From 6b254ebc606b128cbf4d778023da3c4cc396fe29 Mon Sep 17 00:00:00 2001
From: Brice Figureau <brice-puppet@daysofwonder.com>
Date: Mon, 26 Oct 2009 20:07:20 +0100
Subject: Fix #2753 - Do not "global allow" plugins/modules mount if some rules
 have been parsed

When fixing #2424, we were adding a global allow (ie allow(*)) to
the plugins/modules mount.
Unfortunately global allow always win against any other rules that
can be defined in fileserver.conf.

This patch makes sure we add those global allow entries only if
we didn't get any rules from fileserver.conf

Signed-off-by: Brice Figureau <brice-puppet@daysofwonder.com>
---
 lib/puppet/file_serving/configuration.rb | 4 ++--
 lib/puppet/network/authstore.rb          | 5 +++++
 2 files changed, 7 insertions(+), 2 deletions(-)

(limited to 'lib')

diff --git a/lib/puppet/file_serving/configuration.rb b/lib/puppet/file_serving/configuration.rb
index ac54a7a8a..9034caed1 100644
--- a/lib/puppet/file_serving/configuration.rb
+++ b/lib/puppet/file_serving/configuration.rb
@@ -96,9 +96,9 @@ class Puppet::FileServing::Configuration
 
     def mk_default_mounts
         @mounts["modules"] ||= Mount::Modules.new("modules")
-        @mounts["modules"].allow('*')
+        @mounts["modules"].allow('*') if @mounts["modules"].empty?
         @mounts["plugins"] ||= Mount::Plugins.new("plugins")
-        @mounts["plugins"].allow('*')
+        @mounts["plugins"].allow('*') if @mounts["plugins"].empty?
     end
 
     # Read the configuration file.
diff --git a/lib/puppet/network/authstore.rb b/lib/puppet/network/authstore.rb
index ab31faec8..fb3d0145b 100755
--- a/lib/puppet/network/authstore.rb
+++ b/lib/puppet/network/authstore.rb
@@ -63,6 +63,11 @@ module Puppet
             @globalallow
         end
 
+        # does this auth store has any rules?
+        def empty?
+            @globalallow.nil? && @declarations.size == 0
+        end
+
         def initialize
             @globalallow = nil
             @declarations = []
-- 
cgit