add aix user support

lib/resources/user.rb

@@ -62,6 +62,8 @@ class User < Inspec.resource(1)
       @user_provider = DarwinUser.new(inspec)
     when 'freebsd'
       @user_provider = FreeBSDUser.new(inspec)
+    when 'aix'
+      @user_provider = AixUser.new(inspec)
     else
       return skip_resource 'The `user` resource is not supported on your OS yet.'
     end
@@ -263,6 +265,51 @@ class LinuxUser < UnixUser
   end
 end
 
+class AixUser < UnixUser
+  include ContentParser
+
+  def identity(username)
+    id = super(username)
+    return nil if id.nil?
+    # AIX 'id' command doesn't include the primary group in the supplementary
+    # yet it can be somewhere in the supplementary list if someone added root
+    # to a groups list in /etc/group
+    # we rearrange to expected list if that is the case
+    if id[:groups].first != id[:group]
+      id[:groups].reject! { |i| i == id[:group] } if id[:groups].include?(id[:group])
+      id[:groups].unshift(id[:group])
+    end
+
+    id
+  end
+
+  def meta_info(username)
+    lsuser = inspec.command("lsuser -C -a home shell #{username}")
+    return nil if lsuser.exit_status != 0
+
+    user = lsuser.stdout.chomp.split("\n").last.split(':')
+    {
+      home: user[1],
+      shell: user[2],
+    }
+  end
+
+  def credentials(username)
+    cmd = inspec.command(
+      "lssec -c -f /etc/security/user -s #{username} -a minage -a maxage -a pwdwarntime"
+    )
+    return nil if cmd.exit_status != 0
+
+    user_sec = cmd.stdout.chomp.split("\n").last.split(':')
+
+    {
+      mindays:  user_sec[1].to_i * 7,
+      maxdays:  user_sec[2].to_i * 7,
+      warndays: user_sec[3].to_i,
+    }
+  end
+end
+
 # we do not use 'finger' for MacOS, because it is harder to parse data with it
 # @see https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man8/fingerd.8.html
 # instead we use 'dscl' to request user data

test/integration/test/integration/default/user_spec.rb

@@ -1,8 +1,7 @@
 # encoding: utf-8
 
-# root test
-if ['centos', 'fedora', 'opensuse', 'debian', 'ubuntu'].include?(os[:family])
-
+case os[:family]
+when 'centos', 'redhat', 'fedora', 'opensuse', 'debian', 'ubuntu'
   userinfo = {
     name: 'root',
     group: 'root',
@@ -14,10 +13,10 @@ if ['centos', 'fedora', 'opensuse', 'debian', 'ubuntu'].include?(os[:family])
   }
 
   # different groupset for centos 5
-  userinfo[:groups] = ["root", "bin", "daemon", "sys", "adm", "disk", "wheel"] if os[:release].to_i == 5
-
-elsif ['freebsd'].include?(os[:family])
+  userinfo[:groups] = ["root", "bin", "daemon", "sys", "adm", "disk", "wheel"] \
+    if os[:release].to_i == 5
 
+when 'freebsd'
   userinfo = {
     name: 'root',
     group: 'wheel',
@@ -28,8 +27,7 @@ elsif ['freebsd'].include?(os[:family])
     shell: '/bin/csh',
   }
 
-elsif ['windows'].include?(os[:family])
-
+when 'windows'
   userinfo = {
     name: 'Administrator',
     group: nil,
@@ -40,23 +38,35 @@ elsif ['windows'].include?(os[:family])
     shell: nil,
   }
 
+when 'aix'
+  userinfo = {
+    name:     'bin',
+    group:    'bin',
+    uid:      2,
+    gid:      2,
+    groups:   %w{bin sys adm},
+    home:     '/bin',
+    shell:    nil,
+    #mindays:  0,
+    #maxdays:  0,
+    warndays: 0,
+  }
+
 else
   userinfo = {}
 end
 
-if !os.windows?
+case os[:family]
+when 'windows'
   describe user(userinfo[:name]) do
     it { should exist }
-    it { should belong_to_group userinfo[:group] }
-    its('uid') { should eq userinfo[:uid] }
-    its('gid') { should eq userinfo[:gid] }
-    its('group') { should eq userinfo[:group] }
-    its('groups') { should eq userinfo[:groups] }
-    its('home') { should eq userinfo[:home] }
-    its('shell') { should eq userinfo[:shell] }
   end
 else
   describe user(userinfo[:name]) do
     it { should exist }
+    userinfo.each do |k, v|
+      next if k.to_sym == :name
+      its(k) { should eq v }
+    end
   end
 end