Declaration do
@pattern = %{^/catalog/([^/]+)$}
@declaration = Puppet::Network::AuthStore::Declaration.new(:allow,'$1')
end
- it "should match an IP with the apropriate interpolation" do
+ it "should match an IP with the appropriate interpolation" do
+ @declaration.interpolate(@item.match(@pattern)).should be_match(@host,'10.0.0.5')
+ end
+ end
+
+ describe "when the pattern is an opaque string with a back reference and the matched data contains dots" do
+ before :each do
+ @host = 'admin.mgmt.nym1'
+ @item = "/catalog/#{@host}"
+ @pattern = %{^/catalog/([^/]+)$}
+ @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,'$1')
+ end
+ it "should match a name with the appropriate interpolation" do
+ @declaration.interpolate(@item.match(@pattern)).should be_match(@host,'10.0.0.5')
+ end
+ end
+
+ describe "when the pattern is an opaque string with a back reference and the matched data contains dots with an initial prefix that looks like an IP address" do
+ before :each do
+ @host = '01.admin.mgmt.nym1'
+ @item = "/catalog/#{@host}"
+ @pattern = %{^/catalog/([^/]+)$}
+ @declaration = Puppet::Network::AuthStore::Declaration.new(:allow,'$1')
+ end
+ it "should match a name with the appropriate interpolation" do
@declaration.interpolate(@item.match(@pattern)).should be_match(@host,'10.0.0.5')
end
end
generated by cgit (git 2.34.1) at 2026-01-06 16:36:40 +0000