161 lines
3.9 KiB
Ruby
161 lines
3.9 KiB
Ruby
require 'spec_helper'
|
|
|
|
describe 'postgresql::server::pg_hba_rule', :type => :define do
|
|
let :facts do
|
|
{
|
|
:osfamily => 'Debian',
|
|
:operatingsystem => 'Debian',
|
|
:operatingsystemrelease => '6.0',
|
|
:concat_basedir => tmpfilename('pg_hba'),
|
|
}
|
|
end
|
|
let :title do
|
|
'test'
|
|
end
|
|
let :target do
|
|
tmpfilename('pg_hba_rule')
|
|
end
|
|
|
|
context 'test template 1' do
|
|
let :params do
|
|
{
|
|
:type => 'host',
|
|
:database => 'all',
|
|
:user => 'all',
|
|
:address => '1.1.1.1/24',
|
|
:auth_method => 'md5',
|
|
:target => target,
|
|
}
|
|
end
|
|
it do
|
|
content = param('concat::fragment', 'pg_hba_rule_test', 'content')
|
|
content.should =~ /host\s+all\s+all\s+1\.1\.1\.1\/24\s+md5/
|
|
end
|
|
end
|
|
|
|
context 'test template 2' do
|
|
let :params do
|
|
{
|
|
:type => 'local',
|
|
:database => 'all',
|
|
:user => 'all',
|
|
:auth_method => 'ident',
|
|
:target => target,
|
|
}
|
|
end
|
|
it do
|
|
content = param('concat::fragment', 'pg_hba_rule_test', 'content')
|
|
content.should =~ /local\s+all\s+all\s+ident/
|
|
end
|
|
end
|
|
|
|
context 'test template 3' do
|
|
let :params do
|
|
{
|
|
:type => 'host',
|
|
:database => 'all',
|
|
:user => 'all',
|
|
:address => '0.0.0.0/0',
|
|
:auth_method => 'ldap',
|
|
:auth_option => 'foo=bar',
|
|
:target => target,
|
|
}
|
|
end
|
|
it do
|
|
content = param('concat::fragment', 'pg_hba_rule_test', 'content')
|
|
content.should =~ /host\s+all\s+all\s+0\.0\.0\.0\/0\s+ldap\s+foo=bar/
|
|
end
|
|
end
|
|
|
|
context 'validation' do
|
|
context 'validate type test 1' do
|
|
let :params do
|
|
{
|
|
:type => 'invalid',
|
|
:database => 'all',
|
|
:user => 'all',
|
|
:address => '0.0.0.0/0',
|
|
:auth_method => 'ldap',
|
|
:target => target,
|
|
}
|
|
end
|
|
it 'should fail parsing when type is not valid' do
|
|
expect {subject}.to raise_error(Puppet::Error,
|
|
/The type you specified \[invalid\] must be one of/)
|
|
end
|
|
end
|
|
|
|
context 'validate auth_method' do
|
|
let :params do
|
|
{
|
|
:type => 'local',
|
|
:database => 'all',
|
|
:user => 'all',
|
|
:address => '0.0.0.0/0',
|
|
:auth_method => 'invalid',
|
|
:target => target,
|
|
}
|
|
end
|
|
|
|
it 'should fail parsing when auth_method is not valid' do
|
|
expect {subject}.to raise_error(Puppet::Error,
|
|
/The auth_method you specified \[invalid\] must be one of/)
|
|
end
|
|
end
|
|
|
|
context 'validate unsupported auth_method' do
|
|
let :pre_condition do
|
|
<<-EOS
|
|
class { 'postgresql::globals':
|
|
version => '9.0',
|
|
}
|
|
class { 'postgresql::server': }
|
|
EOS
|
|
end
|
|
|
|
let :params do
|
|
{
|
|
:type => 'local',
|
|
:database => 'all',
|
|
:user => 'all',
|
|
:address => '0.0.0.0/0',
|
|
:auth_method => 'peer',
|
|
:target => target,
|
|
}
|
|
end
|
|
|
|
it 'should fail parsing when auth_method is not valid' do
|
|
expect {subject}.to raise_error(Puppet::Error,
|
|
/The auth_method you specified \[peer\] must be one of: trust, reject, md5, sha1, password, gss, sspi, krb5, ident, ldap, radius, cert, pam/)
|
|
end
|
|
end
|
|
|
|
context 'validate supported auth_method' do
|
|
let :pre_condition do
|
|
<<-EOS
|
|
class { 'postgresql::globals':
|
|
version => '9.2',
|
|
}
|
|
class { 'postgresql::server': }
|
|
EOS
|
|
end
|
|
|
|
let :params do
|
|
{
|
|
:type => 'local',
|
|
:database => 'all',
|
|
:user => 'all',
|
|
:address => '0.0.0.0/0',
|
|
:auth_method => 'peer',
|
|
:target => target,
|
|
}
|
|
end
|
|
|
|
it do
|
|
content = param('concat::fragment', 'pg_hba_rule_test', 'content')
|
|
content.should =~ /local\s+all\s+all\s+0\.0\.0\.0\/0\s+peer/
|
|
end
|
|
end
|
|
|
|
end
|
|
end
|