Unverified Commit 208afbcf authored by Michael Klishin's avatar Michael Klishin
Browse files

User provider: fn naming, minor refactoring

use collection filtering instead of manual loop breaking.

References #530.
parent 0c2a1258
......@@ -66,7 +66,7 @@ end
# does the user have the rights listed on the vhost?
# empty perm_list means we're checking for any permissions
def user_has_correct_permissions?(name, vhost, perm_list = nil)
def user_has_expected_permissions?(name, vhost, perm_list = nil)
vhost = '/' if vhost.nil? # rubocop:enable all
cmd = if Gem::Version.new(installed_rabbitmq_version) >= Gem::Version.new('3.7.10')
"rabbitmqctl -s list_user_permissions #{name} | grep \"^#{vhost}\\s\""
......@@ -75,18 +75,20 @@ def user_has_correct_permissions?(name, vhost, perm_list = nil)
end
cmd = Mixlib::ShellOut.new(cmd, :env => shell_environment)
cmd.run_command
Chef::Log.debug "rabbitmq_user_has_correct_permissions?: #{cmd}"
Chef::Log.debug "rabbitmq_user_has_correct_permissions?: #{cmd.stdout}"
Chef::Log.debug "rabbitmq_user_has_correct_permissions?: #{cmd.exitstatus}"
if perm_list.nil? && cmd.stdout.empty? # looking for empty and found nothing
Chef::Log.debug 'rabbitmq_user_has_correct_permissions?: no permissions found'
Chef::Log.debug "rabbitmq_user_has_expected_permissions?: #{cmd}"
Chef::Log.debug "rabbitmq_user_has_expected_permissions?: #{cmd.stdout}"
Chef::Log.debug "rabbitmq_user_has_expected_permissions?: #{cmd.exitstatus}"
# no permissions found and none expected
if perm_list.nil? && cmd.stdout.empty?
Chef::Log.debug 'rabbitmq_user_has_expected_permissions?: no permissions found'
return true
end
if perm_list == cmd.stdout.split.drop(1) # existing match search
Chef::Log.debug 'rabbitmq_user_has_correct_permissions?: matching permissions already found'
# existing match search
if perm_list == cmd.stdout.split.drop(1)
Chef::Log.debug 'rabbitmq_user_has_expected_permissions?: matching permissions already found'
return true
end
Chef::Log.debug 'rabbitmq_user_has_correct_permissions?: permissions found but do not match'
Chef::Log.debug 'rabbitmq_user_has_expected_permissions?: permissions found but do not match'
false
end
......@@ -125,8 +127,9 @@ action :set_permissions do
perm_list = new_resource.permissions.split
vhosts = new_resource.vhost.is_a?(Array) ? new_resource.vhost : [new_resource.vhost]
vhosts.each do |vhost|
next if user_has_correct_permissions?(new_resource.user, vhost, perm_list)
filtered = vhosts.reject { |vhost| user_has_expected_permissions?(new_resource.user, vhost, perm_list) }
# filter out vhosts for which the user already has the permissions we expect
filtered.each do |vhost|
vhostopt = "-p #{vhost}" unless vhost.nil?
cmd = "rabbitmqctl -q set_permissions #{vhostopt} #{new_resource.user} \"#{perm_list.join('" "')}\""
execute cmd do
......@@ -140,8 +143,9 @@ action :clear_permissions do
Chef::Application.fatal!("rabbitmq_user action :clear_permissions fails with non-existant '#{new_resource.user}' user.") unless user_exists?(new_resource.user)
vhosts = new_resource.vhost.is_a?(Array) ? new_resource.vhost : [new_resource.vhost]
vhosts.each do |vhost|
next if user_has_correct_permissions?(new_resource.user, vhost)
# filter out vhosts for which the user already has the permissions we expect
filtered = vhosts.reject { |vhost| user_has_expected_permissions?(new_resource.user, vhost, perm_list) }
filtered.each do |vhost|
vhostopt = "-p #{vhost}" unless vhost.nil?
cmd = "rabbitmqctl -q clear_permissions #{vhostopt} #{new_resource.user}"
execute cmd do
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment