The option property of the ssh_authorized_key type supports an array of options. To prevent user errors we fail when the user tries to pass multiple option as a single string like "option1,option2" instead of an array. A single option however can also include a comma. Sample option: from="host1,host2".
Add tests that demonstrate that the new value validation on options is to strict. Signed-off-by: Stefan Schulte <[email protected]> --- Local-branch: ticket/2.7.x/7114fixup .../provider/ssh_authorized_key_spec.rb | 6 +++--- spec/unit/type/ssh_authorized_key_spec.rb | 8 ++++++-- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/spec/integration/provider/ssh_authorized_key_spec.rb b/spec/integration/provider/ssh_authorized_key_spec.rb index 902f9ad..edd7507 100644 --- a/spec/integration/provider/ssh_authorized_key_spec.rb +++ b/spec/integration/provider/ssh_authorized_key_spec.rb @@ -151,10 +151,10 @@ describe "ssh_authorized_key provider (integration)" do end it "should modify options if options are out of sync" do - @example[:options]=[ 'from="correct.domain.com"', 'no-port-forwarding', 'no-pty' ] - create_fake_key(:root, @sample_lines + [ "from=\"incorrect.domain.com\",no-port-forwarding,no-pty ssh-rsa #{@sample_rsa_keys[0]} root@hostname"]) + @example[:options]=[ 'from="*.domain1,host1.domain2"', 'no-port-forwarding', 'no-pty' ] + create_fake_key(:root, @sample_lines + [ "from=\"*.false,*.false2\",no-port-forwarding,no-pty ssh-rsa #{@sample_rsa_keys[0]} root@hostname"]) run_in_catalog(@example) - check_fake_key(:root, @sample_lines + [ "from=\"correct.domain.com\",no-port-forwarding,no-pty ssh-rsa #{@sample_rsa_keys[0]} root@hostname"] ) + check_fake_key(:root, @sample_lines + [ "from=\"*.domain1,host1.domain2\",no-port-forwarding,no-pty ssh-rsa #{@sample_rsa_keys[0]} root@hostname"] ) end end diff --git a/spec/unit/type/ssh_authorized_key_spec.rb b/spec/unit/type/ssh_authorized_key_spec.rb index 71b8a9a..df6c8d4 100755 --- a/spec/unit/type/ssh_authorized_key_spec.rb +++ b/spec/unit/type/ssh_authorized_key_spec.rb @@ -134,6 +134,10 @@ describe ssh_authorized_key do proc { @class.new(:name => "whev", :type => :rsa, :user => "nobody", :options => 'command="command"')}.should_not raise_error end + it "should support key-value pairs where value consist of multiple items" do + proc { @class.new(:name => "whev", :type => :rsa, :user => "nobody", :options => 'from="*.domain1,host1.domain2"')}.should_not raise_error + end + it "should support environments as options" do proc { @class.new(:name => "whev", :type => :rsa, :user => "nobody", :options => 'environment="NAME=value"')}.should_not raise_error end @@ -142,7 +146,7 @@ describe ssh_authorized_key do proc { @class.new(:name => "whev", :type => :rsa, :user => "nobody", :options => ['cert-authority','environment="NAME=value"'])}.should_not raise_error end - it "should not support a comma separated lists" do + it "should not support a comma separated list" do proc { @class.new(:name => "whev", :type => :rsa, :user => "nobody", :options => 'cert-authority,no-port-forwarding')}.should raise_error(Puppet::Error, /must be provided as an array/) end @@ -155,7 +159,7 @@ describe ssh_authorized_key do resource.property(:options).is_to_s(["a","b","c"]).should == "a,b,c" end - it "property should return well formed string of arrays from is_to_s" do + it "property should return well formed string of arrays from should_to_s" do resource = @class.new(:name => "whev", :type => :rsa, :user => "nobody", :options => ["a","b","c"]) resource.property(:options).should_to_s(["a","b","c"]).should == "a,b,c" end -- 1.7.5.3 -- You received this message because you are subscribed to the Google Groups "Puppet Developers" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/puppet-dev?hl=en.
