User provider: fn naming, minor refactoring

use collection filtering instead of manual loop breaking. References #530.

User provider: fn naming, minor refactoring
use collection filtering instead of manual loop breaking. References #530.
208afbcf · Michael Klishin · 0c2a1258 · 208afbcf
Unverified Commit 208afbcf authored May 22, 2019 by Michael Klishin
--- a/providers/user.rb
+++ b/providers/user.rb
@@ -66,7 +66,7 @@ end

 # does the user have the rights listed on the vhost?
 # empty perm_list means we're checking for any permissions
-def user_has_correct_permissions?(name, vhost, perm_list = nil)
+def user_has_expected_permissions?(name, vhost, perm_list = nil)
  vhost = '/' if vhost.nil? # rubocop:enable all
  cmd = if Gem::Version.new(installed_rabbitmq_version) >= Gem::Version.new('3.7.10')
          "rabbitmqctl -s list_user_permissions #{name} | grep \"^#{vhost}\\s\""
@@ -75,18 +75,20 @@ def user_has_correct_permissions?(name, vhost, perm_list = nil)
        end
  cmd = Mixlib::ShellOut.new(cmd, :env => shell_environment)
  cmd.run_command
-  Chef::Log.debug "rabbitmq_user_has_correct_permissions?: #{cmd}"
-  Chef::Log.debug "rabbitmq_user_has_correct_permissions?: #{cmd.stdout}"
-  Chef::Log.debug "rabbitmq_user_has_correct_permissions?: #{cmd.exitstatus}"
-  if perm_list.nil? && cmd.stdout.empty? # looking for empty and found nothing
-    Chef::Log.debug 'rabbitmq_user_has_correct_permissions?: no permissions found'
+  Chef::Log.debug "rabbitmq_user_has_expected_permissions?: #{cmd}"
+  Chef::Log.debug "rabbitmq_user_has_expected_permissions?: #{cmd.stdout}"
+  Chef::Log.debug "rabbitmq_user_has_expected_permissions?: #{cmd.exitstatus}"
+  # no permissions found and none expected
+  if perm_list.nil? && cmd.stdout.empty?
+    Chef::Log.debug 'rabbitmq_user_has_expected_permissions?: no permissions found'
    return true
  end
-  if perm_list == cmd.stdout.split.drop(1) # existing match search
-    Chef::Log.debug 'rabbitmq_user_has_correct_permissions?: matching permissions already found'
+  # existing match search
+  if perm_list == cmd.stdout.split.drop(1)
+    Chef::Log.debug 'rabbitmq_user_has_expected_permissions?: matching permissions already found'
    return true
  end
-  Chef::Log.debug 'rabbitmq_user_has_correct_permissions?: permissions found but do not match'
+  Chef::Log.debug 'rabbitmq_user_has_expected_permissions?: permissions found but do not match'
  false
 end

@@ -125,8 +127,9 @@ action :set_permissions do

  perm_list = new_resource.permissions.split
  vhosts = new_resource.vhost.is_a?(Array) ? new_resource.vhost : [new_resource.vhost]
-  vhosts.each do |vhost|
-    next if user_has_correct_permissions?(new_resource.user, vhost, perm_list)
+  filtered = vhosts.reject { |vhost|  user_has_expected_permissions?(new_resource.user, vhost, perm_list) }
+  # filter out vhosts for which the user already has the permissions we expect
+  filtered.each do |vhost|
    vhostopt = "-p #{vhost}" unless vhost.nil?
    cmd = "rabbitmqctl -q set_permissions #{vhostopt} #{new_resource.user} \"#{perm_list.join('" "')}\""
    execute cmd do
@@ -140,8 +143,9 @@ action :clear_permissions do
  Chef::Application.fatal!("rabbitmq_user action :clear_permissions fails with non-existant '#{new_resource.user}' user.") unless user_exists?(new_resource.user)

  vhosts = new_resource.vhost.is_a?(Array) ? new_resource.vhost : [new_resource.vhost]
-  vhosts.each do |vhost|
-    next if user_has_correct_permissions?(new_resource.user, vhost)
+  # filter out vhosts for which the user already has the permissions we expect
+  filtered = vhosts.reject { |vhost|  user_has_expected_permissions?(new_resource.user, vhost, perm_list) }
+  filtered.each do |vhost|
    vhostopt = "-p #{vhost}" unless vhost.nil?
    cmd = "rabbitmqctl -q clear_permissions #{vhostopt} #{new_resource.user}"
    execute cmd do