Avoid Kernel#open and add spec to support this change

ManageIQ · Oct 9, 2019 · 522dcab · 522dcab
1 parent 678da75
commit 522dcab
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 5 deletions.
diff --git a/spec/tools/miq_config_sssd_ldap/configure_selinux_spec.rb b/spec/tools/miq_config_sssd_ldap/configure_selinux_spec.rb
@@ -8,8 +8,8 @@
       @initial_settings = {:ldapport => '22'}
       @success = double(:command_line => "semanage", :failure? => false)
       @semanage_params = {nil => "port", :a => nil, :t => "ldap_port_t", :p => %w[tcp 22]}
-      @failure_1 = double(:command_line => "semanage", :failure? => true, :error => "malfunction already defined")
-      @failure_2 = double(:command_line => "semanage", :failure? => true, :error => "malfunction")
+      @failure1 = double(:command_line => "semanage", :failure? => true, :error => "malfunction already defined")
+      @failure2 = double(:command_line => "semanage", :failure? => true, :error => "malfunction")
     end
 
     it 'invokes semanage and setsebool with valid parameters' do
@@ -21,15 +21,15 @@
 
     it 'handles semanage already defined result' do
       expect(MiqConfigSssdLdap::LOGGER).to_not receive(:fatal)
-      expect(AwesomeSpawn).to receive(:run).once.and_return(@failure_1)
+      expect(AwesomeSpawn).to receive(:run).once.and_return(@failure1)
       expect(AwesomeSpawn).to receive(:run).once.with("setsebool", :params => {:P=>%w[allow_httpd_mod_auth_pam on]}).and_return(@success)
       expect(AwesomeSpawn).to receive(:run).once.with("setsebool", :params => {:P=>%w[httpd_dbus_sssd on]}).and_return(@success)
       expect { described_class.new(@initial_settings).configure }.to_not raise_error
     end
 
     it 'handles semanage failures' do
       expect(MiqConfigSssdLdap::LOGGER).to receive(:fatal).with("semanage failed with: malfunction")
-      expect(AwesomeSpawn).to receive(:run).and_return(@failure_2)
+      expect(AwesomeSpawn).to receive(:run).and_return(@failure2)
       expect { described_class.new(@initial_settings).configure }.to raise_error(MiqConfigSssdLdap::ConfigureSELinuxError)
     end
 

diff --git a/spec/tools/miq_config_sssd_ldap/configure_sssd_rules.rb b/spec/tools/miq_config_sssd_ldap/configure_sssd_rules.rb
@@ -0,0 +1,34 @@
+$LOAD_PATH << Rails.root.join("tools").to_s
+
+require "miq_config_sssd_ldap"
+require "tempfile"
+require "fileutils"
+require 'auth_template_files'
+
+describe MiqConfigSssdLdap::ConfigureSssdRules do
+  before do
+    @spec_name = File.basename(__FILE__).split(".rb").first.freeze
+  end
+
+  describe '#disable_tls' do
+    let(:disable_tls_conf) do
+      <<-CFG_RULES_CONF.strip_heredoc
+        option = ldap_auth_disable_tls_never_use_in_production
+      CFG_RULES_CONF
+    end
+
+    before do
+      @test_dir = "#{Dir.tmpdir}/#{@spec_name}"
+      stub_const("MiqConfigSssdLdap::ConfigureSssdRules::CFG_RULES_FILE", @test_dir)
+    end
+
+    after do
+      FileUtils.rm_rf(@test_dir)
+    end
+
+    it 'appends the disable tls option to the sssd config file' do
+      described_class.disable_tls
+      expect(File.read(@test_dir)).to eq(disable_tls_conf)
+    end
+  end
+end
diff --git a/tools/miq_config_sssd_ldap/configure_sssd_rules.rb b/tools/miq_config_sssd_ldap/configure_sssd_rules.rb
@@ -14,7 +14,7 @@ def self.disable_tls
       LOGGER.warn(message)
 
       begin
-        open(CFG_RULES_FILE, 'a') do |f|
+        File.open(CFG_RULES_FILE, 'a') do |f|
           f << "option = ldap_auth_disable_tls_never_use_in_production\n"
         end
       rescue Errno::ENOENT => err