Merge pull request #108 from bastelfreak/tests

dont set ACLs if there are no ACLs to change
voxpupuli · Jan 26, 2022 · 3f267b2 · 3f267b2
2 parents b2d84b6 + 420b1aa
commit 3f267b2
Show file tree

Hide file tree

Showing 2 changed files with 103 additions and 1 deletion.
diff --git a/lib/puppet/provider/posix_acl/posixacl.rb b/lib/puppet/provider/posix_acl/posixacl.rb
@@ -122,7 +122,8 @@ def permission=(_value)
           end
         end
       end
-      set_perm(perm_to_set, @resource.value(:path))
+      # It's possible we don't have any perms to set if we only removed some
+      set_perm(perm_to_set, @resource.value(:path)) unless perm_to_set_check.empty?
     end
   end
 end
diff --git a/spec/acceptance/updating_posix_acl_spec.rb b/spec/acceptance/updating_posix_acl_spec.rb
@@ -0,0 +1,101 @@
+# frozen_string_literal: true
+
+require 'spec_helper_acceptance'
+
+describe 'updating posix_acls' do
+  context 'on a simple acl with an additional user' do
+    it_behaves_like 'an idempotent resource' do
+      let(:manifest) do
+        <<-PUPPET
+        include posix_acl::requirements
+        user { ['blub', 'blub2']:
+          ensure => 'present',
+        }
+        file { '/opt/test3':
+          ensure => directory,
+          owner  => root,
+          group  => root,
+          mode   => '2770',
+        }
+        -> posix_acl { '/opt/test3':
+          action     => exact,
+          permission => [
+            'user::rwx',
+            'group::rwx',
+            'mask::rwx',
+            'other::---',
+            'user:blub:r-x',
+          ],
+          provider   => posixacl,
+          recursive  => false,
+          require => User['blub'],
+        }
+        PUPPET
+      end
+    end
+  end
+
+  context 'on adding ACLs without overwriting existing ACLs' do
+    it_behaves_like 'an idempotent resource' do
+      let(:manifest) do
+        <<-PUPPET
+        include posix_acl::requirements
+        user { ['blub', 'blub2']:
+          ensure => 'present',
+        }
+        file { '/opt/test3':
+          ensure => directory,
+          owner  => root,
+          group  => root,
+          mode   => '2770',
+        }
+        -> posix_acl { '/opt/test3':
+          action     => set,
+          permission => [
+            'user::rwx',
+            'group::rwx',
+            'mask::rwx',
+            'other::---',
+            'user:blub2:r-x',
+          ],
+          provider   => posixacl,
+          recursive  => false,
+          require => User['blub2'],
+        }
+        PUPPET
+      end
+    end
+  end
+
+  context 'on adding ACLs with overwriting existing ACLs' do
+    it_behaves_like 'an idempotent resource' do
+      let(:manifest) do
+        <<-PUPPET
+        include posix_acl::requirements
+        user { ['blub', 'blub2']:
+          ensure => 'present',
+        }
+        file { '/opt/test3':
+          ensure => directory,
+          owner  => root,
+          group  => root,
+          mode   => '2770',
+        }
+        -> posix_acl { '/opt/test3':
+          action     => exact,
+          permission => [
+            'user::rwx',
+            'group::rwx',
+            'mask::rwx',
+            'other::---',
+            'user:blub2:r-x',
+          ],
+          provider   => posixacl,
+          recursive  => false,
+          require => User['blub2'],
+        }
+        PUPPET
+      end
+    end
+  end
+end