On May 25, 2008, at 10:29 PM, James Turnbull wrote:
> From: Luke Kanies <[EMAIL PROTECTED]>
>
> ---
> lib/puppet/provider/group/ldap.rb | 2 +-
> lib/puppet/provider/user/ldap.rb | 2 +-
> spec/unit/provider/user/ldap.rb | 10 ++++++++++
> 3 files changed, 12 insertions(+), 2 deletions(-)
I think this was supposed to be in a new branch, but it looks like it
doesn't matter since most of it was reverted in
4434072c7f51e4720b40aaea0637cb94dc6aefe5.
Comments below:
>
> diff --git a/lib/puppet/provider/group/ldap.rb b/lib/puppet/provider/
> group/ldap.rb
> index 632358f..5af400a 100644
> --- a/lib/puppet/provider/group/ldap.rb
> +++ b/lib/puppet/provider/group/ldap.rb
> @@ -12,7 +12,7 @@ Puppet::Type.type(:group).provide :ldap, :parent
> => Puppet::Provider::Ldap do
> as it iterates across all existing groups to pick the
> appropriate next
> one."
>
> - confine :true => Puppet.features.ldap?
> + confine :true => Puppet.features.ldap?, :false =>
> (Puppet[:ldapuser] == "")
>
> # We're mapping 'members' here because we want to make it
> # easy for the ldap user provider to manage groups. This
>
> diff --git a/lib/puppet/provider/user/ldap.rb b/lib/puppet/provider/
> user/ldap.rb
> index ba91a87..d670ad4 100644
> --- a/lib/puppet/provider/user/ldap.rb
> +++ b/lib/puppet/provider/user/ldap.rb
> @@ -12,7 +12,7 @@ Puppet::Type.type(:user).provide :ldap, :parent =>
> Puppet::Provider::Ldap do
> as it iterates across all existing users to pick the
> appropriate next
> one."
>
> - confine :true => Puppet.features.ldap?
> + confine :feature => :ldap, :false => (Puppet[:ldapuser] == "")
>
>
> manages
> (:posixAccount
> , :person).at("ou=People").named_by(:uid).and.maps :name => :uid,
> :password => :userPassword,
I never did find a way to make the tests pass, because while I could
easily test the feature-based confine, I couldn't find a way to test
the setting.
This is clearly a flaw in the 'confine' system, because 1) it never
reevaluates provider suitability and 2) we can't actually test that it
behaves correctly.
So, I removed the tests but left the providers as they are.
There's still a problem with the providers -- they can end up being
defaults for platforms on which they're functional, even when you'd
want to use 'useradd' by default. If anyone has any ideas for solving
this, I'd love to hear them. All I can think to do is add an option
saying that a given provider is never the default, or maybe modify the
useradd provider to be the default for everything it's functional on.
What do people think?
>
> diff --git a/spec/unit/provider/user/ldap.rb b/spec/unit/provider/
> user/ldap.rb
> index c4731cb..eb13d8b 100755
> --- a/spec/unit/provider/user/ldap.rb
> +++ b/spec/unit/provider/user/ldap.rb
> @@ -24,6 +24,16 @@ describe provider_class do
> provider_class.manager.rdn.should == :uid
> end
>
> + it "should be unsuitable if ldap is unavailable" do
> + Puppet.features.expects(:ldap?).returns false
> + provider_class.should_not be_suitable
> + end
> +
> + it "should be suitable if ldap is available" do
> + Puppet.features.expects(:ldap?).returns true
> + provider_class.should be_suitable
> + end
> +
> {:name => "uid",
> :password => "userPassword",
> :comment => "cn",
> --
> 1.5.3.3
>
I removed these tests, because I couldn't get them to pass, because of
the problems described earlier.
--
Brand's Asymmetry:
The past can only be known, not changed. The future can only be
changed, not known.
---------------------------------------------------------------------
Luke Kanies | http://reductivelabs.com | http://madstop.com
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Puppet Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/puppet-dev?hl=en
-~----------~----~----~----~------~----~------~--~---
