Refactor to options hash and add unit tests

Switched the oracle_session resource to take an option hash and allow for configuring hostname, DB_SID, and sqlplus binary path. Added unit tests. Signed-off-by: Nolan Davidson <ndavidson@chef.io>
2024-11-10 23:24:18 +00:00 · 2017-05-05 09:29:38 -04:00 · 2017-05-05 09:29:38 -04:00 · fbe7b8ddf8
commit fbe7b8ddf8
parent 57731e1e50
3 changed files with 38 additions and 12 deletions
--- a/docs/resources/oracle_session.md.erb
+++ b/docs/resources/oracle_session.md.erb
@ -10,13 +10,13 @@ Use the `oracle_session` InSpec audit resource to test SQL commands run against

 A `oracle_session` resource block declares the username and password to use for the session with an optional service to connect to, and then the command to be run:

-    describe oracle_session('username', 'password').query('QUERY') do
+    describe oracle_session(user: 'username', pass: 'password').query('QUERY') do
      its('output') { should eq('') }
    end

 where

-* `oracle_session` declares a username and password with permission to run the query, and an optional service name.  If none is specifed, it will use the default service on the instance.
+* `oracle_session` declares a username and password with permission to run the query (required), and an optional parameters for host (default: `localhost`), SID (default: `nil`, which uses the default SID, and path to the sqlplus binary (default: `sqlplus`).  
 * `query('QUERY')` contains the query to be run
 * `its('output') { should eq('') }` compares the results of the query against the expected result in the test

@ -56,7 +56,15 @@ The following examples show how to use this InSpec audit resource.

 ### Test for matching databases

-    sql = oracle_session('my_user','password')
+    sql = oracle_session(user: 'my_user', pass: 'password')
+    
+    describe sql.query('SELECT NAME FROM v$database;') do
+      its('stdout') { should_not match(/test/) }
+    end
+
+### Test for matching databases with custom host, SID and sqlplus binary location
+
+    sql = oracle_session(user: 'my_user', pass: 'password', host: 'oraclehost', sid: 'mysid', sqlplus_bin: '/u01/app/oracle/product/12.1.0/dbhome_1/bin/sqlplus')
    
    describe sql.query('SELECT NAME FROM v$database;') do
      its('stdout') { should_not match(/test/) }
--- a/lib/resources/oracle_session.rb
+++ b/lib/resources/oracle_session.rb
@ -7,23 +7,26 @@ module Inspec::Resources
    name 'oracle_session'
    desc 'Use the oracle_session InSpec resource to test commands against an Oracle database'
    example "
-      sql = oracle_session('my_user','password')
+      sql = oracle_session(user: 'my_user', pass: 'password')
      describe sql.query('SELECT NAME FROM v$database;') do
        its('stdout') { should_not match(/test/) }
      end
    "

-    def initialize(user = nil, pass = nil, service = nil)
-      @user = user
-      @pass = pass
-      @service = service
-      return skip_resource("Can't run Oracle checks without authentication") if user.nil? or pass.nil?
+    attr_reader :user, :pass, :host, :sid, :sqlplus_bin
+
+    def initialize(opts = {})
+      @user = opts[:user]
+      @pass = opts[:pass]
+      @host = opts[:host] || "localhost"
+      @sid = opts[:sid]
+      @sqlplus_bin = opts[:sqlplus_bin] || "sqlplus"
+      return skip_resource("Can't run Oracle checks without authentication") if @user.nil? or @pass.nil?
    end

    def query(q)
-      escaped_query = q.gsub(/\\/, '\\\\').gsub(/"/, '\\"').gsub(/\$/, '\\$')
-
-      cmd = inspec.command("echo \"#{escaped_query}\" | sqlplus -s #{@user}/#{@pass}@localhost/#{@service}")
+      escaped_query = q.gsub(/\\/, '\\\\').gsub(/"/, '\\"')
+      cmd = inspec.command("echo \"#{escaped_query}\" | #{@sqlplus_bin} -s #{@user}/#{@pass}@#{@host}/#{@sid}")
      out = cmd.stdout + "\n" + cmd.stderr
      if out.downcase =~ /^error/
        skip_resource("Can't connect to Oracle instance for SQL checks.")
--- a/test/unit/resources/oracle_session_test.rb
+++ b/test/unit/resources/oracle_session_test.rb
@ -0,0 +1,15 @@
+# encoding: utf-8
+# author: Nolan Davidson
+
+require 'helper'
+
+describe 'Inspec::Resources::OracleSession' do
+  it 'verify oracle_session configuration' do
+    resource = load_resource('oracle_session', user: 'myuser', pass: 'mypass', host: 'oraclehost', sid: 'mysid')
+    _(resource.user).must_equal 'myuser'
+    _(resource.pass).must_equal 'mypass'
+    _(resource.host).must_equal 'oraclehost'
+    _(resource.sid).must_equal 'mysid'
+    _(resource.sqlplus_bin).must_equal 'sqlplus'
+  end
+end